I have a Linux Server, running the last version of RedHat, with Apache, Sendmail, MailScanner and Spam Assassin, among others. I have now a big problem with a kinf of virus, and I need to solve this with a program. I will explain.
After past Dec 17th I realized that, in all this machine's Domains, all the files called "*index*", that is, that had the string "index" in its filename, being .htm, .thml, .php and even some image files like .gif, .jpg or .swf, presented, at the end of the file, some strange code that was identified by some antivirus client programs as Not-A-Virus.Exploit.HTML.M
ht, and I was told it could be used by Hackers.
So, whenever someone accesses, from the browser, these index pages or images, the client antivirus says:
Threat detected. Virus Exploit Identified.
Well, I am quite concerned about this. I have fixed some of these index files by editing them manually. It is quite simple, because this strange code is put at the end of the file, even in the image files. But the problem is that there are hundreds and hundreds of them in my Server. So I need a program to run under each of the Domains, cleaning these files.
If you want to see one of these Domains, please access this: www.m2seguros.com.br
and see what happens. Try to see the source code of this simple page and you will see the suspect code after the </HTML> Tag.
Please, help me with this. I looked for a ready-made software but I didn't find it. I guess it has to be specifically constructed. If one could construct one program in Perl or Bash, so that I can execute it under each Domain, from the command line, I would thank a lot.
Thanks in advance.