MyBB Community Forums

MyBB Community Forums > 1.8 Support > Security Management and Support > Anti-Malware scan flagged a few files
Full Version: Anti-Malware scan flagged a few files
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

jackdlm

2016-05-16, 01:59 AM
I run regular anti-malware security scans of my public_html directory through a Wordpress plugin, and after recently installing MyBB (which is working great!) the scan has flagged some files:

global.php
private.php
search.php

Just to confirm, these files are part of MyBB, right? Is there any reason why they may have been flagged?

Thanks!

fizz

2016-05-16, 02:09 AM
Yes those are all a part of MyBB. What kind of malware did it flag them as? If you didn't download a fresh copy of MyBB from mybb.com then someone could have tampered with the files, but other than that no those aren't malware.

.m.

2016-05-16, 02:39 AM
run file verification tool available at tools & maintenance section of forum admin panel.
do you get above listed files as changed ?

Donald_Duck

2016-05-16, 05:35 AM
Sometime's antivirus marks legit files as virus, you can consider them as false positive!  other than this, do as .m.  suggested

Nathan Malcolm

2016-05-16, 09:25 AM
MyBB 1.x makes heavy use of eval(), likely a false positive but run a file verification check anyway.

jackdlm

2016-05-16, 11:26 AM
File Verification found nothing other than informing me that the /install/ directory is missing (it said to delete it after install?).

So I'm assuming it's a false positive. The forum is brand new other than a few CSS tweaks I have done to the theme.

Safe to say I can whitelist the files on the Anti-Malware scanner?

nth

2016-05-16, 11:27 AM
Yes, they are fine if file verification says they are fine. Feel free to whitelist them.

jackdlm

2016-05-17, 03:59 PM
Just ran another scan and whitelisted the above files, but it had trouble reading this:
/admin/jscripts/codemirror/lib/codemirror.js

and then listed the following as "potential threats"

/announcements.php
/calendar.php
/contact.php
/editpost.php
/forumdisplay.php
/index.php
/managegroup.php
/member.php
/memberlist.php
/misc.php
/modcp.php
/moderation.php
/newreply.php
/newthread.php
/online.php
/polls.php
/portal.php
/printthread.php
/report.php
/reputation.php
/sendthread.php
/showteam.php
/showthread.php
/stats.php
/syndication.php
/usercp.php
/usercp2.php
/warnings.php
/xmlhttp.php
/admin/index.php
/admin/modules/config/settings.php
/admin/modules/forum/management.php
/inc/class_captcha.php
/inc/class_error.php
/inc/class_parser.php
/inc/functions.php
/inc/functions_calendar.php
/inc/functions_forumlist.php
/inc/functions_modcp.php
/inc/functions_online.php
/inc/functions_post.php
/inc/functions_search.php
/inc/functions_user.php
/inc/plugins/hello.php
/jscripts/thread.js
/jscripts/jeditable/jeditable.min.js

.m.

2016-05-17, 04:34 PM
if you have original source files of MyBB confirmed through file verification tool then
there should be nothing to worry about your scanner reports (reason is already given in post #5)

jackdlm

2016-05-22, 06:40 PM
(2016-05-17, 04:34 PM).m. Wrote: [ -> ]if you have original source files of MyBB confirmed through file verification tool then
there should be nothing to worry about your scanner reports (reason is already given in post #5)

Just wanted to be sure. Thanks for the clarification.
MyBB Community Forums > 1.8 Support > Security Management and Support > Anti-Malware scan flagged a few files