Login or Register  • Home • Downloads • Your Account • Forums •

Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in Problem with 7.6 View next topic View previous topic   Web RavenPHPScripts (This Site)      Ravens PHP Scripts And Web Hosting Forum Index » phpnuke 7.6 Bugs/Fixes Author Message sak Regular Joined: Jul 06, 2005 Posts: 84 Posted: Fri Sep 09, 2005 5:37 pm I'm running a phpnuke 7.6 (patched, bbtonuke 2.0.17, NSN groups) The problem is that 2-3 users have reported getting a virus/trojan/exploit warning from their AV software during or after visiting my website. I'm 99% sure there is nothing infected on my site, and have done many scans and code-searches to verify. I think it's just a mistake by their software, possibly having to do with outdated virus definitions. Here's a link one person gave me though: Only registered users can see links on this board! Get registered or login to the forums! -- Exploit-ANIfile Has anyone had this problem? my site is Only registered users can see links on this board! Get registered or login to the forums! . It's getting pretty popular, and I'd really liek to resolve this so that I don't lose potential members. Thanks everyone! Last edited by sak on Thu Sep 22, 2005 8:58 pm; edited 1 time in total Guardian2003 Site Admin Joined: Aug 28, 2003 Posts: 4869 Posted: Fri Sep 09, 2005 6:10 pm I am using F-Secure anti virus and I too got a warning regarding a clicker exploit so I had to edit out your sites url in case this is a genuine problem and someone without anti virus software visited the site. I am sure if anyone wants to look you wouldnt mind adding the url to your forum profile so they can access it that way. Here is a description of the warning I got. Only registered users can see links on this board! Get registered or login to the forums! sak Regular Joined: Jul 06, 2005 Posts: 84 Posted: Fri Sep 09, 2005 6:25 pm OK, URL to my site is in my Profile. A user registration note: Could phpnuke be dropping users after 24 hours? I know the activation email claims to be good only for 24 hours, so could this be the issue? Perhaps when ANY user activates their account, it also does a check on all other accounts pending activation, and drops those that have been pending for over 24 hours. I have made a few test temporary users to test this theory, but surely someone here knows. Guardian2003 Site Admin Joined: Aug 28, 2003 Posts: 4869 Posted: Fri Sep 09, 2005 6:50 pm I think this topic has been discussed before - I cannot remember if the check is done as part of a user account activation or as part of a new user registration but the vlaue of the length of time can be altered directly by editing the appropriate function code. I will attempt to look at you site again but at the moment F-Secure is blocking it completely - do you have any add on java s cript code in your site or perhaps affiliate banner type ads with tracking code? Have you tried disabling all your blocks and as many modules as you can in order to try locate the gremlin by trial and error? sak Regular Joined: Jul 06, 2005 Posts: 84 Posted: Fri Sep 09, 2005 7:30 pm No java or banner ads of any kind. I use Panda AV, not mcafee/norton, and it doesn't come up with any warnings of any kind. So I would have to first install something that warns in order to do trial/error myself. I'm going to take one more look at all the code and see if I can't come up with something. I think, however, that it really isn't infected. The cases of infection I've read about always have an off-site link to an infected .css file (bot.css or something like that) and NO WHERE in my code does it link to anything off-site. So I think the entire issue is just over-zealous antivirus software, hopefully that's the case. Edit: I found out that indeed it does check all temp users when a new one activates. I've changed this by upping the time allowed a bit. Here is the default (24 hours) from nuke 7.6 patched/modded. Code: function activate($username, $check_num) {     global $db, $user_prefix, $module_name, $language, $prefix;     $past = time()-86400;     $db->sql_query("DELETE FROM ".$user_prefix."_users_temp WHERE time < '$past'"); sak Regular Joined: Jul 06, 2005 Posts: 84 Posted: Thu Sep 22, 2005 4:08 pm I'm still receiving reports from a few users about the virus warning. The site has become very popular now (100+ users in just 3 weeks) and I'm hoping to fix this so it doesn't scare anyone away. I searched the script files for references that I thought would look like the exploit, but nothing came up. Can anyone help us? Raven Site Admin/Owner Joined: Aug 27, 2002 Posts: 15235 Location: Kansas Posted: Fri Sep 23, 2005 3:09 pm Google search on panda av anifile removal There are many hits. This one might help Only registered users can see links on this board! Get registered or login to the forums! Display posts from previous:   All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year  Oldest FirstNewest First        Ravens PHP Scripts And Web Hosting Forum Index » phpnuke 7.6 Bugs/Fixes  Jump to:  Select a forum Read Me First!!!----------------Board Rules and Regulations Web Hosting Services----------------RWH GeneralRWH Pre Sale QuestionsRWH Client Center Application OnlyRWH OtherFAQ - PHP5 w/phpSuExec Conversion From PHP4PHP5 Conversion Issues From PHP4 RavenNuke(tm) Programming Standards/Approaches/Philosophy----------------Converting/Creating BlocksConverting/Creating ModulesConverting/Creating ThemesConverting/Creating OtherConverting/Creating General Discussion RavenNuke(tm) v2.3x----------------v2.3 RN Announcementsv2.3 RN Quick Fixesv2.3 RN Issuesv2.3 RN Documentationv2.3 RN Feedback/Suggestions Recommended Reading----------------Reading - AnnouncementsReading - Digital BooksReading - Hard/Soft cover BooksReading - Digital MagazinesReading - Printed Magazines RavenNuke(tm) Addons----------------FCKeditor/WYSIWYG IssuesnukeFeed/FeedCreatorForum Attachment ModnukeSEOShortLinks/TegoNukeNukePie/SimplePie RavenNuke(tm) v2.2x----------------RN v2.20.00 - AnnouncementsRN v2.20.00 - All IssuesRN v2.20.00 - Feedback RavenNuke(tm) v2.10.01----------------RN v2.10.01 - All IssuesRN v2.10.01 - Feedback RavenNuke(tm) v2.10.00----------------RN AnnouncementsRN FAQRN Bug FixesRN Not BugsRN Documentation Issues/SuggestionsRN Enhancement Requests and SuggestionsRN NSN Groups IssuesRN Themes IssuesRN NukeSentinel(tm) issuesRN Installer/Setup IssuesRN Bug Reports - Other IssuesRN Conversion Issues From v2.02RN Conversion Issues From Standard phpNukeRN The Good, The Bad, The Ugly Site Specific Stuff----------------READ ME FIRSTAnnouncementsRaven's v7.0 Customized DistroHack Attempt ScriptRaven's Customized Distribution PacksBUGS/FIXES - Raven's v7.3 Customized DistroCache Lite Admin ModuleNuke Tool Box (TM)Captcha SecurityRaven's RavenNuke(tm) v1.x DistroRaven's RavenNuke(tm) v2.00.00 - v2.02.00 DistroWYSIWYG - Raven's RavenNuke(tm) v2.x DistroUpgrade Pack For RavenNuke(tm) v1.05.00 to v2.02.00Raven's Collapsing Forums BlockGT - Raven's RavenNuke(tm) v2.x DistroRaven's RavenNuke(tm) v2.02.02 DistroPost Fixes - Raven's RavenNuke(tm) v2.02.02 DistroRaven's RavenNuke(tm) v2.10.00Public Testing of RavenNuke(tm) v2.10.00HtAccesser Security----------------Security - PHP NukeSecurity - OtherNukeSentinel(tm) v2.6.xNukeSentinel(tm) v2.5.xNukeSentinel(tm) v2.4.xNukeSentinel(tm)NukeSentinel(tm) Bug ReportsNukeSentinel(tm) Enhancement RequestsNukeSentinel(tm) AnnouncementsEasy IP Ban Reference [eC-IPBR]PHP-Nuke Patched Series By Chatserv Information About Forums----------------Old Forum EntriesPHPBBBB2NukePunBB PHP-Portal Project (Not General phpnuke!)----------------AnnouncementsGeneral - PHP Portal ProjectDevelopersDesign Discussions Scripts - General----------------Post Release FixesBug FixesGeneral/Other StuffHow To'sInstallation HelpPost Installation HelpGT - Next Gen and StandardSeeking applications ...ThemesBlocksModulesMaking Nuke Efficientphpnuke 8.1phpnuke 8.0phpnuke 7.9phpnuke 7.8phpnuke 7.7phpnuke 7.6phpnuke 7.6 Bugs/Fixesphpnuke 7.5phpnuke 7.4phpnuke 7.3phpnuke 7.2phpnuke 7.1phpnuke 7.0phpnuke 6.9phpnuke 6.8Bug Fixes for phpnuke 6.5phpnuke 6.5Gallery/Gallery2CNB Your AccountM2FBrowser Specific IssuesUpgrading NukeNuke Treasury Other CMS/Portal Applications----------------Post NukeNuke PlatinumNuke Evolution PHPBB----------------Stand Alonew/Nuke 6.5w/Nuke 6.9BBtoNuke ModsBBtoNuke General Programming - Server Help----------------PHPMySQLFor HireApacheHTMLCSSJavaScriptServer Help Guestbook Application (KISGB)----------------KISGB General Support Stock Quote Application (KISSQ)----------------KISSQ General Support NSN Scripts----------------NSN NewsNSN GroupsNSN OtherNSN Gr Downloads - a.k.a NukeDepository 6.5 Hacks----------------Old Articles Hack Nuke News Module Hack To Allow Ordering of Articles----------------News Module Hack - AnnouncementsNews Module Hack - BugsNews Module Hack - Enhancement RequestsNews Module Hack - Discussion Other Stuff----------------Other - DiscussionOther - Sites To VisitOther - Chit ChatOther - PoliticsOther - Movie ReviewsOther - The Wastelands of NukeworldOther - Book ReviewsOther - Humor Religion----------------Religion - GeneralPrayer/Praise Requests Potpourri----------------Rants & Raves Guest Editorials----------------My Turn - James R. Sanders  View next topic View previous topic You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Forums ©

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2008 by Raven
Proud to be listed at Lobo Links Web Directory

You can syndicate our news using the file



Website engines core code is © copyright by PHP-Nuke but has been heavily patched and modified by myself and others.
PHP-Nuke is a free software released under the GNU/GPL.


:: fisubice phpbb2 style by Daz :: PHP-Nuke theme by www.nukemods.com ::
:: fisubice Theme Recoded To 100% W3C CSS & HTML 4.01 Transitional Compliance by Raven and 64bitguy ::
:: :: ::

zerosum