No announcement yet.

Bug or Malware in 3.8.3

  • Filter
  • Time
  • Show
Clear All
new posts

  • Bug or Malware in 3.8.3


    i find something wrong il 3.8.3 at postings.php

    when i get into any thread to edit the thread (fix - edit ...) i got a antivirus alert . that their is a malware in in the file postings.php

    the link have pollid=
    note: the thread doesn't have a poll. i made the same action in the thread that have a poll. and i got the same result.

    just finding this in postings.php .. i search in google about the virus. it told me that this virus is found in files having codes. i check all the files.. all are clean

    waiting your replies.

  • #2
    vBulletin's .zip file does not come with malware injected into it. This is either due to customized or otherwise non vb caused code injection, or it's a false positive.


    • #3
      Did you run admin cp > maintenance > diagnostice > suspect files?

      And, did you look through all your plugins to make sure they are ones you added?

      Please don't PM or VM me for support - I only help out in the threads.
      vBulletin Manual & vBulletin 4.0 Code Documentation (API)
      Want help modifying your vbulletin forum? Head on over to
      If I post CSS and you don't know where it goes, throw it into the additional.css template.

      W3Schools <- awesome site for html/css help


      • #4
        yes man

        before i got this malware on all my vps

        even in html files and i got codes ....

        i clean everything and the site was clean according to google webmaster tools

        but have problem in this folder only


        • #5
          Why have you blurred out your URL? We could probably help better, with your URL.
          My Forums: The Geek District - Off Topic Hut
          My Blog: Mikeylicious
          Projects: Shorten URL's with


          • #6
            I think this is a false positive. The error says there is pollid= without any value for pollid.

            vBulletin QA - vBulletin Support French - Lead Project Tools developer

            Next release? Soon(tm)


            • #7
              Originally posted by PitchouneN64ngc View Post
              I think this is a false positive. The error says there is pollid= without any value for pollid.
              Probably, that's a Heuristic detection of something AnitVir thinks is suspicious not an actual bit of malware.

              Your best bet is to contact Avira's tech support and explain that you've encountered a possible fasle detection... Give them the address of the page/site in question and ask them to examine it.


              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.