Thema: index.php und index2.php mit Virus befallen

Hallo,

ich habe wiedermal ein Backup gemacht (mit FileZilla) (zuvor hab ich mir die neue FileZilla Version) runtergeladen.
Als Antivirus verwende ich den Avira Antivir Ver. 8.

Seit dem letzten Backup habe ich sowohl den Antivirus von der Ver. 7 auf 8 upgedatet, und den FileZilla auch.

Wie ich jetzt meine Dateien runterladen will, bekomme ich für die index.php und index2.php eine Viruswarunung (HTML-Skriptvirus - HTML/Dldr.Iframe.CS).

Dann hab ich mal frühere Backups gescannt und plötzlich bei allen vorigen Backups auch diese Warnung bekommen, bis jetzt hab ich auf der Seite selber noch nichts gemerkt, außerdem hat der Virenscanner noch nie automatisch angeschlagen.

Ich habe die Zeilenanzahl einer orig. Joomla index.php und meiner verglichen, die sind ident. Den Code hab ich nicht überprüft...

PHP-Code:

<?php
/**
* @version $Id: index.php 10041 2008-02-15 21:48:13Z eddieajau $
* @package Joomla
* @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*/

// Set flag that this is a parent file
define( '_VALID_MOS', 1 );

// checks for configuration file, if none found loads installation page
if (!file_exists( 'configuration.php' ) || filesize( 'configuration.php' ) < 10) {
    $self = rtrim( dirname( $_SERVER['PHP_SELF'] ), '/\\' ) . '/';
    header("Location: http://" . $_SERVER['HTTP_HOST'] . $self . "installation/index.php" );
    exit();
}

require( 'globals.php' );
require( 'configuration.php' );

// SSL check - $http_host returns <live site url>:<port number if it is 443>
$http_host = explode(':', $_SERVER['HTTP_HOST'] );
if( (!empty( $_SERVER['HTTPS'] ) && strtolower( $_SERVER['HTTPS'] ) != 'off' || isset( $http_host[1] ) && $http_host[1] == 443) && substr( $mosConfig_live_site, 0, 8 ) != 'https://' ) {
    $mosConfig_live_site = 'https://'.substr( $mosConfig_live_site, 7 );
}

require_once( 'includes/joomla.php' );

//Installation sub folder check, removed for work with SVN
if (file_exists( 'installation/index.php' ) && $_VERSION->SVN == 0) {
    define( '_INSTALL_CHECK', 1 );
    include ( $mosConfig_absolute_path .'/offline.php');
    exit();
}

// displays offline/maintanance page or bar
if ($mosConfig_offline == 1) {
    require( $mosConfig_absolute_path .'/offline.php' );
}

// load system bot group
$_MAMBOTS->loadBotGroup( 'system' );

// trigger the onStart events
$_MAMBOTS->trigger( 'onStart' );

if (file_exists( $mosConfig_absolute_path .'/components/com_sef/sef.php' )) {
    require_once( $mosConfig_absolute_path .'/components/com_sef/sef.php' );
} else {
    require_once( $mosConfig_absolute_path .'/includes/sef.php' );
}
require_once( $mosConfig_absolute_path .'/includes/frontend.php' );

// retrieve some expected url (or form) arguments
$option = strval( strtolower( mosGetParam( $_REQUEST, 'option' ) ) );
$Itemid = intval( mosGetParam( $_REQUEST, 'Itemid', null ) );

if ($option == '') {
    if ($Itemid) {
        $query = "SELECT id, link"
        . "\n FROM #__menu"
        . "\n WHERE menutype = 'mainmenu'"
        . "\n AND id = " . (int) $Itemid
        . "\n AND published = 1"
        ;
        $database->setQuery( $query );
    } else {
        $query = "SELECT id, link"
        . "\n FROM #__menu"
        . "\n WHERE menutype = 'mainmenu'"
        . "\n AND published = 1"
        . "\n ORDER BY parent, ordering"
        ;
        $database->setQuery( $query, 0, 1 );
    }
    $menu = new mosMenu( $database );
    if ($database->loadObject( $menu )) {
        $Itemid = $menu->id;
    }
    $link = $menu->link;
    if (($pos = strpos( $link, '?' )) !== false) {
        $link = substr( $link, $pos+1 ). '&Itemid='.$Itemid;
    }
    parse_str( $link, $temp );
    /** this is a patch, need to rework when globals are handled better */
    foreach ($temp as $k=>$v) {
        $GLOBALS[$k] = $v;
        $_REQUEST[$k] = $v;
        if ($k == 'option') {
            $option = $v;
        }
    }
}
if ( !$Itemid ) {
// when no Itemid give a default value
    $Itemid = 99999999;
}

// mainframe is an API workhorse, lots of 'core' interaction routines
$mainframe = new mosMainFrame( $database, $option, '.' );
$mainframe->initSession();

// trigger the onAfterStart events
$_MAMBOTS->trigger( 'onAfterStart' );

// checking if we can find the Itemid thru the content
if ( $option == 'com_content' && $Itemid === 0 ) {
    $id     = intval( mosGetParam( $_REQUEST, 'id', 0 ) );
    $Itemid = $mainframe->getItemid( $id );
}

/** do we have a valid Itemid yet?? */
if ( $Itemid === 0 ) {
    /** Nope, just use the homepage then. */
    $query = "SELECT id"
    . "\n FROM #__menu"
    . "\n WHERE menutype = 'mainmenu'"
    . "\n AND published = 1"
    . "\n ORDER BY parent, ordering"
    ;
    $database->setQuery( $query, 0, 1 );
    $Itemid = $database->loadResult();
}

// patch to lessen the impact on templates
if ($option == 'search') {
    $option = 'com_search';
}

// loads english language file by default
if ($mosConfig_lang=='') {
    $mosConfig_lang = 'english';
}
include_once( $mosConfig_absolute_path .'/language/' . $mosConfig_lang . '.php' );

// frontend login & logout controls
$return     = strval( mosGetParam( $_REQUEST, 'return', NULL ) );
$message     = intval( mosGetParam( $_POST, 'message', 0 ) );

// Get the information about the current user from the sessions table
$my = $mainframe->getUser();

if ($option == 'login') {
    $mainframe->login();

    // JS Popup message
    if ( $message ) {
        ?>
        <script language="javascript" type="text/javascript">
        <!--//
        alert( "<?php echo addslashes( _LOGIN_SUCCESS ); ?>" );
        //-->
        </script>
        <?php
    }

    if ( $return && !( strpos( $return, 'com_registration' ) || strpos( $return, 'com_login' ) ) ) {
    // checks for the presence of a return url
    // and ensures that this url is not the registration or login pages
        // If a sessioncookie exists, redirect to the given page. Otherwise, take an extra round for a cookiecheck
        if (isset( $_COOKIE[mosMainFrame::sessionCookieName()] )) {
            mosRedirect( $return );
        } else {
            mosRedirect( $mosConfig_live_site .'/index.php?option=cookiecheck&return=' . urlencode( $return ) );
        }
    } else {
        // If a sessioncookie exists, redirect to the start page. Otherwise, take an extra round for a cookiecheck
        if (isset( $_COOKIE[mosMainFrame::sessionCookieName()] )) {
            mosRedirect( $mosConfig_live_site .'/index.php' );
        } else {
            mosRedirect( $mosConfig_live_site .'/index.php?option=cookiecheck&return=' . urlencode( $mosConfig_live_site .'/index.php' ) );
        }
    }

} else if ($option == 'logout') {
    $mainframe->logout();

    // JS Popup message
    if ( $message ) {
        ?>
        <script language="javascript" type="text/javascript">
        <!--//
        alert( "<?php echo addslashes( _LOGOUT_SUCCESS ); ?>" );
        //-->
        </script>
        <?php
    }

    if ( $return && !( strpos( $return, 'com_registration' ) || strpos( $return, 'com_login' ) ) ) {
    // checks for the presence of a return url
    // and ensures that this url is not the registration or logout pages
        mosRedirect( $return );
    } else {
        mosRedirect( $mosConfig_live_site.'/index.php' );
    }
} else if ($option == 'cookiecheck') {
    // No cookie was set upon login. If it is set now, redirect to the given page. Otherwise, show error message.
    if (isset( $_COOKIE[mosMainFrame::sessionCookieName()] )) {
        mosRedirect( $return );
    } else {
        mosErrorAlert( _ALERT_ENABLED );
    }
}

// detect first visit
$mainframe->detect();

// set for overlib check
$mainframe->set( 'loadOverlib', false );

$gid = intval( $my->gid );

// gets template for page
$cur_template = $mainframe->getTemplate();
/** temp fix - this feature is currently disabled */

/** @global A places to store information from processing of the component */
$_MOS_OPTION = array();

// precapture the output of the component
require_once( $mosConfig_absolute_path . '/editor/editor.php' );

ob_start();

if ($path = $mainframe->getPath( 'front' )) {
    $task     = strval( mosGetParam( $_REQUEST, 'task', '' ) );
    $ret     = mosMenuCheck( $Itemid, $option, $task, $gid );

    if ($ret) {
        require_once( $path );
    } else {
        mosNotAuth();
    }
} else {
    header( 'HTTP/1.0 404 Not Found' );
    echo _NOT_EXIST;
}

$_MOS_OPTION['buffer'] = ob_get_contents();

ob_end_clean();

initGzip();

header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
header( 'Cache-Control: no-store, no-cache, must-revalidate' );
header( 'Cache-Control: post-check=0, pre-check=0', false );
header( 'Pragma: no-cache' );

// display the offline alert if an admin is logged in
if (defined( '_ADMIN_OFFLINE' )) {
    include( $mosConfig_absolute_path .'/offlinebar.php' );
}

// loads template file
if ( !file_exists( $mosConfig_absolute_path .'/templates/'. $cur_template .'/index.php' ) ) {
    echo _TEMPLATE_WARN . $cur_template;
} else {
    require_once( $mosConfig_absolute_path .'/templates/'. $cur_template .'/index.php' );
    echo '<!-- '. time() .' -->';
}

// displays queries performed for page
if ($mosConfig_debug) {
    echo $database->_ticker . ' queries executed';
    echo '<pre>';
     foreach ($database->_log as $k=>$sql) {
         echo $k+1 . "\n" . $sql . '<hr />';
    }
    echo '</pre>';
}

doGzip();
?>

Kann mir jemand sagen welche die Schadcodezeilen sind?


mfg
christof

und hier noch die index2.php


index2.php

PHP-Code:

<?php
/**
* @version $Id: index2.php 10041 2008-02-15 21:48:13Z eddieajau $
* @package Joomla
* @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*/

// Set flag that this is a parent file
define( '_VALID_MOS', 1 );

require( 'globals.php' );
require( 'configuration.php' );

// SSL check - $http_host returns <live site url>:<port number if it is 443>
$http_host = explode(':', $_SERVER['HTTP_HOST'] );
if( (!empty( $_SERVER['HTTPS'] ) && strtolower( $_SERVER['HTTPS'] ) != 'off' || isset( $http_host[1] ) && $http_host[1] == 443) && substr( $mosConfig_live_site, 0, 8 ) != 'https://' ) {
    $mosConfig_live_site = 'https://'.substr( $mosConfig_live_site, 7 );
}

require_once( 'includes/joomla.php' );

// displays offline/maintanance page or bar
if ($mosConfig_offline == 1) {
    require( $mosConfig_absolute_path .'/offline.php' );
}

// load system bot group
$_MAMBOTS->loadBotGroup( 'system' );

// trigger the onStart events
$_MAMBOTS->trigger( 'onStart' );

if (file_exists( $mosConfig_absolute_path .'/components/com_sef/sef.php' )) {
    require_once( $mosConfig_absolute_path .'/components/com_sef/sef.php' );
} else {
    require_once( $mosConfig_absolute_path .'/includes/sef.php' );
}
require_once( $mosConfig_absolute_path .'/includes/frontend.php' );

// retrieve some expected url (or form) arguments
$option     = strtolower( strval( mosGetParam( $_REQUEST, 'option' ) ) );
$Itemid     = intval( mosGetParam( $_REQUEST, 'Itemid', 0 ) );
$no_html     = intval( mosGetParam( $_REQUEST, 'no_html', 0 ) );
$act         = strval( mosGetParam( $_REQUEST, 'act', '' ) );
$do_pdf     = intval( mosGetParam( $_REQUEST, 'do_pdf', 0 ) );

// mainframe is an API workhorse, lots of 'core' interaction routines
$mainframe = new mosMainFrame( $database, $option, '.' );
$mainframe->initSession();

// trigger the onAfterStart events
$_MAMBOTS->trigger( 'onAfterStart' );

// get the information about the current user from the sessions table
$my = $mainframe->getUser();
// patch to lessen the impact on templates
if ($option == 'search') {
    $option = 'com_search';
}

// loads english language file by default
if ($mosConfig_lang=='') {
    $mosConfig_lang = 'english';
}
include_once( $mosConfig_absolute_path .'/language/' . $mosConfig_lang . '.php' );


if ($option == 'login') {
    $mainframe->login();
    mosRedirect('index.php');
} else if ($option == 'logout') {
    $mainframe->logout();
    mosRedirect( 'index.php' );
}

if ( $do_pdf == 1 ){
    include $mosConfig_absolute_path .'/includes/pdf.php';
    exit();
}


// detect first visit
$mainframe->detect();

$gid = intval( $my->gid );

$cur_template = $mainframe->getTemplate();

// precapture the output of the component
require_once( $mosConfig_absolute_path . '/editor/editor.php' );

ob_start();

if ($path = $mainframe->getPath( 'front' )) {
    $task     = strval( mosGetParam( $_REQUEST, 'task', '' ) );
    $ret     = mosMenuCheck( $Itemid, $option, $task, $gid );
    if ($ret) {
        require_once( $path );
    } else {
        mosNotAuth();
    }
} else {
    header("HTTP/1.0 404 Not Found");
    echo _NOT_EXIST;
}
$_MOS_OPTION['buffer'] = ob_get_contents();

ob_end_clean();

initGzip();

header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
header( 'Cache-Control: no-store, no-cache, must-revalidate' );
header( 'Cache-Control: post-check=0, pre-check=0', false );
header( 'Pragma: no-cache' );

// display the offline alert if an admin is logged in
if (defined( '_ADMIN_OFFLINE' )) {
    include( $mosConfig_absolute_path .'/offlinebar.php' );
}

// start basic HTML
if ( $no_html == 0 ) {
    $customIndex2 = 'templates/'. $mainframe->getTemplate() .'/index2.php';
    if (file_exists( $customIndex2 )) {
        require( $customIndex2 );
    } else {
        // needed to seperate the ISO number from the language file constant _ISO
        $iso = split( '=', _ISO );
        // xml prolog
        echo '<?xml version="1.0" encoding="'. $iso[1] .'"?' .'>';
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
        <head>
            <?php echo $mainframe->getHead(); ?>
            <link rel="stylesheet" href="templates/<?php echo $cur_template;?>/css/template_css.css" type="text/css" />
            <link rel="shortcut icon" href="<?php echo $mosConfig_live_site; ?>/images/favicon.ico" />
            <meta **********="Content-Type" content="text/html; <?php echo _ISO; ?>" />
            <meta name="robots" content="noindex, nofollow" />
            <?php if ($my->id || $mainframe->get( 'joomlaJavascript' )) { ?>
            <script language="JavaScript" src="<?php echo $mosConfig_live_site;?>/includes/js/joomla.javascript.js" type="text/javascript"></script>
            <?php } ?>
        </head>
        <body class="contentpane">
            <?php mosMainBody(); ?>
        </body>
    </html>
    <?php
    }
} else {
    mosMainBody();
}
doGzip();
?>

Danke, hab es so wie in diesem Post erwähnt gemacht...scheint zu funktionieren.

http://www.joomlaportal.de/sicherhei...tml#post637115

Hier die index.php:

<?php
/**
* @version $Id: index.php 10041 2008-02-15 21:48:13Z eddieajau $
* @package Joomla
* @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*/

// Set flag that this is a parent file
define( '_VALID_MOS', 1 );

// checks for configuration file, if none found loads installation page
if (!file_exists( 'configuration.php' ) || filesize( 'configuration.php' ) < 10) {
$self = rtrim( dirname( $_SERVER['PHP_SELF'] ), '/\\' ) . '/';
header("Location: http://" . $_SERVER['HTTP_HOST'] . $self . "installation/index.php" );
exit();
}

require( 'globals.php' );
require( 'configuration.php' );

// SSL check - $http_host returns <live site url>:<port number if it is 443>
$http_host = explode(':', $_SERVER['HTTP_HOST'] );
if( (!empty( $_SERVER['HTTPS'] ) && strtolower( $_SERVER['HTTPS'] ) != 'off' || isset( $http_host[1] ) && $http_host[1] == 443) && substr( $mosConfig_live_site, 0, 8 ) != 'https://' ) {
$mosConfig_live_site = 'https://'.substr( $mosConfig_live_site, 7 );
}

require_once( 'includes/joomla.php' );

//Installation sub folder check, removed for work with SVN
if (file_exists( 'installation/index.php' ) && $_VERSION->SVN == 0) {
define( '_INSTALL_CHECK', 1 );
include ( $mosConfig_absolute_path .'/offline.php');
exit();
}

// displays offline/maintanance page or bar
if ($mosConfig_offline == 1) {
require( $mosConfig_absolute_path .'/offline.php' );
}

// load system bot group
$_MAMBOTS->loadBotGroup( 'system' );

// trigger the onStart events
$_MAMBOTS->trigger( 'onStart' );

if (file_exists( $mosConfig_absolute_path .'/components/com_sef/sef.php' )) {
require_once( $mosConfig_absolute_path .'/components/com_sef/sef.php' );
} else {
require_once( $mosConfig_absolute_path .'/includes/sef.php' );
}
require_once( $mosConfig_absolute_path .'/includes/frontend.php' );

// retrieve some expected url (or form) arguments
$option = strval( strtolower( mosGetParam( $_REQUEST, 'option' ) ) );
$Itemid = intval( mosGetParam( $_REQUEST, 'Itemid', null ) );

if ($option == '') {
if ($Itemid) {
$query = "SELECT id, link"
. "\n FROM #__menu"
. "\n WHERE menutype = 'mainmenu'"
. "\n AND id = " . (int) $Itemid
. "\n AND published = 1"
;
$database->setQuery( $query );
} else {
$query = "SELECT id, link"
. "\n FROM #__menu"
. "\n WHERE menutype = 'mainmenu'"
. "\n AND published = 1"
. "\n ORDER BY parent, ordering"
;
$database->setQuery( $query, 0, 1 );
}
$menu = new mosMenu( $database );
if ($database->loadObject( $menu )) {
$Itemid = $menu->id;
}
$link = $menu->link;
if (($pos = strpos( $link, '?' )) !== false) {
$link = substr( $link, $pos+1 ). '&Itemid='.$Itemid;
}
parse_str( $link, $temp );
/** this is a patch, need to rework when globals are handled better */
foreach ($temp as $k=>$v) {
$GLOBALS[$k] = $v;
$_REQUEST[$k] = $v;
if ($k == 'option') {
$option = $v;
}
}
}
if ( !$Itemid ) {
// when no Itemid give a default value
$Itemid = 99999999;
}

// mainframe is an API workhorse, lots of 'core' interaction routines
$mainframe = new mosMainFrame( $database, $option, '.' );
$mainframe->initSession();

// trigger the onAfterStart events
$_MAMBOTS->trigger( 'onAfterStart' );

// checking if we can find the Itemid thru the content
if ( $option == 'com_content' && $Itemid === 0 ) {
$id = intval( mosGetParam( $_REQUEST, 'id', 0 ) );
$Itemid = $mainframe->getItemid( $id );
}

/** do we have a valid Itemid yet?? */
if ( $Itemid === 0 ) {
/** Nope, just use the homepage then. */
$query = "SELECT id"
. "\n FROM #__menu"
. "\n WHERE menutype = 'mainmenu'"
. "\n AND published = 1"
. "\n ORDER BY parent, ordering"
;
$database->setQuery( $query, 0, 1 );
$Itemid = $database->loadResult();
}

// patch to lessen the impact on templates
if ($option == 'search') {
$option = 'com_search';
}

// loads english language file by default
if ($mosConfig_lang=='') {
$mosConfig_lang = 'english';
}
include_once( $mosConfig_absolute_path .'/language/' . $mosConfig_lang . '.php' );

// frontend login & logout controls
$return = strval( mosGetParam( $_REQUEST, 'return', NULL ) );
$message = intval( mosGetParam( $_POST, 'message', 0 ) );

// Get the information about the current user from the sessions table
$my = $mainframe->getUser();

if ($option == 'login') {
$mainframe->login();

// JS Popup message
if ( $message ) {
?>
<script language="javascript" type="text/javascript">
<!--//
alert( "<?php echo addslashes( _LOGIN_SUCCESS ); ?>" );
//-->
</script>
<?php
}

if ( $return && !( strpos( $return, 'com_registration' ) || strpos( $return, 'com_login' ) ) ) {
// checks for the presence of a return url
// and ensures that this url is not the registration or login pages
// If a sessioncookie exists, redirect to the given page. Otherwise, take an extra round for a cookiecheck
if (isset( $_COOKIE[mosMainFrame::sessionCookieName()] )) {
mosRedirect( $return );
} else {
mosRedirect( $mosConfig_live_site .'/index.php?option=cookiecheck&return=' . urlencode( $return ) );
}
} else {
// If a sessioncookie exists, redirect to the start page. Otherwise, take an extra round for a cookiecheck
if (isset( $_COOKIE[mosMainFrame::sessionCookieName()] )) {
mosRedirect( $mosConfig_live_site .'/index.php' );
} else {
mosRedirect( $mosConfig_live_site .'/index.php?option=cookiecheck&return=' . urlencode( $mosConfig_live_site .'/index.php' ) );
}
}

} else if ($option == 'logout') {
$mainframe->logout();

// JS Popup message
if ( $message ) {
?>
<script language="javascript" type="text/javascript">
<!--//
alert( "<?php echo addslashes( _LOGOUT_SUCCESS ); ?>" );
//-->
</script>
<?php
}

if ( $return && !( strpos( $return, 'com_registration' ) || strpos( $return, 'com_login' ) ) ) {
// checks for the presence of a return url
// and ensures that this url is not the registration or logout pages
mosRedirect( $return );
} else {
mosRedirect( $mosConfig_live_site.'/index.php' );
}
} else if ($option == 'cookiecheck') {
// No cookie was set upon login. If it is set now, redirect to the given page. Otherwise, show error message.
if (isset( $_COOKIE[mosMainFrame::sessionCookieName()] )) {
mosRedirect( $return );
} else {
mosErrorAlert( _ALERT_ENABLED );
}
}

// detect first visit
$mainframe->detect();

// set for overlib check
$mainframe->set( 'loadOverlib', false );

$gid = intval( $my->gid );

// gets template for page
$cur_template = $mainframe->getTemplate();
/** temp fix - this feature is currently disabled */

/** @global A places to store information from processing of the component */
$_MOS_OPTION = array();

// precapture the output of the component
require_once( $mosConfig_absolute_path . '/editor/editor.php' );

ob_start();

if ($path = $mainframe->getPath( 'front' )) {
$task = strval( mosGetParam( $_REQUEST, 'task', '' ) );
$ret = mosMenuCheck( $Itemid, $option, $task, $gid );

if ($ret) {
require_once( $path );
} else {
mosNotAuth();
}
} else {
header( 'HTTP/1.0 404 Not Found' );
echo _NOT_EXIST;
}

$_MOS_OPTION['buffer'] = ob_get_contents();

ob_end_clean();

initGzip();

header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
header( 'Cache-Control: no-store, no-cache, must-revalidate' );
header( 'Cache-Control: post-check=0, pre-check=0', false );
header( 'Pragma: no-cache' );

// display the offline alert if an admin is logged in
if (defined( '_ADMIN_OFFLINE' )) {
include( $mosConfig_absolute_path .'/offlinebar.php' );
}

// loads template file
if ( !file_exists( $mosConfig_absolute_path .'/templates/'. $cur_template .'/index.php' ) ) {
echo _TEMPLATE_WARN . $cur_template;
} else {
require_once( $mosConfig_absolute_path .'/templates/'. $cur_template .'/index.php' );
echo '<!-- '. time() .' -->';
}

// displays queries performed for page
if ($mosConfig_debug) {
echo $database->_ticker . ' queries executed';
echo '<pre>';
foreach ($database->_log as $k=>$sql) {
echo $k+1 . "\n" . $sql . '<hr />';
}
echo '</pre>';
}

doGzip();
?>


Ich hab mir nicht die Mühe gemacht, die Zeilen zu vergleichen, Tatsache ist aber, das sowohl Antivir als auch Sophos mit dem Code zufrieden sind
Grüße vom Buchdrucker

Hier die index2.php:

<?php
/**
* @version $Id: index2.php 10041 2008-02-15 21:48:13Z eddieajau $
* @package Joomla
* @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*/

// Set flag that this is a parent file
define( '_VALID_MOS', 1 );

require( 'globals.php' );
require( 'configuration.php' );

// SSL check - $http_host returns <live site url>:<port number if it is 443>
$http_host = explode(':', $_SERVER['HTTP_HOST'] );
if( (!empty( $_SERVER['HTTPS'] ) && strtolower( $_SERVER['HTTPS'] ) != 'off' || isset( $http_host[1] ) && $http_host[1] == 443) && substr( $mosConfig_live_site, 0, 8 ) != 'https://' ) {
$mosConfig_live_site = 'https://'.substr( $mosConfig_live_site, 7 );
}

require_once( 'includes/joomla.php' );

// displays offline/maintanance page or bar
if ($mosConfig_offline == 1) {
require( $mosConfig_absolute_path .'/offline.php' );
}

// load system bot group
$_MAMBOTS->loadBotGroup( 'system' );

// trigger the onStart events
$_MAMBOTS->trigger( 'onStart' );

if (file_exists( $mosConfig_absolute_path .'/components/com_sef/sef.php' )) {
require_once( $mosConfig_absolute_path .'/components/com_sef/sef.php' );
} else {
require_once( $mosConfig_absolute_path .'/includes/sef.php' );
}
require_once( $mosConfig_absolute_path .'/includes/frontend.php' );

// retrieve some expected url (or form) arguments
$option = strtolower( strval( mosGetParam( $_REQUEST, 'option' ) ) );
$Itemid = intval( mosGetParam( $_REQUEST, 'Itemid', 0 ) );
$no_html = intval( mosGetParam( $_REQUEST, 'no_html', 0 ) );
$act = strval( mosGetParam( $_REQUEST, 'act', '' ) );
$do_pdf = intval( mosGetParam( $_REQUEST, 'do_pdf', 0 ) );

// mainframe is an API workhorse, lots of 'core' interaction routines
$mainframe = new mosMainFrame( $database, $option, '.' );
$mainframe->initSession();

// trigger the onAfterStart events
$_MAMBOTS->trigger( 'onAfterStart' );

// get the information about the current user from the sessions table
$my = $mainframe->getUser();
// patch to lessen the impact on templates
if ($option == 'search') {
$option = 'com_search';
}

// loads english language file by default
if ($mosConfig_lang=='') {
$mosConfig_lang = 'english';
}
include_once( $mosConfig_absolute_path .'/language/' . $mosConfig_lang . '.php' );


if ($option == 'login') {
$mainframe->login();
mosRedirect('index.php');
} else if ($option == 'logout') {
$mainframe->logout();
mosRedirect( 'index.php' );
}

if ( $do_pdf == 1 ){
include $mosConfig_absolute_path .'/includes/pdf.php';
exit();
}


// detect first visit
$mainframe->detect();

$gid = intval( $my->gid );

$cur_template = $mainframe->getTemplate();

// precapture the output of the component
require_once( $mosConfig_absolute_path . '/editor/editor.php' );

ob_start();

if ($path = $mainframe->getPath( 'front' )) {
$task = strval( mosGetParam( $_REQUEST, 'task', '' ) );
$ret = mosMenuCheck( $Itemid, $option, $task, $gid );
if ($ret) {
require_once( $path );
} else {
mosNotAuth();
}
} else {
header("HTTP/1.0 404 Not Found");
echo _NOT_EXIST;
}
$_MOS_OPTION['buffer'] = ob_get_contents();

ob_end_clean();

initGzip();

header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
header( 'Cache-Control: no-store, no-cache, must-revalidate' );
header( 'Cache-Control: post-check=0, pre-check=0', false );
header( 'Pragma: no-cache' );

// display the offline alert if an admin is logged in
if (defined( '_ADMIN_OFFLINE' )) {
include( $mosConfig_absolute_path .'/offlinebar.php' );
}

// start basic HTML
if ( $no_html == 0 ) {
$customIndex2 = 'templates/'. $mainframe->getTemplate() .'/index2.php';
if (file_exists( $customIndex2 )) {
require( $customIndex2 );
} else {
// needed to seperate the ISO number from the language file constant _ISO
$iso = split( '=', _ISO );
// xml prolog
echo '<?xml version="1.0" encoding="'. $iso[1] .'"?' .'>';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php echo $mainframe->getHead(); ?>
<link rel="stylesheet" href="templates/<?php echo $cur_template;?>/css/template_css.css" type="text/css" />
<link rel="shortcut icon" href="<?php echo $mosConfig_live_site; ?>/images/favicon.ico" />
<meta **********="Content-Type" content="text/html; <?php echo _ISO; ?>" />
<meta name="robots" content="noindex, nofollow" />
<?php if ($my->id || $mainframe->get( 'joomlaJavascript' )) { ?>
<script language="JavaScript" src="<?php echo $mosConfig_live_site;?>/includes/js/joomla.javascript.js" type="text/javascript"></script>
<?php } ?>
</head>
<body class="contentpane">
<?php mosMainBody(); ?>
</body>
</html>
<?php
}
} else {
mosMainBody();
}
doGzip();
?>

So viel Spaß damit!