Krydos

Your account was suspended for the following reason: Malware. 5 file(s). ANDR.Trojan.GingerBreak FOUND That means that there are some malware files found on your account. For your safety and to protect your website from potential further corruption the account has been suspended. To find the infected files we recommend making a backup of your site, download the backup file to your computer, and scan the backup using a reputable virus and malware scanner. If you're having trouble locating the offending files please ask and we can provide more information. If you are you certain that it is a false-positive, we strongly encourage you to file a false positive form here: http://cgi.clamav.net/sendvirus.cgi Your account should be unsuspended now, but keep in mind that this is a temporary unsuspension. You have 24 hours starting at the time of this post to clean your account of any and all malicious files or your account will be resuspended.

You are not, as of the timestamp of this post, listed under the brute force protection, but you may have been 40 minutes ago. Are you able to log in now? If not let us know and we might need to manually reset your password.

Deployed. http://infopar.heliohost.org/webCat/

Yes, you can get the same domain, but that might be a little excessive since the file in question is already gone. Your account is showing up as clean right now.

Your account was suspended for the following reason: Malware. 1 file(s). ANDR.Trojan.GingerBreak FOUND That means that there are some malware files found on your account. For your safety and to protect your website from potential further corruption the account has been suspended. To find the infected files we recommend making a backup of your site, download the backup file to your computer, and scan the backup using a reputable virus and malware scanner. If you're having trouble locating the offending files please ask and we can provide more information. If you are you certain that it is a false-positive, we strongly encourage you to file a false positive form here: http://cgi.clamav.net/sendvirus.cgi Your account should be unsuspended now, but keep in mind that this is a temporary unsuspension. You have 24 hours starting at the time of this post to clean your account of any and all malicious files or your account will be resuspended.

Yes, there are a few ways to log into cPanel that do not get counted by the system. The most notable being the cPanel smartphone app. If you would like to test various ways of logging in just let us know and an admin/moderator can check your last login date for you. Also it's a good idea to make sure your contact email address is up to date in cPanel because you receive emails warnings when your account is suspended for inactivity with instructions on how to reactivate it.

Nothing on Heliohost is instantaneous. The deletion script can take anywhere between 5 seconds to 48 hours to delete an account; it just depends in the load of the server and how many tasks are ahead of yours in the queue. If we were to offer instantaneous deletions and creations the servers would be a lot less stable than they already are because 100 people might all decide to delete/create an account all at once which would cause massive load. I'm unsure why the deletion script was timing out on you. No one else has ever reported anything like that so maybe it was just a browser thing, but there is no account by that username in the system so it must have worked. Feel free to create your new account now. If you're interested in having an account on Stevie this link may help you http://krydos.tk/sign-up.php

Ok, it's unsuspended. Let us know when you're done backing up that account.

Your account is showing up as clean now. Thank you for taking care of this.

We can unsuspend one account at a time allowing you to create your own backups, or email a link for the account backup to the contact email address of each account.

The only reason Heliohost staff would delete any files from a user's account was if that file showed up as containing malware by our scanner. Even then we would first suspend the account without changing anything at all, then when the user is ready to fix the problem the account is unsuspended for 24 hours, and if the malware is still there at the end of the 24 hour period the account is once again suspended, and this time the offending file or files are deleted. Since your account has never been suspended for malware this doesn't apply to you and there is no way any member of the Heliohost staff would have deleted any of your files. Another explanation would be if the file system was corrupted and your file happened to be located on the exact portion that was corrupted. Then when the file system scan passed over the corrupted part it would recover whatever data it could into a lost+found directory, and your file may or may not be recoverable depending on how much data was lost. However, the last filesystem scan on Stevie was about 80 days ago, and your account has only existed for 21 days. If you're running an older version of a CMS or some other vulnerable software on your site it's possible some bot or script kiddie found your site and messed things up for you. If this is the case I would recommend upgrading to a non-vulnerable version or fixing any security holes that you may have. Who knows, I could keep going with theories for quite a while, but the fact of the matter is nothing stored on a computer is ever permanent. Maybe you left a FTP client open and your cat ran across the keyboard and deleted the file. The world may never know what happened, but the world does know that it's always a good idea to keep backups of everything. Just restore your image from your latest backup, and if it happens again spend even more effort trying to figure out how it got deleted, but I can assure you that none of us did it.

We don't monitor the contents of emails for obvious privacy reasons, so you're actually in a better position to figure out where the emails are coming from than an administrator is. I can tell you that in the last four days your account has sent 330 emails though. I would recommend looking in the sent box of all of your account's email addresses and see if you can find any outbound emails. Then if you do look at the full source including all headers of the email and sometimes you can find something like /home/kdev/public_html/plugin/email/spam.php that will let you know what script the email originated from. It's possible the script is sending out emails that aren't associated with any email address such as no-reply@kdev.com or whatever. If that's the case you might be able to enable a default email address on all of your domains, and that way if any of the receiving email servers have an error for instance "no such account" it will bounce a copy of the email back to you and the default address will catch it and you can examine the headers as I explained above. Another idea would be to download your whole site and all of the files to your computer and then do some sort of text search through them. For instance if you run Linux or OSX and your site is mostly php a good search might look like: grep -r 'mail(' /home/kdev/*

Running a cron job every minute would result in 1440 cron runs per day which is 1438 more than you're allowed. Yes, I believe the system automatically deletes crons that are scheduled to run too frequently. Running a cron job once per day is fine because that would only be half of what you are allowed.

It depends on the firewall. If the firewall is installed on each computer (unlikely) then it might even block 127.0.0.1:3306, but even if it was installed on each computer it could be configured to allow the computer to connect to any local port. Most likely it is just a network wide firewall. If you just use phpmyadmin in your cpanel account you can type mysql queries, and it uses port 80 so nothing should be blocked about it. You could also talk to the network administrators to ask them to allow you to use port 3306.

You have three options: If you're still wanting a dedicated IP address you must let us know what Heliohost hosting account is associated with the dedicated IP payment. If you're wanting a refund just let us know, but you're quickly running out of time for one to be issued. If you're wanting your $12 to be considered a donation to keep Heliohost running you have our thanks, and you don't need to respond to this thread in any way. This is the last time I bump your thread so 7 days from now if there are no new responses this thread will be automatically flagged as inactive and closed.

That account cannot be unsuspended.

I wasn't sure if I had your permission to delete all of your domains and recreate them so last time you asked about this I just told you how to delete your own domains and re-add them. Since you're posting about it again I went ahead and assumed that I had permission to delete all your domains. It looks like everything is set up right now, and you should be able to see your addon and subdomains if you log into cPanel. If you give them 24 hours the queued page should clear up and they should even start working too. Let us know if everything isn't working correctly after 24 hours.

Your account is showing up as clean now. Thank you for taking care of this.

Since you've been suspended multiple times for malware I definitely recommend you do some research on how to fix vulnerabilities on your site that hackers and spambots are abusing to upload these files and take control of your account. But for now... Your account is showing up as clean now. Thank you for taking care of this.

I've found the easiest way to set up cloudflare is the following. Set your domain's nameservers to ns1.heliohost.org and ns2.heliohost.org Park, or addon your domain through cPanel. Wait 24 hours and make sure your domain is working as expected. Log into cloudflare's website, and type in your domain. Cloudflare will copy all the existing, proven to work settings and instruct you to change your nameservers to something like olga.cloudflare.com and cleetus.cloudflare.com. Log into your domain registrar's website and make the changes. Wait 15 minutes to 48 hours for your DNS changes to go through, and cloudflare will alert you when everything is good to go. Obviously, there are shortcuts for everything, but this process leaves the least room for error and pretty much guarantees you a functional set up.

/home1/mdnsta/public_html/3dsgallery/upload/picodes.jpg

Deployed. http://infopar.heliohost.org/webCat/

Yes, adding ftp. to the front of your main domain should be the ftp domain for your account. Any luck getting a useful error message?

It sounds like your college network is blocking port 3306. You could ask them about it, or only connect from the other computer that isn't blocked.

If you own the domain and want to host it on our servers you must do as I outlined above. If you do not own that domain here is the tool http://www.heliohost.org/home/support/scripts/domain for changing your main domain. If you don't own any domains I would recommend using a <name>.heliohost.org type domain because we offer those for free. Heliohost is a hosting service not a registrar service so you cannot just type in any random domain name and expect it to work if you haven't purchased it. If you're interested in purchasing a domain to use with your Heliohost hosting account I would recommend http://namecheap.com/ , http://godaddy.com/ or something else similar. There are also free domain registrars such as http://dot.tk/ that we can recommend.