kli1 Posted August 24, 2013 Posted August 24, 2013 Dear administration: My case is the following: a. your HelioHost username : kligerb. the server your account is on : steviec. your HelioHost main domain : remontik.msk.ru (currently unregistered), main active domain is ascii.org.ru (there are a few more domains) Last week my account was hacked by an Iranian group "Ashiyane Digital Security Team", I deleted some of their files and changed password.Known solutions to re-activate the account do not help.Could you, please, help me?
Byron Posted August 25, 2013 Posted August 25, 2013 Your account was suspended for the following reason: Malware. 1 file(s). PHP.Shell-56 FOUND That means that there are some malware files found on your account. For your safety and to protect your website from potential further corruption the account has been suspended. To find the infected files we recommend making a backup of your site, download the backup file to your computer, and scan the backup using a reputable virus and malware scanner. If you're having trouble locating the offending files please ask and we can provide more information. If you are you certain that it is a false-positive, we strongly encourage you to file a false positive form here: http://cgi.clamav.net/sendvirus.cgi Your account should be unsuspended now, but keep in mind that this is a temporary unsuspension. You have 24 hours starting at the time of this post to clean your account of any and all malicious files or your account will be resuspended.
kli1 Posted August 25, 2013 Author Posted August 25, 2013 Albeit my antivirus didn't find anything, I deleted all the files uploaded by hackers (see my first post). Could you, please, give the name of the file, unless it has been already deleted.
Recommended Posts