LinkBack URL
About LinkBacksSuspension Reason: Lwscanner: virus detected, php. Shell-21 in wp-admin/mihandownload. Php [zero tolerance, permanent suspension] [lwscanner]
I want to active my site
wat can i do?
x10Hosting Member
Suspension Reason: Lwscanner: virus detected, php. Shell-21 in wp-admin/mihandownload. Php [zero tolerance, permanent suspension] [lwscanner]
I want to active my site
wat can i do?
Abuse Compliance Officer
All you can hope is that after I do my re-review, that it turns out to be a false suspension.
Cause if it's valid, you've put all of x10hosting's customers at risk with a shell script on your account, and that's something we have absolutely NO tolerance for.
TOS breakers will be suspended regardless of race, creed, national origin, hair color, or favorite food. Thanks for your understanding!
Abuse Compliance Officer
Verified suspension through other sources as the file in question self-terminated off of the server.
Shell-21 is in the antivirus filters from October 2008 as a known malware script. So far I haven't turned up any results of this being a false positive. What's not helping in your case is the fact that the scanner in question can only scan it if it's ran, so we know the file was ran. It downloaded it, scanned it, found it to be a shell bad enough to put x10hosting at risk, and suspended it.
The shell in question appears to be a variation of the C99 shell from what I can understand of the results kicked back. That's a no-no. This jives with several online "mass-antivirus-scan" reports where more than one antivirus was told to scan the same file. In one particular result, it scanned as PHP.Shell-21, PHP.Backdoor-X, PHP.Shell-X, PHP/C99ShellA, Trojan.C99, PHP.Shellbot.X, among others. Whatever was in that file isn't allowed no matter how you slice it.
Last edited by Livewire; 02-10-2011 at 03:13 PM.
TOS breakers will be suspended regardless of race, creed, national origin, hair color, or favorite food. Thanks for your understanding!
x10Hosting Member
This file is inside this folder that I script, because I've download from the site LINKREMOVED
Last edited by Livewire; 02-10-2011 at 03:18 PM.
Abuse Compliance Officer
I would advise NOT posting that link again. I just confirmed that site is distributing warez.
Chances are your wordpress install (assuming you got it from them) was illegally modified. The problem is YOU are responsible for everything on your account, period. Get wordpress from wordpress.org next time - it's free software, so you don't have to resort to a warez site to go get it :/
However, the problem still remains - it's a permanent suspension for putting all of x10hosting's members at risk with a shell script.
Last edited by Livewire; 02-10-2011 at 03:20 PM.
TOS breakers will be suspended regardless of race, creed, national origin, hair color, or favorite food. Thanks for your understanding!
Posting Permissions
