Updates for beta version are not working currently because some smart asses reported HFS as a trojan.
And with no respect for their customer, the web hosting (servage, where i hold dovedove.it) decided to suspend the account.
I'm spending a lot of time to get a solution to this.
Dear Massimo,
A Servage system administrator has made the following note to your account:
------- Note -------
admin note: please read this carefully
We inform you in the last notes about phishing sites in your account.
We were informed about similar phishing sites again.
next time of abuse we are abel to take a administrative fee of GBP 19.80 (see
http://www.servage.net/page/terms_of_service/)
remove the content and contact our support team for further steps!
-----------------------
Dear abuse team,
please help to close these offending viruses sites(1) so far.
status: As of 2010-08-08 05:29:53 CEST
http://support.clean-mx.de/clean-mx/viruses.php?email=abuse@servage.net&response=alive(for full uri, please scroll to the right end ...
We detected many active cases dated back to 2007, so please look at the date column below.
You may also subscribe to our MalwareWatch list
http://lists.clean-mx.com/cgi-bin/mailman/listinfo/viruswatchThis information has been generated out of our comprehensive real time database, tracking worldwide viruses URI's
most likely also affected pages for these ip may be found via passive dns
please have a look on these other domains correlated to these ip
example: see http://www.bfk.de/bfk_dnslogger.html?query=77.232.72.244
If your review this list of offending site, please do this carefully, pay attention for redirects also!
Also, please consider this particular machines may have a root kit installed !
So simply deleting some files or dirs or disabling cgi may not really solve the issue !
Advice: The appearance of a Virus Site on a server means that
someone intruded into the system. The server's owner should
disconnect and not return the system into service until an
audit is performed to ensure no data was lost, that all OS and
internet software is up to date with the latest security fixes,
and that any backdoors and other exploits left by the intruders
are closed. Logs should be preserved and analyzed and, perhaps,
the appropriate law enforcement agencies notified.
DO NOT JUST DELETE THE FILES. IF YOU DO NOT FIX THE SECURITY
PROBLEM, THEY WILL BE BACK!
You may forward my information to law enforcement, CERTs,
other responsible admins, or similar agencies.
+-----------------------------------------------------------------------------------------------
|date |id |virusname |ip |domain |Url|
+-----------------------------------------------------------------------------------------------
|2010-08-08 05:01:34 CEST |633454 |unknown_exe |77.232.72.244 |dovedove.it |http://www.dovedove.it/hfs/hfs265.exe
+-----------------------------------------------------------------------------------------------
------- Note -------
If you have questions or concerns kindly submit a support ticket via the control panel and we will get back to you as soon as possible. This can be done via the "Support & Notifications" link in control panel.
Best regards,
Your Team,
http://www.servage.netThis is an automated email. For questions or concerns kindly
open a support ticket via the control panel:
http://cp.servage.net/