Warning Messages From The Nobody Check Script
Apr 21, 2008
I am getting the following warning messages from the nobody check script by Webhostgear [url]
Warning: Malicious Nobody Process Found
=========================================
Options: kill bad proc=1 logging lvl=1
SCAN SUMMARY
========================================
Clean Processes: 12
DETECTED Malicious Processes: 1
DETECTION DETAILS
========================================
DETECTION: Process 7752 with name perl and path /usr/bin/perl
Process ID: 7752 has been killed
Restuls for PID: 7752
total 0
dr-xr-xr-x 3 nobody nobody 0 Apr 21 12:35 .
dr-xr-xr-x 1856 root root 0 Apr 2 16:12 ..
-r-------- 1 nobody nobody 0 Apr 21 13:00 auxv
-r--r--r-- 1 nobody nobody 0 Apr 21 12:35 cmdline
lrwxrwxrwx 1 nobody nobody 0 Apr 21 13:00 cwd -> /
-r-------- 1 nobody nobody 0 Apr 21 13:00 environ
lrwxrwxrwx 1 nobody nobody 0 Apr 21 12:35 exe -> /usr/bin/perl
dr-x------ 2 nobody nobody 0 Apr 21 12:36 fd
-r--r--r-- 1 nobody nobody 0 Apr 21 13:00 maps
-rw------- 1 nobody nobody 0 Apr 21 13:00 mem
-r--r--r-- 1 nobody nobody 0 Apr 21 13:00 mounts
-r-------- 1 nobody nobody 0 Apr 21 13:00 mountstats
lrwxrwxrwx 1 nobody nobody 0 Apr 21 13:00 root -> /
-r-------- 1 nobody nobody 0 Apr 21 13:00 smaps
-r--r--r-- 1 nobody nobody 0 Apr 21 12:35 stat
-r--r--r-- 1 nobody nobody 0 Apr 21 12:35 statm
-r--r--r-- 1 nobody nobody 0 Apr 21 12:35 status
dr-xr-xr-x 3 nobody nobody 0 Apr 21 13:00 task
-r--r--r-- 1 nobody nobody 0 Apr 21 13:00 wchan
Netstat:
Environ:
Server Admin action is required immediately.
View 9 Replies
ADVERTISEMENT
Apr 22, 2013
We have a reseler that wants his clients to receive the system warning and the account creation from a mail that he wants , not from the administrative mail that is default .
View 1 Replies
View Related
Feb 6, 2007
I have just noticed that for several days I'm constantly receiving these infos in /var/log/messages. I haven't done anything that would invoke them. How can I disable these messages? Are they anything to worry about?
Code:
Feb 6 14:28:18 server kernel: [<c014f600>] find_extend_vma+0x12/0x4f
Feb 6 14:28:18 server kernel: [<c0134383>] get_futex_key+0x39/0x108
Feb 6 14:28:18 server kernel: [<c011d305>] finish_task_switch+0x30/0x66
Feb 6 14:28:18 server kernel: [<c02cf618>] schedule+0x844/0x87a
Feb 6 14:28:18 server kernel: [<c027734b>] sys_socketcall+0x1df/0x1fb
Feb 6 14:28:18 server kernel: [<c0125bc5>] sys_gettimeofday+0x53/0xac
Feb 6 14:28:18 server kernel: [<c02d137f>] syscall_call+0x7/0xb
Feb 6 14:28:18 server kernel: [<c02d007b>] _read_lock_irq+0x4/0x1e
Feb 6 14:28:18 server kernel: Badness in dst_release at include/net/dst.h:149
Feb 6 14:28:18 server kernel: [<f8d8a555>] ip6_push_pending_frames+0x340/0x369 [ipv6]
Feb 6 14:28:18 server kernel: [<f8d9883f>] udp_v6_push_pending_frames+0x169/0x185 [ipv6]Badness in dst_release at include/net/dst.h:149
Feb 6 14:28:18 server kernel: [<c0278fa8>]
Feb 6 14:28:18 server kernel: [<f8d98e7d>] udpv6_sendmsg+0x622/0x770 [ipv6]
Feb 6 14:28:18 server kernel: [<c027a498>] __kfree_skb+0x55/0xf7
Feb 6 14:28:18 server kernel: [<c027e1b8>] skb_dequeue+0x40/0x46
Feb 6 14:28:18 server kernel: [<c027b009>] net_tx_action+0x60/0xfc
Feb 6 14:28:18 server kernel: [<c0126354>] skb_recv_datagram+0x61/0x9b
Feb 6 14:28:18 server kernel: [<c02b1ed7>] __do_softirq+0x4c/0xb1
Feb 6 14:28:18 server kernel: [<c010814b>] do_softirq+0x4f/0x56
Feb 6 14:28:18 server kernel: =======================
Feb 6 14:28:18 server kernel: [<c0107a60>] do_IRQ+0x1a2/0x1ae
Feb 6 14:28:18 server kernel: [<c02d1d3c>] udp_recvmsg+0x5f/0x271
Feb 6 14:28:18 server kernel: [<c02b7b35>] common_interrupt+0x18/0x20
Feb 6 14:28:18 server kernel: [<c02d007b>] inet_sendmsg+0x38/0x42
Feb 6 14:28:18 server kernel: [<c02757f5>] _read_lock_irq+0x4/0x1e
Feb 6 14:28:18 server kernel: sock_sendmsg+0xdb/0xf7
Feb 6 14:28:18 server kernel: [<c02757f5>] sock_sendmsg+0xdb/0xf7
Feb 6 14:28:18 server kernel: [<c011fee1>] autoremove_wake_function+0x0/0x2d
Feb 6 14:28:18 server kernel: [<c027a89e>] verify_iovec+0x76/0xc2
Feb 6 14:28:18 server kernel: [<c0276f44>] sys_sendmsg+0x1ee/0x23b
Feb 6 14:28:18 server kernel: [<c011cb7d>] activate_task+0x88/0x95
Feb 6 14:28:18 server kernel: [<c011d00a>] try_to_wake_up+0x225/0x230
Feb 6 14:28:18 server kernel: [<c011d00a>] try_to_wake_up+0x225/0x230
Feb 6 14:28:18 server kernel: [<c0170776>] inode_update_time+0x80/0x87
Feb 6 14:28:18 server kernel: [<c0164748>] pipe_writev+0x310/0x31c
Feb 6 14:28:18 server kernel: [<c02cf622>] schedule+0x84e/0x87a
Feb 6 14:28:18 server kernel: [<c027734b>] sys_socketcall+0x1df/0x1fb
Feb 6 14:28:18 server kernel: [<c0125bc5>] sys_gettimeofday+0x53/0xac
Feb 6 14:28:18 server kernel: [<c02d137f>] syscall_call+0x7/0xb
Feb 6 14:28:18 server kernel: [<c02d007b>] _read_lock_irq+0x4/0x1e
Feb 6 14:28:18 server kernel: Badness in dst_release at include/net/dst.h:149
Feb 6 14:28:18 server kernel: [<f8d98ef7>] udpv6_sendmsg+0x69c/0x770 [ipv6]
Feb 6 14:28:18 server kernel: [<c027a498>] skb_dequeue+0x40/0x46
Feb 6 14:28:18 server kernel: [<c027b009>] skb_recv_datagram+0x61/0x9b
Feb 6 14:28:18 server kernel: [<c02b1ed7>] udp_recvmsg+0x5f/0x271
Feb 6 14:28:18 server kernel: [<c02b7b35>] inet_sendmsg+0x38/0x42
Feb 6 14:28:18 server kernel: [<c02757f5>] sock_sendmsg+0xdb/0xf7
Feb 6 14:28:18 server kernel: [<c02757f5>] sock_sendmsg+0xdb/0xf7
Feb 6 14:28:18 server kernel: [<c011fee1>] autoremove_wake_function+0x0/0x2d
Feb 6 14:28:18 server kernel: [<c027a89e>] verify_iovec+0x76/0xc2
Feb 6 14:28:18 server kernel: [<c0276f44>] sys_sendmsg+0x1ee/0x23b
Feb 6 14:28:18 server kernel: [<c011cb7d>] activate_task+0x88/0x95
Feb 6 14:28:18 server kernel: [<c011d00a>] try_to_wake_up+0x225/0x230
Feb 6 14:28:18 server kernel: [<c011d00a>] try_to_wake_up+0x225/0x230
Feb 6 14:28:18 server kernel: [<c0170776>] inode_update_time+0x80/0x87
Feb 6 14:28:18 server kernel: [<c0164748>] pipe_writev+0x310/0x31c
Feb 6 14:28:18 server kernel: [<c02cf622>] schedule+0x84e/0x87a
Feb 6 14:28:18 server kernel: [<c027734b>] sys_socketcall+0x1df/0x1fb
Feb 6 14:28:18 server kernel: [<c0125bc5>] sys_gettimeofday+0x53/0xac
Feb 6 14:28:18 server kernel: [<c02d137f>] syscall_call+0x7/0xb
Feb 6 14:28:18 server kernel: [<c02d007b>] _read_lock_irq+0x4/0x1e
View 8 Replies
View Related
Jul 1, 2009
I would like to know how to check load via ssh and check files causing load?
I want the ssh codes for 2 different set of control panels, one with cpanel+whm and other with kloxo+hypervm
and I would also know how to check the files causing the load, such as some files could have been interrupted while processing, so they could be causing load some times, so I want to stop such processes if any are running on the vps on my friends accounts
View 5 Replies
View Related
Aug 9, 2008
A while ago i had signed up with the affiliate program of 3ix.com webhosting.
After a few months some commisiions had been confirmed insid their panel, when all of a sudden further access had been denied.
Since two months they keep on mailing lies such as the affilate manager will respond, we are working on it etc.
But now they no longer respond and it seems, that 3ix.com will be vanishing soon with more and more complaints arriving at the FBI internet fraud department.
Certainly not a host, that deserves any trust.
View 14 Replies
View Related
Mar 29, 2007
dnsreport(.com) displays this warning for my domain:
Quote:
WARNING: Your SOA (Start of Authority) record states that your master (primary) name server is: server1.[domain].com.. However, that server is not listed at the parent servers as one of your NS records! This is legal, but you should be sure that you know what you are doing.
Although I've created an SOA in my Windows DNS Console. Whats it then?
Also, it says:
Quote:
ERROR: I couldn't find any MX records for [domain].com. If you want to receive E-mail on this domain, you should have MX record(s). Without any MX records, mailservers should attempt to deliver mail to the A record for [domain].com. I can't continue in a case like this, so I'm assuming you don't receive mail on this domain.
Whereas I've already created an MX record - mail.[domain].com
View 4 Replies
View Related
Dec 12, 2007
around in cpanel and noticed a change in the Apache Update menu.
Also noticed this popup at the top of Easy::Apache v3.2.0 Build 3473
Quote:
Warning (VZ): You are only only guaranteed 496 Megabytes of ram! 512 Megabytes is recommended. ! Warning (VZ): You are only only guaranteed 227 Megabytes of ram when the system is out of ram! 512 Megabytes is recommended. ! Pre allocation testing was successfully able to allocate 90MB ! Ouput from '/bin/sh -c "ulimit -a"': core file size (blocks, -c) 262144 data seg size (kbytes, -d) unlimited file size (blocks, -f) unlimited max locked memory (kbytes, -l) 32 max memory size (kbytes, -m) 262144 open files (-n) 1024 pipe size (512 bytes, -p) 8 stack size (kbytes, -s) unlimited cpu time (seconds, -t) unlimited max user processes (-u) 71680 virtual memory (kbytes, -v) 262144
Currently using a 512MB VPS with CentOS
Anything is should be concerned about or am i not getting my full 512Mb VPS as i should be?
View 1 Replies
View Related
Mar 30, 2007
What does the #53 mean at the end of the following?
Code:
Mar 25 04:28:23 gamma named[9887]: lame server resolving 'xxxxx.com' (in 'xxxxx.com'?): 207.58.185.160#53
View 2 Replies
View Related
Jan 15, 2008
My opinion: Do NOT EVEN CONSIDER using HOSTGATOR.
My experience:
I signed up for their hosting on Sunday morning and completed payment for the first month using hostgators online payment system and paypal.
The payment was accepted and confirmed. An email was sent some time later confirming the account had been set up.
The email specified a user ID for cpanel as well as nameservers which I used to point two of my domains at the new hostgator account.
I used cpanel and FTP to set up the add-on domain, create some email accounts and upload content for the two domains (the same content as on the old servers which should now be shown k-free.co.uk and offshoreharry.com).
All appeared to work fine with no problems. I could use outlook to access email and the web sites were available on the new server (the old server was down).
A day and a half later, I WAS HORRIFIED TO SEE
- the emails accounts could not be accessed
- the cpanel user did not work
- Hostgator did not email me or attempt to contact me in any way to tell me there was an issue. (they had my valid mobile phone number - there are no unidentified calls in the period concerned).
- the web sites that had been pointed at hoistgator were showing a suspended message and spammy hostgator context ads. My non-spam mostly non-ads content had been uploaded to the hostgator account.
One of those domains is freeware software on a site with ZERO ADS that has never been moneterised and sometimes gets 100's of uniques a day.
HOSTGATOR WAS STEALING TRAFFIC FROM MY ad free unmonetized site and showing a nasty spammy ad page.
Not only was I rather angry but also amazed that any company would ever do this. Just think how you would feel if all your sites - pages were hijacked and showing some of the nasty ad pages.
My opinion: Do NOT EVEN CONSIDER using HOSTGATOR.
Checking my yahoo email, there was no email from hostgator saying my account had been suspended (if I hadn't checked it they would have continued stealing the traffic until I noticed).
The only email from hostgator was a request for a copy of my passport or utility bill! I am left wondering if they are really a front for an identity theft scam? I am rather unhappy that they have even my name - address - tel no - paypal email.
I obviously immediately changed the nameservers on the two domains back to the old servers. But since nameserver changes take upto 72 hours to fully propogator, hostgator could still be stealing some of my traffic now. The two sites contain nothing that any T+C I have ever seen would have any reason whatsoever to see as a problem. The two sites are k-free.co.uk and offshoreharry.com for anyone here who wishes to verify this claim.
Hostgator COULD be showing my content instead of their spammy ads - I uploaded it.
Hostgator was mentioned by a few on here and I thought them to be a big company who have a reputation to protect. Are you guys really comfortable with a company who behaves like this. Will they suddenly suspend your sites tomorrow and steal your traffic until you happen to notice?
I have requested to them that they provide access TO MY PERSONAL AND BUSINESS EMAILS on the email accounts I set up. I would also like any log data that was collected. I will report back here what the response to that (politely worded) request is. Giving me access to any email and log data that they have effectively kidnapped-stolen hardly makes amends for the wrong they have already done. Like any other victim of a common thief I may just have to accept that I lost something and will not see it again.
Additionally, search engine robots may have visited the sites and got 404s, any users who dropped by will certainly not be back, the damage caused is ongoing and difficult to fully quantify.
Hostgator did not email me or attempt to contact me (they had my valid mobile phone number). They did not tell me why the account was suspended and the trafic STOLEN. I have had web sites for 4-5 years and have never been involved in anything remotely dubious on the web. You can judge for yourself if there is any reason for them to do this [sites offshoreharry.com, k-free.co.uk]. I had sent at most 10 emails whilst testing the 3 or 4 email accounts I was creating.
Obviously I will never use hostgator or any related company.
My opinion: Do NOT EVEN CONSIDER using HOSTGATOR ... EVER.
View 21 Replies
View Related
Aug 17, 2008
I recently ran into some problems:
- They doesn't support custom installation of PHPMyAdmin on their servers (You MUST use their own admin panel/pre-installed PMA or activate remote connexions)
I'm not sure to understand why PMA doesn't work, but when you create a PHP Script, you must use "MYSQLHOST" as the server host, instead of the usual "localhost". I think that PMA doesn't use the mysql_connect way to connect to the database. So maybe they doesn't allow TCP or Socket connection.
Anyway, that said, if you don't need a custom installation of PMA, you're OK for that point.
- They doesn't support the PHP FreeTypeLib, if you plan to generate image with the GD lib and add some text into it, it may be hard to get a decent result. ( Here I'm thinking of anti-bot confirmation code )
- They doesn't offer any uptime guarantee, and they have no policy in case your server will encounter sporadic down time (just the one I used did for the past 2 weeks)
... And it would be so much a problem if they where offering a reliable service and/or if they where standing behind their costumers. For that, I've been a little deceived.
{
More about the down time experience:
So we have contacted the support team, who said that the site is working well at the moment where we called. They doesn't seem to understand what an intermittent problem is.
They said that, as they doesn't see the trouble at the time of the call, they canot do anything (I was expecting them to place an http probe/monitor or something)
They asked us to take a screenshot of our browser next time that we encounter a down time. ( yes, I'm NOT kidding... a screenshot ! That's what I call technical support
}
I'm not ready to say that they are a bad hosting service, but, they are a little special as you see.
View 3 Replies
View Related
May 2, 2009
This company has acquired a lot of smaller hosting companies over the last few years including budget only2dollars. Be warned they have ceased responding to support requests, none of the contact links work (even for sales) and they are not even responding to faxes. It is still possible to automatically purchase hosting via web forms of the companies they own. I could be wrong but it has all the hallmarks of a company in trouble and I would be very careful about purchasing any hosting with them until the situation becomes clearer.
View 4 Replies
View Related
Mar 16, 2009
It takes a lot to piss me off, and HostGator's done it. I opened an account with HostGator on behalf of a client of mine. Then the client decided he wanted to consolidate a few other web sites to the same server, so I opened a reseller account on HostGator and asked them to move the original account into the reseller account.
My client got billed for both the original (empty) account and the reseller account.
HostGator's sales account is refusing to refund my client the money for the original account saying that I neglected to fill out a "cancellation request" form. But, and perhaps this was silly of me, I assumed that when you move a hosting account into a reseller account, they'd close the original account. Or at least TELL you that you had to fill out a "cancellation request" form.
They're referring to some paragraph in my original "contract" with them that mentions this cancellation request form. So, they may be technically right, but it seems to me that asking for an account to be moved into a reseller account would constitute a cancellation request.
Now, let's give them the benefit of the doubt, and that I should have gone back to my original agreement with HostGator and noticed that I was obliged to fill out this cancellation request. Even so, I'm planning on canceling another account I have with them over this I'm so pissed. So by not refunding a lousy $14.95, they're losing a customer for life. Somehow that doesn't sound smart. And I'm so tired of dealing with stupid people or companies. I just won't do it. There are too many other web hosts out there for me to put up with this kind of attitude.
View 14 Replies
View Related
Jun 18, 2008
I ordered a server from fasthosts.co.uk in May after speaking to their sales over the phone. Once I had worked out that it was something that we could try I said that’s fine I will order it online. NO NO I was told I can order it for you here and set everything up for you. Great... I gave the girl I think her name was Flik or Flic from fasthosts all my details and she set everything up in a few hours. GREAT
Now here is the bad part...
Tried to cancel the server and have been told that it's a minimum term of 12 month. I have also been charged since then another £79.00. Called my credit card company to try and stop the transactions for now as you can't delete the details on the fasthost control panel.
I have email support so many times and also spoken to them on the phone. I have tried to speak to other managers but they keep saying that there is no ones available to talk to.
My main post is I was not told that this was a minimum of 12 months and would have never agreed to this. I did check when you sign up online and they do place the T&C's deep in their small print. I now know why the girl from Fasthosts wanted to take the order over the phone.
Here is my letter I send to them. Next step is ofcom but if you have any ideas please let me know.
Dear Fast Hosts
I am writing to you in regards to a server that I ordered over the phone with one of your sales people in April. As I recall her name was Flick and her contact number is 01452 561831.
I ordered this server to use as a back up for some of our company files and discussed this with your sales staff. We agreed that getting a Windows server was the best option for what we needed and the server was ordered over the phone.
We were not too sure if the server was what we needed but we thought that we would give it a go and see.
After a week or so I released that we didn’t really need the server as we could use our public folders with the exchange email service that we have with you and if we ran out of space I could always buy some more.
I sent an email to you on 30th May requesting cancellation and received an email back 2 days later advising me that it was a minimum one year’s contact. I have since sent several emails to your support and sales explaining that I was never told that this was a year contact as I ordered on the phone. I was not even told the price.
It's simple... How can I agree to those terms and conditions when I was not made aware of them? I would have never agreed or signed up for a year's contract. I have not used this server and only wanted to try it out. When I ordered over the phone I was never told that it was for a year. Your calls must be recorded and you can check.
I am a consultant for a large mobile operators call centre in ******* and this is poor service.
Please cancel this server and review your sales policies as they are against trading standards.
I also notified you about the cancellation on 30th May and was charged for another month on 4th June. Please arrange a refund for that month to avoid charge back. I am happy to pay the first months payment.
I have other services with Fast Host that I have had for several years. We are a web company and do recommend Fasthosts for UK hosting as we have had a great experience with you in the past.
The credit can be applied to our exchange hosting account domain gsynetwork.com and I believe that the username is ********
Regards
This is the type of reply you get back…… What a joke……
Further to your mail ,
All of our servers are subject to a 12 month minimum term , part of using this server is the acceptance of the terms of service which we operate subject to the normal cooling off periods associated with purchasing products and services over the phone or online. As you have gone beyond this period I cannot authorise the removal of this machine from contract.
View 14 Replies
View Related
Aug 5, 2008
At 6pm last night - more than 28 hours ago - my Dedicated Fasthosts server went down.
It's still down.
Despite more than 15 phone calls and several emails, they seem utterly incapable of fixing the problem.
The system drive apparently failed and was replaced today with a new drive. I then rebuilt the Linux Fedora Core and Fasthosts proceeded to add the faulty drive to the server - at my request.
However, after confirming that the drives had been installed and that the server was ready for use, guess what?
It's still down.
So not only do I currently not have a website, but my developer cannot access the failed drive in order to see what can be recovered.
I'm at the point of telling Fasthosts to stick it, but I'm not going to do that because it's their responsibility to fix their hardware and provide the service I've been paying for since 2006.
That being the case, can anyone recommend what steps I should take next in order to hold Fasthosts to account.
View 13 Replies
View Related
Nov 18, 2008
I would just like to give you a little warning about justhost.com. This is my experience, but I think I was just very unlucky.
I signed up last Thursday, everything seemed to be great. When signing up it said that everything will be setup within 24 hours. The money was withdrawn and I got a confirmation email from paypal.
After 30 hours I still haven't heard anything from the justhost. I checked a whois for the domain I had signed up for; it still wasn't registered. I chatted with one of their agents. I have mixed thoughts about the agents. They respond really quickly which is great, but they don't seem to have any privileges to do anything. They will only answer your questions and they will tell you who to email if something is needed to be done (from my experience).
The agent said that I should email their billing section. So I emailed them, but I didn't get any response to that ticket.
After 3 days I talked to an agent again. Same story; email billing. But they said everything will be setup within the next 24 hours. I emailed them again...
After 4 days (still nothing had happened) I talked to an agent again. He said he can't find the information about me. So I patiently emailed them my info again.
After 5 days I talk to an agent once again. I started asking why nothing has happened.
After I started getting a little angry over the chat (because nothing was happening) he shut down the conversation.
I then emailed their billing team to say I want a full refund. The refunding worked better than I would expect (since nothing had worked before). My money was refunded on paypal about 24 hours later. They apologized in the email and said that this is very unusual.
I feel that it's very unprofessional to charge a customers credit card and then lose the information about the customer and not doing anything about it.
View 11 Replies
View Related
May 28, 2007
Noticed that inside WHM>>Add Ons>>Mod Security, there is an entry with date, ip and this message: Access denied with code 406. Error normalising REQUEST_URI: Invalid URL encoding detected: not enough characters
View 1 Replies
View Related
Mar 21, 2007
Ive been getting the following System Warning every hour since I set the server up 5 days ago and Google hasn't been a lot of help in tracking down what it means and if I should be concerned. Im hoping someone here can point me in the right direction. Im running Windows 2003 Web Edition.
Quote:
Event Type:Warning
Event Source:LSASRV
Event Category:SPNEGO (Negotiator)
Event ID:40960
Date:3/20/2007
Time:7:45:33 PM
User:N/A
Computer:B02S08MR
Description:
The Security System detected an authentication error for the server DNS/ns.ufcom.com. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
(0xc000005e)".
For more information, see Help and Support Center at
[url]
Data:
0000: 5e 00 00 c0
View 6 Replies
View Related
Feb 8, 2007
This morning I started my PC to find a little icon in the taskbar of my pc. It looked like a shield and showed a popup message with the contect
"Your computer is infected
Windows has detected spyware infection which corrupted the registry.
It is recommended to load update to prevent data loss
Windows will now download and install the most up-to-date software for you.
Click here to protect your computer"
Note that the text above was typed exactly as shown on the screen. The explanations within this registry cleaner from sysregistry.com contains broken english bits and peaces.
So I did what probably most users do and clicked on it. The tool then downloads itself and starts up.
Later when I looked at my C drive I found also other software that was downloaded (at the same time)
twxi.exe
qcfvf.exe
dlkxp.exe
jelwtpj.exe
xvggujq.exe
mbvesb.exe
jrobixo.exe
The software would redirect you to the homepage at sysregistry.com where you can conviniently pay with your CC card. ;-)
First of all I dont recall having personally invited this peace of software to sit down on my pc, so I certainly didnt feel like inputting my cc details on their homepage.
What I did is try some free or shareware tools that took care of that problem.
I wanted to research more, but the Whois DNS doesnt seem to work right now.
View 4 Replies
View Related
Jun 4, 2007
I have a site hosted on a vds with Godaddy. For the past couple of months, every single day I get at least 12 emails coming though with the subject title -
'Status warning from ip-218-119-109-95.ip.secureserver.net'
each email reads something as follows -
System integrity monitor on ip-218-119-109-95.ip.secureserver.net has taken action in responce to an event. Recent event logs are enclosed below for your inspection. There has been 10 events today, if an average of 8 events is reached, e-mail alerts will be terminated for the duration of the day.
>
> - Events Summary:
> Total event count: 10
> Average event count: 3
>
> - Service Summary:
> HTTP [restarted - 8 events]
> DNS [online - 1 events]
> MYSQL [online - 1 events]
>
> - System Summary:
> No system modules enabled - edit conf.sim
>
Can anyone tell me what on earth these emails mean? I don't get much sense out of Godaddy when I ask, they just state it is a monitoring system in place. I really would like to know what all these emails refer to? is it a regular happening, or something to be worried about, or what the heck do they mean?
Would really appreciate if you don't be too technical in your answer as I'm not too familiar with a lot of hosting issues. (Also please note I have altered the ip address in the email details for privacy reasons).
Basically all i want to know is this something I should be worried about?
View 4 Replies
View Related
Jun 6, 2007
first time I discovered the issue and I am not happy about it at all.
I was moving three of my largest sites over to a new server after performing a full cPanel backup of them completly and then FTP'ed the backups over and restored them in WHM on a new server; however, NONE of the MySQL data was saved. Now at this point I was not really worried because I knew I had weekly and daily backups so at most I was going to lose 1 month of SQL.
come to find out, NONE of the weekly or daily backups had the SQL eaither despite the fact that they are instructed to backup everyting. This leaves me with only three month old backups for these huge websites that are getting 2million+ hits a day.
Basically, I'm done.
I relied on cPanel/WHM to perform full backups which it did not. I followed all the procedures about having backups offi site and whatnot, but NONE of them have the SQL.
I am very upset, perturbed, and disappointed with the new cPanel/WHM and never should have upgraded.
I suggest anyone using it to do your own backups and do not rely on cPanel/WHM despite how tempting it may be.
my one mistake was to delete the websites off the server before they were fully restored (just so I would not have to turn off DNS clustering and whatnot). I should have checked if they were up working on the server before I deleted them off the old one. (Although I kept all the backups so I figured that would be enough).
View 5 Replies
View Related
May 21, 2007
I have a problem on my dedicated server, the boot is at 99% but i am not sure
how to fix this problem.
The server runs centos 4.5 final.
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 228G 17G 199G 8% /
/dev/sda1 31M 29M 492K 99% /boot
View 7 Replies
View Related
Nov 6, 2007
I have got these message....is something that i must worry?
server500.hostline.gr : Nov 6 11:07:53 : sugar : user NOT in sudoers ; TTY=pts/0 ; PWD=/home/sugar/public_html/components/ebygallery ; USER=root ; COMMAND=/bin/mkdir Carnival2006
and second how i can give all he privelleges for example to user sugar to have the ability in his account to create,delete all his folders...?
View 3 Replies
View Related
Oct 13, 2009
I need to backup some emails from my VPS, Can you please tell me where my emails are stored, I have a VPS running CENTOS, PLESK and POSTFIX mail server.
View 1 Replies
View Related
Aug 16, 2007
My messages logs are full with the following:
Aug 16 05:45:08 sml101 sshd(pam_unix)[23100]: check pass; user unknown
Aug 16 05:45:08 sml101 sshd(pam_unix)[23100]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.176.1$
Aug 16 05:45:13 sml101 sshd(pam_unix)[23119]: check pass; user unknown
Aug 16 05:45:15 sml101 sshd(pam_unix)[23119]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.176.1$
Aug 16 05:45:18 sml101 sshd(pam_unix)[23161]: check pass; user unknown
Aug 16 05:45:18 sml101 sshd(pam_unix)[23161]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.176.1$
Aug 16 05:45:21 sml101 sshd(pam_unix)[23178]: check pass; user unknown
Aug 16 05:45:21 sml101 sshd(pam_unix)[23178]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.176.1$
Aug 16 05:45:24 sml101 sshd(pam_unix)[23187]: check pass; user unknown
Aug 16 05:45:24 sml101 sshd(pam_unix)[23187]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.176.1$
Aug 16 05:45:27 sml101 sshd(pam_unix)[23235]: check pass; user unknown
Aug 16 05:45:27 sml101 sshd(pam_unix)[23235]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.176.1$
Aug 16 05:45:29 sml101 sshd(pam_unix)[23249]: check pass; user unknown
Aug 16 05:45:29 sml101 sshd(pam_unix)[23249]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.176.1$
Aug 16 05:45:32 sml101 sshd(pam_unix)[23262]: check pass; user unknown
Aug 16 05:45:32 sml101 sshd(pam_unix)[23262]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.176.1$
Aug 16 05:45:35 sml101 sshd(pam_unix)[23283]: check pass; user unknown
Aug 16 05:45:35 sml101 sshd(pam_unix)[23283]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.176.1$
Aug 16 05:45:38 sml101 sshd(pam_unix)[23307]: check pass; user unknown
Aug 16 05:45:38 sml101 sshd(pam_unix)[23307]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.176.1$
Aug 16 05:45:40 sml101 sshd(pam_unix)[23321]: check pass; user unknown
Aug 16 05:45:40 sml101 sshd(pam_unix)[23321]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.176.1$
View 6 Replies
View Related
May 11, 2008
Do you get a warning mail before you are about to cross your bundled data transfer limit?
I read in some post that it is user's responsibility to monitor bandwidth usage... But i think client has the right to know before he is about to consume his bandwidth limit...
probably alerts like.. you have consumed 80%/90%/95%/98%/99% of ur bandwidth limit.. Isn't it fair to expect this?
View 12 Replies
View Related
May 1, 2009
I have been seeing this error in my apache error log for a while
Quote:
WARNING: MaxClients of 1024 exceeds ServerLimit value of 10 servers,
lowering MaxClients to 10. To increase, please see the ServerLimit
directive.
why apache give out this warning, when its configured as "ServerLimit 1024" in httpd.conf
Quote:
<IfModule prefork.c>
StartServers 10
MinSpareServers 5
MaxSpareServers 75
ServerLimit 1024
MaxClients 1024
MaxRequestsPerChild 1000
</IfModule>
View 14 Replies
View Related
Jun 6, 2008
I ran my mail server through an SMTP diagnostic tool at:
And the one warning it gave was "WARNING! Your server could be an open relay."
This was for an out-of-the-box cpanel/exim configuration on a dedicated server. Can someone help me understand how this warning is detected/tested for, and what I can do to resolve it? My understanding was that cpanel will not set up an open relay by default?
View 4 Replies
View Related
Jun 14, 2008
I getting error from cpanel now about possible hard drive failure.First it was only secondary disk,so i send request to support to ask them why is that happening and they said it is just temperature warning,but they still checked disk.Testing took 3 hours,and support said everything is ok.
But now i start to receive again that message,and now not just secondary disk,also primary disk.So what should i do,should i just ignore that error considering now is summer and it's hot or contact support again?I am in that dilema beacuse if support will test disk that require offline testing and means server will be down again,and now even longer beacuse of both disk warning,and again if they realy fail then i will lost all data and experience much longer downtime.
Here is message which i getting: ...
View 1 Replies
View Related
May 17, 2008
We have CentOS 4 and whm 11 on the server
We are getting following error while we view the awstats.
WARNING: LastLine parameter in history file is '20080518001148' so in future. May be you need to correct manually the line LastLine in some awstats*.domain.com .conf files.
is there anything to run on server to fix this issue globally as we are facing this for all domains on server.
Also in the awstats configuration file of the website(awstats.domain.com.conf). when we make the value
WarningMessages = 0
then the error gets fixed.
But after running /scripts/runweblogs < username > the value of WarningMessages again come back to 1
WarningMessages=1
and we again see the above Warning message in the awstats webpage.
View 4 Replies
View Related
Aug 3, 2008
My server lfd warning email sends warning everyday to root@hostname.server.com
How can I change that e-mail to my own email? (Runs on cPanel/WHM)
View 1 Replies
View Related