[ SEA-GHOST MINI SHELL]
Apr 23 2024 16:59:56 cp41 maldet(7997): {sigup} performing signature update check...
Apr 23 2024 16:59:56 cp41 maldet(7997): {sigup} local signature set is version 20230331490193
Apr 23 2024 16:59:56 cp41 maldet(7997): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 23 2024 16:59:56 cp41 maldet(7997): {sigup} new signature set 202404221487421 available
Apr 23 2024 16:59:56 cp41 maldet(7997): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 23 2024 16:59:57 cp41 maldet(7997): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 23 2024 16:59:57 cp41 maldet(7997): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 23 2024 16:59:57 cp41 maldet(7997): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 23 2024 16:59:57 cp41 maldet(7997): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 23 2024 16:59:57 cp41 maldet(7997): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 23 2024 16:59:58 cp41 maldet(7997): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 23 2024 16:59:58 cp41 maldet(7997): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 23 2024 16:59:58 cp41 maldet(7997): {sigup} verified md5sum of maldet-clean.tgz
Apr 23 2024 16:59:58 cp41 maldet(7997): {sigup} unpacked and installed maldet-clean.tgz
Apr 23 2024 16:59:58 cp41 maldet(7997): {sigup} signature set update completed
Apr 23 2024 16:59:58 cp41 maldet(7997): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 23 2024 16:59:58 cp41 maldet(8238): {update} checking for available updates...
Apr 23 2024 16:59:58 cp41 maldet(8238): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 23 2024 16:59:58 cp41 maldet(8238): {update} hashing install files and checking against server...
Apr 23 2024 16:59:59 cp41 maldet(8238): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 23 2024 16:59:59 cp41 maldet(8238): {update} latest version already installed.
Apr 23 2024 16:59:59 cp41 maldet(8388): {sigup} performing signature update check...
Apr 23 2024 16:59:59 cp41 maldet(8388): {sigup} local signature set is version 202404221487421
Apr 23 2024 16:59:59 cp41 maldet(8388): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 23 2024 16:59:59 cp41 maldet(8388): {sigup} latest signature set already installed
Apr 24 2024 03:34:57 cp41 maldet(18147): {update} checking for available updates...
Apr 24 2024 03:34:58 cp41 maldet(18147): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 24 2024 03:34:58 cp41 maldet(18147): {update} hashing install files and checking against server...
Apr 24 2024 03:34:58 cp41 maldet(18147): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 24 2024 03:34:58 cp41 maldet(18147): {update} latest version already installed.
Apr 24 2024 03:34:59 cp41 maldet(18308): {sigup} performing signature update check...
Apr 24 2024 03:34:59 cp41 maldet(18308): {sigup} local signature set is version 202404221487421
Apr 24 2024 03:34:59 cp41 maldet(18308): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 24 2024 03:35:00 cp41 maldet(18308): {sigup} latest signature set already installed
Apr 24 2024 03:35:00 cp41 maldet(18427): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 24 2024 03:35:02 cp41 maldet(18427): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 24 2024 03:35:02 cp41 maldet(18427): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Apr 24 2024 03:35:02 cp41 maldet(18427): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 24 2024 03:35:02 cp41 maldet(18427): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Apr 24 2024 07:00:16 cp41 maldet(18427): {scan} file list completed in 12314s, found 334 files...
Apr 24 2024 07:00:16 cp41 maldet(18427): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 24 2024 07:00:16 cp41 maldet(18427): {scan} scan of (334 files) in progress...
Apr 24 2024 07:00:32 cp41 maldet(18427): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Core/Dashboard_Sharing/GoogleSpell
Apr 24 2024 07:00:32 cp41 maldet(18427): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/IXR/adminupevents
Apr 24 2024 07:00:33 cp41 maldet(18427): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/social-links/copyescape
Apr 24 2024 07:00:33 cp41 maldet(18427): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/navigation/class.ticket
Apr 24 2024 07:00:33 cp41 maldet(18427): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/saturnst/public_html/cache/e/f/d/b/index.php
Apr 24 2024 07:00:33 cp41 maldet(18427): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/cache/g/c/d/f/index.php
Apr 24 2024 07:00:33 cp41 maldet(18427): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/saturnst/public_html/zfcfmushd.php
Apr 24 2024 07:00:33 cp41 maldet(18427): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/rw_common__a669bee/themes/i_con/css/slogan_font/item.php
Apr 24 2024 07:00:33 cp41 maldet(18427): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/wp-admin/network.php
Apr 24 2024 07:00:33 cp41 maldet(18427): {scan} scan completed on : files 334, malware hits 9, cleaned hits 0, time 12333s
Apr 24 2024 07:00:33 cp41 maldet(18427): {scan} scan report saved, to view run: maldet --report 240424-0335.18427
Apr 24 2024 07:00:33 cp41 maldet(18427): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240424-0335.18427
Apr 25 2024 03:15:43 cp41 maldet(21595): {update} checking for available updates...
Apr 25 2024 03:15:43 cp41 maldet(21595): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 25 2024 03:15:43 cp41 maldet(21595): {update} hashing install files and checking against server...
Apr 25 2024 03:15:44 cp41 maldet(21595): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 25 2024 03:15:44 cp41 maldet(21595): {update} latest version already installed.
Apr 25 2024 03:15:44 cp41 maldet(21738): {sigup} performing signature update check...
Apr 25 2024 03:15:44 cp41 maldet(21738): {sigup} local signature set is version 202404221487421
Apr 25 2024 03:15:44 cp41 maldet(21738): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 25 2024 03:15:44 cp41 maldet(21738): {sigup} latest signature set already installed
Apr 25 2024 03:15:45 cp41 maldet(21861): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 25 2024 03:15:46 cp41 maldet(21861): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 25 2024 03:15:46 cp41 maldet(21861): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Apr 25 2024 03:15:46 cp41 maldet(21861): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 25 2024 03:15:46 cp41 maldet(21861): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Apr 25 2024 04:42:35 cp41 maldet(21861): {scan} file list completed in 5209s, found 122 files...
Apr 25 2024 04:42:35 cp41 maldet(21861): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 25 2024 04:42:35 cp41 maldet(21861): {scan} scan of (122 files) in progress...
Apr 25 2024 04:42:38 cp41 maldet(21861): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Apr 25 2024 04:42:38 cp41 maldet(21861): {scan} scan completed on : files 122, malware hits 0, cleaned hits 0, time 5213s
Apr 25 2024 04:42:38 cp41 maldet(21861): {scan} scan report saved, to view run: maldet --report 240425-0315.21861
Apr 26 2024 03:42:58 cp41 maldet(32698): {update} checking for available updates...
Apr 26 2024 03:42:59 cp41 maldet(32698): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 26 2024 03:42:59 cp41 maldet(32698): {update} hashing install files and checking against server...
Apr 26 2024 03:42:59 cp41 maldet(32698): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 26 2024 03:42:59 cp41 maldet(32698): {update} latest version already installed.
Apr 26 2024 03:42:59 cp41 maldet(373): {sigup} performing signature update check...
Apr 26 2024 03:42:59 cp41 maldet(373): {sigup} local signature set is version 202404221487421
Apr 26 2024 03:43:00 cp41 maldet(373): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 26 2024 03:43:00 cp41 maldet(373): {sigup} new signature set 202404252278094 available
Apr 26 2024 03:43:00 cp41 maldet(373): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 26 2024 03:43:00 cp41 maldet(373): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 26 2024 03:43:01 cp41 maldet(373): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 26 2024 03:43:01 cp41 maldet(373): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 26 2024 03:43:01 cp41 maldet(373): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 26 2024 03:43:01 cp41 maldet(373): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 26 2024 03:43:01 cp41 maldet(373): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 26 2024 03:43:02 cp41 maldet(373): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 26 2024 03:43:03 cp41 maldet(373): {sigup} verified md5sum of maldet-clean.tgz
Apr 26 2024 03:43:03 cp41 maldet(373): {sigup} unpacked and installed maldet-clean.tgz
Apr 26 2024 03:43:03 cp41 maldet(373): {sigup} signature set update completed
Apr 26 2024 03:43:03 cp41 maldet(373): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 26 2024 03:43:03 cp41 maldet(651): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 26 2024 03:43:04 cp41 maldet(651): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 26 2024 03:43:04 cp41 maldet(651): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Apr 26 2024 03:43:04 cp41 maldet(651): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 26 2024 03:43:04 cp41 maldet(651): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Apr 26 2024 06:50:44 cp41 maldet(651): {scan} file list completed in 11260s, found 301 files...
Apr 26 2024 06:50:44 cp41 maldet(651): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 26 2024 06:50:44 cp41 maldet(651): {scan} scan of (301 files) in progress...
Apr 26 2024 06:50:49 cp41 maldet(651): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/plugins/charmap/conditions
Apr 26 2024 06:50:49 cp41 maldet(651): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sodium_compat/src/Core/SecretStream/newadminuser
Apr 26 2024 06:50:49 cp41 maldet(651): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/form2mail
Apr 26 2024 06:50:49 cp41 maldet(651): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentytwo/assets/2cols2lines
Apr 26 2024 06:50:49 cp41 maldet(651): {scan} scan completed on : files 301, malware hits 4, cleaned hits 0, time 11266s
Apr 26 2024 06:50:49 cp41 maldet(651): {scan} scan report saved, to view run: maldet --report 240426-0343.651
Apr 26 2024 06:50:49 cp41 maldet(651): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240426-0343.651
Apr 27 2024 03:38:10 cp41 maldet(17668): {update} checking for available updates...
Apr 27 2024 03:38:10 cp41 maldet(17668): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 27 2024 03:38:10 cp41 maldet(17668): {update} hashing install files and checking against server...
Apr 27 2024 03:38:10 cp41 maldet(17668): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 27 2024 03:38:10 cp41 maldet(17668): {update} latest version already installed.
Apr 27 2024 03:38:10 cp41 maldet(17811): {sigup} performing signature update check...
Apr 27 2024 03:38:10 cp41 maldet(17811): {sigup} local signature set is version 202404252278094
Apr 27 2024 03:38:11 cp41 maldet(17811): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 27 2024 03:38:11 cp41 maldet(17811): {sigup} latest signature set already installed
Apr 27 2024 03:38:11 cp41 maldet(17932): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 27 2024 03:38:12 cp41 maldet(17932): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 27 2024 03:38:12 cp41 maldet(17932): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Apr 27 2024 03:38:12 cp41 maldet(17932): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 27 2024 03:38:12 cp41 maldet(17932): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Apr 27 2024 04:57:33 cp41 maldet(17932): {scan} file list completed in 4761s, found 308 files...
Apr 27 2024 04:57:33 cp41 maldet(17932): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 27 2024 04:57:33 cp41 maldet(17932): {scan} scan of (308 files) in progress...
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/sodium_compat/src/Core32/Curve25519/Ge/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/block/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/.well-known/pki-validation/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2020/03/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/apiclient-services/src/SiteVerification/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/apiclient-services/src/PeopleService/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/apiclient-services/src/Analytics/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/block-patterns/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sodium_compat/src/PHP52/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/site-title/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-admin/css/colors/modern/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/tinymce/plugins/image/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/navigation-link/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/gallery/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/mediaelement/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/sitemaps/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/more/events_results
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/post-navigation-link/phocagalleryc
Apr 27 2024 04:57:40 cp41 maldet(17932): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/blog/cbna/index.php
Apr 27 2024 04:57:41 cp41 maldet(17932): {scan} scan completed on : files 308, malware hits 20, cleaned hits 0, time 4769s
Apr 27 2024 04:57:41 cp41 maldet(17932): {scan} scan report saved, to view run: maldet --report 240427-0338.17932
Apr 27 2024 04:57:41 cp41 maldet(17932): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240427-0338.17932
Apr 28 2024 03:47:39 cp41 maldet(32443): {update} checking for available updates...
Apr 28 2024 03:47:40 cp41 maldet(32443): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 28 2024 03:47:40 cp41 maldet(32443): {update} hashing install files and checking against server...
Apr 28 2024 03:47:40 cp41 maldet(32443): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 28 2024 03:47:40 cp41 maldet(32443): {update} latest version already installed.
Apr 28 2024 03:47:41 cp41 maldet(32605): {sigup} performing signature update check...
Apr 28 2024 03:47:41 cp41 maldet(32605): {sigup} local signature set is version 202404252278094
Apr 28 2024 03:47:41 cp41 maldet(32605): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 28 2024 03:47:42 cp41 maldet(32605): {sigup} latest signature set already installed
Apr 28 2024 03:47:42 cp41 maldet(32730): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 28 2024 03:47:44 cp41 maldet(32730): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 28 2024 03:47:44 cp41 maldet(32730): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Apr 28 2024 03:47:44 cp41 maldet(32730): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 28 2024 03:47:44 cp41 maldet(32730): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Apr 28 2024 05:58:37 cp41 maldet(32730): {scan} file list completed in 7853s, found 286 files...
Apr 28 2024 05:58:37 cp41 maldet(32730): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 28 2024 05:58:37 cp41 maldet(32730): {scan} scan of (286 files) in progress...
Apr 28 2024 05:58:47 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/plugins/wpgallery/home_30june10
Apr 28 2024 05:58:47 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/sodium_compat/namespaced/Core/phpunsharpmask
Apr 28 2024 05:58:47 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/gallery/theme_right.css
Apr 28 2024 05:58:47 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Modules/Ads/staff_buttonsEN
Apr 28 2024 05:58:47 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sodium_compat/src/Core32/Curve25519/Ge/home_30june10
Apr 28 2024 05:58:48 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/paragraph/home_30june10
Apr 28 2024 05:58:48 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-admin/css/colors/ocean/home_30june10
Apr 28 2024 05:58:48 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/css/dist/components/home_30june10
Apr 28 2024 05:58:48 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/css/dist/block-directory/home_30june10
Apr 28 2024 05:58:48 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/sodium_compat/src/Core32/Curve25519/Ge/home_30june10
Apr 28 2024 05:58:48 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/plugins/wordpress/home_30june10
Apr 28 2024 05:58:48 cp41 maldet(32730): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/term-description/home_30june10
Apr 28 2024 05:58:48 cp41 maldet(32730): {scan} scan completed on : files 286, malware hits 12, cleaned hits 0, time 7866s
Apr 28 2024 05:58:48 cp41 maldet(32730): {scan} scan report saved, to view run: maldet --report 240428-0347.32730
Apr 28 2024 05:58:48 cp41 maldet(32730): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240428-0347.32730
Apr 29 2024 03:52:29 cp41 maldet(8476): {update} checking for available updates...
Apr 29 2024 03:52:31 cp41 maldet(8476): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 29 2024 03:52:31 cp41 maldet(8476): {update} hashing install files and checking against server...
Apr 29 2024 03:52:31 cp41 maldet(8476): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 29 2024 03:52:31 cp41 maldet(8476): {update} latest version already installed.
Apr 29 2024 03:52:31 cp41 maldet(8623): {sigup} performing signature update check...
Apr 29 2024 03:52:31 cp41 maldet(8623): {sigup} local signature set is version 202404252278094
Apr 29 2024 03:52:31 cp41 maldet(8623): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 29 2024 03:52:33 cp41 maldet(8623): {sigup} new signature set 202404283053210 available
Apr 29 2024 03:52:33 cp41 maldet(8623): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 29 2024 03:52:33 cp41 maldet(8623): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 29 2024 03:52:33 cp41 maldet(8623): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 29 2024 03:52:33 cp41 maldet(8623): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 29 2024 03:52:34 cp41 maldet(8623): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 29 2024 03:52:34 cp41 maldet(8623): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 29 2024 03:52:34 cp41 maldet(8623): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 29 2024 03:52:36 cp41 maldet(8623): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 29 2024 03:52:37 cp41 maldet(8623): {sigup} verified md5sum of maldet-clean.tgz
Apr 29 2024 03:52:37 cp41 maldet(8623): {sigup} unpacked and installed maldet-clean.tgz
Apr 29 2024 03:52:37 cp41 maldet(8623): {sigup} signature set update completed
Apr 29 2024 03:52:37 cp41 maldet(8623): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 29 2024 03:52:37 cp41 maldet(8906): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 29 2024 03:52:38 cp41 maldet(8906): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 29 2024 03:52:38 cp41 maldet(8906): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Apr 29 2024 03:52:38 cp41 maldet(8906): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 29 2024 03:52:38 cp41 maldet(8906): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Apr 29 2024 06:46:44 cp41 maldet(8906): {scan} file list completed in 10446s, found 172 files...
Apr 29 2024 06:46:44 cp41 maldet(8906): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 29 2024 06:46:44 cp41 maldet(8906): {scan} scan of (172 files) in progress...
Apr 29 2024 06:46:52 cp41 maldet(8906): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/style-engine/HTMLDefinition
Apr 29 2024 06:46:53 cp41 maldet(8906): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentyfour/functions.admin
Apr 29 2024 06:46:53 cp41 maldet(8906): {scan} scan completed on : files 172, malware hits 2, cleaned hits 0, time 10456s
Apr 29 2024 06:46:53 cp41 maldet(8906): {scan} scan report saved, to view run: maldet --report 240429-0352.8906
Apr 29 2024 06:46:53 cp41 maldet(8906): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240429-0352.8906
Apr 30 2024 03:29:00 cp41 maldet(19436): {update} checking for available updates...
Apr 30 2024 03:29:00 cp41 maldet(19436): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 30 2024 03:29:00 cp41 maldet(19436): {update} hashing install files and checking against server...
Apr 30 2024 03:29:01 cp41 maldet(19436): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 30 2024 03:29:01 cp41 maldet(19436): {update} latest version already installed.
Apr 30 2024 03:29:01 cp41 maldet(19592): {sigup} performing signature update check...
Apr 30 2024 03:29:01 cp41 maldet(19592): {sigup} local signature set is version 202404283053210
Apr 30 2024 03:29:01 cp41 maldet(19592): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 30 2024 03:29:02 cp41 maldet(19592): {sigup} latest signature set already installed
Apr 30 2024 03:29:02 cp41 maldet(19733): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 30 2024 03:29:07 cp41 maldet(19733): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 30 2024 03:29:07 cp41 maldet(19733): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Apr 30 2024 03:29:07 cp41 maldet(19733): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 30 2024 03:29:07 cp41 maldet(19733): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Apr 30 2024 05:38:33 cp41 maldet(19733): {scan} file list completed in 7766s, found 227 files...
Apr 30 2024 05:38:33 cp41 maldet(19733): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 30 2024 05:38:33 cp41 maldet(19733): {scan} scan of (227 files) in progress...
Apr 30 2024 05:38:47 cp41 maldet(19733): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/plugins/tabfocus/captcha_qa
Apr 30 2024 05:38:47 cp41 maldet(19733): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/plugins/wordpress/aboutme.preview
Apr 30 2024 05:38:48 cp41 maldet(19733): {scan} scan completed on : files 227, malware hits 2, cleaned hits 0, time 7785s
Apr 30 2024 05:38:48 cp41 maldet(19733): {scan} scan report saved, to view run: maldet --report 240430-0329.19733
Apr 30 2024 05:38:48 cp41 maldet(19733): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240430-0329.19733
May 01 2024 03:34:49 cp41 maldet(32704): {update} checking for available updates...
May 01 2024 03:34:50 cp41 maldet(32704): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 01 2024 03:34:50 cp41 maldet(32704): {update} hashing install files and checking against server...
May 01 2024 03:34:50 cp41 maldet(32704): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 01 2024 03:34:50 cp41 maldet(32704): {update} latest version already installed.
May 01 2024 03:34:50 cp41 maldet(385): {sigup} performing signature update check...
May 01 2024 03:34:50 cp41 maldet(385): {sigup} local signature set is version 202404283053210
May 01 2024 03:34:51 cp41 maldet(385): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 01 2024 03:34:51 cp41 maldet(385): {sigup} latest signature set already installed
May 01 2024 03:34:51 cp41 maldet(509): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 01 2024 03:34:53 cp41 maldet(509): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 01 2024 03:34:53 cp41 maldet(509): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 01 2024 03:34:53 cp41 maldet(509): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 01 2024 03:34:53 cp41 maldet(509): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 01 2024 06:07:43 cp41 maldet(509): {scan} file list completed in 9170s, found 190 files...
May 01 2024 06:07:43 cp41 maldet(509): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 01 2024 06:07:43 cp41 maldet(509): {scan} scan of (190 files) in progress...
May 01 2024 06:07:49 cp41 maldet(509): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/plugins/akismet/_inc/payment.bak
May 01 2024 06:07:51 cp41 maldet(509): {hit} malware hit {HEX}php.mailer.Mzh.557 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/8d6fe6aee4.php
May 01 2024 06:07:51 cp41 maldet(509): {scan} scan completed on : files 190, malware hits 2, cleaned hits 0, time 9180s
May 01 2024 06:07:51 cp41 maldet(509): {scan} scan report saved, to view run: maldet --report 240501-0334.509
May 01 2024 06:07:51 cp41 maldet(509): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240501-0334.509
May 02 2024 03:36:07 cp41 maldet(31085): {update} checking for available updates...
May 02 2024 03:36:07 cp41 maldet(31085): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 02 2024 03:36:07 cp41 maldet(31085): {update} hashing install files and checking against server...
May 02 2024 03:36:07 cp41 maldet(31085): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 02 2024 03:36:07 cp41 maldet(31085): {update} latest version already installed.
May 02 2024 03:36:07 cp41 maldet(31250): {sigup} performing signature update check...
May 02 2024 03:36:08 cp41 maldet(31250): {sigup} local signature set is version 202404283053210
May 02 2024 03:36:08 cp41 maldet(31250): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 02 2024 03:36:12 cp41 maldet(31250): {sigup} new signature set 202405013823175 available
May 02 2024 03:36:12 cp41 maldet(31250): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 02 2024 03:36:13 cp41 maldet(31250): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 02 2024 03:36:13 cp41 maldet(31250): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 02 2024 03:36:13 cp41 maldet(31250): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 02 2024 03:36:13 cp41 maldet(31250): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 02 2024 03:36:14 cp41 maldet(31250): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 02 2024 03:36:14 cp41 maldet(31250): {sigup} verified md5sum of maldet-sigpack.tgz
May 02 2024 03:36:17 cp41 maldet(31250): {sigup} unpacked and installed maldet-sigpack.tgz
May 02 2024 03:36:18 cp41 maldet(31250): {sigup} verified md5sum of maldet-clean.tgz
May 02 2024 03:36:19 cp41 maldet(31250): {sigup} unpacked and installed maldet-clean.tgz
May 02 2024 03:36:19 cp41 maldet(31250): {sigup} signature set update completed
May 02 2024 03:36:19 cp41 maldet(31250): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 02 2024 03:36:19 cp41 maldet(31590): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 02 2024 03:36:21 cp41 maldet(31590): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 02 2024 03:36:21 cp41 maldet(31590): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 02 2024 03:36:21 cp41 maldet(31590): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 02 2024 03:36:21 cp41 maldet(31590): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 02 2024 04:44:49 cp41 maldet(31590): {scan} file list completed in 4108s, found 378 files...
May 02 2024 04:44:49 cp41 maldet(31590): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 02 2024 04:44:49 cp41 maldet(31590): {scan} scan of (378 files) in progress...
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/plugins/OutputFilter
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/customize/phocagalleryi
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/term-description/phocagalleryi
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/categories/phocagalleryi
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/tag-cloud/phocagalleryi
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/post-author/default_graph
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2024/03/phocagalleryi
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2010/06/phocagalleryi
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/latest-comments/phocagalleryi
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/symfony/polyfill-intl-normalizer/phocagalleryi
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/auth/src/OutputFilter
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/skins/lightgray/img/phocagalleryi
May 02 2024 04:44:59 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sodium_compat/src/Core/Poly1305/phocagalleryi
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/columns/phocagalleryi
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/latest-posts/OutputFilter
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/avatar/romanian_mimes
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/dist/development/romanian_mimes
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/tinymce/plugins/wpautoresize/phocagalleryi
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/comment-reply-link/phocagalleryi
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/comment-template/phocagalleryi
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/Requests/src/Response/phocagalleryi
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/dist/phocagalleryi
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/themes/modern/OutputFilter
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/sodium_compat/namespaced/Core/Curve25519/phocagalleryi
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/cover/OutputFilter
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/plugins/akismet/_inc/payment.bak
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-admin/user/phocagalleryi
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/beanstream_cdn
May 02 2024 04:45:00 cp41 maldet(31590): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-admin/css/colors/phocagalleryi
May 02 2024 04:45:00 cp41 maldet(31590): {scan} scan completed on : files 378, malware hits 29, cleaned hits 0, time 4121s
May 02 2024 04:45:00 cp41 maldet(31590): {scan} scan report saved, to view run: maldet --report 240502-0336.31590
May 02 2024 04:45:00 cp41 maldet(31590): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240502-0336.31590
May 03 2024 03:30:57 cp41 maldet(8193): {update} checking for available updates...
May 03 2024 03:30:57 cp41 maldet(8193): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 03 2024 03:30:57 cp41 maldet(8193): {update} hashing install files and checking against server...
May 03 2024 03:30:58 cp41 maldet(8193): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 03 2024 03:30:58 cp41 maldet(8193): {update} latest version already installed.
May 03 2024 03:31:00 cp41 maldet(8351): {sigup} performing signature update check...
May 03 2024 03:31:00 cp41 maldet(8351): {sigup} local signature set is version 202405013823175
May 03 2024 03:31:00 cp41 maldet(8351): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 03 2024 03:31:01 cp41 maldet(8351): {sigup} latest signature set already installed
May 03 2024 03:31:02 cp41 maldet(8483): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 03 2024 03:31:09 cp41 maldet(8483): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 03 2024 03:31:09 cp41 maldet(8483): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 03 2024 03:31:09 cp41 maldet(8483): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 03 2024 03:31:09 cp41 maldet(8483): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 03 2024 07:51:37 cp41 maldet(8483): {scan} file list completed in 15628s, found 259 files...
May 03 2024 07:51:37 cp41 maldet(8483): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 03 2024 07:51:37 cp41 maldet(8483): {scan} scan of (259 files) in progress...
May 03 2024 07:51:44 cp41 maldet(8483): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2013/IDAccumulator
May 03 2024 07:51:44 cp41 maldet(8483): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/11/archiver
May 03 2024 07:51:44 cp41 maldet(8483): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/verse/hookup_gallery
May 03 2024 07:51:44 cp41 maldet(8483): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/dist/amsimport
May 03 2024 07:51:44 cp41 maldet(8483): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/rss/jpgraph_radar
May 03 2024 07:51:44 cp41 maldet(8483): {scan} scan completed on : files 259, malware hits 5, cleaned hits 0, time 15642s
May 03 2024 07:51:44 cp41 maldet(8483): {scan} scan report saved, to view run: maldet --report 240503-0331.8483
May 03 2024 07:51:45 cp41 maldet(8483): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240503-0331.8483
May 04 2024 03:51:55 cp41 maldet(2097): {update} checking for available updates...
May 04 2024 03:51:56 cp41 maldet(2097): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 04 2024 03:51:56 cp41 maldet(2097): {update} hashing install files and checking against server...
May 04 2024 03:51:56 cp41 maldet(2097): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 04 2024 03:51:56 cp41 maldet(2097): {update} latest version already installed.
May 04 2024 03:51:56 cp41 maldet(2246): {sigup} performing signature update check...
May 04 2024 03:51:56 cp41 maldet(2246): {sigup} local signature set is version 202405013823175
May 04 2024 03:51:56 cp41 maldet(2246): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 04 2024 03:51:57 cp41 maldet(2246): {sigup} latest signature set already installed
May 04 2024 03:51:57 cp41 maldet(2367): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 04 2024 03:51:58 cp41 maldet(2367): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 04 2024 03:51:58 cp41 maldet(2367): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 04 2024 03:51:58 cp41 maldet(2367): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 04 2024 03:51:58 cp41 maldet(2367): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 04 2024 04:48:17 cp41 maldet(2367): {scan} file list completed in 3379s, found 3466 files...
May 04 2024 04:48:17 cp41 maldet(2367): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 04 2024 04:48:17 cp41 maldet(2367): {scan} scan of (3466 files) in progress...
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/maintenance/view_note
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/parameters
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2019/02/dashboard
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2020/09/parameters
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2020/12/common.bak
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2020/03/phocagalleryc
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2020/03/down_site
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2020/02/FacPersonalPage
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2009/screen_02
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2023/08/FacPersonalPage
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2023/02/screen_02
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2023/07/UnderFreeElect
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2023/06/functions.admin
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2022/addcssassoc
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2022/09/common.bak
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2022/shipping_methods
May 04 2024 04:51:05 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2022/07/tempfiles
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2022/07/cust_accept05
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2018/09/common.bak
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/view_note
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2024/03/phocagalleryi
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2024/02/AddBaseName
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2013/10/common.bak
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2013/01/parameters
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2013/IDAccumulator
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2013/05/AddBaseName
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2013/05/Subscribe
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2013/07/AddBaseName
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2015/10/screen_02
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2015/10/sp_getthumb
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2015/10/tbl_tracking
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/08/parameters
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/11/archiver
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/12/screen_02
May 04 2024 04:51:06 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/_default
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/DirectLex
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/02/news_archives
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/06/DirectLex
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/06/tbl_tracking
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2016/03/wish_list
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2016/04/tbl_tracking
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2016/07/dashboard
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2010/04/DirectLex
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2010/04/common.bak
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2010/05/album_rate
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2010/05/Subscribe
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2010/07/shipping_methods
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2010/06/AddBaseName
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2010/06/phocagalleryi
May 04 2024 04:51:07 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2010/06/news_archives
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2011/10/down_site
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2011/04/Subscribe
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2021/08/about.german3
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2021/01/view_note
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2021/12/common.bak
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2021/03/news_archives
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2021/07/Subscribe
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/mu-plugins/inifix.inc
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/screen_02
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/phocagalleryc
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentyten/languages/forms_add_3
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/latest-comments/phocagalleryi
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/group/adv_search
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/verse/hookup_gallery
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/paragraph/newsmanagement
May 04 2024 04:51:08 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/heading/StringHashParser
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/template-parts/content/MethodTable
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/ITDynamic
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentytwo/_con_aaa_footer
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyfour/templates/k2comment
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyfour/assets/fonts/inter/Subscribe
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyfour/assets/css/opendocument.lib
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyfour/assets/down_site
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyfour/blogLib.class
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/fighter/common.bak
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/symfony/polyfill-intl-normalizer/phocagalleryi
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/apiclient-services/src/SiteVerification/phocagalleryc
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/apiclient-services/src/PeopleService/phocagalleryc
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/apiclient-services/src/Analytics/phocagalleryc
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/infoevent3
May 04 2024 04:51:09 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/auth/src/OutputFilter
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Modules/Ads/staff_buttonsEN
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Core/Dashboard_Sharing/GoogleSpell
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/Requests/Exception/Transport/StringHashParser
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/Requests/Response/shipping_methods
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/Text/Diff/Renderer/shipping_methods
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/block-patterns/phocagalleryc
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/SimplePie/Content/Type/topmyprefs
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/ID3/opendocument.lib
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/dist/amsimport
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/swfupload/tbl_select
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/imgareaselect/topmyprefs
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/skins/lightgray/fonts/ShortModifiers
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/skins/lightgray/img/phocagalleryi
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/plugins/link/forms_add_3
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/plugins/charmap/conditions
May 04 2024 04:51:10 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/plugins/compat3x/css/tempfiles
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/plugins/tabfocus/captcha_qa
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/plugins/wordpress/pagination
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/plugins/wpview/FacPersonalPage
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/js/tinymce/news_archives
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/fonts/dashboard
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/css/dist/addcssassoc
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/rest-api/endpoints/dividers
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sodium_compat/namespaced/opendocument.lib
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sodium_compat/src/PHP52/phocagalleryc
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sodium_compat/src/Core/Poly1305/phocagalleryi
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sodium_compat/src/Core/SecretStream/newadminuser
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sodium_compat/src/Core/Curve25519/FacPersonalPage
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sodium_compat/src/Core32/Poly1305/imagefront
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sodium_compat/src/Core32/Curve25519/Ge/home_30june10
May 04 2024 04:51:11 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sitemaps/providers/theme_general
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/sitemaps/opendocument.lib
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/query-title/shipping_methods
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/query/opendocument.lib
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/query/topmyprefs
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/social-link/news_archives
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/columns/phocagalleryi
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/list/opendocument.lib
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/legacy-widget/dataLib.class
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/navigation-link/FacPersonalPage
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/post-content/shipping_methods
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/paragraph/home_30june10
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/table/topmyprefs
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/latest-posts/OutputFilter
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/loginout/opendocument.lib
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/loginout/adv_search
May 04 2024 04:51:12 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/embed/adv_search
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/avatar/romanian_mimes
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/avatar/FacPersonalPage
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/post-navigation-link/FacPersonalPage
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/comments-title/topmyprefs
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/audio/FacPersonalPage
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/site-title/phocagalleryc
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-includes/blocks/heading/paginator
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-admin/css/colors/ocean/home_30june10
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/backup/wp-admin/css/colors/coffee/topmyprefs
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/PHPMailer/StringHash
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/block-patterns/order_total
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/SimplePie/HTTP/accounting
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/images/opendocument.lib
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/dist/development/romanian_mimes
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/thickbox/shipping_methods
May 04 2024 04:51:13 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/tinymce/langs/topmyprefs
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/tinymce/skins/lightgray/img/opendocument.lib
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/tinymce/shipping_methods
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/tinymce/plugins/link/order_categ
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/tinymce/plugins/lists/AddBaseName
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/tinymce/plugins/wpautoresize/phocagalleryi
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/tinymce/plugins/image/phocagalleryc
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/js/tinymce/plugins/directionality/shipping_methods
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/style-engine/HTMLDefinition
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/css/dist/components/home_30june10
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/css/dist/customize-widgets/FacPersonalPage
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/css/dist/format-library/addFields
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/css/dist/block-directory/home_30june10
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/sodium_compat/opendocument.lib
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/sodium_compat/src/Core/Poly1305/topmyprefs
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/sodium_compat/src/Core/Base64/news_archives
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/sodium_compat/src/Core32/Curve25519/Ge/home_30june10
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/comment-author-name/FacPersonalPage
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/rss/topmyprefs
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/query-pagination-numbers/dashboard
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/comment-edit-link/officeStaffEN
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/video/shipping_methods
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/navigation-link/phocagalleryc
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/read-more/StringHashParser
May 04 2024 04:51:14 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/comment-reply-link/phocagalleryi
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/image/FacPersonalPage
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/comment-template/phocagalleryi
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/gallery/phocagalleryc
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/site-title/FacPersonalPage
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/comments-pagination-previous/topmyprefs
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/blocks/text-columns/adv_search
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-includes/dashboard
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/sched_news
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/IXR/adminupevents
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/Requests/src/Exception/Http/cache_icons
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/Requests/src/Response/phocagalleryi
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/SimplePie/XML/Declaration/news_archives
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/SimplePie/Decode/HTML/down_site
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/ID3/StringHashParser
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/ID3/opendocument.lib
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/images/smilies/common.bak
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/jquery/opendocument.lib
May 04 2024 04:51:15 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/plupload/down_site
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/dist/phocagalleryi
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/mediaelement/phocagalleryc
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/skins/lightgray/fonts/tbl_tracking
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/skins/down_site
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/themes/modern/OutputFilter
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/plugins/paste/adv_search
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/plugins/wpautoresize/topmyprefs
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/plugins/charmap/patronato
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/plugins/charmap/down_site
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/plugins/compat3x/css/common.bak
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/plugins/wordpress/home_30june10
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/js/tinymce/plugins/wordpress/aboutme.preview
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/style-engine/topmyprefs
May 04 2024 04:51:16 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/css/dist/import.lib
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/css/dist/block-library/StringHashParser
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/css/dist/block-editor/cancer_hope
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/css/dist/reusable-blocks/StringHashParser
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/css/dist/patterns/news_archives
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/sodium_compat/lib/StringHashParser
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/sodium_compat/namespaced/Core/Curve25519/phocagalleryi
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/sodium_compat/src/cancer_hope
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/sodium_compat/src/Core32/ChaCha20/common.bak
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/sodium_compat/src/Core32/Curve25519/Ge/DirectLex
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/sodium_compat/src/Core32/Curve25519/opendocument.lib
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/sitemaps/phocagalleryc
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/query/tbl_tracking
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/cover/OutputFilter
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/block/opendocument.lib
May 04 2024 04:51:17 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/block/tbl_tracking
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/social-links/copyescape
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/social-links/down_site
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/rss/jpgraph_radar
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/more/events_results
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/term-description/home_30june10
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/pattern/down_site
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/comments-pagination-numbers/StringHashParser
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/comment-edit-link/FacPersonalPage
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/column/StringHashParser
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/comment-content/admin.checkin
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/query-pagination-previous/product_info_
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/query-pagination-previous/down_site
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/pullquote/FinalCreatPage
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/archives/AddBaseName
May 04 2024 04:51:18 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/file/beginedit2
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/avatar/topmyprefs
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/avatar/news_archives
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/template-part/shipping_methods
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/post-navigation-link/phocagalleryc
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/separator/FinalCreatPage
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/post-comments-form/common.bak
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/post-featured-image/AddBaseName
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/tbl_tracking
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/post-author-biography/down_site
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/navigation/class.ticket
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/site-title/news_archives
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/freeform/DirectLex
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/footnotes/down_site
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-includes/blocks/comments-pagination-previous/tbl_tracking
May 04 2024 04:51:19 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentytwo/styles/pagination
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentytwo/templates/tbl_select
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentytwo/assets/videos/shipping_methods
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/shipping_methods
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentytwo/inc/patterns/stat_details
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentyfour/assets/images/DirectLex
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentyfour/assets/fonts/jost/StringHashParser
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentyfour/assets/fonts/instrument-sans/tbl_tracking
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentyfour/assets/fonts/instrument-sans/common.bak
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentyfour/assets/fonts/cardo/adv_search
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentyfour/assets/topmyprefs
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentyfour/assets/shipping_methods
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentyfour/assets/common.bak
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentyfour/functions.admin
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/twentytwentyfour/patterns/StringHashParser
May 04 2024 04:51:20 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/themes/discuz_version
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/plugins/akismet/_inc/fonts/opendocument.lib
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/plugins/akismet/_inc/payment.bak
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wordpress/wp-content/plugins/akismet/_inc/img/html4strict
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-admin/user/phocagalleryi
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-admin/network/down_site
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-admin/css/colors/insertfile
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-admin/css/colors/ectoplasm/topmyprefs
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-admin/css/tbl_tracking
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/newwp/wp-admin/includes/install.bak
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/beanstream_cdn
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentythree/adv_search
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentytwo/templates/ConfigForm
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentytwo/assets/fonts/ibm-plex/news_archives
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/form2mail
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentytwo/assets/2cols2lines
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentyfour/styles/adv_search
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentyfour/templates/product_info_
May 04 2024 04:51:21 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentyfour/assets/fonts/jost/adv_search
May 04 2024 04:51:22 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentyfour/assets/fonts/cardo/topmyprefs
May 04 2024 04:51:22 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentyfour/assets/css/shipping_methods
May 04 2024 04:51:22 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wordpress/wp-content/themes/twentytwentyfour/assets/drm_management
May 04 2024 04:51:22 cp41 maldet(2367): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp/wp-admin/css/colors/phocagalleryi
May 04 2024 04:51:22 cp41 maldet(2367): {scan} scan completed on : files 3466, malware hits 282, cleaned hits 0, time 3565s
May 04 2024 04:51:22 cp41 maldet(2367): {scan} scan report saved, to view run: maldet --report 240504-0351.2367
May 04 2024 04:51:22 cp41 maldet(2367): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240504-0351.2367
May 05 2024 03:26:40 cp41 maldet(11041): {update} checking for available updates...
May 05 2024 03:26:40 cp41 maldet(11041): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 05 2024 03:26:40 cp41 maldet(11041): {update} hashing install files and checking against server...
May 05 2024 03:26:42 cp41 maldet(11041): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 05 2024 03:26:42 cp41 maldet(11041): {update} latest version already installed.
May 05 2024 03:26:45 cp41 maldet(11190): {sigup} performing signature update check...
May 05 2024 03:26:45 cp41 maldet(11190): {sigup} local signature set is version 202405013823175
May 05 2024 03:26:45 cp41 maldet(11190): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 05 2024 03:26:46 cp41 maldet(11190): {sigup} new signature set 20240504393073 available
May 05 2024 03:26:46 cp41 maldet(11190): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 05 2024 03:26:46 cp41 maldet(11190): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 05 2024 03:26:47 cp41 maldet(11190): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 05 2024 03:26:47 cp41 maldet(11190): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 05 2024 03:26:47 cp41 maldet(11190): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 05 2024 03:26:47 cp41 maldet(11190): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 05 2024 03:26:47 cp41 maldet(11190): {sigup} verified md5sum of maldet-sigpack.tgz
May 05 2024 03:26:49 cp41 maldet(11190): {sigup} unpacked and installed maldet-sigpack.tgz
May 05 2024 03:26:49 cp41 maldet(11190): {sigup} verified md5sum of maldet-clean.tgz
May 05 2024 03:26:51 cp41 maldet(11190): {sigup} unpacked and installed maldet-clean.tgz
May 05 2024 03:26:51 cp41 maldet(11190): {sigup} signature set update completed
May 05 2024 03:26:51 cp41 maldet(11190): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 05 2024 03:26:52 cp41 maldet(11466): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 05 2024 03:26:53 cp41 maldet(11466): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 05 2024 03:26:53 cp41 maldet(11466): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 05 2024 03:26:53 cp41 maldet(11466): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 05 2024 03:26:53 cp41 maldet(11466): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 05 2024 05:41:12 cp41 maldet(11466): {scan} file list completed in 8059s, found 12 files...
May 05 2024 05:41:12 cp41 maldet(11466): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 05 2024 05:41:12 cp41 maldet(11466): {scan} scan of (12 files) in progress...
May 05 2024 05:41:13 cp41 maldet(11466): {scan} scan completed on : files 12, malware hits 0, cleaned hits 0, time 8061s
May 05 2024 05:41:13 cp41 maldet(11466): {scan} scan report saved, to view run: maldet --report 240505-0326.11466
May 06 2024 03:26:48 cp41 maldet(25579): {update} checking for available updates...
May 06 2024 03:26:48 cp41 maldet(25579): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 06 2024 03:26:48 cp41 maldet(25579): {update} hashing install files and checking against server...
May 06 2024 03:26:48 cp41 maldet(25579): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 06 2024 03:26:48 cp41 maldet(25579): {update} latest version already installed.
May 06 2024 03:26:50 cp41 maldet(25734): {sigup} performing signature update check...
May 06 2024 03:26:50 cp41 maldet(25734): {sigup} local signature set is version 20240504393073
May 06 2024 03:26:50 cp41 maldet(25734): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 06 2024 03:26:50 cp41 maldet(25734): {sigup} latest signature set already installed
May 06 2024 03:26:51 cp41 maldet(25864): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 06 2024 03:26:53 cp41 maldet(25864): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 06 2024 03:26:53 cp41 maldet(25864): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 06 2024 03:26:53 cp41 maldet(25864): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 06 2024 03:26:53 cp41 maldet(25864): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 06 2024 09:07:23 cp41 maldet(25864): {scan} file list completed in 20430s, found 56 files...
May 06 2024 09:07:24 cp41 maldet(25864): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 06 2024 09:07:24 cp41 maldet(25864): {scan} scan of (56 files) in progress...
May 06 2024 09:07:34 cp41 maldet(25864): {scan} scan completed on : files 56, malware hits 0, cleaned hits 0, time 20443s
May 06 2024 09:07:34 cp41 maldet(25864): {scan} scan report saved, to view run: maldet --report 240506-0326.25864
May 07 2024 03:19:37 cp41 maldet(23589): {update} checking for available updates...
May 07 2024 03:19:37 cp41 maldet(23589): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 07 2024 03:19:37 cp41 maldet(23589): {update} hashing install files and checking against server...
May 07 2024 03:19:37 cp41 maldet(23589): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 07 2024 03:19:37 cp41 maldet(23589): {update} latest version already installed.
May 07 2024 03:19:38 cp41 maldet(23733): {sigup} performing signature update check...
May 07 2024 03:19:38 cp41 maldet(23733): {sigup} local signature set is version 20240504393073
May 07 2024 03:19:38 cp41 maldet(23733): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 07 2024 03:19:38 cp41 maldet(23733): {sigup} latest signature set already installed
May 07 2024 03:19:39 cp41 maldet(23855): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 07 2024 03:19:40 cp41 maldet(23855): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 07 2024 03:19:40 cp41 maldet(23855): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 07 2024 03:19:40 cp41 maldet(23855): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 07 2024 03:19:40 cp41 maldet(23855): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 07 2024 11:48:29 cp41 maldet(23855): {scan} file list completed in 30529s, found 308 files...
May 07 2024 11:48:29 cp41 maldet(23855): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 07 2024 11:48:29 cp41 maldet(23855): {scan} scan of (308 files) in progress...
May 07 2024 11:48:46 cp41 maldet(23855): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/css/dist/edit-widgets/assignment_nrm
May 07 2024 11:48:46 cp41 maldet(23855): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/committee
May 07 2024 11:48:47 cp41 maldet(23855): {scan} scan completed on : files 308, malware hits 2, cleaned hits 0, time 30547s
May 07 2024 11:48:47 cp41 maldet(23855): {scan} scan report saved, to view run: maldet --report 240507-0319.23855
May 07 2024 11:48:47 cp41 maldet(23855): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240507-0319.23855
May 08 2024 03:50:30 cp41 maldet(8729): {update} checking for available updates...
May 08 2024 03:50:30 cp41 maldet(8729): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 08 2024 03:50:30 cp41 maldet(8729): {update} hashing install files and checking against server...
May 08 2024 03:50:32 cp41 maldet(8729): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 08 2024 03:50:32 cp41 maldet(8729): {update} latest version already installed.
May 08 2024 03:50:33 cp41 maldet(8876): {sigup} performing signature update check...
May 08 2024 03:50:33 cp41 maldet(8876): {sigup} local signature set is version 20240504393073
May 08 2024 03:50:33 cp41 maldet(8876): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 08 2024 03:50:35 cp41 maldet(8876): {sigup} latest signature set already installed
May 08 2024 03:50:36 cp41 maldet(9004): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 08 2024 03:50:38 cp41 maldet(9004): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 08 2024 03:50:38 cp41 maldet(9004): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 08 2024 03:50:38 cp41 maldet(9004): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 08 2024 03:50:38 cp41 maldet(9004): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 08 2024 12:35:00 cp41 maldet(9004): {scan} file list completed in 31461s, found 34702 files...
May 08 2024 12:35:00 cp41 maldet(9004): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 08 2024 12:35:00 cp41 maldet(9004): {scan} scan of (34702 files) in progress...
May 08 2024 13:01:38 cp41 maldet(9004): {hit} malware hit {HEX}php.generic.malware.447 found for /home/briancol/public_html/wp-include/index.php
May 08 2024 13:01:39 cp41 maldet(9004): {scan} scan completed on : files 34702, malware hits 1, cleaned hits 0, time 33063s
May 08 2024 13:01:39 cp41 maldet(9004): {scan} scan report saved, to view run: maldet --report 240508-0350.9004
May 08 2024 13:01:39 cp41 maldet(9004): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240508-0350.9004
May 09 2024 03:26:03 cp41 maldet(12421): {update} checking for available updates...
May 09 2024 03:26:03 cp41 maldet(12421): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 09 2024 03:26:03 cp41 maldet(12421): {update} hashing install files and checking against server...
May 09 2024 03:26:03 cp41 maldet(12421): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 09 2024 03:26:03 cp41 maldet(12421): {update} latest version already installed.
May 09 2024 03:26:04 cp41 maldet(12560): {sigup} performing signature update check...
May 09 2024 03:26:04 cp41 maldet(12560): {sigup} local signature set is version 20240504393073
May 09 2024 03:26:04 cp41 maldet(12560): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 09 2024 03:26:04 cp41 maldet(12560): {sigup} new signature set 202405071155649 available
May 09 2024 03:26:04 cp41 maldet(12560): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 09 2024 03:26:05 cp41 maldet(12560): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 09 2024 03:26:05 cp41 maldet(12560): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 09 2024 03:26:05 cp41 maldet(12560): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 09 2024 03:26:05 cp41 maldet(12560): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 09 2024 03:26:05 cp41 maldet(12560): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 09 2024 03:26:05 cp41 maldet(12560): {sigup} verified md5sum of maldet-sigpack.tgz
May 09 2024 03:26:07 cp41 maldet(12560): {sigup} unpacked and installed maldet-sigpack.tgz
May 09 2024 03:26:07 cp41 maldet(12560): {sigup} verified md5sum of maldet-clean.tgz
May 09 2024 03:26:07 cp41 maldet(12560): {sigup} unpacked and installed maldet-clean.tgz
May 09 2024 03:26:07 cp41 maldet(12560): {sigup} signature set update completed
May 09 2024 03:26:07 cp41 maldet(12560): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 09 2024 03:26:07 cp41 maldet(12808): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 09 2024 03:26:09 cp41 maldet(12808): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 09 2024 03:26:09 cp41 maldet(12808): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 09 2024 03:26:09 cp41 maldet(12808): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 09 2024 03:26:09 cp41 maldet(12808): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 09 2024 06:21:25 cp41 maldet(12808): {scan} file list completed in 10516s, found 239 files...
May 09 2024 06:21:25 cp41 maldet(12808): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 09 2024 06:21:25 cp41 maldet(12808): {scan} scan of (239 files) in progress...
May 09 2024 06:21:31 cp41 maldet(12808): {hit} malware hit {HEX}php.generic.malware.447 found for /home/briancol/public_html/wp-include/index.php
May 09 2024 06:21:31 cp41 maldet(12808): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/gallery.lang_pt
May 09 2024 06:21:31 cp41 maldet(12808): {scan} scan completed on : files 239, malware hits 2, cleaned hits 0, time 10524s
May 09 2024 06:21:31 cp41 maldet(12808): {scan} scan report saved, to view run: maldet --report 240509-0326.12808
May 09 2024 06:21:31 cp41 maldet(12808): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240509-0326.12808
May 10 2024 03:23:47 cp41 maldet(14555): {update} checking for available updates...
May 10 2024 03:23:47 cp41 maldet(14555): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 10 2024 03:23:47 cp41 maldet(14555): {update} hashing install files and checking against server...
May 10 2024 03:23:47 cp41 maldet(14555): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 10 2024 03:23:47 cp41 maldet(14555): {update} latest version already installed.
May 10 2024 03:23:48 cp41 maldet(14705): {sigup} performing signature update check...
May 10 2024 03:23:48 cp41 maldet(14705): {sigup} local signature set is version 202405071155649
May 10 2024 03:23:48 cp41 maldet(14705): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 10 2024 03:23:49 cp41 maldet(14705): {sigup} latest signature set already installed
May 10 2024 03:23:49 cp41 maldet(14827): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 10 2024 03:23:50 cp41 maldet(14827): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 10 2024 03:23:50 cp41 maldet(14827): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 10 2024 03:23:50 cp41 maldet(14827): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 10 2024 03:23:50 cp41 maldet(14827): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 10 2024 07:02:37 cp41 maldet(14827): {scan} file list completed in 13126s, found 58657 files...
May 10 2024 07:02:37 cp41 maldet(14827): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 10 2024 07:02:37 cp41 maldet(14827): {scan} scan of (58657 files) in progress...
May 10 2024 07:12:10 cp41 maldet(14827): {hit} malware hit {CAV}Unix.Exploit.CVE_2021_4034-9951523-0 found for /home/authorsd/public_html/update/CVE-2021-4034/cve-2021-4034
May 10 2024 07:12:10 cp41 maldet(14827): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/authorsd/public_html/update/403.php
May 10 2024 07:12:10 cp41 maldet(14827): {hit} malware hit {CAV}Unix.Exploit.CVE_2021_4034-9951523-0 found for /home/authorsd/public_html/update/polkit.zip
May 10 2024 07:12:10 cp41 maldet(14827): {hit} malware hit {YARA}php_reverse_shell found for /home/authorsd/public_html/update/bc.php
May 10 2024 07:12:10 cp41 maldet(14827): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/authorsd/public_html/update/files.zip
May 10 2024 07:12:10 cp41 maldet(14827): {hit} malware hit {HEX}php.generic.malware.447 found for /home/briancol/public_html/wp-include/index.php
May 10 2024 07:12:10 cp41 maldet(14827): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Core/Modules/RenameFile
May 10 2024 07:12:10 cp41 maldet(14827): {hit} malware hit {HEX}php.nested.base64.652 found for /home/olshsdco/public_html/wp-includes/images/wp/FEkHC.php
May 10 2024 07:12:10 cp41 maldet(14827): {hit} malware hit {YARA}eval_post found for /home/olshsdco/public_html/wp-content/themes/KTGQKDOehH.php
May 10 2024 07:12:11 cp41 maldet(14827): {scan} scan completed on : files 58657, malware hits 9, cleaned hits 0, time 13701s
May 10 2024 07:12:11 cp41 maldet(14827): {scan} scan report saved, to view run: maldet --report 240510-0323.14827
May 10 2024 07:12:11 cp41 maldet(14827): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240510-0323.14827
May 11 2024 03:54:17 cp41 maldet(26792): {update} checking for available updates...
May 11 2024 03:54:17 cp41 maldet(26792): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 11 2024 03:54:18 cp41 maldet(26792): {update} hashing install files and checking against server...
May 11 2024 03:54:18 cp41 maldet(26792): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 11 2024 03:54:18 cp41 maldet(26792): {update} latest version already installed.
May 11 2024 03:54:18 cp41 maldet(26943): {sigup} performing signature update check...
May 11 2024 03:54:18 cp41 maldet(26943): {sigup} local signature set is version 202405071155649
May 11 2024 03:54:18 cp41 maldet(26943): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 11 2024 03:54:19 cp41 maldet(26943): {sigup} new signature set 202405101922723 available
May 11 2024 03:54:19 cp41 maldet(26943): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 11 2024 03:54:19 cp41 maldet(26943): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 11 2024 03:54:20 cp41 maldet(26943): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 11 2024 03:54:20 cp41 maldet(26943): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 11 2024 03:54:20 cp41 maldet(26943): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 11 2024 03:54:20 cp41 maldet(26943): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 11 2024 03:54:20 cp41 maldet(26943): {sigup} verified md5sum of maldet-sigpack.tgz
May 11 2024 03:54:21 cp41 maldet(26943): {sigup} unpacked and installed maldet-sigpack.tgz
May 11 2024 03:54:21 cp41 maldet(26943): {sigup} verified md5sum of maldet-clean.tgz
May 11 2024 03:54:21 cp41 maldet(26943): {sigup} unpacked and installed maldet-clean.tgz
May 11 2024 03:54:21 cp41 maldet(26943): {sigup} signature set update completed
May 11 2024 03:54:21 cp41 maldet(26943): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 11 2024 03:54:22 cp41 maldet(27196): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 11 2024 03:54:22 cp41 maldet(27196): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 11 2024 03:54:22 cp41 maldet(27196): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 11 2024 03:54:22 cp41 maldet(27196): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 11 2024 03:54:22 cp41 maldet(27196): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 11 2024 09:26:13 cp41 maldet(27196): {scan} file list completed in 19911s, found 79775 files...
May 11 2024 09:26:13 cp41 maldet(27196): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 11 2024 09:26:14 cp41 maldet(27196): {scan} scan of (79775 files) in progress...
May 11 2024 09:39:24 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/DisplayLinkURI
May 11 2024 09:39:24 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/sharethis
May 11 2024 09:39:24 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/DisplayLinkURI
May 11 2024 09:39:24 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/DisplayLinkURI
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/DisplayLinkURI
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/sharethis
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/DisplayLinkURI
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/sharethis
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/sharethis
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/DisplayLinkURI
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/sharethis
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/DisplayLinkURI
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/sharethis
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/acme-challenge/sharethis
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/sharethis
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/sharethis
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/sharethis
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/DisplayLinkURI
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/DisplayLinkURI
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/sharethis
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/sharethis
May 11 2024 09:39:25 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/DisplayLinkURI
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/sharethis
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {HEX}php.generic.malware.447 found for /home/briancol/public_html/wp-include/index.php
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-include/sharethis
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Php.Malware.Agent-9851729-0 found for /home/darkhors/public_html/theme-insdpia.php
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/crop/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/plugins/textcolor/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/plugins/wordpress/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/css/dist/reusable-blocks/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/css/dist/commands/blockLib.class
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/rest-api/endpoints/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/sodium_compat/src/Core32/ChaCha20/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/spacer/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/comments-pagination/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/.well-known/acme-challenge/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2014/03/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2020/11/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2022/06/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2018/08/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2013/03/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2016/12/gradereport_user
May 11 2024 09:39:26 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/utilities/gradereport_user
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/cover/gradereport_user
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/inc/gradereport_user
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentythree/assets/fonts/gradereport_user
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/apiclient/gradereport_user
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/root_path
May 11 2024 09:39:27 cp41 maldet(27196): {scan} scan completed on : files 79775, malware hits 60, cleaned hits 0, time 20705s
May 11 2024 09:39:27 cp41 maldet(27196): {scan} scan report saved, to view run: maldet --report 240511-0354.27196
May 11 2024 09:39:27 cp41 maldet(27196): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240511-0354.27196
May 12 2024 03:50:17 cp41 maldet(7251): {update} checking for available updates...
May 12 2024 03:50:18 cp41 maldet(7251): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 12 2024 03:50:18 cp41 maldet(7251): {update} hashing install files and checking against server...
May 12 2024 03:50:18 cp41 maldet(7251): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 12 2024 03:50:18 cp41 maldet(7251): {update} latest version already installed.
May 12 2024 03:50:20 cp41 maldet(7395): {sigup} performing signature update check...
May 12 2024 03:50:20 cp41 maldet(7395): {sigup} local signature set is version 202405101922723
May 12 2024 03:50:20 cp41 maldet(7395): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 12 2024 03:50:20 cp41 maldet(7395): {sigup} latest signature set already installed
May 12 2024 03:50:20 cp41 maldet(7518): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 12 2024 03:50:22 cp41 maldet(7518): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 12 2024 03:50:22 cp41 maldet(7518): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 12 2024 03:50:22 cp41 maldet(7518): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 12 2024 03:50:22 cp41 maldet(7518): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 12 2024 05:26:31 cp41 maldet(7518): {scan} file list completed in 5769s, found 32398 files...
May 12 2024 05:26:31 cp41 maldet(7518): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 12 2024 05:26:31 cp41 maldet(7518): {scan} scan of (32398 files) in progress...
May 12 2024 05:48:55 cp41 maldet(7518): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/index.php
May 12 2024 05:48:55 cp41 maldet(7518): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/css/index.php
May 12 2024 05:48:55 cp41 maldet(7518): {hit} malware hit {YARA}php_reverse_shell found for /home/authorsd/public_html/update__79f6290/bc.php
May 12 2024 05:48:55 cp41 maldet(7518): {hit} malware hit {HEX}php.generic.malware.447 found for /home/briancol/public_html/wp-include/index.php
May 12 2024 05:48:55 cp41 maldet(7518): {hit} malware hit {HEX}php.nested.base64.663 found for /home/darkhors/public_html/uspgl3m74.php
May 12 2024 05:48:55 cp41 maldet(7518): {hit} malware hit {HEX}php.nested.base64.663 found for /home/darkhors/public_html/xfzwd7a78.php
May 12 2024 05:48:55 cp41 maldet(7518): {hit} malware hit {HEX}php.malware.magento.599 found for /home/insectsi/public_html/ces.zip
May 12 2024 05:48:55 cp41 maldet(7518): {scan} scan completed on : files 32398, malware hits 7, cleaned hits 0, time 7115s
May 12 2024 05:48:55 cp41 maldet(7518): {scan} scan report saved, to view run: maldet --report 240512-0350.7518
May 12 2024 05:48:55 cp41 maldet(7518): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240512-0350.7518
May 13 2024 03:10:56 cp41 maldet(30082): {update} checking for available updates...
May 13 2024 03:10:57 cp41 maldet(30082): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 13 2024 03:10:57 cp41 maldet(30082): {update} hashing install files and checking against server...
May 13 2024 03:10:57 cp41 maldet(30082): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 13 2024 03:10:57 cp41 maldet(30082): {update} latest version already installed.
May 13 2024 03:10:57 cp41 maldet(30227): {sigup} performing signature update check...
May 13 2024 03:10:57 cp41 maldet(30227): {sigup} local signature set is version 202405101922723
May 13 2024 03:10:57 cp41 maldet(30227): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 13 2024 03:10:58 cp41 maldet(30227): {sigup} latest signature set already installed
May 13 2024 03:10:58 cp41 maldet(30343): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 13 2024 03:10:58 cp41 maldet(30343): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 13 2024 03:10:58 cp41 maldet(30343): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 13 2024 03:10:58 cp41 maldet(30343): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 13 2024 03:10:58 cp41 maldet(30343): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 13 2024 05:06:07 cp41 maldet(30343): {scan} file list completed in 6909s, found 39270 files...
May 13 2024 05:06:07 cp41 maldet(30343): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 13 2024 05:06:07 cp41 maldet(30343): {scan} scan of (39270 files) in progress...
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/css/index.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {YARA}php_reverse_shell found for /home/authorsd/public_html/update__79f6290/bc.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.generic.malware.447 found for /home/briancol/public_html/wp-include/index.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cgi-bin__f48db49/index.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/Webss__f48db49/index.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/3Jm2tg__f48db49/index.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/WEBS__f48db49/index.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/jp__f48db49/index.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cache__f48db49/index.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.nested.base64.663 found for /home/darkhors/public_html/nynjn7p53.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {YARA}eval_post found for /home/darkhors/public_html/ALFA_DATA/alfacgiapi/fox.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.nested.base64.663 found for /home/darkhors/public_html/zqtqg4n44.php
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/c/c/e/e/heptdzx/x.zip
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/b/b/f/h/fYrlmvJ/x.zip
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/b/f/a/d/RGhVAiO/x.zip
May 13 2024 05:07:18 cp41 maldet(30343): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/g/f/a/e/PRSUWyT/x.zip
May 13 2024 05:07:19 cp41 maldet(30343): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/aUOcVAK/x.zip
May 13 2024 05:07:19 cp41 maldet(30343): {hit} malware hit {HEX}php.nested.base64.663 found for /home/darkhors/public_html/czsee3w79.php
May 13 2024 05:07:19 cp41 maldet(30343): {scan} scan completed on : files 39270, malware hits 18, cleaned hits 0, time 6981s
May 13 2024 05:07:19 cp41 maldet(30343): {scan} scan report saved, to view run: maldet --report 240513-0310.30343
May 13 2024 05:07:19 cp41 maldet(30343): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240513-0310.30343
May 14 2024 03:39:01 cp41 maldet(14208): {update} checking for available updates...
May 14 2024 03:39:01 cp41 maldet(14208): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 14 2024 03:39:01 cp41 maldet(14208): {update} hashing install files and checking against server...
May 14 2024 03:39:01 cp41 maldet(14208): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 14 2024 03:39:01 cp41 maldet(14208): {update} latest version already installed.
May 14 2024 03:39:02 cp41 maldet(14377): {sigup} performing signature update check...
May 14 2024 03:39:02 cp41 maldet(14377): {sigup} local signature set is version 202405101922723
May 14 2024 03:39:02 cp41 maldet(14377): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 14 2024 03:39:02 cp41 maldet(14377): {sigup} new signature set 202405132693953 available
May 14 2024 03:39:02 cp41 maldet(14377): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 14 2024 03:39:03 cp41 maldet(14377): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 14 2024 03:39:03 cp41 maldet(14377): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 14 2024 03:39:03 cp41 maldet(14377): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 14 2024 03:39:03 cp41 maldet(14377): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 14 2024 03:39:04 cp41 maldet(14377): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 14 2024 03:39:04 cp41 maldet(14377): {sigup} verified md5sum of maldet-sigpack.tgz
May 14 2024 03:39:04 cp41 maldet(14377): {sigup} unpacked and installed maldet-sigpack.tgz
May 14 2024 03:39:05 cp41 maldet(14377): {sigup} verified md5sum of maldet-clean.tgz
May 14 2024 03:39:05 cp41 maldet(14377): {sigup} unpacked and installed maldet-clean.tgz
May 14 2024 03:39:05 cp41 maldet(14377): {sigup} signature set update completed
May 14 2024 03:39:05 cp41 maldet(14377): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 14 2024 03:39:05 cp41 maldet(14636): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 14 2024 03:39:05 cp41 maldet(14636): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 14 2024 03:39:05 cp41 maldet(14636): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 14 2024 03:39:05 cp41 maldet(14636): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 14 2024 03:39:05 cp41 maldet(14636): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 14 2024 06:31:24 cp41 maldet(14636): {scan} file list completed in 10339s, found 441 files...
May 14 2024 06:31:24 cp41 maldet(14636): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 14 2024 06:31:24 cp41 maldet(14636): {scan} scan of (441 files) in progress...
May 14 2024 06:31:48 cp41 maldet(14636): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/h/coupon_admin
May 14 2024 06:31:48 cp41 maldet(14636): {hit} malware hit {HEX}php.nested.base64.663 found for /home/darkhors/public_html/ifkcd2d59.php
May 14 2024 06:31:48 cp41 maldet(14636): {hit} malware hit {HEX}php.nested.base64.663 found for /home/darkhors/public_html/xptkk6i89.php
May 14 2024 06:31:48 cp41 maldet(14636): {hit} malware hit {HEX}php.generic.malware.447 found for /home/neverend/public_html/Neverending_Films/index.php
May 14 2024 06:31:48 cp41 maldet(14636): {hit} malware hit {HEX}php.generic.malware.447 found for /home/neverend/public_html/a9c56a2e/index.php
May 14 2024 06:31:48 cp41 maldet(14636): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pintoboo/public_html/wp-includes/options.php
May 14 2024 06:31:48 cp41 maldet(14636): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pintoboo/public_html/totheotherside/wp-includes/js/tinymce/network.php
May 14 2024 06:31:48 cp41 maldet(14636): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pintoboo/public_html/totheotherside/wp-content/themes/the-erudite/images/defaults.php
May 14 2024 06:31:48 cp41 maldet(14636): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pintoboo/public_html/totheotherside/wp-content/plugins/after-the-deadline/languages/index.php
May 14 2024 06:31:48 cp41 maldet(14636): {scan} scan completed on : files 441, malware hits 9, cleaned hits 0, time 10363s
May 14 2024 06:31:48 cp41 maldet(14636): {scan} scan report saved, to view run: maldet --report 240514-0339.14636
May 14 2024 06:31:48 cp41 maldet(14636): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240514-0339.14636
May 15 2024 03:45:06 cp41 maldet(28773): {update} checking for available updates...
May 15 2024 03:45:06 cp41 maldet(28773): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 15 2024 03:45:06 cp41 maldet(28773): {update} hashing install files and checking against server...
May 15 2024 03:45:07 cp41 maldet(28773): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 15 2024 03:45:07 cp41 maldet(28773): {update} latest version already installed.
May 15 2024 03:45:07 cp41 maldet(28921): {sigup} performing signature update check...
May 15 2024 03:45:07 cp41 maldet(28921): {sigup} local signature set is version 202405132693953
May 15 2024 03:45:07 cp41 maldet(28921): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 15 2024 03:45:08 cp41 maldet(28921): {sigup} latest signature set already installed
May 15 2024 03:45:08 cp41 maldet(29045): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 15 2024 03:45:09 cp41 maldet(29045): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 15 2024 03:45:09 cp41 maldet(29045): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 15 2024 03:45:09 cp41 maldet(29045): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 15 2024 03:45:09 cp41 maldet(29045): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 15 2024 06:04:45 cp41 maldet(29045): {scan} file list completed in 8376s, found 51505 files...
May 15 2024 06:04:45 cp41 maldet(29045): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 15 2024 06:04:45 cp41 maldet(29045): {scan} scan of (51505 files) in progress...
May 15 2024 06:14:38 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/cust_accept05
May 15 2024 06:14:38 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/admin_files
May 15 2024 06:14:38 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/DisplayLinkURI
May 15 2024 06:14:38 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/cp.article
May 15 2024 06:14:38 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/sharethis
May 15 2024 06:14:38 cp41 maldet(29045): {hit} malware hit {HEX}php.base64.inject.182 found for /home/briancol/public_html/images/plugins/index.php
May 15 2024 06:14:38 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/DisplayLinkURI
May 15 2024 06:14:38 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/admin_files
May 15 2024 06:14:38 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/DisplayLinkURI
May 15 2024 06:14:38 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/cp.article
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/randomimage
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/deletebookmark
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/admin_files
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/randomimage
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/DisplayLinkURI
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/cp.article
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/sharethis
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/modifier.nl2br
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/DisplayLinkURI
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/sharethis
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/deletebookmark
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/cp.article
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/sharethis
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/deletebookmark
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/randomimage
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/DisplayLinkURI
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/cp.article
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/sharethis
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/deletebookmark
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/cp.article
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Ussamer/default_message
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/DisplayLinkURI
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/sharethis
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/acme-challenge/sharethis
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/modifier.nl2br
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/cp.article
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/sharethis
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/cp.article
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/sharethis
May 15 2024 06:14:39 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/modifier.nl2br
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/cp.article
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/admin_files
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/cp.article
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/sharethis
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/deletebookmark
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/DisplayLinkURI
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {HEX}php.base64.inject.182 found for /home/briancol/public_html/wpconten/a/a/b/g/mah.php
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/cp.article
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/DisplayLinkURI
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/sharethis
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/h/coupon_admin
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/h/deletebookmark
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/sharethis
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/randomimage
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/deletebookmark
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/randomimage
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/deletebookmark
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/DisplayLinkURI
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/cp.article
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/sharethis
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/deletebookmark
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/randomimage
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/deletebookmark
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Havalpatter/cp.article
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Havalpatter/randomimage
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Havalpatter/deletebookmark
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-include/cp.article
May 15 2024 06:14:40 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-include/sharethis
May 15 2024 06:14:41 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-include/deletebookmark
May 15 2024 06:14:41 cp41 maldet(29045): {hit} malware hit {YARA}eval_post found for /home/darkhors/public_html/ALFA_DATA/alfacgiapi/fox.php
May 15 2024 06:14:41 cp41 maldet(29045): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/c/c/e/e/heptdzx/x.zip
May 15 2024 06:14:41 cp41 maldet(29045): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/b/b/f/h/fYrlmvJ/x.zip
May 15 2024 06:14:41 cp41 maldet(29045): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/b/f/a/d/RGhVAiO/x.zip
May 15 2024 06:14:41 cp41 maldet(29045): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/g/f/a/e/PRSUWyT/x.zip
May 15 2024 06:14:41 cp41 maldet(29045): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/aUOcVAK/x.zip
May 15 2024 06:14:41 cp41 maldet(29045): {hit} malware hit {HEX}php.nested.base64.663 found for /home/darkhors/public_html/lvvpb6q19.php
May 15 2024 06:14:41 cp41 maldet(29045): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentythree/assets/canadapost
May 15 2024 06:14:41 cp41 maldet(29045): {scan} scan completed on : files 51505, malware hits 77, cleaned hits 0, time 8973s
May 15 2024 06:14:41 cp41 maldet(29045): {scan} scan report saved, to view run: maldet --report 240515-0345.29045
May 15 2024 06:14:41 cp41 maldet(29045): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240515-0345.29045
May 16 2024 03:44:56 cp41 maldet(12787): {update} checking for available updates...
May 16 2024 03:44:57 cp41 maldet(12787): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 16 2024 03:44:57 cp41 maldet(12787): {update} hashing install files and checking against server...
May 16 2024 03:44:58 cp41 maldet(12787): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 16 2024 03:44:58 cp41 maldet(12787): {update} latest version already installed.
May 16 2024 03:44:58 cp41 maldet(13055): {sigup} performing signature update check...
May 16 2024 03:44:58 cp41 maldet(13055): {sigup} local signature set is version 202405132693953
May 16 2024 03:44:58 cp41 maldet(13055): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 16 2024 03:44:59 cp41 maldet(13055): {sigup} latest signature set already installed
May 16 2024 03:45:03 cp41 maldet(13238): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 16 2024 03:45:04 cp41 maldet(13238): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 16 2024 03:45:04 cp41 maldet(13238): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 16 2024 03:45:04 cp41 maldet(13238): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 16 2024 03:45:04 cp41 maldet(13238): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 16 2024 08:45:29 cp41 maldet(13238): {scan} file list completed in 18025s, found 1271 files...
May 16 2024 08:45:29 cp41 maldet(13238): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 16 2024 08:45:29 cp41 maldet(13238): {scan} scan of (1271 files) in progress...
May 16 2024 08:46:08 cp41 maldet(13238): {hit} malware hit {YARA}eval_post found for /home/darkhors/public_html/ALFA_DATA/alfacgiapi/fox.php
May 16 2024 08:46:08 cp41 maldet(13238): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/c/c/e/e/heptdzx/x.zip
May 16 2024 08:46:08 cp41 maldet(13238): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/b/b/f/h/fYrlmvJ/x.zip
May 16 2024 08:46:08 cp41 maldet(13238): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/b/f/a/d/RGhVAiO/x.zip
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/g/f/a/e/PRSUWyT/x.zip
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/aUOcVAK/x.zip
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/l10n/view.topic
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/Requests/library/livecamLib.class
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/block-patterns/view.topic
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/block-patterns/default_section
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/crop/livecamLib.class
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/skins/wordpress/view.topic
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/plugins/colorpicker/livecamLib.class
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/plugins/wpdialogs/default_section
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/plugins/wpemoji/blogpage
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/style-engine/view.topic
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/css/dist/view.topic
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/css/dist/nux/default_section
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/css/dist/reusable-blocks/default_section
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/css/dist/block-directory/livecamLib.class
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/block-bindings/view.topic
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/sodium_compat/namespaced/Core/ChaCha20/view.topic
May 16 2024 08:46:09 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/sodium_compat/src/Core/Base64/livecamLib.class
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/sodium_compat/src/Core32/edit.topic
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/query-title/livecamLib.class
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/query/view.topic
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/list-item/view.topic
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/legacy-widget/livecamLib.class
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/post-author-name/default_section
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/file/livecamLib.class
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/separator/view.topic
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/footnotes/view.topic
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2020/09/view.topic
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2020/02/livecamLib.class
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2023/06/view.topic
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2022/07/view.topic
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2013/03/view.topic
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/04/livecamLib.class
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2016/05/view.topic
May 16 2024 08:46:10 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2016/07/view.topic
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2011/04/livecamLib.class
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/js/default_section
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/table/livecamLib.class
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/audio/livecamLib.class
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentythree/parts/livecamLib.class
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/livecamLib.class
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/akismet/_inc/rtl/livecamLib.class
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/health-check/build/default_section
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/symfony/polyfill-php72/livecamLib.class
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/guzzlehttp/promises/src/view.topic
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/guzzlehttp/livecamLib.class
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/apiclient-services-adsenselinks/default_section
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Modules/AdSense/view.topic
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Core/Validation/default_section
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Core/Storage/livecamLib.class
May 16 2024 08:46:11 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-admin/js/widgets/default_section
May 16 2024 08:46:12 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-admin/css/colors/sunrise/default_section
May 16 2024 08:46:12 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-admin/css/colors/midnight/livecamLib.class
May 16 2024 08:46:12 cp41 maldet(13238): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-admin/css/view.topic
May 16 2024 08:46:12 cp41 maldet(13238): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/wp-content/2V6rL/index.php
May 16 2024 08:46:12 cp41 maldet(13238): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/wp-content/hsgNB/index.php
May 16 2024 08:46:12 cp41 maldet(13238): {scan} scan completed on : files 1271, malware hits 61, cleaned hits 0, time 18069s
May 16 2024 08:46:12 cp41 maldet(13238): {scan} scan report saved, to view run: maldet --report 240516-0345.13238
May 16 2024 08:46:12 cp41 maldet(13238): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240516-0345.13238
May 17 2024 03:42:17 cp41 maldet(11657): {update} checking for available updates...
May 17 2024 03:42:18 cp41 maldet(11657): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 17 2024 03:42:18 cp41 maldet(11657): {update} hashing install files and checking against server...
May 17 2024 03:42:19 cp41 maldet(11657): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 17 2024 03:42:19 cp41 maldet(11657): {update} latest version already installed.
May 17 2024 03:42:22 cp41 maldet(11862): {sigup} performing signature update check...
May 17 2024 03:42:22 cp41 maldet(11862): {sigup} local signature set is version 202405132693953
May 17 2024 03:42:22 cp41 maldet(11862): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 17 2024 03:42:23 cp41 maldet(11862): {sigup} new signature set 202405163472817 available
May 17 2024 03:42:23 cp41 maldet(11862): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 17 2024 03:42:23 cp41 maldet(11862): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 17 2024 03:42:24 cp41 maldet(11862): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 17 2024 03:42:24 cp41 maldet(11862): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 17 2024 03:42:24 cp41 maldet(11862): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 17 2024 03:42:24 cp41 maldet(11862): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 17 2024 03:42:24 cp41 maldet(11862): {sigup} verified md5sum of maldet-sigpack.tgz
May 17 2024 03:42:31 cp41 maldet(11862): {sigup} unpacked and installed maldet-sigpack.tgz
May 17 2024 03:42:31 cp41 maldet(11862): {sigup} verified md5sum of maldet-clean.tgz
May 17 2024 03:42:32 cp41 maldet(11862): {sigup} unpacked and installed maldet-clean.tgz
May 17 2024 03:42:32 cp41 maldet(11862): {sigup} signature set update completed
May 17 2024 03:42:32 cp41 maldet(11862): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 17 2024 03:42:34 cp41 maldet(12183): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 17 2024 03:42:35 cp41 maldet(12183): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 17 2024 03:42:35 cp41 maldet(12183): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 17 2024 03:42:35 cp41 maldet(12183): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 17 2024 03:42:35 cp41 maldet(12183): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 17 2024 10:56:57 cp41 maldet(12183): {scan} file list completed in 26061s, found 6087 files...
May 17 2024 10:56:58 cp41 maldet(12183): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 17 2024 10:56:58 cp41 maldet(12183): {scan} scan of (6087 files) in progress...
May 17 2024 10:58:17 cp41 maldet(12183): {hit} malware hit {YARA}eval_post found for /home/darkhors/public_html/ALFA_DATA/alfacgiapi/fox.php
May 17 2024 10:58:17 cp41 maldet(12183): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/c/c/e/e/heptdzx/x.zip
May 17 2024 10:58:17 cp41 maldet(12183): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/b/b/f/h/fYrlmvJ/x.zip
May 17 2024 10:58:17 cp41 maldet(12183): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/b/f/a/d/RGhVAiO/x.zip
May 17 2024 10:58:17 cp41 maldet(12183): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/g/f/a/e/PRSUWyT/x.zip
May 17 2024 10:58:17 cp41 maldet(12183): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/jjOLQ/index.php
May 17 2024 10:58:17 cp41 maldet(12183): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/aUOcVAK/x.zip
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/l10n/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/block-patterns/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/skins/wordpress/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/style-engine/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/css/dist/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/block-bindings/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/sodium_compat/namespaced/Core/ChaCha20/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/query/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/list-item/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/separator/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/footnotes/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2020/09/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2023/06/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2022/07/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2013/03/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2016/05/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2016/07/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/guzzlehttp/promises/src/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Modules/AdSense/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-admin/css/view.topic
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/wp-content/oqghv/index.php
May 17 2024 10:58:18 cp41 maldet(12183): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/wp-content/testdb.php
May 17 2024 10:58:19 cp41 maldet(12183): {scan} scan completed on : files 6087, malware hits 29, cleaned hits 0, time 26145s
May 17 2024 10:58:19 cp41 maldet(12183): {scan} scan report saved, to view run: maldet --report 240517-0342.12183
May 17 2024 10:58:19 cp41 maldet(12183): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240517-0342.12183
May 17 2024 12:37:16 cp41 maldet(10358): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 17 2024 12:37:16 cp41 maldet(10358): {scan} building file list for /home/mcmrailv, this might take awhile...
May 17 2024 12:37:16 cp41 maldet(10358): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 17 2024 12:37:16 cp41 maldet(10358): {scan} executed eval /usr/bin/nice -n 19 /usr/bin/find "/home/mcmrailv" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 17 2024 12:38:03 cp41 maldet(10358): {scan} file list completed in 47s, found 152944 files...
May 17 2024 12:38:03 cp41 maldet(10358): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 17 2024 12:38:03 cp41 maldet(10358): {scan} scan of /home/mcmrailv (152944 files) in progress...
May 17 2024 15:33:44 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/4033.php'
May 17 2024 15:33:44 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/tmp/4033.php'
May 17 2024 15:33:44 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/tmp/403.php'
May 17 2024 15:33:44 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/tmp/awstats/awstats082023.vancouverrocknroll.mcmrailvideos.com.txt
May 17 2024 15:33:44 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/tmp/awstats/awstats032017.mcmrailvideos.com.txt
May 17 2024 15:33:44 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/tmp/awstats/ssl/awstats082023.vancouverrocknroll.mcmrailvideos.com.txt
May 17 2024 15:33:44 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/tmp/awstats/ssl/awstats072023.vancouverrocknroll.mcmrailvideos.com.txt
May 17 2024 15:33:44 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/tmp/awstats/awstats102021.mcmrailvideos.com.txt
May 17 2024 15:33:44 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/tmp/awstats/awstats112023.mcmrailvideos.com.txt
May 17 2024 15:33:44 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/tmp/awstats/awstats072023.mcmrailvideos.com.txt
May 17 2024 15:33:44 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/tmp/awstats/awstats012022.mcmrailvideos.com.txt
May 17 2024 15:33:44 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/tmp/awstats/awstats092023.mcmrailvideos.com.txt
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/tmp/awstats/awstats082023.mcmrailvideos.com.txt
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/tmp/analog/vancouverrocknroll.mcmrailvideos.com/cache
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.htpasswds/4033.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.htpasswds/403.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.cpaddons/4033.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.cpaddons/403.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/ssl/4033.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/ssl/403.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/cache/4033.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/cache/403.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/wordpress-backups/4033.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/wordpress-backups/403.php'
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/mcmrailv/.trash/4033.php
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/mcmrailv/.trash/403.php
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.cl.selector/4033.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.cl.selector/403.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.softaculous/4033.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.softaculous/403.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.cagefs/4033.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.cagefs/403.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.pki/4033.php'
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.pki/403.php'
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-ssl_log-Aug-2023.gz
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Apr-2019.gz
May 17 2024 15:33:45 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/logs/4033.php'
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Nov-2019.gz
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Apr-2022.gz
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Jan-2019.gz
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Apr-2021.gz
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Jun-2023.gz
May 17 2024 15:33:45 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Jun-2021.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Aug-2018.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Oct-2021.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Aug-2022.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Mar-2020.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Apr-2023.gz
May 17 2024 15:33:46 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/logs/403.php'
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Jul-2018.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Aug-2022.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Jun-2017.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-May-2021.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Aug-2020.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Oct-2017.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Mar-2019.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Aug-2018.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Nov-2023.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Oct-2023.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Jun-2018.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Feb-2018.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Sep-2022.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Aug-2021.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Oct-2017.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/logs/mcmrailvideos.com-Aug-2023.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.exe.globals.419 found for /home/mcmrailv/logs/mcmrailvideos.com-Sep-2017.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Sep-2021.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-ssl_log-Aug-2022.gz
May 17 2024 15:33:46 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Jan-2020.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Dec-2022.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-ssl_log-May-2022.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Feb-2022.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/logs/mcmrailvideos.com-Jul-2023.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-ssl_log-Jul-2023.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Mar-2021.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/logs/mcmrailvideos.com-Sep-2023.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Dec-2018.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-May-2018.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Nov-2017.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Jan-2023.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Dec-2017.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Jan-2022.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Nov-2021.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Dec-2018.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Jul-2021.gz
May 17 2024 15:33:47 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Feb-2019.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Dec-2017.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Jul-2017.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Dec-2021.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-May-2022.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Jun-2022.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Nov-2018.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-May-2023.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-May-2018.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Aug-2023.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Sep-2023.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.599 found for /home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Jul-2023.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {HEX}php.malware.magento.612 found for /home/mcmrailv/logs/mcmrailvideos.com-Jan-2019.gz
May 17 2024 15:33:48 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Mar-2022.gz
May 17 2024 15:33:49 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Mar-2017.gz
May 17 2024 15:33:49 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-May-2022.gz
May 17 2024 15:33:49 cp41 maldet(10358): {hit} malware hit {YARA}eval_post found for /home/mcmrailv/logs/mcmrailvideos.com-Jul-2022.gz
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.subaccounts/4033.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.subaccounts/403.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/public_ftp/4033.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/public_ftp/403.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/softaculous_backups/4033.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/softaculous_backups/403.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/etc/4033.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/etc/403.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.ssh/4033.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.ssh/403.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.security/4033.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.security/403.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/cpmove.psql/4033.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/cpmove.psql/403.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.attracta/4033.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.attracta/403.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.cphorde/4033.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.cphorde/403.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.mozilla/4033.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.mozilla/403.php'
May 17 2024 15:33:49 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.cpanel/4033.php'
May 17 2024 15:33:50 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/.cpanel/403.php'
May 17 2024 15:33:50 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/mail/4033.php'
May 17 2024 15:33:50 cp41 maldet(10358): {quar} fatal error handling '/home/mcmrailv/mail/403.php'
May 17 2024 15:33:50 cp41 maldet(10358): {scan} scan completed on /home/mcmrailv: files 152944, malware hits 79, cleaned hits 0, time 10595s
May 17 2024 15:33:50 cp41 maldet(10358): {scan} scan report saved, to view run: maldet --report 240517-1237.10358
May 17 2024 15:33:50 cp41 maldet(10358): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240517-1237.10358
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/tmp/awstats/awstats082023.vancouverrocknroll.mcmrailvideos.com.txt' to '/usr/local/maldetect/quarantine/awstats082023.vancouverrocknroll.mcmrailvideos.com.txt.1059925705'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/tmp/awstats/awstats032017.mcmrailvideos.com.txt' to '/usr/local/maldetect/quarantine/awstats032017.mcmrailvideos.com.txt.2577831470'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/tmp/awstats/ssl/awstats082023.vancouverrocknroll.mcmrailvideos.com.txt' to '/usr/local/maldetect/quarantine/awstats082023.vancouverrocknroll.mcmrailvideos.com.txt.134212626'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/tmp/awstats/ssl/awstats072023.vancouverrocknroll.mcmrailvideos.com.txt' to '/usr/local/maldetect/quarantine/awstats072023.vancouverrocknroll.mcmrailvideos.com.txt.129139301'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/tmp/awstats/awstats102021.mcmrailvideos.com.txt' to '/usr/local/maldetect/quarantine/awstats102021.mcmrailvideos.com.txt.213022190'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/tmp/awstats/awstats112023.mcmrailvideos.com.txt' to '/usr/local/maldetect/quarantine/awstats112023.mcmrailvideos.com.txt.218593084'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/tmp/awstats/awstats072023.mcmrailvideos.com.txt' to '/usr/local/maldetect/quarantine/awstats072023.mcmrailvideos.com.txt.919723384'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/tmp/awstats/awstats012022.mcmrailvideos.com.txt' to '/usr/local/maldetect/quarantine/awstats012022.mcmrailvideos.com.txt.1095915248'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/tmp/awstats/awstats092023.mcmrailvideos.com.txt' to '/usr/local/maldetect/quarantine/awstats092023.mcmrailvideos.com.txt.1512712412'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/tmp/awstats/awstats082023.mcmrailvideos.com.txt' to '/usr/local/maldetect/quarantine/awstats082023.mcmrailvideos.com.txt.830313240'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/tmp/analog/vancouverrocknroll.mcmrailvideos.com/cache' to '/usr/local/maldetect/quarantine/cache.1889615678'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/.trash/4033.php' to '/usr/local/maldetect/quarantine/4033.php.21116105'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/.trash/403.php' to '/usr/local/maldetect/quarantine/403.php.2554726068'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-ssl_log-Aug-2023.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-ssl_log-Aug-2023.gz.2590020517'
May 17 2024 16:37:43 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Apr-2019.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Apr-2019.gz.2343717086'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Nov-2019.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Nov-2019.gz.490627500'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Apr-2022.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Apr-2022.gz.2027125009'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Jan-2019.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-Jan-2019.gz.2891510804'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Apr-2021.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Apr-2021.gz.2347216293'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jun-2023.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jun-2023.gz.97799103'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jun-2021.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jun-2021.gz.816711158'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Aug-2018.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-Aug-2018.gz.1954917475'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Oct-2021.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Oct-2021.gz.1608125731'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Aug-2022.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Aug-2022.gz.122701750'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Mar-2020.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Mar-2020.gz.781816077'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Apr-2023.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Apr-2023.gz.2129216375'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jul-2018.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jul-2018.gz.1991126155'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Aug-2022.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-Aug-2022.gz.2468410553'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jun-2017.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jun-2017.gz.30789714'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-May-2021.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-May-2021.gz.228756177'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Aug-2020.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Aug-2020.gz.157027219'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Oct-2017.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-Oct-2017.gz.1363016066'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Mar-2019.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-Mar-2019.gz.2820019767'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Aug-2018.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Aug-2018.gz.275230135'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Nov-2023.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-Nov-2023.gz.752018188'
May 17 2024 16:37:44 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Oct-2023.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Oct-2023.gz.1645943'
May 17 2024 16:37:45 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jun-2018.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jun-2018.gz.35651615'
May 17 2024 16:37:45 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Feb-2018.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Feb-2018.gz.2758912178'
May 17 2024 16:37:45 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Sep-2022.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Sep-2022.gz.2806712990'
May 17 2024 16:37:45 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Aug-2021.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Aug-2021.gz.422025596'
May 17 2024 16:37:45 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Oct-2017.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Oct-2017.gz.2854517964'
May 17 2024 16:37:46 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Aug-2023.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Aug-2023.gz.171174962'
May 17 2024 16:37:46 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Sep-2017.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Sep-2017.gz.138426328'
May 17 2024 16:37:46 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Sep-2021.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Sep-2021.gz.1045812544'
May 17 2024 16:37:46 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-ssl_log-Aug-2022.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-ssl_log-Aug-2022.gz.2144818812'
May 17 2024 16:37:46 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jan-2020.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jan-2020.gz.494618948'
May 17 2024 16:37:46 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Dec-2022.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Dec-2022.gz.512932599'
May 17 2024 16:37:46 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-ssl_log-May-2022.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-ssl_log-May-2022.gz.2693012179'
May 17 2024 16:37:46 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Feb-2022.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Feb-2022.gz.837616654'
May 17 2024 16:37:46 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jul-2023.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jul-2023.gz.1455411513'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-ssl_log-Jul-2023.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-ssl_log-Jul-2023.gz.220399081'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Mar-2021.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Mar-2021.gz.1072715183'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Sep-2023.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Sep-2023.gz.244506026'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Dec-2018.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Dec-2018.gz.295213882'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-May-2018.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-May-2018.gz.1892513304'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Nov-2017.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Nov-2017.gz.523432477'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jan-2023.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jan-2023.gz.208417215'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Dec-2017.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Dec-2017.gz.609121541'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jan-2022.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jan-2022.gz.283591600'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Nov-2021.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Nov-2021.gz.1190010100'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Dec-2018.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-Dec-2018.gz.2366912305'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jul-2021.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jul-2021.gz.2022325927'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Feb-2019.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Feb-2019.gz.1813329239'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Dec-2017.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-Dec-2017.gz.1144329546'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jul-2017.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jul-2017.gz.182520367'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Dec-2021.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Dec-2021.gz.3194921440'
May 17 2024 16:37:47 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-May-2022.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-May-2022.gz.996729361'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jun-2022.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jun-2022.gz.59699050'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Nov-2018.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Nov-2018.gz.123949435'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-May-2023.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-May-2023.gz.2677230220'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-May-2018.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-May-2018.gz.2144520601'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Aug-2023.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-Aug-2023.gz.22001253'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Sep-2023.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-Sep-2023.gz.113316708'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/vancouverrocknroll.mcmrailvideos.com-Jul-2023.gz' to '/usr/local/maldetect/quarantine/vancouverrocknroll.mcmrailvideos.com-Jul-2023.gz.3007914561'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jan-2019.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jan-2019.gz.57043976'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Mar-2022.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Mar-2022.gz.2937028064'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Mar-2017.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Mar-2017.gz.2705112782'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-May-2022.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-May-2022.gz.2304514787'
May 17 2024 16:37:48 cp41 maldet(3713): {quar} malware quarantined from '/home/mcmrailv/logs/mcmrailvideos.com-Jul-2022.gz' to '/usr/local/maldetect/quarantine/mcmrailvideos.com-Jul-2022.gz.2095229830'
May 18 2024 04:11:38 cp41 maldet(5697): {update} checking for available updates...
May 18 2024 04:11:39 cp41 maldet(5697): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 18 2024 04:11:40 cp41 maldet(5697): {update} hashing install files and checking against server...
May 18 2024 04:11:41 cp41 maldet(5697): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 18 2024 04:11:41 cp41 maldet(5697): {update} latest version already installed.
May 18 2024 04:11:46 cp41 maldet(5926): {sigup} performing signature update check...
May 18 2024 04:11:46 cp41 maldet(5926): {sigup} local signature set is version 202405163472817
May 18 2024 04:11:46 cp41 maldet(5926): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 18 2024 04:11:51 cp41 maldet(5926): {sigup} latest signature set already installed
May 18 2024 04:11:53 cp41 maldet(6136): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 18 2024 04:11:59 cp41 maldet(6136): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 18 2024 04:11:59 cp41 maldet(6136): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 18 2024 04:11:59 cp41 maldet(6136): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 18 2024 04:11:59 cp41 maldet(6136): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 18 2024 15:24:53 cp41 maldet(6136): {scan} file list completed in 40374s, found 19014 files...
May 18 2024 15:24:53 cp41 maldet(6136): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 18 2024 15:24:53 cp41 maldet(6136): {scan} scan of (19014 files) in progress...
May 18 2024 15:37:01 cp41 maldet(6136): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/c/c/e/e/heptdzx/x.zip
May 18 2024 15:37:01 cp41 maldet(6136): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/b/b/f/h/fYrlmvJ/x.zip
May 18 2024 15:37:01 cp41 maldet(6136): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/b/f/a/d/RGhVAiO/x.zip
May 18 2024 15:37:01 cp41 maldet(6136): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/cache/g/f/a/e/PRSUWyT/x.zip
May 18 2024 15:37:01 cp41 maldet(6136): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/sts.php
May 18 2024 15:37:01 cp41 maldet(6136): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/SELLEX.zip
May 18 2024 15:37:01 cp41 maldet(6136): {hit} malware hit {HEX}php.cpanel.d0mains.387 found for /home/darkhors/public_html/404.php
May 18 2024 15:37:01 cp41 maldet(6136): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/aUOcVAK/x.zip
May 18 2024 15:37:01 cp41 maldet(6136): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/darkhors/public_html/shell_wso.php7
May 18 2024 15:37:01 cp41 maldet(6136): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/sts.php
May 18 2024 15:37:01 cp41 maldet(6136): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/SELLEX.zip
May 18 2024 15:37:02 cp41 maldet(6136): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/military/public_html/shell_wso.php7
May 18 2024 15:37:02 cp41 maldet(6136): {hit} malware hit {HEX}php.generic.malware.447 found for /home/neverend/public_html/Neverending_Films/index.php
May 18 2024 15:37:02 cp41 maldet(6136): {scan} scan completed on : files 19014, malware hits 13, cleaned hits 0, time 41109s
May 18 2024 15:37:02 cp41 maldet(6136): {scan} scan report saved, to view run: maldet --report 240518-0411.6136
May 18 2024 15:37:02 cp41 maldet(6136): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240518-0411.6136
May 19 2024 03:40:08 cp41 maldet(5871): {update} checking for available updates...
May 19 2024 03:40:09 cp41 maldet(5871): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 19 2024 03:40:09 cp41 maldet(5871): {update} hashing install files and checking against server...
May 19 2024 03:40:09 cp41 maldet(5871): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 19 2024 03:40:09 cp41 maldet(5871): {update} latest version already installed.
May 19 2024 03:40:09 cp41 maldet(6009): {sigup} performing signature update check...
May 19 2024 03:40:09 cp41 maldet(6009): {sigup} local signature set is version 202405163472817
May 19 2024 03:40:09 cp41 maldet(6009): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 19 2024 03:40:09 cp41 maldet(6009): {sigup} latest signature set already installed
May 19 2024 03:40:10 cp41 maldet(6125): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 19 2024 03:40:12 cp41 maldet(6125): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 19 2024 03:40:12 cp41 maldet(6125): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 19 2024 03:40:12 cp41 maldet(6125): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 19 2024 03:40:12 cp41 maldet(6125): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 19 2024 05:13:09 cp41 maldet(6125): {scan} file list completed in 5577s, found 6689 files...
May 19 2024 05:13:09 cp41 maldet(6125): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 19 2024 05:13:09 cp41 maldet(6125): {scan} scan of (6689 files) in progress...
May 19 2024 05:14:15 cp41 maldet(6125): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/nsts1.php
May 19 2024 05:14:15 cp41 maldet(6125): {hit} malware hit {HEX}php.base64.inject.182 found for /home/darkhors/public_html/nsts1.PhP7
May 19 2024 05:14:15 cp41 maldet(6125): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/dervinis/public_html/inappreciable/min.php
May 19 2024 05:14:15 cp41 maldet(6125): {hit} malware hit {HEX}php.nested.base64.652 found for /home/dervinis/public_html/usaa/assets/fonts/bless_php1.php
May 19 2024 05:14:15 cp41 maldet(6125): {hit} malware hit {HEX}php.nested.base64.652 found for /home/dervinis/public_html/accenting/webdb.php
May 19 2024 05:14:15 cp41 maldet(6125): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-admin/css/colors/ocean/Exceptions.lib
May 19 2024 05:14:15 cp41 maldet(6125): {scan} scan completed on : files 6689, malware hits 6, cleaned hits 0, time 5645s
May 19 2024 05:14:15 cp41 maldet(6125): {scan} scan report saved, to view run: maldet --report 240519-0340.6125
May 19 2024 05:14:15 cp41 maldet(6125): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240519-0340.6125
May 20 2024 03:59:06 cp41 maldet(23574): {update} checking for available updates...
May 20 2024 03:59:07 cp41 maldet(23574): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 20 2024 03:59:07 cp41 maldet(23574): {update} hashing install files and checking against server...
May 20 2024 03:59:07 cp41 maldet(23574): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 20 2024 03:59:07 cp41 maldet(23574): {update} latest version already installed.
May 20 2024 03:59:08 cp41 maldet(23734): {sigup} performing signature update check...
May 20 2024 03:59:08 cp41 maldet(23734): {sigup} local signature set is version 202405163472817
May 20 2024 03:59:08 cp41 maldet(23734): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 20 2024 03:59:08 cp41 maldet(23734): {sigup} new signature set 2024051967501 available
May 20 2024 03:59:08 cp41 maldet(23734): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 20 2024 03:59:09 cp41 maldet(23734): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 20 2024 03:59:09 cp41 maldet(23734): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 20 2024 03:59:09 cp41 maldet(23734): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 20 2024 03:59:09 cp41 maldet(23734): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 20 2024 03:59:10 cp41 maldet(23734): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 20 2024 03:59:10 cp41 maldet(23734): {sigup} verified md5sum of maldet-sigpack.tgz
May 20 2024 03:59:11 cp41 maldet(23734): {sigup} unpacked and installed maldet-sigpack.tgz
May 20 2024 03:59:11 cp41 maldet(23734): {sigup} verified md5sum of maldet-clean.tgz
May 20 2024 03:59:11 cp41 maldet(23734): {sigup} unpacked and installed maldet-clean.tgz
May 20 2024 03:59:11 cp41 maldet(23734): {sigup} signature set update completed
May 20 2024 03:59:12 cp41 maldet(23734): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 20 2024 03:59:18 cp41 maldet(24022): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 20 2024 03:59:41 cp41 maldet(24022): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 20 2024 03:59:41 cp41 maldet(24022): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 20 2024 03:59:43 cp41 maldet(24022): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 20 2024 03:59:43 cp41 maldet(24022): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 20 2024 13:14:26 cp41 maldet(24022): {scan} file list completed in 33282s, found 172 files...
May 20 2024 13:14:26 cp41 maldet(24022): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 20 2024 13:14:26 cp41 maldet(24022): {scan} scan of (172 files) in progress...
May 20 2024 13:14:40 cp41 maldet(24022): {hit} malware hit {HEX}php.nested.base64.663 found for /home/darkhors/public_html/wso.php
May 20 2024 13:14:40 cp41 maldet(24022): {hit} malware hit {HEX}perl.generic.fakeproc.41 found for /home/darkhors/public_html/telnet/cgi.new
May 20 2024 13:14:41 cp41 maldet(24022): {scan} scan completed on : files 172, malware hits 2, cleaned hits 0, time 33322s
May 20 2024 13:14:41 cp41 maldet(24022): {scan} scan report saved, to view run: maldet --report 240520-0359.24022
May 20 2024 13:14:41 cp41 maldet(24022): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240520-0359.24022
May 21 2024 03:11:54 cp41 maldet(30146): {update} checking for available updates...
May 21 2024 03:11:54 cp41 maldet(30146): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 21 2024 03:11:54 cp41 maldet(30146): {update} hashing install files and checking against server...
May 21 2024 03:11:55 cp41 maldet(30146): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 21 2024 03:11:55 cp41 maldet(30146): {update} latest version already installed.
May 21 2024 03:11:57 cp41 maldet(30289): {sigup} performing signature update check...
May 21 2024 03:11:57 cp41 maldet(30289): {sigup} local signature set is version 2024051967501
May 21 2024 03:11:57 cp41 maldet(30289): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 21 2024 03:11:58 cp41 maldet(30289): {sigup} latest signature set already installed
May 21 2024 03:12:00 cp41 maldet(30412): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 21 2024 03:12:02 cp41 maldet(30412): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 21 2024 03:12:02 cp41 maldet(30412): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 21 2024 03:12:02 cp41 maldet(30412): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 21 2024 03:12:02 cp41 maldet(30412): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 21 2024 07:09:24 cp41 maldet(30412): {scan} file list completed in 14242s, found 633 files...
May 21 2024 07:09:24 cp41 maldet(30412): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 21 2024 07:09:24 cp41 maldet(30412): {scan} scan of (633 files) in progress...
May 21 2024 07:10:09 cp41 maldet(30412): {hit} malware hit {HEX}php.nested.base64.663 found for /home/darkhors/public_html/wso.php
May 21 2024 07:10:09 cp41 maldet(30412): {hit} malware hit {HEX}perl.generic.fakeproc.41 found for /home/darkhors/public_html/telnet/cgi.new
May 21 2024 07:10:09 cp41 maldet(30412): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/military/public_html/cache/e/d/d/e/index.php
May 21 2024 07:10:09 cp41 maldet(30412): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/cache/a/e/a/c/index.php
May 21 2024 07:10:09 cp41 maldet(30412): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/cache/f/c/g/d/index.php
May 21 2024 07:10:09 cp41 maldet(30412): {scan} scan completed on : files 633, malware hits 5, cleaned hits 0, time 14289s
May 21 2024 07:10:09 cp41 maldet(30412): {scan} scan report saved, to view run: maldet --report 240521-0311.30412
May 21 2024 07:10:09 cp41 maldet(30412): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240521-0311.30412
May 22 2024 03:23:44 cp41 maldet(29386): {update} checking for available updates...
May 22 2024 03:23:59 cp41 maldet(29386): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 22 2024 03:23:59 cp41 maldet(29386): {update} hashing install files and checking against server...
May 22 2024 03:24:11 cp41 maldet(29386): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 22 2024 03:24:11 cp41 maldet(29386): {update} latest version already installed.
May 22 2024 03:24:18 cp41 maldet(29862): {sigup} performing signature update check...
May 22 2024 03:24:18 cp41 maldet(29862): {sigup} local signature set is version 2024051967501
May 22 2024 03:24:20 cp41 maldet(29862): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 22 2024 03:24:33 cp41 maldet(29862): {sigup} latest signature set already installed
May 22 2024 03:24:54 cp41 maldet(30158): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 22 2024 03:25:17 cp41 maldet(30158): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 22 2024 03:25:17 cp41 maldet(30158): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 22 2024 03:25:17 cp41 maldet(30158): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 22 2024 03:25:17 cp41 maldet(30158): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 22 2024 16:38:32 cp41 maldet(30158): {scan} file list completed in 47595s, found 821 files...
May 22 2024 16:38:32 cp41 maldet(30158): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 22 2024 16:38:32 cp41 maldet(30158): {scan} scan of (821 files) in progress...
May 22 2024 16:40:21 cp41 maldet(30158): {hit} malware hit {HEX}php.malware.magento.599 found for /home/darkhors/public_html/cron.php
May 22 2024 16:40:21 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/SEUuVhX/sts.php
May 22 2024 16:40:21 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/SEUuVhX/SELLEX.zip
May 22 2024 16:40:21 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/SEUuVhX/shell_wso.php7
May 22 2024 16:40:21 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/yweQnAH/sts.php
May 22 2024 16:40:21 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/yweQnAH/SELLEX.zip
May 22 2024 16:40:21 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/yweQnAH/shell_wso.php7
May 22 2024 16:40:21 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/pvFthCm/sts.php
May 22 2024 16:40:21 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/pvFthCm/SELLEX.zip
May 22 2024 16:40:21 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/pvFthCm/shell_wso.php7
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/xmTMyGc/sts.php
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/xmTMyGc/SELLEX.zip
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/xmTMyGc/shell_wso.php7
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/gWshbnS/sts.php
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/gWshbnS/SELLEX.zip
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/gWshbnS/shell_wso.php7
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/pxINlbO/sts.php
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/pxINlbO/SELLEX.zip
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/pxINlbO/shell_wso.php7
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/sts.php
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/SELLEX.zip
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/TfDQNxq/sts.php
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/TfDQNxq/SELLEX.zip
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/TfDQNxq/shell_wso.php7
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/xTQtuLZ/sts.php
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/xTQtuLZ/SELLEX.zip
May 22 2024 16:40:22 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/xTQtuLZ/shell_wso.php7
May 22 2024 16:40:23 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/QFpacel/sts.php
May 22 2024 16:40:23 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/QFpacel/SELLEX.zip
May 22 2024 16:40:23 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/QFpacel/shell_wso.php7
May 22 2024 16:40:23 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/CLXWqaH/sts.php
May 22 2024 16:40:23 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/CLXWqaH/SELLEX.zip
May 22 2024 16:40:23 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/CLXWqaH/shell_wso.php7
May 22 2024 16:40:23 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/YrgvnSH/sts.php
May 22 2024 16:40:23 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/YrgvnSH/SELLEX.zip
May 22 2024 16:40:23 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/YrgvnSH/shell_wso.php7
May 22 2024 16:40:23 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/krELygP/sts.php
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/krELygP/SELLEX.zip
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/krELygP/shell_wso.php7
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/shell_wso.php7
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/ZVXSECp/sts.php
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/ZVXSECp/SELLEX.zip
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/ZVXSECp/shell_wso.php7
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/JGzWPfa/sts.php
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/JGzWPfa/SELLEX.zip
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/JGzWPfa/shell_wso.php7
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/aGzlYxs/sts.php
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/aGzlYxs/SELLEX.zip
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/aGzlYxs/shell_wso.php7
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/rWoIBUL/sts.php
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known/pki-validation/rWoIBUL/SELLEX.zip
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/dervinis/public_html/.well-known/pki-validation/rWoIBUL/shell_wso.php7
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/mediaelement/renderers/phorum.inc
May 22 2024 16:40:24 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/plugins/charmap/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/rest-api/fields/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/sodium_compat/src/Core/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/group/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/list-item/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/missing/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/site-title/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/freeform/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/html-api/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2022/12/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2022/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/08/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2012/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentyten/images/patterns/phorum.inc
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/pullquote/set_constants
May 22 2024 16:40:25 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/gallery/phorum.inc
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyfour/assets/fonts/inter/phorum.inc
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/akismet/phorum.inc
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Core/Nonces/phorum.inc
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Core/Util/phorum.inc
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {HEX}php.exe.globals.416 found for /home/olshsdco/public_html/wp-includes/gjhpxy.php
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {YARA}eval_post found for /home/olshsdco/public_html/wp-content/themes/jeppcytOyt.php
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/wp-content/plugin.php
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/pki-validation/f/h/b/index.php
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/pki-validation/g/a/f/index.php
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/pki-validation/g/b/a/index.php
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
May 22 2024 16:40:26 cp41 maldet(30158): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/g/a/f/index.php
May 22 2024 16:40:27 cp41 maldet(30158): {scan} scan completed on : files 821, malware hits 82, cleaned hits 0, time 47733s
May 22 2024 16:40:27 cp41 maldet(30158): {scan} scan report saved, to view run: maldet --report 240522-0324.30158
May 22 2024 16:40:27 cp41 maldet(30158): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240522-0324.30158
May 23 2024 03:41:13 cp41 maldet(7508): {update} checking for available updates...
May 23 2024 03:41:16 cp41 maldet(7508): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 23 2024 03:41:16 cp41 maldet(7508): {update} hashing install files and checking against server...
May 23 2024 03:41:18 cp41 maldet(7508): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 23 2024 03:41:18 cp41 maldet(7508): {update} latest version already installed.
May 23 2024 03:41:22 cp41 maldet(7735): {sigup} performing signature update check...
May 23 2024 03:41:23 cp41 maldet(7735): {sigup} local signature set is version 2024051967501
May 23 2024 03:41:32 cp41 maldet(7735): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 23 2024 03:41:41 cp41 maldet(7735): {sigup} new signature set 20240522846239 available
May 23 2024 03:41:41 cp41 maldet(7735): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 23 2024 03:41:42 cp41 maldet(7735): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 23 2024 03:41:42 cp41 maldet(7735): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 23 2024 03:41:42 cp41 maldet(7735): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 23 2024 03:41:42 cp41 maldet(7735): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 23 2024 03:41:43 cp41 maldet(7735): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 23 2024 03:41:43 cp41 maldet(7735): {sigup} verified md5sum of maldet-sigpack.tgz
May 23 2024 03:41:44 cp41 maldet(7735): {sigup} unpacked and installed maldet-sigpack.tgz
May 23 2024 03:41:44 cp41 maldet(7735): {sigup} verified md5sum of maldet-clean.tgz
May 23 2024 03:41:45 cp41 maldet(7735): {sigup} unpacked and installed maldet-clean.tgz
May 23 2024 03:41:45 cp41 maldet(7735): {sigup} signature set update completed
May 23 2024 03:41:45 cp41 maldet(7735): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 23 2024 03:41:46 cp41 maldet(8114): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 23 2024 03:41:47 cp41 maldet(8114): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 23 2024 03:41:47 cp41 maldet(8114): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 23 2024 03:41:47 cp41 maldet(8114): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 23 2024 03:41:47 cp41 maldet(8114): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 23 2024 07:54:42 cp41 maldet(8114): {scan} file list completed in 15174s, found 99252 files...
May 23 2024 07:54:42 cp41 maldet(8114): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 23 2024 07:54:42 cp41 maldet(8114): {scan} scan of (99252 files) in progress...
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {HEX}php.base64.inject.182 found for /home/authorsd/public_html/cache/b/f/h/g/yghjqozd.php
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {HEX}php.base64.inject.182 found for /home/briancol/public_html/images/plugins/index.php
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {HEX}php.base64.inject.182 found for /home/briancol/public_html/wpconten/a/a/b/g/mah.php
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/croatian/index.php
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/usaa/index.php
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/jp/index.php
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/css/index.php
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/page4/index.php
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/ksmanual/public_html/komline.co.uk/lt.php
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/SimplePie/XML/Declaration/checknew
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/plugins/wpeditimage/checknew
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/checknew
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/widgets/checknew
May 23 2024 08:25:52 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/sodium_compat/src/Core32/ChaCha20/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/avatar/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/audio/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/html-api/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/.well-known/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2022/08/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2018/06/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2010/05/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/file/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyfour/styles/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyfour/assets/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/fighter/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/apiclient/src/Utils/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/contactform
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-admin/css/colors/blue/checknew
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {HEX}php.exe.globals.416 found for /home/olshsdco/public_html/wp-includes/mlexee.php
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {YARA}eval_post found for /home/olshsdco/public_html/wp-content/themes/uEJGZ.php
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {YARA}eval_post found for /home/olshsdco/public_html/wp-content/themes/ePhLdGcA.php
May 23 2024 08:25:53 cp41 maldet(8114): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/wp-content/cux.php
May 23 2024 08:25:54 cp41 maldet(8114): {scan} scan completed on : files 99252, malware hits 34, cleaned hits 0, time 17047s
May 23 2024 08:25:54 cp41 maldet(8114): {scan} scan report saved, to view run: maldet --report 240523-0341.8114
May 23 2024 08:25:54 cp41 maldet(8114): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240523-0341.8114
May 24 2024 03:51:09 cp41 maldet(8586): {update} checking for available updates...
May 24 2024 03:51:12 cp41 maldet(8586): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 24 2024 03:51:12 cp41 maldet(8586): {update} hashing install files and checking against server...
May 24 2024 03:51:16 cp41 maldet(8586): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 24 2024 03:51:16 cp41 maldet(8586): {update} latest version already installed.
May 24 2024 03:51:27 cp41 maldet(9366): {sigup} performing signature update check...
May 24 2024 03:51:27 cp41 maldet(9366): {sigup} local signature set is version 20240522846239
May 24 2024 03:51:28 cp41 maldet(9366): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 24 2024 03:51:32 cp41 maldet(9366): {sigup} latest signature set already installed
May 24 2024 03:51:35 cp41 maldet(10218): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 24 2024 03:51:53 cp41 maldet(10218): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 24 2024 03:51:53 cp41 maldet(10218): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 24 2024 03:51:53 cp41 maldet(10218): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 24 2024 03:51:55 cp41 maldet(10218): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 24 2024 18:38:28 cp41 maldet(10218): {scan} file list completed in 53194s, found 7425 files...
May 24 2024 18:38:28 cp41 maldet(10218): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 24 2024 18:38:28 cp41 maldet(10218): {scan} scan of (7425 files) in progress...
May 24 2024 18:42:37 cp41 maldet(10218): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/neverend/public_html/Neverending_Films/options.php
May 24 2024 18:42:38 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/Neverending_Films/Scripts/index.php
May 24 2024 18:42:39 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/Neverending_Films/Scripts/Widgets/defaults.php
May 24 2024 18:42:39 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/click.php
May 24 2024 18:42:40 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/.well-known/acme-challenge/cux.php
May 24 2024 18:42:41 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pintoboo/public_html/.well-known/pki-validation/cux.php
May 24 2024 18:42:42 cp41 maldet(10218): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/pintoboo/public_html/.well-known/pki-validation/xmrig-6.14.0-linux-x64.tar.gz
May 24 2024 18:42:42 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/wp-content/plugin.php
May 24 2024 18:42:43 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/pki-validation/f/h/b/index.php
May 24 2024 18:42:44 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/pki-validation/g/a/f/index.php
May 24 2024 18:42:45 cp41 maldet(10218): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/pki-validation/g/b/a/index.php
May 24 2024 18:42:46 cp41 maldet(10218): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
May 24 2024 18:42:46 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
May 24 2024 18:42:47 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/g/a/f/index.php
May 24 2024 18:42:48 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/css/cux.php
May 24 2024 18:42:49 cp41 maldet(10218): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/sethbook/public_html/css/xmrig-6.14.0-linux-x64.tar.gz
May 24 2024 18:42:50 cp41 maldet(10218): {hit} malware hit {HEX}php.base64.inject.182 found for /home/weareroy/public_html/cache/i/index.php
May 24 2024 18:42:51 cp41 maldet(10218): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/weareroy/public_html/cache/i/xmrig-6.14.0-linux-x64.tar.gz
May 24 2024 18:42:52 cp41 maldet(10218): {scan} scan completed on : files 7425, malware hits 18, cleaned hits 0, time 53475s
May 24 2024 18:42:52 cp41 maldet(10218): {scan} scan report saved, to view run: maldet --report 240524-0351.10218
May 24 2024 18:42:52 cp41 maldet(10218): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240524-0351.10218
May 25 2024 03:25:38 cp41 maldet(21402): {update} checking for available updates...
May 25 2024 03:25:49 cp41 maldet(21402): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 25 2024 03:25:50 cp41 maldet(21402): {update} hashing install files and checking against server...
May 25 2024 03:25:55 cp41 maldet(21402): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 25 2024 03:25:57 cp41 maldet(21402): {update} latest version already installed.
May 25 2024 03:26:04 cp41 maldet(21876): {sigup} performing signature update check...
May 25 2024 03:26:05 cp41 maldet(21876): {sigup} local signature set is version 20240522846239
May 25 2024 03:26:25 cp41 maldet(21876): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 25 2024 03:26:32 cp41 maldet(21876): {sigup} latest signature set already installed
May 25 2024 03:26:51 cp41 maldet(22381): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 25 2024 03:27:41 cp41 maldet(22381): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 25 2024 03:27:41 cp41 maldet(22381): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 25 2024 03:27:41 cp41 maldet(22381): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 25 2024 03:27:41 cp41 maldet(22381): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 25 2024 22:18:39 cp41 maldet(22381): {scan} file list completed in 67856s, found 1011 files...
May 25 2024 22:18:39 cp41 maldet(22381): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 25 2024 22:18:39 cp41 maldet(22381): {scan} scan of (1011 files) in progress...
May 25 2024 22:19:39 cp41 maldet(22381): {hit} malware hit {HEX}php.base64.inject.182 found for /home/authorsd/public_html/cache/b/f/h/network.php
May 25 2024 22:19:40 cp41 maldet(22381): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/authorsd/public_html/wp-includes__79f6290/style-engine/index.php
May 25 2024 22:19:41 cp41 maldet(22381): {hit} malware hit {HEX}php.base64.inject.182 found for /home/authorsd/public_html/wp-admin__79f6290/php-compat/index.php
May 25 2024 22:19:41 cp41 maldet(22381): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/wp-includes/index.php
May 25 2024 22:19:42 cp41 maldet(22381): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/ext/index.php
May 25 2024 22:19:43 cp41 maldet(22381): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/cache/index.php
May 25 2024 22:19:43 cp41 maldet(22381): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/service/index.php
May 25 2024 22:19:43 cp41 maldet(22381): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/krisbrylex/index.php
May 25 2024 22:19:43 cp41 maldet(22381): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/Site/index.php
May 25 2024 22:19:44 cp41 maldet(22381): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/yG1es/index.php
May 25 2024 22:19:44 cp41 maldet(22381): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/wp-content/cux.php
May 25 2024 22:19:44 cp41 maldet(22381): {hit} malware hit {HEX}php.base64.inject.182 found for /home/weareroy/public_html/cache/i/index.php
May 25 2024 22:19:44 cp41 maldet(22381): {hit} malware hit {HEX}php.generic.malware.447 found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-2lYW1P/tmp/index.php
May 25 2024 22:19:45 cp41 maldet(22381): {scan} scan completed on : files 1011, malware hits 13, cleaned hits 0, time 67974s
May 25 2024 22:19:45 cp41 maldet(22381): {scan} scan report saved, to view run: maldet --report 240525-0326.22381
May 25 2024 22:19:45 cp41 maldet(22381): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240525-0326.22381
May 26 2024 03:28:41 cp41 maldet(3345): {update} checking for available updates...
May 26 2024 03:28:45 cp41 maldet(3345): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 26 2024 03:28:46 cp41 maldet(3345): {update} hashing install files and checking against server...
May 26 2024 03:28:49 cp41 maldet(3345): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 26 2024 03:28:49 cp41 maldet(3345): {update} latest version already installed.
May 26 2024 03:28:52 cp41 maldet(3702): {sigup} performing signature update check...
May 26 2024 03:28:52 cp41 maldet(3702): {sigup} local signature set is version 20240522846239
May 26 2024 03:28:54 cp41 maldet(3702): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 26 2024 03:28:55 cp41 maldet(3702): {sigup} new signature set 202405251633332 available
May 26 2024 03:28:55 cp41 maldet(3702): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 26 2024 03:28:59 cp41 maldet(3702): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 26 2024 03:29:01 cp41 maldet(3702): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 26 2024 03:29:01 cp41 maldet(3702): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 26 2024 03:29:02 cp41 maldet(3702): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 26 2024 03:29:04 cp41 maldet(3702): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 26 2024 03:29:04 cp41 maldet(3702): {sigup} verified md5sum of maldet-sigpack.tgz
May 26 2024 03:29:13 cp41 maldet(3702): {sigup} unpacked and installed maldet-sigpack.tgz
May 26 2024 03:29:16 cp41 maldet(3702): {sigup} verified md5sum of maldet-clean.tgz
May 26 2024 03:29:16 cp41 maldet(3702): {sigup} unpacked and installed maldet-clean.tgz
May 26 2024 03:29:17 cp41 maldet(3702): {sigup} signature set update completed
May 26 2024 03:29:17 cp41 maldet(3702): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 26 2024 03:29:24 cp41 maldet(4324): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 26 2024 03:29:33 cp41 maldet(4324): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 26 2024 03:29:33 cp41 maldet(4324): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 26 2024 03:29:33 cp41 maldet(4324): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 26 2024 03:29:33 cp41 maldet(4324): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 26 2024 19:26:50 cp41 maldet(4324): {scan} file list completed in 57436s, found 32720 files...
May 26 2024 19:26:50 cp41 maldet(4324): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 26 2024 19:26:50 cp41 maldet(4324): {scan} scan of (32720 files) in progress...
May 26 2024 19:39:52 cp41 maldet(4324): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/wp-includes/index.php
May 26 2024 19:39:53 cp41 maldet(4324): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/ext/index.php
May 26 2024 19:39:54 cp41 maldet(4324): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/cache/index.php
May 26 2024 19:39:55 cp41 maldet(4324): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/service/index.php
May 26 2024 19:39:55 cp41 maldet(4324): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/krisbrylex/index.php
May 26 2024 19:39:55 cp41 maldet(4324): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/Site/index.php
May 26 2024 19:39:55 cp41 maldet(4324): {hit} malware hit {HEX}php.generic.malware.447 found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-2lYW1P/tmp/index.php
May 26 2024 19:39:55 cp41 maldet(4324): {scan} scan completed on : files 32720, malware hits 7, cleaned hits 0, time 58231s
May 26 2024 19:39:55 cp41 maldet(4324): {scan} scan report saved, to view run: maldet --report 240526-0329.4324
May 26 2024 19:39:55 cp41 maldet(4324): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240526-0329.4324
May 27 2024 03:30:56 cp41 maldet(8297): {update} checking for available updates...
May 27 2024 03:30:56 cp41 maldet(8297): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 27 2024 03:30:56 cp41 maldet(8297): {update} hashing install files and checking against server...
May 27 2024 03:30:57 cp41 maldet(8297): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 27 2024 03:30:57 cp41 maldet(8297): {update} latest version already installed.
May 27 2024 03:30:57 cp41 maldet(8500): {sigup} performing signature update check...
May 27 2024 03:30:57 cp41 maldet(8500): {sigup} local signature set is version 202405251633332
May 27 2024 03:30:57 cp41 maldet(8500): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 27 2024 03:30:58 cp41 maldet(8500): {sigup} latest signature set already installed
May 27 2024 03:30:58 cp41 maldet(8621): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 27 2024 03:30:59 cp41 maldet(8621): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 27 2024 03:30:59 cp41 maldet(8621): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 27 2024 03:30:59 cp41 maldet(8621): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 27 2024 03:30:59 cp41 maldet(8621): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 27 2024 12:35:25 cp41 maldet(8621): {scan} file list completed in 32666s, found 1111 files...
May 27 2024 12:35:25 cp41 maldet(8621): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 27 2024 12:35:25 cp41 maldet(8621): {scan} scan of (1111 files) in progress...
May 27 2024 12:37:03 cp41 maldet(8621): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/croatian/index.php
May 27 2024 12:37:03 cp41 maldet(8621): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/usaa/index.php
May 27 2024 12:37:03 cp41 maldet(8621): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/css/index.php
May 27 2024 12:37:03 cp41 maldet(8621): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/page4/index.php
May 27 2024 12:37:03 cp41 maldet(8621): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/wp-includes/index.php
May 27 2024 12:37:03 cp41 maldet(8621): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/ext/index.php
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/cache/index.php
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/service/index.php
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/krisbrylex/index.php
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/Site/index.php
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/Requests/src/Proxy/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/langs/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/css/dist/format-library/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/comment-content/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/blocks/button/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2020/08/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2024/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2015/11/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2021/11/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/js/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/list/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/video/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/table/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/assets/sass/05-blocks/image/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentythree/styles/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentythree/assets/fonts/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyfour/patterns/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/akismet/_inc/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/google/apiclient-services/src/TagManager/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Core/Assets/libraryEN
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pintoboo/public_html/testdb.php
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
May 27 2024 12:37:04 cp41 maldet(8621): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/wp-content/testdb.php
May 27 2024 12:37:05 cp41 maldet(8621): {scan} scan completed on : files 1111, malware hits 34, cleaned hits 0, time 32766s
May 27 2024 12:37:05 cp41 maldet(8621): {scan} scan report saved, to view run: maldet --report 240527-0330.8621
May 27 2024 12:37:05 cp41 maldet(8621): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240527-0330.8621
May 28 2024 03:29:12 cp41 maldet(32037): {update} checking for available updates...
May 28 2024 03:29:12 cp41 maldet(32037): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 28 2024 03:29:12 cp41 maldet(32037): {update} hashing install files and checking against server...
May 28 2024 03:29:13 cp41 maldet(32037): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 28 2024 03:29:13 cp41 maldet(32037): {update} latest version already installed.
May 28 2024 03:29:13 cp41 maldet(32323): {sigup} performing signature update check...
May 28 2024 03:29:13 cp41 maldet(32323): {sigup} local signature set is version 202405251633332
May 28 2024 03:29:14 cp41 maldet(32323): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 28 2024 03:29:14 cp41 maldet(32323): {sigup} latest signature set already installed
May 28 2024 03:29:16 cp41 maldet(32526): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 28 2024 03:29:22 cp41 maldet(32526): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 28 2024 03:29:22 cp41 maldet(32526): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 28 2024 03:29:22 cp41 maldet(32526): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 28 2024 03:29:22 cp41 maldet(32526): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 28 2024 10:16:39 cp41 maldet(32526): {scan} file list completed in 24437s, found 1085 files...
May 28 2024 10:16:39 cp41 maldet(32526): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 28 2024 10:16:39 cp41 maldet(32526): {scan} scan of (1085 files) in progress...
May 28 2024 10:17:33 cp41 maldet(32526): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/page4fd789a/index.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/croatian083e81/index.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/usaa6d5b98/index.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dervinis/public_html/.well-known3725b4/pki-validation/testdb.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {YARA}php_in_image found for /home/dervinis/public_html/.well-known3725b4/pki-validation/ljm.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.generic.malware.447 found for /home/dervinis/public_html/css1ae675/index.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.generic.malware.447 found for /home/philosof/public_html/index.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pintoboo/public_html/totheotherside/wp-includes/js/tinymce/item.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pintoboo/public_html/totheotherside/wp-content/themes/the-erudite/library/index.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pintoboo/public_html/totheotherside/wp-content/plugins/sharedaddy/languages/index.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pintoboo/public_html/wp-admin/plugin.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/wp-content/cux.php
May 28 2024 10:17:34 cp41 maldet(32526): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/wp-content/testdb.php
May 28 2024 10:17:34 cp41 maldet(32526): {scan} scan completed on : files 1085, malware hits 15, cleaned hits 0, time 24498s
May 28 2024 10:17:34 cp41 maldet(32526): {scan} scan report saved, to view run: maldet --report 240528-0329.32526
May 28 2024 10:17:34 cp41 maldet(32526): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240528-0329.32526
May 29 2024 03:22:58 cp41 maldet(13049): {update} checking for available updates...
May 29 2024 03:22:59 cp41 maldet(13049): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 29 2024 03:22:59 cp41 maldet(13049): {update} hashing install files and checking against server...
May 29 2024 03:23:01 cp41 maldet(13049): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 29 2024 03:23:01 cp41 maldet(13049): {update} latest version already installed.
May 29 2024 03:23:14 cp41 maldet(13388): {sigup} performing signature update check...
May 29 2024 03:23:14 cp41 maldet(13388): {sigup} local signature set is version 202405251633332
May 29 2024 03:23:23 cp41 maldet(13388): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 29 2024 03:23:30 cp41 maldet(13388): {sigup} new signature set 202405282336561 available
May 29 2024 03:23:36 cp41 maldet(13388): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 29 2024 03:23:43 cp41 maldet(13388): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 29 2024 03:23:43 cp41 maldet(13388): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 29 2024 03:23:43 cp41 maldet(13388): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 29 2024 03:23:44 cp41 maldet(13388): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 29 2024 03:23:44 cp41 maldet(13388): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 29 2024 03:23:44 cp41 maldet(13388): {sigup} verified md5sum of maldet-sigpack.tgz
May 29 2024 03:24:15 cp41 maldet(13388): {sigup} unpacked and installed maldet-sigpack.tgz
May 29 2024 03:24:39 cp41 maldet(13388): {sigup} verified md5sum of maldet-clean.tgz
May 29 2024 03:24:49 cp41 maldet(13388): {sigup} unpacked and installed maldet-clean.tgz
May 29 2024 03:24:49 cp41 maldet(13388): {sigup} signature set update completed
May 29 2024 03:24:49 cp41 maldet(13388): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 29 2024 03:25:04 cp41 maldet(14878): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 29 2024 03:25:12 cp41 maldet(14878): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 29 2024 03:25:12 cp41 maldet(14878): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 29 2024 03:25:12 cp41 maldet(14878): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 29 2024 03:25:12 cp41 maldet(14878): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 29 2024 16:03:33 cp41 maldet(14878): {scan} file list completed in 45500s, found 34650 files...
May 29 2024 16:03:33 cp41 maldet(14878): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 29 2024 16:03:33 cp41 maldet(14878): {scan} scan of (34650 files) in progress...
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/skins/lightgray/img/home_30june10
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {HEX}php.exe.globals.416 found for /home/olshsdco/public_html/wp-includes/rzdduy.php
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {YARA}eval_post found for /home/olshsdco/public_html/wp-content/themes/BrYxNKNrCx.php
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {HEX}php.base64.inject.181 found for /home/pintoboo/public_html/2kU6v/index.php
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pintoboo/public_html/totheotherside/wp-includes/js/tinymce/item.php
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pintoboo/public_html/totheotherside/wp-content/themes/the-erudite/library/index.php
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pintoboo/public_html/totheotherside/wp-content/plugins/sharedaddy/languages/index.php
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pintoboo/public_html/wp-admin/plugin.php
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {HEX}php.base64.inject.181 found for /home/sethbook/public_html/YVem2/index.php
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {HEX}php.base64.inject.181 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/cux.php
May 29 2024 16:38:52 cp41 maldet(14878): {hit} malware hit {HEX}php.base64.inject.181 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/about.php
May 29 2024 16:38:53 cp41 maldet(14878): {scan} scan completed on : files 34650, malware hits 13, cleaned hits 0, time 47628s
May 29 2024 16:38:53 cp41 maldet(14878): {scan} scan report saved, to view run: maldet --report 240529-0324.14878
May 29 2024 16:38:53 cp41 maldet(14878): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240529-0324.14878
May 30 2024 03:56:23 cp41 maldet(4071): {update} checking for available updates...
May 30 2024 03:56:24 cp41 maldet(4071): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 30 2024 03:56:24 cp41 maldet(4071): {update} hashing install files and checking against server...
May 30 2024 03:56:25 cp41 maldet(4071): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 30 2024 03:56:25 cp41 maldet(4071): {update} latest version already installed.
May 30 2024 03:56:25 cp41 maldet(4342): {sigup} performing signature update check...
May 30 2024 03:56:25 cp41 maldet(4342): {sigup} local signature set is version 202405282336561
May 30 2024 03:56:26 cp41 maldet(4342): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 30 2024 03:56:26 cp41 maldet(4342): {sigup} latest signature set already installed
May 30 2024 03:56:26 cp41 maldet(4497): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 30 2024 03:56:28 cp41 maldet(4497): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 30 2024 03:56:28 cp41 maldet(4497): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 30 2024 03:56:28 cp41 maldet(4497): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 30 2024 03:56:28 cp41 maldet(4497): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 30 2024 08:14:31 cp41 maldet(4497): {scan} file list completed in 15483s, found 975 files...
May 30 2024 08:14:31 cp41 maldet(4497): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 30 2024 08:14:31 cp41 maldet(4497): {scan} scan of (975 files) in progress...
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cgi-bin__f48db49/index.php
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/Webss__f48db49/index.php
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/3Jm2tg__f48db49/index.php
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/WEBS__f48db49/index.php
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/jp__f48db49/index.php
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cache__f48db49/index.php
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/js/tinymce/skins/lightgray/img/home_30june10
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/sodium_compat/src/Core32/ChaCha20/quiz_responses
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/template-parts/russian.lng
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {HEX}php.exe.globals.416 found for /home/olshsdco/public_html/wp-includes/rzdduy.php
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {YARA}eval_post found for /home/olshsdco/public_html/wp-content/themes/BrYxNKNrCx.php
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {HEX}php.base64.inject.181 found for /home/sethbook/public_html/YVem2/index.php
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {HEX}php.base64.inject.181 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/ika3E/index.php
May 30 2024 08:15:50 cp41 maldet(4497): {hit} malware hit {YARA}eval_post found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-WziV5T/tmp/phpzPAYfM
May 30 2024 08:15:51 cp41 maldet(4497): {scan} scan completed on : files 975, malware hits 14, cleaned hits 0, time 15564s
May 30 2024 08:15:51 cp41 maldet(4497): {scan} scan report saved, to view run: maldet --report 240530-0356.4497
May 30 2024 08:15:51 cp41 maldet(4497): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240530-0356.4497
May 31 2024 03:10:59 cp41 maldet(28968): {update} checking for available updates...
May 31 2024 03:11:01 cp41 maldet(28968): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 31 2024 03:11:01 cp41 maldet(28968): {update} hashing install files and checking against server...
May 31 2024 03:11:01 cp41 maldet(28968): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 31 2024 03:11:01 cp41 maldet(28968): {update} latest version already installed.
May 31 2024 03:11:03 cp41 maldet(29389): {sigup} performing signature update check...
May 31 2024 03:11:03 cp41 maldet(29389): {sigup} local signature set is version 202405282336561
May 31 2024 03:11:04 cp41 maldet(29389): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 31 2024 03:11:05 cp41 maldet(29389): {sigup} latest signature set already installed
May 31 2024 03:11:09 cp41 maldet(29725): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 31 2024 03:11:16 cp41 maldet(29725): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 31 2024 03:11:16 cp41 maldet(29725): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
May 31 2024 03:11:16 cp41 maldet(29725): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 31 2024 03:11:16 cp41 maldet(29725): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cphsmemo/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
May 31 2024 12:47:24 cp41 maldet(29725): {scan} file list completed in 34567s, found 715 files...
May 31 2024 12:47:24 cp41 maldet(29725): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 31 2024 12:47:24 cp41 maldet(29725): {scan} scan of (715 files) in progress...
May 31 2024 12:48:21 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cgi-bin__f48db49/index.php
May 31 2024 12:48:21 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/Webss__f48db49/index.php
May 31 2024 12:48:21 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/3Jm2tg__f48db49/index.php
May 31 2024 12:48:21 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/WEBS__f48db49/index.php
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/jp__f48db49/index.php
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cache__f48db49/index.php
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/dreileen/public_html/wp-admin/click.php
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/wp-includes/index.php
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/ext/index.php
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/cache/index.php
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/service/index.php
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/krisbrylex/index.php
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/Site/index.php
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/images/crystal/class.date
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-includes/sodium_compat/src/Core32/ChaCha20/quiz_responses
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/uploads/2018/10/class.date
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/themes/twentytwentyone/template-parts/russian.lng
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/guzzlehttp/guzzle/class.date
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/third-party/psr/http-message/src/class.date
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/nycellis/public_html/wp-content/plugins/google-site-kit/includes/Modules/Analytics_4/class.date
May 31 2024 12:48:22 cp41 maldet(29725): {hit} malware hit {HEX}php.base64.inject.181 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/ika3E/index.php
May 31 2024 12:48:23 cp41 maldet(29725): {scan} scan completed on : files 715, malware hits 21, cleaned hits 0, time 34633s
May 31 2024 12:48:23 cp41 maldet(29725): {scan} scan report saved, to view run: maldet --report 240531-0311.29725
May 31 2024 12:48:23 cp41 maldet(29725): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240531-0311.29725
Jun 01 2024 03:23:21 cp41 maldet(12660): {update} checking for available updates...
Jun 01 2024 03:23:21 cp41 maldet(12660): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 01 2024 03:23:21 cp41 maldet(12660): {update} hashing install files and checking against server...
Jun 01 2024 03:23:23 cp41 maldet(12660): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 01 2024 03:23:23 cp41 maldet(12660): {update} latest version already installed.
Jun 01 2024 03:23:25 cp41 maldet(13014): {sigup} performing signature update check...
Jun 01 2024 03:23:25 cp41 maldet(13014): {sigup} local signature set is version 202405282336561
Jun 01 2024 03:23:26 cp41 maldet(13014): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 01 2024 03:23:26 cp41 maldet(13014): {sigup} new signature set 202405313138721 available
Jun 01 2024 03:23:26 cp41 maldet(13014): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 01 2024 03:23:26 cp41 maldet(13014): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 01 2024 03:23:27 cp41 maldet(13014): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 01 2024 03:23:27 cp41 maldet(13014): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 01 2024 03:23:27 cp41 maldet(13014): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 01 2024 03:23:28 cp41 maldet(13014): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 01 2024 03:23:28 cp41 maldet(13014): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 01 2024 03:23:36 cp41 maldet(13014): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 01 2024 03:23:38 cp41 maldet(13014): {sigup} verified md5sum of maldet-clean.tgz
Jun 01 2024 03:23:39 cp41 maldet(13014): {sigup} unpacked and installed maldet-clean.tgz
Jun 01 2024 03:23:39 cp41 maldet(13014): {sigup} signature set update completed
Jun 01 2024 03:23:39 cp41 maldet(13014): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 01 2024 03:23:40 cp41 maldet(14122): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 01 2024 03:23:47 cp41 maldet(14122): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 01 2024 03:23:47 cp41 maldet(14122): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 01 2024 03:23:47 cp41 maldet(14122): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 01 2024 03:23:47 cp41 maldet(14122): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 01 2024 10:34:55 cp41 maldet(14122): {scan} file list completed in 25865s, found 835 files...
Jun 01 2024 10:34:56 cp41 maldet(14122): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 01 2024 10:34:56 cp41 maldet(14122): {scan} scan of (835 files) in progress...
Jun 01 2024 10:37:19 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cgi-bin__f48db49/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/Webss__f48db49/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/3Jm2tg__f48db49/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/WEBS__f48db49/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/jp__f48db49/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cache__f48db49/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/wp-includes/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/ext/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/cache/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/service/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/krisbrylex/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/Site/index.php
Jun 01 2024 10:37:20 cp41 maldet(14122): {scan} scan completed on : files 835, malware hits 12, cleaned hits 0, time 26020s
Jun 01 2024 10:37:20 cp41 maldet(14122): {scan} scan report saved, to view run: maldet --report 240601-0323.14122
Jun 01 2024 10:37:20 cp41 maldet(14122): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240601-0323.14122
Jun 02 2024 03:28:37 cp41 maldet(19866): {update} checking for available updates...
Jun 02 2024 03:28:38 cp41 maldet(19866): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 02 2024 03:28:38 cp41 maldet(19866): {update} hashing install files and checking against server...
Jun 02 2024 03:28:40 cp41 maldet(19866): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 02 2024 03:28:40 cp41 maldet(19866): {update} latest version already installed.
Jun 02 2024 03:28:47 cp41 maldet(20058): {sigup} performing signature update check...
Jun 02 2024 03:28:47 cp41 maldet(20058): {sigup} local signature set is version 202405313138721
Jun 02 2024 03:28:47 cp41 maldet(20058): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 02 2024 03:28:54 cp41 maldet(20058): {sigup} new signature set 202406011167250 available
Jun 02 2024 03:28:54 cp41 maldet(20058): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 02 2024 03:28:55 cp41 maldet(20058): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 02 2024 03:28:56 cp41 maldet(20058): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 02 2024 03:28:56 cp41 maldet(20058): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 02 2024 03:28:57 cp41 maldet(20058): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 02 2024 03:29:01 cp41 maldet(20058): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 02 2024 03:29:03 cp41 maldet(20058): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 02 2024 03:29:10 cp41 maldet(20058): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 02 2024 03:29:11 cp41 maldet(20058): {sigup} verified md5sum of maldet-clean.tgz
Jun 02 2024 03:29:11 cp41 maldet(20058): {sigup} unpacked and installed maldet-clean.tgz
Jun 02 2024 03:29:11 cp41 maldet(20058): {sigup} signature set update completed
Jun 02 2024 03:29:13 cp41 maldet(20058): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 02 2024 03:29:14 cp41 maldet(21223): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 02 2024 03:29:20 cp41 maldet(21223): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 02 2024 03:29:20 cp41 maldet(21223): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 02 2024 03:29:20 cp41 maldet(21223): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 02 2024 03:29:21 cp41 maldet(21223): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 02 2024 07:27:30 cp41 maldet(21223): {scan} file list completed in 14289s, found 360 files...
Jun 02 2024 07:27:30 cp41 maldet(21223): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 02 2024 07:27:30 cp41 maldet(21223): {scan} scan of (360 files) in progress...
Jun 02 2024 07:27:42 cp41 maldet(21223): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/wp-includes/index.php
Jun 02 2024 07:27:42 cp41 maldet(21223): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/ext/index.php
Jun 02 2024 07:27:42 cp41 maldet(21223): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/cache/index.php
Jun 02 2024 07:27:42 cp41 maldet(21223): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/service/index.php
Jun 02 2024 07:27:42 cp41 maldet(21223): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/krisbrylex/index.php
Jun 02 2024 07:27:42 cp41 maldet(21223): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/Site/index.php
Jun 02 2024 07:27:43 cp41 maldet(21223): {scan} scan completed on : files 360, malware hits 6, cleaned hits 0, time 14309s
Jun 02 2024 07:27:43 cp41 maldet(21223): {scan} scan report saved, to view run: maldet --report 240602-0329.21223
Jun 02 2024 07:27:43 cp41 maldet(21223): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240602-0329.21223
Jun 03 2024 03:23:25 cp41 maldet(4004): {update} checking for available updates...
Jun 03 2024 03:23:26 cp41 maldet(4004): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 03 2024 03:23:26 cp41 maldet(4004): {update} hashing install files and checking against server...
Jun 03 2024 03:23:27 cp41 maldet(4004): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 03 2024 03:23:27 cp41 maldet(4004): {update} latest version already installed.
Jun 03 2024 03:23:31 cp41 maldet(4221): {sigup} performing signature update check...
Jun 03 2024 03:23:31 cp41 maldet(4221): {sigup} local signature set is version 202406011167250
Jun 03 2024 03:23:31 cp41 maldet(4221): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 03 2024 03:23:31 cp41 maldet(4221): {sigup} latest signature set already installed
Jun 03 2024 03:23:31 cp41 maldet(4409): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 03 2024 03:23:34 cp41 maldet(4409): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 03 2024 03:23:34 cp41 maldet(4409): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 03 2024 03:23:34 cp41 maldet(4409): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 03 2024 03:23:34 cp41 maldet(4409): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 03 2024 09:04:23 cp41 maldet(4409): {scan} file list completed in 20449s, found 438 files...
Jun 03 2024 09:04:23 cp41 maldet(4409): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 03 2024 09:04:24 cp41 maldet(4409): {scan} scan of (438 files) in progress...
Jun 03 2024 09:04:53 cp41 maldet(4409): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/wp-includes/index.php
Jun 03 2024 09:04:53 cp41 maldet(4409): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/ext/index.php
Jun 03 2024 09:04:53 cp41 maldet(4409): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/cache/index.php
Jun 03 2024 09:04:53 cp41 maldet(4409): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/service/index.php
Jun 03 2024 09:04:53 cp41 maldet(4409): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/krisbrylex/index.php
Jun 03 2024 09:04:53 cp41 maldet(4409): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/Site/index.php
Jun 03 2024 09:04:53 cp41 maldet(4409): {hit} malware hit {HEX}php.nested.base64.663 found for /home/military/public_html/cache/BQqYJbOlg.php
Jun 03 2024 09:04:54 cp41 maldet(4409): {hit} malware hit {HEX}php.nested.base64.663 found for /home/military/public_html/cache/jBYlNhVJm.php
Jun 03 2024 09:04:54 cp41 maldet(4409): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jun 03 2024 09:04:54 cp41 maldet(4409): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jun 03 2024 09:04:54 cp41 maldet(4409): {scan} scan completed on : files 438, malware hits 10, cleaned hits 0, time 20483s
Jun 03 2024 09:04:54 cp41 maldet(4409): {scan} scan report saved, to view run: maldet --report 240603-0323.4409
Jun 03 2024 09:04:54 cp41 maldet(4409): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240603-0323.4409
Jun 04 2024 03:14:05 cp41 maldet(22277): {update} checking for available updates...
Jun 04 2024 03:14:05 cp41 maldet(22277): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 04 2024 03:14:05 cp41 maldet(22277): {update} hashing install files and checking against server...
Jun 04 2024 03:14:06 cp41 maldet(22277): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 04 2024 03:14:06 cp41 maldet(22277): {update} latest version already installed.
Jun 04 2024 03:14:06 cp41 maldet(22425): {sigup} performing signature update check...
Jun 04 2024 03:14:06 cp41 maldet(22425): {sigup} local signature set is version 202406011167250
Jun 04 2024 03:14:06 cp41 maldet(22425): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 04 2024 03:14:07 cp41 maldet(22425): {sigup} latest signature set already installed
Jun 04 2024 03:14:07 cp41 maldet(22560): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 04 2024 03:14:08 cp41 maldet(22560): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 04 2024 03:14:08 cp41 maldet(22560): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 04 2024 03:14:08 cp41 maldet(22560): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 04 2024 03:14:08 cp41 maldet(22560): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 04 2024 04:56:25 cp41 maldet(22560): {scan} file list completed in 6137s, found 32446 files...
Jun 04 2024 04:56:25 cp41 maldet(22560): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 04 2024 04:56:25 cp41 maldet(22560): {scan} scan of (32446 files) in progress...
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-content/toolbar.config
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cgi-bin__f48db49/index.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/Webss__f48db49/index.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/3Jm2tg__f48db49/index.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/WEBS__f48db49/index.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/jp__f48db49/index.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cache__f48db49/index.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.nested.base64.663 found for /home/military/public_html/cache/BQqYJbOlg.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.nested.base64.663 found for /home/military/public_html/cache/jBYlNhVJm.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.mailer.Mzh.557 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/8d6fe6aee4.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/mvlbm2o14.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/jpujs5j36.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/rkrtk9n33.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/zrjaz7p33.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/lpntb2k50.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/rzqtn3y92.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/efjem3d94.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/bprdn8m90.php
Jun 04 2024 04:59:02 cp41 maldet(22560): {scan} scan completed on : files 32446, malware hits 18, cleaned hits 0, time 6295s
Jun 04 2024 04:59:02 cp41 maldet(22560): {scan} scan report saved, to view run: maldet --report 240604-0314.22560
Jun 04 2024 04:59:02 cp41 maldet(22560): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240604-0314.22560
Jun 05 2024 03:12:34 cp41 maldet(1917): {update} checking for available updates...
Jun 05 2024 03:12:41 cp41 maldet(1917): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 05 2024 03:12:43 cp41 maldet(1917): {update} hashing install files and checking against server...
Jun 05 2024 03:13:02 cp41 maldet(1917): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 05 2024 03:13:02 cp41 maldet(1917): {update} latest version already installed.
Jun 05 2024 03:13:14 cp41 maldet(2499): {sigup} performing signature update check...
Jun 05 2024 03:13:17 cp41 maldet(2499): {sigup} local signature set is version 202406011167250
Jun 05 2024 03:13:18 cp41 maldet(2499): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 05 2024 03:13:20 cp41 maldet(2499): {sigup} new signature set 202406043123752 available
Jun 05 2024 03:13:20 cp41 maldet(2499): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 05 2024 03:13:34 cp41 maldet(2499): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 05 2024 03:13:34 cp41 maldet(2499): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 05 2024 03:13:34 cp41 maldet(2499): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 05 2024 03:13:35 cp41 maldet(2499): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 05 2024 03:13:35 cp41 maldet(2499): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 05 2024 03:13:35 cp41 maldet(2499): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 05 2024 03:14:45 cp41 maldet(2499): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 05 2024 03:14:55 cp41 maldet(2499): {sigup} verified md5sum of maldet-clean.tgz
Jun 05 2024 03:14:55 cp41 maldet(2499): {sigup} unpacked and installed maldet-clean.tgz
Jun 05 2024 03:14:55 cp41 maldet(2499): {sigup} signature set update completed
Jun 05 2024 03:14:55 cp41 maldet(2499): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 05 2024 03:14:57 cp41 maldet(4201): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 05 2024 03:14:59 cp41 maldet(4201): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 05 2024 03:14:59 cp41 maldet(4201): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 05 2024 03:14:59 cp41 maldet(4201): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 05 2024 03:14:59 cp41 maldet(4201): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 05 2024 08:40:39 cp41 maldet(4201): {scan} file list completed in 19540s, found 447 files...
Jun 05 2024 08:40:39 cp41 maldet(4201): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 05 2024 08:40:39 cp41 maldet(4201): {scan} scan of (447 files) in progress...
Jun 05 2024 08:41:05 cp41 maldet(4201): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/wp-includes/index.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/ext/index.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/cache/index.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/service/index.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/krisbrylex/index.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/Site/index.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/.well-known/acme-challenge/zwso.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/zowrk1y43.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/jpujs5j36.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/kmiwh8j61.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/spygu9d21.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/lpntb2k50.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/jyrgb0j57.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/efjem3d94.php
Jun 05 2024 08:41:06 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/hpuff9o02.php
Jun 05 2024 08:41:07 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/rrbex1b33.php
Jun 05 2024 08:41:07 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/bprdn8m90.php
Jun 05 2024 08:41:07 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/noazd4r57.php
Jun 05 2024 08:41:07 cp41 maldet(4201): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/iqtgq0h92.php
Jun 05 2024 08:41:07 cp41 maldet(4201): {scan} scan completed on : files 447, malware hits 19, cleaned hits 0, time 19570s
Jun 05 2024 08:41:07 cp41 maldet(4201): {scan} scan report saved, to view run: maldet --report 240605-0314.4201
Jun 05 2024 08:41:07 cp41 maldet(4201): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240605-0314.4201
Jun 06 2024 03:16:14 cp41 maldet(19644): {update} checking for available updates...
Jun 06 2024 03:16:14 cp41 maldet(19644): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 06 2024 03:16:14 cp41 maldet(19644): {update} hashing install files and checking against server...
Jun 06 2024 03:16:15 cp41 maldet(19644): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 06 2024 03:16:15 cp41 maldet(19644): {update} latest version already installed.
Jun 06 2024 03:16:15 cp41 maldet(19782): {sigup} performing signature update check...
Jun 06 2024 03:16:15 cp41 maldet(19782): {sigup} local signature set is version 202406043123752
Jun 06 2024 03:16:15 cp41 maldet(19782): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 06 2024 03:16:15 cp41 maldet(19782): {sigup} latest signature set already installed
Jun 06 2024 03:16:15 cp41 maldet(19910): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 06 2024 03:16:16 cp41 maldet(19910): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 06 2024 03:16:16 cp41 maldet(19910): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 06 2024 03:16:16 cp41 maldet(19910): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 06 2024 03:16:16 cp41 maldet(19910): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 06 2024 04:55:17 cp41 maldet(19910): {scan} file list completed in 5941s, found 34204 files...
Jun 06 2024 04:55:17 cp41 maldet(19910): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 06 2024 04:55:17 cp41 maldet(19910): {scan} scan of (34204 files) in progress...
Jun 06 2024 04:57:08 cp41 maldet(19910): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/mvlbm2o14.php
Jun 06 2024 04:57:08 cp41 maldet(19910): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/capsj2m39.php
Jun 06 2024 04:57:09 cp41 maldet(19910): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/ajnth0n56.php
Jun 06 2024 04:57:09 cp41 maldet(19910): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/mlvdg3c42.php
Jun 06 2024 04:57:09 cp41 maldet(19910): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/iilym5a07.php
Jun 06 2024 04:57:09 cp41 maldet(19910): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/bprdn8m90.php
Jun 06 2024 04:57:09 cp41 maldet(19910): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/sts.php
Jun 06 2024 04:57:09 cp41 maldet(19910): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/SELLEX.zip
Jun 06 2024 04:57:09 cp41 maldet(19910): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/sethbook/public_html/shell_wso.php7
Jun 06 2024 04:57:09 cp41 maldet(19910): {scan} scan completed on : files 34204, malware hits 9, cleaned hits 0, time 6053s
Jun 06 2024 04:57:09 cp41 maldet(19910): {scan} scan report saved, to view run: maldet --report 240606-0316.19910
Jun 06 2024 04:57:09 cp41 maldet(19910): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240606-0316.19910
Jun 07 2024 03:20:26 cp41 maldet(5469): {update} checking for available updates...
Jun 07 2024 03:20:26 cp41 maldet(5469): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 07 2024 03:20:26 cp41 maldet(5469): {update} hashing install files and checking against server...
Jun 07 2024 03:20:39 cp41 maldet(5469): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 07 2024 03:20:40 cp41 maldet(5469): {update} latest version already installed.
Jun 07 2024 03:20:45 cp41 maldet(5788): {sigup} performing signature update check...
Jun 07 2024 03:20:45 cp41 maldet(5788): {sigup} local signature set is version 202406043123752
Jun 07 2024 03:20:45 cp41 maldet(5788): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 07 2024 03:20:46 cp41 maldet(5788): {sigup} latest signature set already installed
Jun 07 2024 03:20:47 cp41 maldet(5963): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 07 2024 03:20:48 cp41 maldet(5963): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 07 2024 03:20:48 cp41 maldet(5963): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 07 2024 03:20:48 cp41 maldet(5963): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 07 2024 03:20:48 cp41 maldet(5963): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 07 2024 09:08:33 cp41 maldet(5963): {scan} file list completed in 20865s, found 41051 files...
Jun 07 2024 09:08:33 cp41 maldet(5963): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 07 2024 09:08:33 cp41 maldet(5963): {scan} scan of (41051 files) in progress...
Jun 07 2024 09:15:44 cp41 maldet(5963): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/eryerye/options.php
Jun 07 2024 09:15:44 cp41 maldet(5963): {hit} malware hit {HEX}php.exe.globals.416 found for /home/olshsdco/public_html/wp-includes/rzdduy.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/olshsdco/public_html/wp-includes/images/smilies/index.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-includes/js/wp/index.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-includes/plugin.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {YARA}eval_post found for /home/olshsdco/public_html/wp-content/themes/BrYxNKNrCx.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/mvlbm2o14.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/ojebp8o55.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/vavks8t94.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/ilpmx4m37.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/jgzqk6d13.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/sssto8f78.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/zeqlt7n55.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/nntaf2e70.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/ikhsm9q95.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/ujdlj5t11.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/zltyc2n44.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/zuqjv2f90.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/tluck6w37.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/efper9v39.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/wiutf1d34.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/rt.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/becra5c89.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/yvtgu7b11.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/qkjck6p91.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/kwnbo1l54.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/fbzkc0o85.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/tvulg9s52.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/vursk3h21.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/xcogd2a35.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/dhxfq2n28.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/doaay8u32.php
Jun 07 2024 09:15:45 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/ribsd3r71.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/xtmcq2p64.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/aglya2l04.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/aidqw6u95.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/mwsbl4u76.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/etmji8a69.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/ikawj8a42.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/fxwyl7j39.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/jvmkt6x50.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/vxkbe8l25.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/pxnba9j66.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/mrghd9o14.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/bprdn8m90.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/qddnn0w26.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/ciipw3k75.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/fqnjl9t71.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/jlwsv1u09.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/css/rt.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/.well-known/rt.php
Jun 07 2024 09:15:46 cp41 maldet(5963): {scan} scan completed on : files 41051, malware hits 53, cleaned hits 0, time 21299s
Jun 07 2024 09:15:46 cp41 maldet(5963): {scan} scan report saved, to view run: maldet --report 240607-0320.5963
Jun 07 2024 09:15:46 cp41 maldet(5963): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240607-0320.5963
Jun 08 2024 03:10:24 cp41 maldet(24864): {update} checking for available updates...
Jun 08 2024 03:10:24 cp41 maldet(24864): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 08 2024 03:10:24 cp41 maldet(24864): {update} hashing install files and checking against server...
Jun 08 2024 03:10:25 cp41 maldet(24864): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 08 2024 03:10:25 cp41 maldet(24864): {update} latest version already installed.
Jun 08 2024 03:10:26 cp41 maldet(25009): {sigup} performing signature update check...
Jun 08 2024 03:10:26 cp41 maldet(25009): {sigup} local signature set is version 202406043123752
Jun 08 2024 03:10:26 cp41 maldet(25009): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 08 2024 03:10:26 cp41 maldet(25009): {sigup} new signature set 202406072708004 available
Jun 08 2024 03:10:26 cp41 maldet(25009): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 08 2024 03:10:27 cp41 maldet(25009): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 08 2024 03:10:27 cp41 maldet(25009): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 08 2024 03:10:27 cp41 maldet(25009): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 08 2024 03:10:27 cp41 maldet(25009): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 08 2024 03:10:27 cp41 maldet(25009): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 08 2024 03:10:28 cp41 maldet(25009): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 08 2024 03:10:28 cp41 maldet(25009): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 08 2024 03:10:29 cp41 maldet(25009): {sigup} verified md5sum of maldet-clean.tgz
Jun 08 2024 03:10:29 cp41 maldet(25009): {sigup} unpacked and installed maldet-clean.tgz
Jun 08 2024 03:10:29 cp41 maldet(25009): {sigup} signature set update completed
Jun 08 2024 03:10:29 cp41 maldet(25009): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 08 2024 03:10:30 cp41 maldet(25289): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 08 2024 03:10:31 cp41 maldet(25289): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 08 2024 03:10:31 cp41 maldet(25289): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 08 2024 03:10:31 cp41 maldet(25289): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 08 2024 03:10:31 cp41 maldet(25289): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 08 2024 06:01:20 cp41 maldet(25289): {scan} file list completed in 10249s, found 20878 files...
Jun 08 2024 06:01:20 cp41 maldet(25289): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 08 2024 06:01:20 cp41 maldet(25289): {scan} scan of (20878 files) in progress...
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/cust_accept05
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/admin_files
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/DisplayLinkURI
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/cp.article
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/sharethis
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {HEX}php.base64.inject.182 found for /home/briancol/public_html/images/plugins/index.php
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/DisplayLinkURI
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/admin_files
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/DisplayLinkURI
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/cp.article
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/randomimage
Jun 08 2024 06:03:12 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/deletebookmark
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/admin_files
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/randomimage
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/DisplayLinkURI
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/cp.article
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/sharethis
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/modifier.nl2br
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/DisplayLinkURI
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/sharethis
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/deletebookmark
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/cp.article
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/sharethis
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/deletebookmark
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/randomimage
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/DisplayLinkURI
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/cp.article
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/sharethis
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/deletebookmark
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/cp.article
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Ussamer/default_message
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/DisplayLinkURI
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/sharethis
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/acme-challenge/sharethis
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/modifier.nl2br
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/cp.article
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/sharethis
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/cp.article
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/sharethis
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/modifier.nl2br
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/cp.article
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/admin_files
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/cp.article
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/sharethis
Jun 08 2024 06:03:13 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/deletebookmark
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/DisplayLinkURI
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/cp.article
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/DisplayLinkURI
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/sharethis
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/h/coupon_admin
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/h/deletebookmark
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/sharethis
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/randomimage
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/deletebookmark
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/randomimage
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/deletebookmark
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-content/toolbar.config
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/DisplayLinkURI
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/cp.article
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/sharethis
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/deletebookmark
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/randomimage
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/deletebookmark
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Havalpatter/cp.article
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Havalpatter/randomimage
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Havalpatter/deletebookmark
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-include/cp.article
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-include/sharethis
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-include/deletebookmark
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/cache/i/index.php
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/jdwyk4c36.php
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/memab2u19.php
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/dfocz0f35.php
Jun 08 2024 06:03:14 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/ijxmz5d76.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/knfob5t88.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/wtvop0l31.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/xnkux8z36.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/xhyfm8m68.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/auanh2o50.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/bxbsg1x64.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/xfriu0t11.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/hatzq0c17.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/sftps6b93.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/idzyv4d43.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/qqtgd7u97.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/rdqvi7b33.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/jjeio1k05.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/jszhy3k71.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/cwxxv8k59.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/pfktd5t68.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/plbdc7t60.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/iqtrs4r78.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/xjvgz4f30.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/rlrel9a98.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/vnijq3h11.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/iurhf6w58.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/nassr9n45.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/ibina1n71.php
Jun 08 2024 06:03:15 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/tzyks1g95.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/mzvyg6j11.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/xllll1b69.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/tisfu5k94.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/pkarg7c75.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {hit} malware hit {HEX}php.base64.inject.181 found for /home/saturnst/public_html/wp-admin/39CfK/index.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {hit} malware hit {HEX}php.base64.inject.181 found for /home/saturnst/public_html/wp-admin/DN20w/index.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {hit} malware hit {HEX}php.base64.inject.181 found for /home/saturnst/public_html/wp-admin/cvcqo/index.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/wp-admin/luxx.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {hit} malware hit {HEX}php.base64.inject.181 found for /home/saturnst/public_html/wp-admin/SW4KS/index.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {hit} malware hit {HEX}php.base64.inject.181 found for /home/saturnst/public_html/wp-admin/aDArs/index.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {hit} malware hit {HEX}php.nested.base64.663 found for /home/saturnst/public_html/iiziu9r74.php
Jun 08 2024 06:03:16 cp41 maldet(25289): {scan} scan completed on : files 20878, malware hits 110, cleaned hits 0, time 10366s
Jun 08 2024 06:03:16 cp41 maldet(25289): {scan} scan report saved, to view run: maldet --report 240608-0310.25289
Jun 08 2024 06:03:16 cp41 maldet(25289): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240608-0310.25289
Jun 09 2024 03:17:45 cp41 maldet(19796): {update} checking for available updates...
Jun 09 2024 03:17:45 cp41 maldet(19796): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 09 2024 03:17:45 cp41 maldet(19796): {update} hashing install files and checking against server...
Jun 09 2024 03:17:45 cp41 maldet(19796): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 09 2024 03:17:45 cp41 maldet(19796): {update} latest version already installed.
Jun 09 2024 03:17:45 cp41 maldet(19974): {sigup} performing signature update check...
Jun 09 2024 03:17:45 cp41 maldet(19974): {sigup} local signature set is version 202406072708004
Jun 09 2024 03:17:46 cp41 maldet(19974): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 09 2024 03:17:47 cp41 maldet(19974): {sigup} latest signature set already installed
Jun 09 2024 03:17:49 cp41 maldet(20103): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 09 2024 03:17:51 cp41 maldet(20103): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 09 2024 03:17:51 cp41 maldet(20103): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 09 2024 03:17:51 cp41 maldet(20103): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 09 2024 03:17:51 cp41 maldet(20103): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 09 2024 05:18:58 cp41 maldet(20103): {scan} file list completed in 7267s, found 12446 files...
Jun 09 2024 05:18:58 cp41 maldet(20103): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 09 2024 05:18:58 cp41 maldet(20103): {scan} scan of (12446 files) in progress...
Jun 09 2024 05:20:44 cp41 maldet(20103): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/alsa_poll
Jun 09 2024 05:20:44 cp41 maldet(20103): {hit} malware hit {HEX}php.base64.inject.181 found for /home/saturnst/public_html/wp-admin/eG7sU/index.php
Jun 09 2024 05:20:44 cp41 maldet(20103): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/testdb.php
Jun 09 2024 05:20:44 cp41 maldet(20103): {scan} scan completed on : files 12446, malware hits 3, cleaned hits 0, time 7375s
Jun 09 2024 05:20:44 cp41 maldet(20103): {scan} scan report saved, to view run: maldet --report 240609-0317.20103
Jun 09 2024 05:20:44 cp41 maldet(20103): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240609-0317.20103
Jun 10 2024 03:21:07 cp41 maldet(15968): {update} checking for available updates...
Jun 10 2024 03:21:07 cp41 maldet(15968): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 10 2024 03:21:07 cp41 maldet(15968): {update} hashing install files and checking against server...
Jun 10 2024 03:21:08 cp41 maldet(15968): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 10 2024 03:21:08 cp41 maldet(15968): {update} latest version already installed.
Jun 10 2024 03:21:08 cp41 maldet(16119): {sigup} performing signature update check...
Jun 10 2024 03:21:08 cp41 maldet(16119): {sigup} local signature set is version 202406072708004
Jun 10 2024 03:21:08 cp41 maldet(16119): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 10 2024 03:21:09 cp41 maldet(16119): {sigup} latest signature set already installed
Jun 10 2024 03:21:09 cp41 maldet(16236): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 10 2024 03:21:10 cp41 maldet(16236): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 10 2024 03:21:10 cp41 maldet(16236): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 10 2024 03:21:10 cp41 maldet(16236): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 10 2024 03:21:10 cp41 maldet(16236): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 10 2024 06:48:54 cp41 maldet(16236): {scan} file list completed in 12464s, found 34050 files...
Jun 10 2024 06:48:54 cp41 maldet(16236): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 10 2024 06:48:54 cp41 maldet(16236): {scan} scan of (34050 files) in progress...
Jun 10 2024 06:51:48 cp41 maldet(16236): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/_wildcard_.sethbookey.net/rx.php
Jun 10 2024 06:51:49 cp41 maldet(16236): {scan} scan completed on : files 34050, malware hits 1, cleaned hits 0, time 12639s
Jun 10 2024 06:51:49 cp41 maldet(16236): {scan} scan report saved, to view run: maldet --report 240610-0321.16236
Jun 10 2024 06:51:49 cp41 maldet(16236): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240610-0321.16236
Jun 11 2024 03:29:13 cp41 maldet(16628): {update} checking for available updates...
Jun 11 2024 03:29:13 cp41 maldet(16628): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 11 2024 03:29:13 cp41 maldet(16628): {update} hashing install files and checking against server...
Jun 11 2024 03:29:13 cp41 maldet(16628): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 11 2024 03:29:13 cp41 maldet(16628): {update} latest version already installed.
Jun 11 2024 03:29:19 cp41 maldet(16795): {sigup} performing signature update check...
Jun 11 2024 03:29:19 cp41 maldet(16795): {sigup} local signature set is version 202406072708004
Jun 11 2024 03:29:23 cp41 maldet(16795): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 11 2024 03:29:23 cp41 maldet(16795): {sigup} new signature set 202406101638544 available
Jun 11 2024 03:29:23 cp41 maldet(16795): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 11 2024 03:29:24 cp41 maldet(16795): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 11 2024 03:29:24 cp41 maldet(16795): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 11 2024 03:29:24 cp41 maldet(16795): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 11 2024 03:29:24 cp41 maldet(16795): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 11 2024 03:29:24 cp41 maldet(16795): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 11 2024 03:29:24 cp41 maldet(16795): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 11 2024 03:29:26 cp41 maldet(16795): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 11 2024 03:29:27 cp41 maldet(16795): {sigup} verified md5sum of maldet-clean.tgz
Jun 11 2024 03:29:27 cp41 maldet(16795): {sigup} unpacked and installed maldet-clean.tgz
Jun 11 2024 03:29:27 cp41 maldet(16795): {sigup} signature set update completed
Jun 11 2024 03:29:27 cp41 maldet(16795): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 11 2024 03:29:31 cp41 maldet(17131): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 11 2024 03:29:31 cp41 maldet(17131): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 11 2024 03:29:31 cp41 maldet(17131): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 11 2024 03:29:31 cp41 maldet(17131): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 11 2024 03:29:31 cp41 maldet(17131): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 11 2024 07:35:58 cp41 maldet(17131): {scan} file list completed in 14787s, found 2634 files...
Jun 11 2024 07:35:58 cp41 maldet(17131): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 11 2024 07:35:58 cp41 maldet(17131): {scan} scan of (2634 files) in progress...
Jun 11 2024 07:36:11 cp41 maldet(17131): {hit} malware hit {HEX}php.mailer.Mzh.557 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/8d6fe6aee4.php
Jun 11 2024 07:36:11 cp41 maldet(17131): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jun 11 2024 07:36:11 cp41 maldet(17131): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jun 11 2024 07:36:11 cp41 maldet(17131): {scan} scan completed on : files 2634, malware hits 3, cleaned hits 0, time 14800s
Jun 11 2024 07:36:11 cp41 maldet(17131): {scan} scan report saved, to view run: maldet --report 240611-0329.17131
Jun 11 2024 07:36:11 cp41 maldet(17131): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240611-0329.17131
Jun 12 2024 03:40:17 cp41 maldet(13884): {update} checking for available updates...
Jun 12 2024 03:40:18 cp41 maldet(13884): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 12 2024 03:40:18 cp41 maldet(13884): {update} hashing install files and checking against server...
Jun 12 2024 03:40:18 cp41 maldet(13884): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 12 2024 03:40:18 cp41 maldet(13884): {update} latest version already installed.
Jun 12 2024 03:40:20 cp41 maldet(14076): {sigup} performing signature update check...
Jun 12 2024 03:40:20 cp41 maldet(14076): {sigup} local signature set is version 202406101638544
Jun 12 2024 03:40:20 cp41 maldet(14076): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 12 2024 03:40:21 cp41 maldet(14076): {sigup} latest signature set already installed
Jun 12 2024 03:40:21 cp41 maldet(14249): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 12 2024 03:40:22 cp41 maldet(14249): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 12 2024 03:40:22 cp41 maldet(14249): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 12 2024 03:40:22 cp41 maldet(14249): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 12 2024 03:40:22 cp41 maldet(14249): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 12 2024 05:18:40 cp41 maldet(14249): {scan} file list completed in 5898s, found 19958 files...
Jun 12 2024 05:18:40 cp41 maldet(14249): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 12 2024 05:18:40 cp41 maldet(14249): {scan} scan of (19958 files) in progress...
Jun 12 2024 05:23:51 cp41 maldet(14249): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/wp-content/plugin.php
Jun 12 2024 05:23:51 cp41 maldet(14249): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/pki-validation/f/h/b/index.php
Jun 12 2024 05:23:51 cp41 maldet(14249): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/pki-validation/g/a/f/index.php
Jun 12 2024 05:23:51 cp41 maldet(14249): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/pki-validation/g/b/a/index.php
Jun 12 2024 05:23:51 cp41 maldet(14249): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jun 12 2024 05:23:51 cp41 maldet(14249): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jun 12 2024 05:23:51 cp41 maldet(14249): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/g/a/f/index.php
Jun 12 2024 05:23:51 cp41 maldet(14249): {scan} scan completed on : files 19958, malware hits 7, cleaned hits 0, time 6210s
Jun 12 2024 05:23:51 cp41 maldet(14249): {scan} scan report saved, to view run: maldet --report 240612-0340.14249
Jun 12 2024 05:23:51 cp41 maldet(14249): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240612-0340.14249
Jun 13 2024 03:14:19 cp41 maldet(26595): {update} checking for available updates...
Jun 13 2024 03:14:20 cp41 maldet(26595): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 13 2024 03:14:20 cp41 maldet(26595): {update} hashing install files and checking against server...
Jun 13 2024 03:14:20 cp41 maldet(26595): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 13 2024 03:14:20 cp41 maldet(26595): {update} latest version already installed.
Jun 13 2024 03:14:21 cp41 maldet(26749): {sigup} performing signature update check...
Jun 13 2024 03:14:21 cp41 maldet(26749): {sigup} local signature set is version 202406101638544
Jun 13 2024 03:14:21 cp41 maldet(26749): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 13 2024 03:14:21 cp41 maldet(26749): {sigup} latest signature set already installed
Jun 13 2024 03:14:25 cp41 maldet(26877): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 13 2024 03:14:27 cp41 maldet(26877): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 13 2024 03:14:27 cp41 maldet(26877): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 13 2024 03:14:27 cp41 maldet(26877): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 13 2024 03:14:27 cp41 maldet(26877): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 13 2024 07:18:14 cp41 maldet(26877): {scan} file list completed in 14627s, found 6135 files...
Jun 13 2024 07:18:14 cp41 maldet(26877): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 13 2024 07:18:14 cp41 maldet(26877): {scan} scan of (6135 files) in progress...
Jun 13 2024 07:18:38 cp41 maldet(26877): {hit} malware hit {YARA}cgi_python_py found for /home/authorsd/public_html/python/python.izo
Jun 13 2024 07:18:38 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/flatpak-builder-tools-push
Jun 13 2024 07:18:38 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/flatpak-builder-tools-push
Jun 13 2024 07:18:38 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/flatpak-builder-tools-push
Jun 13 2024 07:18:38 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/flatpak-builder-tools-push
Jun 13 2024 07:18:38 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/flatpak-builder-tools-push
Jun 13 2024 07:18:38 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/alsa_monitor
Jun 13 2024 07:18:39 cp41 maldet(26877): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/flatpak-builder-tools-push
Jun 13 2024 07:18:39 cp41 maldet(26877): {scan} scan completed on : files 6135, malware hits 22, cleaned hits 0, time 14654s
Jun 13 2024 07:18:39 cp41 maldet(26877): {scan} scan report saved, to view run: maldet --report 240613-0314.26877
Jun 13 2024 07:18:39 cp41 maldet(26877): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240613-0314.26877
Jun 14 2024 04:00:28 cp41 maldet(17968): {update} checking for available updates...
Jun 14 2024 04:00:28 cp41 maldet(17968): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 14 2024 04:00:28 cp41 maldet(17968): {update} hashing install files and checking against server...
Jun 14 2024 04:00:29 cp41 maldet(17968): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 14 2024 04:00:29 cp41 maldet(17968): {update} latest version already installed.
Jun 14 2024 04:00:31 cp41 maldet(18154): {sigup} performing signature update check...
Jun 14 2024 04:00:31 cp41 maldet(18154): {sigup} local signature set is version 202406101638544
Jun 14 2024 04:00:31 cp41 maldet(18154): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 14 2024 04:00:31 cp41 maldet(18154): {sigup} new signature set 20240613708945 available
Jun 14 2024 04:00:31 cp41 maldet(18154): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 14 2024 04:00:31 cp41 maldet(18154): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 14 2024 04:00:32 cp41 maldet(18154): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 14 2024 04:00:32 cp41 maldet(18154): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 14 2024 04:00:32 cp41 maldet(18154): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 14 2024 04:00:32 cp41 maldet(18154): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 14 2024 04:00:32 cp41 maldet(18154): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 14 2024 04:00:33 cp41 maldet(18154): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 14 2024 04:00:33 cp41 maldet(18154): {sigup} verified md5sum of maldet-clean.tgz
Jun 14 2024 04:00:33 cp41 maldet(18154): {sigup} unpacked and installed maldet-clean.tgz
Jun 14 2024 04:00:34 cp41 maldet(18154): {sigup} signature set update completed
Jun 14 2024 04:00:34 cp41 maldet(18154): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 14 2024 04:00:35 cp41 maldet(18440): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 14 2024 04:00:36 cp41 maldet(18440): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 14 2024 04:00:36 cp41 maldet(18440): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 14 2024 04:00:36 cp41 maldet(18440): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 14 2024 04:00:36 cp41 maldet(18440): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 14 2024 08:22:11 cp41 maldet(18440): {scan} file list completed in 15695s, found 4500 files...
Jun 14 2024 08:22:11 cp41 maldet(18440): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 14 2024 08:22:11 cp41 maldet(18440): {scan} scan of (4500 files) in progress...
Jun 14 2024 08:24:58 cp41 maldet(18440): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/wp-includes/index.php
Jun 14 2024 08:24:58 cp41 maldet(18440): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/ext/index.php
Jun 14 2024 08:24:58 cp41 maldet(18440): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/cache/index.php
Jun 14 2024 08:24:58 cp41 maldet(18440): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/service/index.php
Jun 14 2024 08:24:58 cp41 maldet(18440): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/krisbrylex/index.php
Jun 14 2024 08:24:58 cp41 maldet(18440): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/Site/index.php
Jun 14 2024 08:24:58 cp41 maldet(18440): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/cache/i/index.php
Jun 14 2024 08:24:58 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/flatpak-builder-tools-push
Jun 14 2024 08:24:58 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/flatpak-builder-tools-push
Jun 14 2024 08:24:58 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/alsa_monitor
Jun 14 2024 08:24:59 cp41 maldet(18440): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/flatpak-builder-tools-push
Jun 14 2024 08:24:59 cp41 maldet(18440): {scan} scan completed on : files 4500, malware hits 28, cleaned hits 0, time 15864s
Jun 14 2024 08:24:59 cp41 maldet(18440): {scan} scan report saved, to view run: maldet --report 240614-0400.18440
Jun 14 2024 08:24:59 cp41 maldet(18440): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240614-0400.18440
Jun 15 2024 03:48:07 cp41 maldet(7933): {update} checking for available updates...
Jun 15 2024 03:48:08 cp41 maldet(7933): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 15 2024 03:48:08 cp41 maldet(7933): {update} hashing install files and checking against server...
Jun 15 2024 03:48:09 cp41 maldet(7933): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 15 2024 03:48:09 cp41 maldet(7933): {update} latest version already installed.
Jun 15 2024 03:48:10 cp41 maldet(8100): {sigup} performing signature update check...
Jun 15 2024 03:48:10 cp41 maldet(8100): {sigup} local signature set is version 20240613708945
Jun 15 2024 03:48:10 cp41 maldet(8100): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 15 2024 03:48:10 cp41 maldet(8100): {sigup} latest signature set already installed
Jun 15 2024 03:48:10 cp41 maldet(8245): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 15 2024 03:48:12 cp41 maldet(8245): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 15 2024 03:48:12 cp41 maldet(8245): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 15 2024 03:48:12 cp41 maldet(8245): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 15 2024 03:48:12 cp41 maldet(8245): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 15 2024 06:11:36 cp41 maldet(8245): {scan} file list completed in 8604s, found 5725 files...
Jun 15 2024 06:11:36 cp41 maldet(8245): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 15 2024 06:11:36 cp41 maldet(8245): {scan} scan of (5725 files) in progress...
Jun 15 2024 06:11:52 cp41 maldet(8245): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Jun 15 2024 06:11:52 cp41 maldet(8245): {scan} scan completed on : files 5725, malware hits 0, cleaned hits 0, time 8622s
Jun 15 2024 06:11:52 cp41 maldet(8245): {scan} scan report saved, to view run: maldet --report 240615-0348.8245
Jun 16 2024 03:14:48 cp41 maldet(1197): {update} checking for available updates...
Jun 16 2024 03:14:48 cp41 maldet(1197): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 16 2024 03:14:48 cp41 maldet(1197): {update} hashing install files and checking against server...
Jun 16 2024 03:14:48 cp41 maldet(1197): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 16 2024 03:14:48 cp41 maldet(1197): {update} latest version already installed.
Jun 16 2024 03:14:48 cp41 maldet(1345): {sigup} performing signature update check...
Jun 16 2024 03:14:48 cp41 maldet(1345): {sigup} local signature set is version 20240613708945
Jun 16 2024 03:14:49 cp41 maldet(1345): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 16 2024 03:14:49 cp41 maldet(1345): {sigup} latest signature set already installed
Jun 16 2024 03:14:49 cp41 maldet(1463): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 16 2024 03:14:50 cp41 maldet(1463): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 16 2024 03:14:50 cp41 maldet(1463): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 16 2024 03:14:50 cp41 maldet(1463): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 16 2024 03:14:50 cp41 maldet(1463): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 16 2024 05:56:45 cp41 maldet(1463): {scan} file list completed in 9715s, found 5940 files...
Jun 16 2024 05:56:45 cp41 maldet(1463): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 16 2024 05:56:45 cp41 maldet(1463): {scan} scan of (5940 files) in progress...
Jun 16 2024 05:57:02 cp41 maldet(1463): {hit} malware hit {HEX}php.generic.malware.447 found for /home/krisbryl/public_html/wp-includes/index.php
Jun 16 2024 05:57:02 cp41 maldet(1463): {scan} scan completed on : files 5940, malware hits 1, cleaned hits 0, time 9733s
Jun 16 2024 05:57:02 cp41 maldet(1463): {scan} scan report saved, to view run: maldet --report 240616-0314.1463
Jun 16 2024 05:57:02 cp41 maldet(1463): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240616-0314.1463
Jun 17 2024 03:10:54 cp41 maldet(3842): {update} checking for available updates...
Jun 17 2024 03:10:55 cp41 maldet(3842): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 17 2024 03:10:55 cp41 maldet(3842): {update} hashing install files and checking against server...
Jun 17 2024 03:10:55 cp41 maldet(3842): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 17 2024 03:10:55 cp41 maldet(3842): {update} latest version already installed.
Jun 17 2024 03:10:56 cp41 maldet(3988): {sigup} performing signature update check...
Jun 17 2024 03:10:56 cp41 maldet(3988): {sigup} local signature set is version 20240613708945
Jun 17 2024 03:10:56 cp41 maldet(3988): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 17 2024 03:10:57 cp41 maldet(3988): {sigup} new signature set 20240616598245 available
Jun 17 2024 03:10:57 cp41 maldet(3988): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 17 2024 03:10:57 cp41 maldet(3988): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 17 2024 03:10:57 cp41 maldet(3988): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 17 2024 03:10:57 cp41 maldet(3988): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 17 2024 03:10:58 cp41 maldet(3988): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 17 2024 03:10:58 cp41 maldet(3988): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 17 2024 03:10:58 cp41 maldet(3988): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 17 2024 03:10:58 cp41 maldet(3988): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 17 2024 03:10:59 cp41 maldet(3988): {sigup} verified md5sum of maldet-clean.tgz
Jun 17 2024 03:10:59 cp41 maldet(3988): {sigup} unpacked and installed maldet-clean.tgz
Jun 17 2024 03:10:59 cp41 maldet(3988): {sigup} signature set update completed
Jun 17 2024 03:10:59 cp41 maldet(3988): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 17 2024 03:10:59 cp41 maldet(4256): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 17 2024 03:11:00 cp41 maldet(4256): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 17 2024 03:11:00 cp41 maldet(4256): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 17 2024 03:11:00 cp41 maldet(4256): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 17 2024 03:11:00 cp41 maldet(4256): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 17 2024 06:19:30 cp41 maldet(4256): {scan} file list completed in 11310s, found 5197 files...
Jun 17 2024 06:19:30 cp41 maldet(4256): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 17 2024 06:19:30 cp41 maldet(4256): {scan} scan of (5197 files) in progress...
Jun 17 2024 06:20:32 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz
Jun 17 2024 06:20:32 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.3
Jun 17 2024 06:20:32 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.2
Jun 17 2024 06:20:32 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.1
Jun 17 2024 06:20:32 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.4
Jun 17 2024 06:20:33 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz
Jun 17 2024 06:20:33 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.3
Jun 17 2024 06:20:33 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.7
Jun 17 2024 06:20:33 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.5
Jun 17 2024 06:20:33 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.2
Jun 17 2024 06:20:33 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.8
Jun 17 2024 06:20:33 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.9
Jun 17 2024 06:20:33 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.1
Jun 17 2024 06:20:33 cp41 maldet(4256): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.6
Jun 17 2024 06:20:33 cp41 maldet(4256): {scan} scan completed on : files 5197, malware hits 14, cleaned hits 0, time 11374s
Jun 17 2024 06:20:33 cp41 maldet(4256): {scan} scan report saved, to view run: maldet --report 240617-0310.4256
Jun 17 2024 06:20:33 cp41 maldet(4256): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240617-0310.4256
Jun 18 2024 03:26:18 cp41 maldet(26123): {update} checking for available updates...
Jun 18 2024 03:26:18 cp41 maldet(26123): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 18 2024 03:26:18 cp41 maldet(26123): {update} hashing install files and checking against server...
Jun 18 2024 03:26:18 cp41 maldet(26123): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 18 2024 03:26:18 cp41 maldet(26123): {update} latest version already installed.
Jun 18 2024 03:26:18 cp41 maldet(26269): {sigup} performing signature update check...
Jun 18 2024 03:26:18 cp41 maldet(26269): {sigup} local signature set is version 20240616598245
Jun 18 2024 03:26:19 cp41 maldet(26269): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 18 2024 03:26:19 cp41 maldet(26269): {sigup} latest signature set already installed
Jun 18 2024 03:26:19 cp41 maldet(26390): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 18 2024 03:26:21 cp41 maldet(26390): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 18 2024 03:26:21 cp41 maldet(26390): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 18 2024 03:26:21 cp41 maldet(26390): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 18 2024 03:26:21 cp41 maldet(26390): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 18 2024 05:00:41 cp41 maldet(26390): {scan} file list completed in 5660s, found 3190 files...
Jun 18 2024 05:00:41 cp41 maldet(26390): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 18 2024 05:00:41 cp41 maldet(26390): {scan} scan of (3190 files) in progress...
Jun 18 2024 05:01:35 cp41 maldet(26390): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/bobgg7c53.php
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/nsmbx9d13.php
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/qvcyu7e62.php
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.1
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/military/public_html/cache/e/d/d/e/index.php
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.4
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.3
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.7
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.10
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.5
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.11
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.2
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.8
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.9
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.1
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/cache/a/e/a/c/index.php
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/cache/f/c/g/d/index.php
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/cache/d/a/f/e/click.php
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/military/public_html/cache/g/a/e/e/index.php
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/cache/g/h/a/a/index.php
Jun 18 2024 05:01:36 cp41 maldet(26390): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/cache/wp-config.tgz.6
Jun 18 2024 05:01:37 cp41 maldet(26390): {scan} scan completed on : files 3190, malware hits 23, cleaned hits 0, time 5717s
Jun 18 2024 05:01:37 cp41 maldet(26390): {scan} scan report saved, to view run: maldet --report 240618-0326.26390
Jun 18 2024 05:01:37 cp41 maldet(26390): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240618-0326.26390
Jun 18 2024 14:31:15 cp41 maldet(25392): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 18 2024 14:31:15 cp41 maldet(25392): {scan} building file list for /home/gusbaran/public_html/, this might take awhile...
Jun 18 2024 14:31:15 cp41 maldet(25392): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 18 2024 14:31:15 cp41 maldet(25392): {scan} executed eval /usr/bin/nice -n 19 /usr/bin/find "/home/gusbaran/public_html/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 18 2024 14:31:15 cp41 maldet(25392): {scan} file list completed in 0s, found 1546 files...
Jun 18 2024 14:31:15 cp41 maldet(25392): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 18 2024 14:31:15 cp41 maldet(25392): {scan} scan of /home/gusbaran/public_html/ (1546 files) in progress...
Jun 18 2024 14:31:31 cp41 maldet(25392): {scan} scan completed on /home/gusbaran/public_html/: files 1546, malware hits 0, cleaned hits 0, time 17s
Jun 18 2024 14:31:31 cp41 maldet(25392): {scan} scan report saved, to view run: maldet --report 240618-1431.25392
Jun 18 2024 14:33:29 cp41 maldet(26564): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 18 2024 14:33:29 cp41 maldet(26564): {scan} building file list for /home/gusbaran/athenstavern.com/, this might take awhile...
Jun 18 2024 14:33:29 cp41 maldet(26564): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 18 2024 14:33:29 cp41 maldet(26564): {scan} executed eval /usr/bin/nice -n 19 /usr/bin/find "/home/gusbaran/athenstavern.com/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 18 2024 14:33:29 cp41 maldet(26564): {scan} file list completed in 0s, found 1442 files...
Jun 18 2024 14:33:29 cp41 maldet(26564): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 18 2024 14:33:29 cp41 maldet(26564): {scan} scan of /home/gusbaran/athenstavern.com/ (1442 files) in progress...
Jun 18 2024 14:33:34 cp41 maldet(26564): {scan} scan completed on /home/gusbaran/athenstavern.com/: files 1442, malware hits 0, cleaned hits 0, time 6s
Jun 18 2024 14:33:34 cp41 maldet(26564): {scan} scan report saved, to view run: maldet --report 240618-1433.26564
Jun 19 2024 03:47:26 cp41 maldet(4509): {update} checking for available updates...
Jun 19 2024 03:47:26 cp41 maldet(4509): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 19 2024 03:47:26 cp41 maldet(4509): {update} hashing install files and checking against server...
Jun 19 2024 03:47:26 cp41 maldet(4509): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 19 2024 03:47:26 cp41 maldet(4509): {update} latest version already installed.
Jun 19 2024 03:47:26 cp41 maldet(4650): {sigup} performing signature update check...
Jun 19 2024 03:47:26 cp41 maldet(4650): {sigup} local signature set is version 20240616598245
Jun 19 2024 03:47:27 cp41 maldet(4650): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 19 2024 03:47:27 cp41 maldet(4650): {sigup} latest signature set already installed
Jun 19 2024 03:47:27 cp41 maldet(4765): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 19 2024 03:47:27 cp41 maldet(4765): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 19 2024 03:47:27 cp41 maldet(4765): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 19 2024 03:47:27 cp41 maldet(4765): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 19 2024 03:47:27 cp41 maldet(4765): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 19 2024 04:39:34 cp41 maldet(4765): {scan} file list completed in 3127s, found 201 files...
Jun 19 2024 04:39:34 cp41 maldet(4765): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 19 2024 04:39:34 cp41 maldet(4765): {scan} scan of (201 files) in progress...
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/afixf1k71.php
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/vzpwr9a70.php
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/kainc2h84.php
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/hglkj9k25.php
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/orefs5d88.php
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/ggusy5g63.php
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/etljb5u30.php
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/hvbxi6k44.php
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {HEX}php.base64.inject.181 found for /home/dreileen/public_html/lXMNu/index.php
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {HEX}php.base64.inject.181 found for /home/dreileen/public_html/eh8P4/index.php
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.4
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.5
Jun 19 2024 04:39:44 cp41 maldet(4765): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.6
Jun 19 2024 04:39:45 cp41 maldet(4765): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.4
Jun 19 2024 04:39:45 cp41 maldet(4765): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.3
Jun 19 2024 04:39:45 cp41 maldet(4765): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.5
Jun 19 2024 04:39:45 cp41 maldet(4765): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.2
Jun 19 2024 04:39:45 cp41 maldet(4765): {scan} scan completed on : files 201, malware hits 17, cleaned hits 0, time 3138s
Jun 19 2024 04:39:45 cp41 maldet(4765): {scan} scan report saved, to view run: maldet --report 240619-0347.4765
Jun 19 2024 04:39:45 cp41 maldet(4765): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240619-0347.4765
Jun 20 2024 03:40:47 cp41 maldet(7267): {update} checking for available updates...
Jun 20 2024 03:40:48 cp41 maldet(7267): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 20 2024 03:40:48 cp41 maldet(7267): {update} hashing install files and checking against server...
Jun 20 2024 03:40:48 cp41 maldet(7267): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 20 2024 03:40:48 cp41 maldet(7267): {update} latest version already installed.
Jun 20 2024 03:40:50 cp41 maldet(7427): {sigup} performing signature update check...
Jun 20 2024 03:40:50 cp41 maldet(7427): {sigup} local signature set is version 20240616598245
Jun 20 2024 03:40:50 cp41 maldet(7427): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 20 2024 03:40:51 cp41 maldet(7427): {sigup} new signature set 202406191945628 available
Jun 20 2024 03:40:51 cp41 maldet(7427): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 20 2024 03:40:52 cp41 maldet(7427): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 20 2024 03:40:52 cp41 maldet(7427): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 20 2024 03:40:52 cp41 maldet(7427): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 20 2024 03:40:52 cp41 maldet(7427): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 20 2024 03:40:52 cp41 maldet(7427): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 20 2024 03:40:52 cp41 maldet(7427): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 20 2024 03:40:54 cp41 maldet(7427): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 20 2024 03:40:54 cp41 maldet(7427): {sigup} verified md5sum of maldet-clean.tgz
Jun 20 2024 03:40:55 cp41 maldet(7427): {sigup} unpacked and installed maldet-clean.tgz
Jun 20 2024 03:40:55 cp41 maldet(7427): {sigup} signature set update completed
Jun 20 2024 03:40:55 cp41 maldet(7427): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 20 2024 03:40:56 cp41 maldet(7717): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 20 2024 03:40:57 cp41 maldet(7717): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 20 2024 03:40:57 cp41 maldet(7717): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 20 2024 03:40:57 cp41 maldet(7717): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 20 2024 03:40:57 cp41 maldet(7717): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 20 2024 05:07:06 cp41 maldet(7717): {scan} file list completed in 5169s, found 64061 files...
Jun 20 2024 05:07:06 cp41 maldet(7717): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 20 2024 05:07:06 cp41 maldet(7717): {scan} scan of (64061 files) in progress...
Jun 20 2024 05:09:30 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/iogak8n57.php
Jun 20 2024 05:09:30 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/mcive7w55.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/lmavn5j55.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.base64.inject.181 found for /home/authorsd/public_html/b2p1P/index.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/heycp9i50.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/pnbdi5i51.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/sbhys0f10.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/ahhhr1v96.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/vkjku6u54.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/fhkmt5r58.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/xrxji5t50.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/iunhj3i09.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.base64.inject.181 found for /home/authorsd/public_html/2EYBE/index.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {HEX}php.nested.base64.663 found for /home/authorsd/public_html/crsbp2b74.php
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-includes/flatpak-builder-run
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/flatpak-builder-run
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/flatpak-builder-run
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/flatpak-builder-run
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/flatpak-builder-run
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/flatpak-builder-run
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/flatpak-builder-run
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/flatpak-builder-run
Jun 20 2024 05:09:31 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Ussamer/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/acme-challenge/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/h/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/alsa_restore
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-content/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-admin/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Havalpatter/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-include/flatpak-builder-run
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {HEX}php.base64.inject.181 found for /home/dreileen/public_html/lXMNu/index.php
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {HEX}php.base64.inject.181 found for /home/dreileen/public_html/eh8P4/index.php
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.2
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.1
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.3
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.2
Jun 20 2024 05:09:32 cp41 maldet(7717): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.1
Jun 20 2024 05:09:33 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/host
Jun 20 2024 05:09:33 cp41 maldet(7717): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/jack_control
Jun 20 2024 05:09:33 cp41 maldet(7717): {scan} scan completed on : files 64061, malware hits 49, cleaned hits 0, time 5317s
Jun 20 2024 05:09:33 cp41 maldet(7717): {scan} scan report saved, to view run: maldet --report 240620-0340.7717
Jun 20 2024 05:09:33 cp41 maldet(7717): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240620-0340.7717
Jun 21 2024 03:17:22 cp41 maldet(24811): {update} checking for available updates...
Jun 21 2024 03:17:22 cp41 maldet(24811): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 21 2024 03:17:22 cp41 maldet(24811): {update} hashing install files and checking against server...
Jun 21 2024 03:17:23 cp41 maldet(24811): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 21 2024 03:17:23 cp41 maldet(24811): {update} latest version already installed.
Jun 21 2024 03:17:23 cp41 maldet(24952): {sigup} performing signature update check...
Jun 21 2024 03:17:23 cp41 maldet(24952): {sigup} local signature set is version 202406191945628
Jun 21 2024 03:17:23 cp41 maldet(24952): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 21 2024 03:17:23 cp41 maldet(24952): {sigup} latest signature set already installed
Jun 21 2024 03:17:23 cp41 maldet(25076): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 21 2024 03:17:24 cp41 maldet(25076): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 21 2024 03:17:24 cp41 maldet(25076): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 21 2024 03:17:24 cp41 maldet(25076): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 21 2024 03:17:24 cp41 maldet(25076): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 21 2024 04:18:17 cp41 maldet(25076): {scan} file list completed in 3653s, found 127 files...
Jun 21 2024 04:18:17 cp41 maldet(25076): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 21 2024 04:18:17 cp41 maldet(25076): {scan} scan of (127 files) in progress...
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.4
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.3
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.7
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.5
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.2
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.6
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.4
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.3
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.7
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.5
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.2
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.8
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.9
Jun 21 2024 04:18:42 cp41 maldet(25076): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/wp-config.tgz.6
Jun 21 2024 04:18:42 cp41 maldet(25076): {scan} scan completed on : files 127, malware hits 14, cleaned hits 0, time 3679s
Jun 21 2024 04:18:42 cp41 maldet(25076): {scan} scan report saved, to view run: maldet --report 240621-0317.25076
Jun 21 2024 04:18:42 cp41 maldet(25076): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240621-0317.25076
Jun 22 2024 03:20:49 cp41 maldet(21608): {update} checking for available updates...
Jun 22 2024 03:20:49 cp41 maldet(21608): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 22 2024 03:20:49 cp41 maldet(21608): {update} hashing install files and checking against server...
Jun 22 2024 03:20:50 cp41 maldet(21608): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 22 2024 03:20:50 cp41 maldet(21608): {update} latest version already installed.
Jun 22 2024 03:20:51 cp41 maldet(21755): {sigup} performing signature update check...
Jun 22 2024 03:20:51 cp41 maldet(21755): {sigup} local signature set is version 202406191945628
Jun 22 2024 03:20:51 cp41 maldet(21755): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 22 2024 03:20:52 cp41 maldet(21755): {sigup} latest signature set already installed
Jun 22 2024 03:20:53 cp41 maldet(21884): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 22 2024 03:20:54 cp41 maldet(21884): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 22 2024 03:20:54 cp41 maldet(21884): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 22 2024 03:20:54 cp41 maldet(21884): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 22 2024 03:20:54 cp41 maldet(21884): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 22 2024 05:13:17 cp41 maldet(21884): {scan} file list completed in 6743s, found 287 files...
Jun 22 2024 05:13:17 cp41 maldet(21884): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 22 2024 05:13:17 cp41 maldet(21884): {scan} scan of (287 files) in progress...
Jun 22 2024 05:13:28 cp41 maldet(21884): {hit} malware hit {HEX}php.base64.inject.182 found for /home/dreileen/public_html/ducky.php
Jun 22 2024 05:13:28 cp41 maldet(21884): {scan} scan completed on : files 287, malware hits 1, cleaned hits 0, time 6755s
Jun 22 2024 05:13:28 cp41 maldet(21884): {scan} scan report saved, to view run: maldet --report 240622-0320.21884
Jun 22 2024 05:13:28 cp41 maldet(21884): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240622-0320.21884
Jun 23 2024 03:48:13 cp41 maldet(10654): {update} checking for available updates...
Jun 23 2024 03:48:14 cp41 maldet(10654): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 23 2024 03:48:14 cp41 maldet(10654): {update} hashing install files and checking against server...
Jun 23 2024 03:48:14 cp41 maldet(10654): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 23 2024 03:48:14 cp41 maldet(10654): {update} latest version already installed.
Jun 23 2024 03:48:14 cp41 maldet(10805): {sigup} performing signature update check...
Jun 23 2024 03:48:14 cp41 maldet(10805): {sigup} local signature set is version 202406191945628
Jun 23 2024 03:48:14 cp41 maldet(10805): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 23 2024 03:48:15 cp41 maldet(10805): {sigup} new signature set 202406223155762 available
Jun 23 2024 03:48:15 cp41 maldet(10805): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 23 2024 03:48:15 cp41 maldet(10805): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 23 2024 03:48:15 cp41 maldet(10805): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 23 2024 03:48:15 cp41 maldet(10805): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 23 2024 03:48:16 cp41 maldet(10805): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 23 2024 03:48:16 cp41 maldet(10805): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 23 2024 03:48:16 cp41 maldet(10805): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 23 2024 03:48:16 cp41 maldet(10805): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 23 2024 03:48:16 cp41 maldet(10805): {sigup} verified md5sum of maldet-clean.tgz
Jun 23 2024 03:48:17 cp41 maldet(10805): {sigup} unpacked and installed maldet-clean.tgz
Jun 23 2024 03:48:17 cp41 maldet(10805): {sigup} signature set update completed
Jun 23 2024 03:48:17 cp41 maldet(10805): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 23 2024 03:48:17 cp41 maldet(11075): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 23 2024 03:48:17 cp41 maldet(11075): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 23 2024 03:48:17 cp41 maldet(11075): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 23 2024 03:48:17 cp41 maldet(11075): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 23 2024 03:48:17 cp41 maldet(11075): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 23 2024 04:56:34 cp41 maldet(11075): {scan} file list completed in 4097s, found 218 files...
Jun 23 2024 04:56:34 cp41 maldet(11075): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 23 2024 04:56:34 cp41 maldet(11075): {scan} scan of (218 files) in progress...
Jun 23 2024 04:56:43 cp41 maldet(11075): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/clolderg/public_html/resources/Kerr,-John-images/alfa-rex.php7
Jun 23 2024 04:56:43 cp41 maldet(11075): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/clolderg/public_html/resources/Kerr,-John-images/alfa-rex.php
Jun 23 2024 04:56:43 cp41 maldet(11075): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/clolderg/public_html/resources/Kerr,-John-images/about.php7
Jun 23 2024 04:56:43 cp41 maldet(11075): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/clolderg/public_html/resources/Kerr,-John-images/alfa-rex.php56
Jun 23 2024 04:56:43 cp41 maldet(11075): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/clolderg/public_html/resources/Kerr,-John-images/about.php
Jun 23 2024 04:56:43 cp41 maldet(11075): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/clolderg/public_html/resources/Kerr,-John-images/alfa-rex.php8
Jun 23 2024 04:56:43 cp41 maldet(11075): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/clolderg/public_html/resources/Kerr,-John-images/wp-login.php
Jun 23 2024 04:56:43 cp41 maldet(11075): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jun 23 2024 04:56:43 cp41 maldet(11075): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jun 23 2024 04:56:43 cp41 maldet(11075): {scan} scan completed on : files 218, malware hits 9, cleaned hits 0, time 4106s
Jun 23 2024 04:56:43 cp41 maldet(11075): {scan} scan report saved, to view run: maldet --report 240623-0348.11075
Jun 23 2024 04:56:43 cp41 maldet(11075): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240623-0348.11075
Jun 24 2024 03:59:28 cp41 maldet(20428): {update} checking for available updates...
Jun 24 2024 03:59:28 cp41 maldet(20428): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 24 2024 03:59:28 cp41 maldet(20428): {update} hashing install files and checking against server...
Jun 24 2024 03:59:28 cp41 maldet(20428): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 24 2024 03:59:28 cp41 maldet(20428): {update} latest version already installed.
Jun 24 2024 03:59:29 cp41 maldet(20576): {sigup} performing signature update check...
Jun 24 2024 03:59:29 cp41 maldet(20576): {sigup} local signature set is version 202406223155762
Jun 24 2024 03:59:29 cp41 maldet(20576): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 24 2024 03:59:29 cp41 maldet(20576): {sigup} latest signature set already installed
Jun 24 2024 03:59:29 cp41 maldet(20696): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 24 2024 03:59:30 cp41 maldet(20696): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 24 2024 03:59:30 cp41 maldet(20696): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 24 2024 03:59:30 cp41 maldet(20696): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 24 2024 03:59:30 cp41 maldet(20696): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 24 2024 04:36:28 cp41 maldet(20696): {scan} file list completed in 2218s, found 147 files...
Jun 24 2024 04:36:28 cp41 maldet(20696): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 24 2024 04:36:28 cp41 maldet(20696): {scan} scan of (147 files) in progress...
Jun 24 2024 04:36:35 cp41 maldet(20696): {hit} malware hit {HEX}php.generic.malware.447 found for /home/audittre/public_html/6f8d7cec/index.php
Jun 24 2024 04:36:35 cp41 maldet(20696): {hit} malware hit {HEX}php.generic.malware.447 found for /home/casadees/public_html/c1b9f6a4/index.php
Jun 24 2024 04:36:35 cp41 maldet(20696): {scan} scan completed on : files 147, malware hits 2, cleaned hits 0, time 2226s
Jun 24 2024 04:36:35 cp41 maldet(20696): {scan} scan report saved, to view run: maldet --report 240624-0359.20696
Jun 24 2024 04:36:35 cp41 maldet(20696): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240624-0359.20696
Jun 25 2024 03:27:36 cp41 maldet(28311): {update} checking for available updates...
Jun 25 2024 03:27:36 cp41 maldet(28311): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 25 2024 03:27:36 cp41 maldet(28311): {update} hashing install files and checking against server...
Jun 25 2024 03:27:37 cp41 maldet(28311): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 25 2024 03:27:37 cp41 maldet(28311): {update} latest version already installed.
Jun 25 2024 03:27:39 cp41 maldet(28499): {sigup} performing signature update check...
Jun 25 2024 03:27:39 cp41 maldet(28499): {sigup} local signature set is version 202406223155762
Jun 25 2024 03:27:39 cp41 maldet(28499): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 25 2024 03:27:39 cp41 maldet(28499): {sigup} latest signature set already installed
Jun 25 2024 03:27:40 cp41 maldet(28622): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 25 2024 03:27:41 cp41 maldet(28622): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 25 2024 03:27:41 cp41 maldet(28622): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 25 2024 03:27:41 cp41 maldet(28622): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 25 2024 03:27:41 cp41 maldet(28622): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 25 2024 05:59:56 cp41 maldet(28622): {scan} file list completed in 9135s, found 629 files...
Jun 25 2024 05:59:56 cp41 maldet(28622): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 25 2024 05:59:56 cp41 maldet(28622): {scan} scan of (629 files) in progress...
Jun 25 2024 06:00:35 cp41 maldet(28622): {hit} malware hit {HEX}php.generic.malware.447 found for /home/audittre/public_html/6f8d7cec/index.php
Jun 25 2024 06:00:35 cp41 maldet(28622): {hit} malware hit {HEX}php.base64.inject.181 found for /home/krisbryl/public_html/8DKDO/index.php
Jun 25 2024 06:00:35 cp41 maldet(28622): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/ducky.php
Jun 25 2024 06:00:35 cp41 maldet(28622): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/sts.php
Jun 25 2024 06:00:35 cp41 maldet(28622): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/SELLEX.zip
Jun 25 2024 06:00:35 cp41 maldet(28622): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/military/public_html/shell_wso.php7
Jun 25 2024 06:00:35 cp41 maldet(28622): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/.well-known/pki-validation/ducky.php
Jun 25 2024 06:00:35 cp41 maldet(28622): {hit} malware hit {HEX}php.base64.inject.181 found for /home/pipedrea/public_html/.well-known/pki-validation/mJjbO/index.php
Jun 25 2024 06:00:35 cp41 maldet(28622): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jun 25 2024 06:00:35 cp41 maldet(28622): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jun 25 2024 06:00:35 cp41 maldet(28622): {scan} scan completed on : files 629, malware hits 10, cleaned hits 0, time 9175s
Jun 25 2024 06:00:35 cp41 maldet(28622): {scan} scan report saved, to view run: maldet --report 240625-0327.28622
Jun 25 2024 06:00:35 cp41 maldet(28622): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240625-0327.28622
Jun 26 2024 03:14:48 cp41 maldet(18813): {update} checking for available updates...
Jun 26 2024 03:14:49 cp41 maldet(18813): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 26 2024 03:14:49 cp41 maldet(18813): {update} hashing install files and checking against server...
Jun 26 2024 03:14:50 cp41 maldet(18813): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 26 2024 03:14:50 cp41 maldet(18813): {update} latest version already installed.
Jun 26 2024 03:14:50 cp41 maldet(18964): {sigup} performing signature update check...
Jun 26 2024 03:14:50 cp41 maldet(18964): {sigup} local signature set is version 202406223155762
Jun 26 2024 03:14:50 cp41 maldet(18964): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 26 2024 03:14:51 cp41 maldet(18964): {sigup} new signature set 202406254122786 available
Jun 26 2024 03:14:51 cp41 maldet(18964): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 26 2024 03:14:51 cp41 maldet(18964): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 26 2024 03:14:51 cp41 maldet(18964): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 26 2024 03:14:51 cp41 maldet(18964): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 26 2024 03:14:52 cp41 maldet(18964): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 26 2024 03:14:52 cp41 maldet(18964): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 26 2024 03:14:52 cp41 maldet(18964): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 26 2024 03:14:53 cp41 maldet(18964): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 26 2024 03:14:53 cp41 maldet(18964): {sigup} verified md5sum of maldet-clean.tgz
Jun 26 2024 03:14:53 cp41 maldet(18964): {sigup} unpacked and installed maldet-clean.tgz
Jun 26 2024 03:14:53 cp41 maldet(18964): {sigup} signature set update completed
Jun 26 2024 03:14:53 cp41 maldet(18964): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 26 2024 03:14:53 cp41 maldet(19232): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 26 2024 03:14:54 cp41 maldet(19232): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 26 2024 03:14:54 cp41 maldet(19232): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 26 2024 03:14:54 cp41 maldet(19232): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 26 2024 03:14:54 cp41 maldet(19232): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 26 2024 07:15:28 cp41 maldet(19232): {scan} file list completed in 14433s, found 66141 files...
Jun 26 2024 07:15:28 cp41 maldet(19232): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 26 2024 07:15:28 cp41 maldet(19232): {scan} scan of (66141 files) in progress...
Jun 26 2024 07:19:30 cp41 maldet(19232): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.4
Jun 26 2024 07:19:30 cp41 maldet(19232): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz
Jun 26 2024 07:19:30 cp41 maldet(19232): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.3
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.7
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.5
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/krisbryl/public_html/cache/c/b/c/a/index.php
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.2
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.1
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/cache/b/d/e/c/index.php
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/cache/b/d/a/c/options.php
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/krisbryl/public_html/cache/wp-config.tgz.6
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/SELLEX.zip
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/.well-known/pki-validation/wp-foter.php
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jun 26 2024 07:19:31 cp41 maldet(19232): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jun 26 2024 07:19:31 cp41 maldet(19232): {scan} scan completed on : files 66141, malware hits 15, cleaned hits 0, time 14678s
Jun 26 2024 07:19:31 cp41 maldet(19232): {scan} scan report saved, to view run: maldet --report 240626-0314.19232
Jun 26 2024 07:19:31 cp41 maldet(19232): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240626-0314.19232
Jun 27 2024 03:30:32 cp41 maldet(30870): {update} checking for available updates...
Jun 27 2024 03:30:32 cp41 maldet(30870): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 27 2024 03:30:32 cp41 maldet(30870): {update} hashing install files and checking against server...
Jun 27 2024 03:30:42 cp41 maldet(30870): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 27 2024 03:30:42 cp41 maldet(30870): {update} latest version already installed.
Jun 27 2024 03:30:51 cp41 maldet(31245): {sigup} performing signature update check...
Jun 27 2024 03:30:51 cp41 maldet(31245): {sigup} local signature set is version 202406254122786
Jun 27 2024 03:30:59 cp41 maldet(31245): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 27 2024 03:31:04 cp41 maldet(31245): {sigup} latest signature set already installed
Jun 27 2024 03:31:22 cp41 maldet(31612): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 27 2024 03:31:51 cp41 maldet(31612): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 27 2024 03:31:51 cp41 maldet(31612): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 27 2024 03:31:51 cp41 maldet(31612): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 27 2024 03:31:51 cp41 maldet(31612): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 27 2024 07:29:11 cp41 maldet(31612): {scan} file list completed in 14239s, found 35081 files...
Jun 27 2024 07:29:11 cp41 maldet(31612): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 27 2024 07:29:11 cp41 maldet(31612): {scan} scan of (35081 files) in progress...
Jun 27 2024 07:37:19 cp41 maldet(31612): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jun 27 2024 07:37:19 cp41 maldet(31612): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jun 27 2024 07:37:19 cp41 maldet(31612): {scan} scan completed on : files 35081, malware hits 2, cleaned hits 0, time 14757s
Jun 27 2024 07:37:19 cp41 maldet(31612): {scan} scan report saved, to view run: maldet --report 240627-0331.31612
Jun 27 2024 07:37:19 cp41 maldet(31612): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240627-0331.31612
Jun 28 2024 03:28:48 cp41 maldet(18253): {update} checking for available updates...
Jun 28 2024 03:28:49 cp41 maldet(18253): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 28 2024 03:28:50 cp41 maldet(18253): {update} hashing install files and checking against server...
Jun 28 2024 03:28:53 cp41 maldet(18253): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 28 2024 03:28:54 cp41 maldet(18253): {update} latest version already installed.
Jun 28 2024 03:28:55 cp41 maldet(18544): {sigup} performing signature update check...
Jun 28 2024 03:28:55 cp41 maldet(18544): {sigup} local signature set is version 202406254122786
Jun 28 2024 03:28:55 cp41 maldet(18544): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 28 2024 03:28:57 cp41 maldet(18544): {sigup} latest signature set already installed
Jun 28 2024 03:29:05 cp41 maldet(18722): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 28 2024 03:29:07 cp41 maldet(18722): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 28 2024 03:29:07 cp41 maldet(18722): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 28 2024 03:29:07 cp41 maldet(18722): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 28 2024 03:29:07 cp41 maldet(18722): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 28 2024 06:44:01 cp41 maldet(18722): {scan} file list completed in 11693s, found 172 files...
Jun 28 2024 06:44:01 cp41 maldet(18722): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 28 2024 06:44:01 cp41 maldet(18722): {scan} scan of (172 files) in progress...
Jun 28 2024 06:44:08 cp41 maldet(18722): {hit} malware hit {HEX}php.nested.base64.652 found for /home/darkhors/public_html/wp-includes/certificates/blocks/ID3/wp/SntRVQcud.php
Jun 28 2024 06:44:08 cp41 maldet(18722): {hit} malware hit {HEX}php.exe.globals.416 found for /home/darkhors/public_html/wp-includes/ggwxmc.php
Jun 28 2024 06:44:08 cp41 maldet(18722): {hit} malware hit {HEX}php.exe.globals.416 found for /home/darkhors/public_html/wp-includes/kuhmnc.php
Jun 28 2024 06:44:08 cp41 maldet(18722): {hit} malware hit {YARA}eval_post found for /home/darkhors/public_html/well-known/pki-validation/d/b/b/DJpBJ.php
Jun 28 2024 06:44:08 cp41 maldet(18722): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jun 28 2024 06:44:08 cp41 maldet(18722): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jun 28 2024 06:44:08 cp41 maldet(18722): {scan} scan completed on : files 172, malware hits 6, cleaned hits 0, time 11703s
Jun 28 2024 06:44:08 cp41 maldet(18722): {scan} scan report saved, to view run: maldet --report 240628-0328.18722
Jun 28 2024 06:44:08 cp41 maldet(18722): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240628-0328.18722
Jun 29 2024 03:30:02 cp41 maldet(7085): {update} checking for available updates...
Jun 29 2024 03:30:03 cp41 maldet(7085): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 29 2024 03:30:03 cp41 maldet(7085): {update} hashing install files and checking against server...
Jun 29 2024 03:30:03 cp41 maldet(7085): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 29 2024 03:30:03 cp41 maldet(7085): {update} latest version already installed.
Jun 29 2024 03:30:05 cp41 maldet(7377): {sigup} performing signature update check...
Jun 29 2024 03:30:05 cp41 maldet(7377): {sigup} local signature set is version 202406254122786
Jun 29 2024 03:30:06 cp41 maldet(7377): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 29 2024 03:30:07 cp41 maldet(7377): {sigup} new signature set 20240628719054 available
Jun 29 2024 03:30:07 cp41 maldet(7377): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 29 2024 03:30:07 cp41 maldet(7377): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 29 2024 03:30:07 cp41 maldet(7377): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 29 2024 03:30:07 cp41 maldet(7377): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 29 2024 03:30:07 cp41 maldet(7377): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 29 2024 03:30:08 cp41 maldet(7377): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 29 2024 03:30:08 cp41 maldet(7377): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 29 2024 03:30:14 cp41 maldet(7377): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 29 2024 03:30:14 cp41 maldet(7377): {sigup} verified md5sum of maldet-clean.tgz
Jun 29 2024 03:30:16 cp41 maldet(7377): {sigup} unpacked and installed maldet-clean.tgz
Jun 29 2024 03:30:16 cp41 maldet(7377): {sigup} signature set update completed
Jun 29 2024 03:30:16 cp41 maldet(7377): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 29 2024 03:30:17 cp41 maldet(7692): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 29 2024 03:30:21 cp41 maldet(7692): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 29 2024 03:30:21 cp41 maldet(7692): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 29 2024 03:30:21 cp41 maldet(7692): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 29 2024 03:30:21 cp41 maldet(7692): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 29 2024 07:52:22 cp41 maldet(7692): {scan} file list completed in 15721s, found 292 files...
Jun 29 2024 07:52:22 cp41 maldet(7692): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 29 2024 07:52:22 cp41 maldet(7692): {scan} scan of (292 files) in progress...
Jun 29 2024 07:52:30 cp41 maldet(7692): {hit} malware hit {HEX}php.base64.inject.182 found for /home/briancol/public_html/images/plugins/index.php
Jun 29 2024 07:52:30 cp41 maldet(7692): {hit} malware hit {HEX}php.nested.base64.652 found for /home/darkhors/public_html/wp-includes/js/wp/sEHIQ.php
Jun 29 2024 07:52:30 cp41 maldet(7692): {hit} malware hit {HEX}php.exe.globals.416 found for /home/darkhors/public_html/wp-includes/kgcute.php
Jun 29 2024 07:52:30 cp41 maldet(7692): {hit} malware hit {YARA}eval_post found for /home/darkhors/public_html/wp-admin/images/ZSGopQgNxg.php
Jun 29 2024 07:52:30 cp41 maldet(7692): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jun 29 2024 07:52:30 cp41 maldet(7692): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jun 29 2024 07:52:30 cp41 maldet(7692): {scan} scan completed on : files 292, malware hits 6, cleaned hits 0, time 15733s
Jun 29 2024 07:52:30 cp41 maldet(7692): {scan} scan report saved, to view run: maldet --report 240629-0330.7692
Jun 29 2024 07:52:30 cp41 maldet(7692): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240629-0330.7692
Jun 30 2024 03:35:09 cp41 maldet(20936): {update} checking for available updates...
Jun 30 2024 03:35:09 cp41 maldet(20936): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 30 2024 03:35:09 cp41 maldet(20936): {update} hashing install files and checking against server...
Jun 30 2024 03:35:09 cp41 maldet(20936): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 30 2024 03:35:09 cp41 maldet(20936): {update} latest version already installed.
Jun 30 2024 03:35:09 cp41 maldet(21080): {sigup} performing signature update check...
Jun 30 2024 03:35:10 cp41 maldet(21080): {sigup} local signature set is version 20240628719054
Jun 30 2024 03:35:10 cp41 maldet(21080): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 30 2024 03:35:10 cp41 maldet(21080): {sigup} latest signature set already installed
Jun 30 2024 03:35:10 cp41 maldet(21200): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 30 2024 03:35:11 cp41 maldet(21200): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 30 2024 03:35:11 cp41 maldet(21200): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jun 30 2024 03:35:11 cp41 maldet(21200): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 30 2024 03:35:11 cp41 maldet(21200): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jun 30 2024 06:51:44 cp41 maldet(21200): {scan} file list completed in 11793s, found 59 files...
Jun 30 2024 06:51:44 cp41 maldet(21200): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 30 2024 06:51:44 cp41 maldet(21200): {scan} scan of (59 files) in progress...
Jun 30 2024 06:51:49 cp41 maldet(21200): {hit} malware hit {HEX}php.base64.inject.182 found for /home/authorsd/public_html/zwso.php
Jun 30 2024 06:51:49 cp41 maldet(21200): {hit} malware hit {HEX}php.base64.inject.182 found for /home/briancol/public_html/images/plugins/index.php
Jun 30 2024 06:51:49 cp41 maldet(21200): {scan} scan completed on : files 59, malware hits 2, cleaned hits 0, time 11799s
Jun 30 2024 06:51:49 cp41 maldet(21200): {scan} scan report saved, to view run: maldet --report 240630-0335.21200
Jun 30 2024 06:51:49 cp41 maldet(21200): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240630-0335.21200
Jul 01 2024 03:51:33 cp41 maldet(3652): {update} checking for available updates...
Jul 01 2024 03:51:47 cp41 maldet(3652): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 01 2024 03:51:47 cp41 maldet(3652): {update} hashing install files and checking against server...
Jul 01 2024 03:52:05 cp41 maldet(3652): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 01 2024 03:52:10 cp41 maldet(3652): {update} latest version already installed.
Jul 01 2024 03:52:30 cp41 maldet(4245): {sigup} performing signature update check...
Jul 01 2024 03:52:32 cp41 maldet(4245): {sigup} local signature set is version 20240628719054
Jul 01 2024 03:52:40 cp41 maldet(4245): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 01 2024 03:52:46 cp41 maldet(4245): {sigup} latest signature set already installed
Jul 01 2024 03:52:58 cp41 maldet(4724): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 01 2024 03:53:51 cp41 maldet(4724): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 01 2024 03:53:51 cp41 maldet(4724): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 01 2024 03:53:51 cp41 maldet(4724): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 01 2024 03:53:51 cp41 maldet(4724): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 01 2024 16:57:09 cp41 maldet(4724): {scan} file list completed in 46998s, found 34555 files...
Jul 01 2024 16:57:09 cp41 maldet(4724): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 01 2024 16:57:09 cp41 maldet(4724): {scan} scan of (34555 files) in progress...
Jul 01 2024 17:18:26 cp41 maldet(4724): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/cache/e/h/c/e/index.php
Jul 01 2024 17:18:26 cp41 maldet(4724): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/krisbryl/public_html/cache/c/a/h/h/index.php
Jul 01 2024 17:18:26 cp41 maldet(4724): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/cache/c/h/g/b/index.php
Jul 01 2024 17:18:26 cp41 maldet(4724): {hit} malware hit {YARA}spam_mailer found for /home/krisbryl/public_html/cache/h/e/f/a/index.php
Jul 01 2024 17:18:26 cp41 maldet(4724): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/krisbryl/public_html/cache/h/a/g/b/index.php
Jul 01 2024 17:18:26 cp41 maldet(4724): {hit} malware hit {YARA}spam_mailer found for /home/krisbryl/public_html/cache/b/h/c/b/index.php
Jul 01 2024 17:18:26 cp41 maldet(4724): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/cache/b/b/c/a/index.php
Jul 01 2024 17:18:26 cp41 maldet(4724): {hit} malware hit {YARA}spam_mailer found for /home/krisbryl/public_html/cache/b/g/g/h/index.php
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/cache/f/e/b/d/index.php
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/cache/f/a/a/f/index.php
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/cache/d/d/f/b/index.php
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/cache/d/g/c/c/index.php
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/cache/g/a/f/a/index.php
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {HEX}php.base64.inject.182 found for /home/krisbryl/public_html/cache/g/b/c/a/options.php
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/krisbryl/public_html/cache/g/b/a/f/defaults.php
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-config.tgz
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {HEX}php.nested.base64.663 found for /home/military/public_html/cache/x404sh.php
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/cache/g/h/e/f/xavkryvx.php
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jul 01 2024 17:18:27 cp41 maldet(4724): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jul 01 2024 17:18:28 cp41 maldet(4724): {scan} scan completed on : files 34555, malware hits 20, cleaned hits 0, time 48329s
Jul 01 2024 17:18:28 cp41 maldet(4724): {scan} scan report saved, to view run: maldet --report 240701-0352.4724
Jul 01 2024 17:18:28 cp41 maldet(4724): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240701-0352.4724
Jul 02 2024 03:58:53 cp41 maldet(23353): {update} checking for available updates...
Jul 02 2024 03:59:01 cp41 maldet(23353): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 02 2024 03:59:01 cp41 maldet(23353): {update} hashing install files and checking against server...
Jul 02 2024 03:59:06 cp41 maldet(23353): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 02 2024 03:59:06 cp41 maldet(23353): {update} latest version already installed.
Jul 02 2024 03:59:11 cp41 maldet(23764): {sigup} performing signature update check...
Jul 02 2024 03:59:11 cp41 maldet(23764): {sigup} local signature set is version 20240628719054
Jul 02 2024 03:59:21 cp41 maldet(23764): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 02 2024 03:59:24 cp41 maldet(23764): {sigup} new signature set 202407011471467 available
Jul 02 2024 03:59:25 cp41 maldet(23764): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 02 2024 03:59:44 cp41 maldet(23764): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 02 2024 03:59:44 cp41 maldet(23764): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 02 2024 03:59:44 cp41 maldet(23764): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 02 2024 03:59:49 cp41 maldet(23764): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 02 2024 03:59:51 cp41 maldet(23764): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 02 2024 03:59:51 cp41 maldet(23764): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 02 2024 04:01:03 cp41 maldet(23764): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 02 2024 04:01:12 cp41 maldet(23764): {sigup} verified md5sum of maldet-clean.tgz
Jul 02 2024 04:01:15 cp41 maldet(23764): {sigup} unpacked and installed maldet-clean.tgz
Jul 02 2024 04:01:15 cp41 maldet(23764): {sigup} signature set update completed
Jul 02 2024 04:01:15 cp41 maldet(23764): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 02 2024 04:01:15 cp41 maldet(25887): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 02 2024 04:01:35 cp41 maldet(25887): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 02 2024 04:01:35 cp41 maldet(25887): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 02 2024 04:01:40 cp41 maldet(25887): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 02 2024 04:01:42 cp41 maldet(25887): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 02 2024 08:57:13 cp41 maldet(25887): {scan} file list completed in 17731s, found 34032 files...
Jul 02 2024 08:57:13 cp41 maldet(25887): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 02 2024 08:57:13 cp41 maldet(25887): {scan} scan of (34032 files) in progress...
Jul 02 2024 09:04:04 cp41 maldet(25887): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 02 2024 09:04:04 cp41 maldet(25887): {hit} malware hit {HEX}php.base64.inject.182 found for /home/authorsd/public_html/fyux.php
Jul 02 2024 09:04:04 cp41 maldet(25887): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/cache/g/h/e/f/xavkryvx.php
Jul 02 2024 09:04:04 cp41 maldet(25887): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/tate.php
Jul 02 2024 09:04:04 cp41 maldet(25887): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/obcxkuqh.php
Jul 02 2024 09:04:04 cp41 maldet(25887): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/.well-known/pki-validation/fyux.php
Jul 02 2024 09:04:04 cp41 maldet(25887): {scan} scan completed on : files 34032, malware hits 6, cleaned hits 0, time 18169s
Jul 02 2024 09:04:04 cp41 maldet(25887): {scan} scan report saved, to view run: maldet --report 240702-0401.25887
Jul 02 2024 09:04:04 cp41 maldet(25887): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240702-0401.25887
Jul 03 2024 03:27:06 cp41 maldet(21602): {update} checking for available updates...
Jul 03 2024 03:27:09 cp41 maldet(21602): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 03 2024 03:27:09 cp41 maldet(21602): {update} hashing install files and checking against server...
Jul 03 2024 03:27:09 cp41 maldet(21602): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 03 2024 03:27:09 cp41 maldet(21602): {update} latest version already installed.
Jul 03 2024 03:27:14 cp41 maldet(21818): {sigup} performing signature update check...
Jul 03 2024 03:27:14 cp41 maldet(21818): {sigup} local signature set is version 202407011471467
Jul 03 2024 03:27:15 cp41 maldet(21818): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 03 2024 03:27:15 cp41 maldet(21818): {sigup} latest signature set already installed
Jul 03 2024 03:27:18 cp41 maldet(21967): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 03 2024 03:27:29 cp41 maldet(21967): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 03 2024 03:27:29 cp41 maldet(21967): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 03 2024 03:27:29 cp41 maldet(21967): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 03 2024 03:27:29 cp41 maldet(21967): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 03 2024 10:59:40 cp41 maldet(21967): {scan} file list completed in 27130s, found 487 files...
Jul 03 2024 10:59:40 cp41 maldet(21967): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 03 2024 10:59:40 cp41 maldet(21967): {scan} scan of (487 files) in progress...
Jul 03 2024 11:00:16 cp41 maldet(21967): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 03 2024 11:00:17 cp41 maldet(21967): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/.well-known/pki-validation/fyux.php
Jul 03 2024 11:00:17 cp41 maldet(21967): {hit} malware hit {YARA}eval_post found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-JX4H3S/tmp/phpOfL3B0
Jul 03 2024 11:00:17 cp41 maldet(21967): {hit} malware hit {YARA}eval_post found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-JX4H3S/tmp/php7EcbeQ
Jul 03 2024 11:00:17 cp41 maldet(21967): {scan} scan completed on : files 487, malware hits 4, cleaned hits 0, time 27178s
Jul 03 2024 11:00:17 cp41 maldet(21967): {scan} scan report saved, to view run: maldet --report 240703-0327.21967
Jul 03 2024 11:00:17 cp41 maldet(21967): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240703-0327.21967
Jul 04 2024 04:00:20 cp41 maldet(16391): {update} checking for available updates...
Jul 04 2024 04:00:23 cp41 maldet(16391): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 04 2024 04:00:23 cp41 maldet(16391): {update} hashing install files and checking against server...
Jul 04 2024 04:00:28 cp41 maldet(16391): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 04 2024 04:00:28 cp41 maldet(16391): {update} latest version already installed.
Jul 04 2024 04:00:31 cp41 maldet(16738): {sigup} performing signature update check...
Jul 04 2024 04:00:31 cp41 maldet(16738): {sigup} local signature set is version 202407011471467
Jul 04 2024 04:00:33 cp41 maldet(16738): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 04 2024 04:00:41 cp41 maldet(16738): {sigup} latest signature set already installed
Jul 04 2024 04:00:56 cp41 maldet(16997): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 04 2024 04:01:13 cp41 maldet(16997): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 04 2024 04:01:13 cp41 maldet(16997): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 04 2024 04:01:13 cp41 maldet(16997): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 04 2024 04:01:13 cp41 maldet(16997): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 04 2024 10:19:43 cp41 maldet(16997): {scan} file list completed in 22710s, found 493 files...
Jul 04 2024 10:19:43 cp41 maldet(16997): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 04 2024 10:19:44 cp41 maldet(16997): {scan} scan of (493 files) in progress...
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/luxx.php
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/.well-known/pki-validation/luxx.php
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/_wildcard_.set1hbookey.net/ika3E/index.php
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/404UJH1/ipanainte-WHMCS-client.txt404/index.php
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/404UJH1/jishnum-Magento-shop.txt404/index.php
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/404UJH1/bryansch-WHMCS-control.txt404/index.php
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/YVem2/index.php
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/.well-known/pki-validation/index.php
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/.well-known/a8bew/index.php
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/.well-known/acme-challenge/index.php
Jul 04 2024 10:20:22 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/blog/index.php
Jul 04 2024 10:20:23 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/gendocs/index.php
Jul 04 2024 10:20:23 cp41 maldet(16997): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/gendocs/.well-known/acme-challenge/index.php
Jul 04 2024 10:20:23 cp41 maldet(16997): {hit} malware hit {YARA}eval_post found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-JX4H3S/tmp/phpOfL3B0
Jul 04 2024 10:20:23 cp41 maldet(16997): {hit} malware hit {YARA}eval_post found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-JX4H3S/tmp/php7EcbeQ
Jul 04 2024 10:20:23 cp41 maldet(16997): {scan} scan completed on : files 493, malware hits 16, cleaned hits 0, time 22767s
Jul 04 2024 10:20:23 cp41 maldet(16997): {scan} scan report saved, to view run: maldet --report 240704-0400.16997
Jul 04 2024 10:20:23 cp41 maldet(16997): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240704-0400.16997
Jul 05 2024 03:24:04 cp41 maldet(1763): {update} checking for available updates...
Jul 05 2024 03:24:21 cp41 maldet(1763): {update} could not download https://cdn.rfxn.com/downloads/maldet.current.ver, please try again later.
Jul 05 2024 03:24:21 cp41 maldet(1763): {update} could not download version file from server, please try again later.
Jul 05 2024 03:24:58 cp41 maldet(2265): {sigup} performing signature update check...
Jul 05 2024 03:24:59 cp41 maldet(2265): {sigup} local signature set is version 202407011471467
Jul 05 2024 03:25:05 cp41 maldet(2265): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 05 2024 03:25:06 cp41 maldet(2265): {sigup} new signature set 202407042224247 available
Jul 05 2024 03:25:07 cp41 maldet(2265): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 05 2024 03:25:15 cp41 maldet(2265): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 05 2024 03:25:26 cp41 maldet(2265): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 05 2024 03:25:26 cp41 maldet(2265): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 05 2024 03:25:44 cp41 maldet(2265): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 05 2024 03:25:50 cp41 maldet(2265): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 05 2024 03:25:51 cp41 maldet(2265): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 05 2024 03:26:36 cp41 maldet(2265): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 05 2024 03:26:37 cp41 maldet(2265): {sigup} verified md5sum of maldet-clean.tgz
Jul 05 2024 03:26:39 cp41 maldet(2265): {sigup} unpacked and installed maldet-clean.tgz
Jul 05 2024 03:26:39 cp41 maldet(2265): {sigup} signature set update completed
Jul 05 2024 03:26:39 cp41 maldet(2265): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 05 2024 03:26:44 cp41 maldet(3983): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 05 2024 03:27:05 cp41 maldet(3983): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 05 2024 03:27:05 cp41 maldet(3983): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 05 2024 03:27:05 cp41 maldet(3983): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 05 2024 03:27:05 cp41 maldet(3983): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 05 2024 07:46:56 cp41 maldet(3983): {scan} file list completed in 15591s, found 974 files...
Jul 05 2024 07:46:56 cp41 maldet(3983): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 05 2024 07:46:56 cp41 maldet(3983): {scan} scan of (974 files) in progress...
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-content/product.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-admin/item.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/_wildcard_.set1hbookey.net/ika3E/index.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/404UJH1/ipanainte-WHMCS-client.txt404/index.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/404UJH1/jishnum-Magento-shop.txt404/index.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/404UJH1/bryansch-WHMCS-control.txt404/index.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/YVem2/index.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/.well-known/pki-validation/index.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/.well-known/a8bew/index.php
Jul 05 2024 07:47:49 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/.well-known/acme-challenge/index.php
Jul 05 2024 07:47:50 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/blog/index.php
Jul 05 2024 07:47:50 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/gendocs/index.php
Jul 05 2024 07:47:50 cp41 maldet(3983): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/gendocs/.well-known/acme-challenge/index.php
Jul 05 2024 07:47:50 cp41 maldet(3983): {hit} malware hit {YARA}eval_post found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-JX4H3S/tmp/phpsOl8K0
Jul 05 2024 07:47:50 cp41 maldet(3983): {scan} scan completed on : files 974, malware hits 17, cleaned hits 0, time 15666s
Jul 05 2024 07:47:50 cp41 maldet(3983): {scan} scan report saved, to view run: maldet --report 240705-0326.3983
Jul 05 2024 07:47:50 cp41 maldet(3983): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240705-0326.3983
Jul 06 2024 03:19:24 cp41 maldet(9344): {update} checking for available updates...
Jul 06 2024 03:19:31 cp41 maldet(9344): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 06 2024 03:19:31 cp41 maldet(9344): {update} hashing install files and checking against server...
Jul 06 2024 03:19:35 cp41 maldet(9344): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 06 2024 03:19:35 cp41 maldet(9344): {update} latest version already installed.
Jul 06 2024 03:19:41 cp41 maldet(9713): {sigup} performing signature update check...
Jul 06 2024 03:19:42 cp41 maldet(9713): {sigup} local signature set is version 202407042224247
Jul 06 2024 03:19:43 cp41 maldet(9713): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 06 2024 03:19:45 cp41 maldet(9713): {sigup} latest signature set already installed
Jul 06 2024 03:19:50 cp41 maldet(9955): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 06 2024 03:20:05 cp41 maldet(9955): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 06 2024 03:20:05 cp41 maldet(9955): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 06 2024 03:20:06 cp41 maldet(9955): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 06 2024 03:20:12 cp41 maldet(9955): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 06 2024 11:06:14 cp41 maldet(9955): {scan} file list completed in 27967s, found 92235 files...
Jul 06 2024 11:06:14 cp41 maldet(9955): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 06 2024 11:06:14 cp41 maldet(9955): {scan} scan of (92235 files) in progress...
Jul 06 2024 12:07:51 cp41 maldet(9955): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 06 2024 12:07:51 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.4
Jul 06 2024 12:07:51 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.12
Jul 06 2024 12:07:51 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.10.1
Jul 06 2024 12:07:51 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.3
Jul 06 2024 12:07:51 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.7
Jul 06 2024 12:07:51 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.10
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.5
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.11
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.2
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.8
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.9
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.1
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.13
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.11.1
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.14
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/military/public_html/wp-admin/wp-config.tgz.6
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-content/product.php
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-admin/item.php
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/.well-known/acme-challenge/zwso.php
Jul 06 2024 12:07:52 cp41 maldet(9955): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/.well-known/acme-challenge/wp-conf.php
Jul 06 2024 12:07:52 cp41 maldet(9955): {scan} scan completed on : files 92235, malware hits 21, cleaned hits 0, time 31682s
Jul 06 2024 12:07:52 cp41 maldet(9955): {scan} scan report saved, to view run: maldet --report 240706-0319.9955
Jul 06 2024 12:07:52 cp41 maldet(9955): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240706-0319.9955
Jul 07 2024 03:52:36 cp41 maldet(16980): {update} checking for available updates...
Jul 07 2024 03:52:36 cp41 maldet(16980): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 07 2024 03:52:36 cp41 maldet(16980): {update} hashing install files and checking against server...
Jul 07 2024 03:52:36 cp41 maldet(16980): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 07 2024 03:52:36 cp41 maldet(16980): {update} latest version already installed.
Jul 07 2024 03:52:37 cp41 maldet(17168): {sigup} performing signature update check...
Jul 07 2024 03:52:37 cp41 maldet(17168): {sigup} local signature set is version 202407042224247
Jul 07 2024 03:52:38 cp41 maldet(17168): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 07 2024 03:52:38 cp41 maldet(17168): {sigup} latest signature set already installed
Jul 07 2024 03:52:39 cp41 maldet(17323): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 07 2024 03:52:40 cp41 maldet(17323): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 07 2024 03:52:40 cp41 maldet(17323): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 07 2024 03:52:40 cp41 maldet(17323): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 07 2024 03:52:40 cp41 maldet(17323): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 07 2024 07:48:16 cp41 maldet(17323): {scan} file list completed in 14136s, found 7127 files...
Jul 07 2024 07:48:16 cp41 maldet(17323): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 07 2024 07:48:16 cp41 maldet(17323): {scan} scan of (7127 files) in progress...
Jul 07 2024 07:49:15 cp41 maldet(17323): {hit} malware hit {HEX}php.nested.base64.663 found for /home/military/public_html/wp-admin/includes/themes4.php
Jul 07 2024 07:49:16 cp41 maldet(17323): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jul 07 2024 07:49:16 cp41 maldet(17323): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jul 07 2024 07:49:16 cp41 maldet(17323): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/.well-known/acme-challenge/zwso.php
Jul 07 2024 07:49:16 cp41 maldet(17323): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/.well-known/acme-challenge/wp-conf.php
Jul 07 2024 07:49:16 cp41 maldet(17323): {scan} scan completed on : files 7127, malware hits 5, cleaned hits 0, time 14197s
Jul 07 2024 07:49:16 cp41 maldet(17323): {scan} scan report saved, to view run: maldet --report 240707-0352.17323
Jul 07 2024 07:49:16 cp41 maldet(17323): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240707-0352.17323
Jul 08 2024 03:44:47 cp41 maldet(10581): {update} checking for available updates...
Jul 08 2024 03:44:48 cp41 maldet(10581): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 08 2024 03:44:48 cp41 maldet(10581): {update} hashing install files and checking against server...
Jul 08 2024 03:44:48 cp41 maldet(10581): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 08 2024 03:44:48 cp41 maldet(10581): {update} latest version already installed.
Jul 08 2024 03:44:48 cp41 maldet(10746): {sigup} performing signature update check...
Jul 08 2024 03:44:48 cp41 maldet(10746): {sigup} local signature set is version 202407042224247
Jul 08 2024 03:44:48 cp41 maldet(10746): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 08 2024 03:44:49 cp41 maldet(10746): {sigup} new signature set 202407072976550 available
Jul 08 2024 03:44:49 cp41 maldet(10746): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 08 2024 03:44:49 cp41 maldet(10746): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 08 2024 03:44:50 cp41 maldet(10746): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 08 2024 03:44:50 cp41 maldet(10746): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 08 2024 03:44:50 cp41 maldet(10746): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 08 2024 03:44:50 cp41 maldet(10746): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 08 2024 03:44:50 cp41 maldet(10746): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 08 2024 03:44:51 cp41 maldet(10746): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 08 2024 03:44:51 cp41 maldet(10746): {sigup} verified md5sum of maldet-clean.tgz
Jul 08 2024 03:44:51 cp41 maldet(10746): {sigup} unpacked and installed maldet-clean.tgz
Jul 08 2024 03:44:51 cp41 maldet(10746): {sigup} signature set update completed
Jul 08 2024 03:44:51 cp41 maldet(10746): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 08 2024 03:44:51 cp41 maldet(11020): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 08 2024 03:44:52 cp41 maldet(11020): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 08 2024 03:44:52 cp41 maldet(11020): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 08 2024 03:44:52 cp41 maldet(11020): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 08 2024 03:44:52 cp41 maldet(11020): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 08 2024 08:05:35 cp41 maldet(11020): {scan} file list completed in 15641s, found 77695 files...
Jul 08 2024 08:05:35 cp41 maldet(11020): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 08 2024 08:05:36 cp41 maldet(11020): {scan} scan of (77695 files) in progress...
Jul 08 2024 09:03:13 cp41 maldet(11020): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 08 2024 09:03:13 cp41 maldet(11020): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/wp-includes/zwso.php
Jul 08 2024 09:03:13 cp41 maldet(11020): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/wp-admin/luxx.php
Jul 08 2024 09:03:13 cp41 maldet(11020): {hit} malware hit {YARA}php_in_image found for /home/military/public_html/wp-admin/qjj.php
Jul 08 2024 09:03:13 cp41 maldet(11020): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/.well-known/acme-challenge/luxx.php
Jul 08 2024 09:03:16 cp41 maldet(11020): {scan} scan completed on : files 77695, malware hits 5, cleaned hits 0, time 19102s
Jul 08 2024 09:03:16 cp41 maldet(11020): {scan} scan report saved, to view run: maldet --report 240708-0344.11020
Jul 08 2024 09:03:16 cp41 maldet(11020): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240708-0344.11020
Jul 09 2024 03:25:54 cp41 maldet(17671): {update} checking for available updates...
Jul 09 2024 03:25:57 cp41 maldet(17671): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 09 2024 03:25:57 cp41 maldet(17671): {update} hashing install files and checking against server...
Jul 09 2024 03:26:05 cp41 maldet(17671): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 09 2024 03:26:05 cp41 maldet(17671): {update} latest version already installed.
Jul 09 2024 03:26:10 cp41 maldet(18036): {sigup} performing signature update check...
Jul 09 2024 03:26:10 cp41 maldet(18036): {sigup} local signature set is version 202407072976550
Jul 09 2024 03:26:15 cp41 maldet(18036): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 09 2024 03:26:16 cp41 maldet(18036): {sigup} latest signature set already installed
Jul 09 2024 03:26:17 cp41 maldet(18351): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 09 2024 03:26:28 cp41 maldet(18351): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 09 2024 03:26:28 cp41 maldet(18351): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 09 2024 03:26:28 cp41 maldet(18351): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 09 2024 03:26:28 cp41 maldet(18351): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 09 2024 11:27:56 cp41 maldet(18351): {scan} file list completed in 28887s, found 34907 files...
Jul 09 2024 11:27:56 cp41 maldet(18351): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 09 2024 11:27:56 cp41 maldet(18351): {scan} scan of (34907 files) in progress...
Jul 09 2024 11:51:30 cp41 maldet(18351): {hit} malware hit {YARA}php_in_image found for /home/military/public_html/wp-admin/ybu.php
Jul 09 2024 11:51:30 cp41 maldet(18351): {hit} malware hit {YARA}php_in_image found for /home/military/public_html/wp-admin/pal.php
Jul 09 2024 11:51:30 cp41 maldet(18351): {hit} malware hit {YARA}php_in_image found for /home/military/public_html/wp-admin/qjj.php
Jul 09 2024 11:51:30 cp41 maldet(18351): {hit} malware hit {HEX}php.inject.miner2a2.490 found for /home/pipedrea/public_html/gof/.534e2dee.ico
Jul 09 2024 11:51:30 cp41 maldet(18351): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/cpanelanalytics-IPB.txt404/index.php
Jul 09 2024 11:51:30 cp41 maldet(18351): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/cpanelroundcube-OpenCart.txt404/index.php
Jul 09 2024 11:51:30 cp41 maldet(18351): {hit} malware hit {YARA}spam_mailer found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/ibherbme-Hostbills.txt404/index.php
Jul 09 2024 11:51:30 cp41 maldet(18351): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/joseph-Magento.txt404/product.php
Jul 09 2024 11:51:31 cp41 maldet(18351): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/tkent-Drupal.txt404/options.php
Jul 09 2024 11:51:31 cp41 maldet(18351): {hit} malware hit {YARA}md5_4aa900ddd4f1848a15c61a9b7acd5035 found for /home/pipedrea/public_html/assets/colors/form.php
Jul 09 2024 11:51:31 cp41 maldet(18351): {hit} malware hit {YARA}md5_4aa900ddd4f1848a15c61a9b7acd5035 found for /home/pipedrea/public_html/assets/colors/get.php
Jul 09 2024 11:51:31 cp41 maldet(18351): {hit} malware hit {YARA}md5_4aa900ddd4f1848a15c61a9b7acd5035 found for /home/pipedrea/public_html/assets/colors/go.php
Jul 09 2024 11:51:31 cp41 maldet(18351): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pipedrea/public_html/wp-admin/network.php
Jul 09 2024 11:51:31 cp41 maldet(18351): {scan} scan completed on : files 34907, malware hits 13, cleaned hits 0, time 30314s
Jul 09 2024 11:51:31 cp41 maldet(18351): {scan} scan report saved, to view run: maldet --report 240709-0326.18351
Jul 09 2024 11:51:31 cp41 maldet(18351): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240709-0326.18351
Jul 10 2024 03:25:39 cp41 maldet(31239): {update} checking for available updates...
Jul 10 2024 03:25:40 cp41 maldet(31239): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 10 2024 03:25:40 cp41 maldet(31239): {update} hashing install files and checking against server...
Jul 10 2024 03:25:48 cp41 maldet(31239): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 10 2024 03:25:48 cp41 maldet(31239): {update} latest version already installed.
Jul 10 2024 03:25:53 cp41 maldet(31494): {sigup} performing signature update check...
Jul 10 2024 03:25:53 cp41 maldet(31494): {sigup} local signature set is version 202407072976550
Jul 10 2024 03:25:57 cp41 maldet(31494): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 10 2024 03:25:58 cp41 maldet(31494): {sigup} latest signature set already installed
Jul 10 2024 03:26:00 cp41 maldet(31730): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 10 2024 03:26:11 cp41 maldet(31730): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 10 2024 03:26:11 cp41 maldet(31730): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 10 2024 03:26:11 cp41 maldet(31730): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 10 2024 03:26:11 cp41 maldet(31730): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 10 2024 13:51:50 cp41 maldet(31730): {scan} file list completed in 37538s, found 6864 files...
Jul 10 2024 13:51:50 cp41 maldet(31730): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 10 2024 13:51:50 cp41 maldet(31730): {scan} scan of (6864 files) in progress...
Jul 10 2024 13:54:40 cp41 maldet(31730): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 10 2024 13:54:40 cp41 maldet(31730): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/wp-includes/zwso.php
Jul 10 2024 13:54:40 cp41 maldet(31730): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/wp-includes/wp-conf.php
Jul 10 2024 13:54:40 cp41 maldet(31730): {hit} malware hit {HEX}php.base64.inject.182 found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-C0L4sL/tmp/phpPlkGhl
Jul 10 2024 13:54:41 cp41 maldet(31730): {scan} scan completed on : files 6864, malware hits 4, cleaned hits 0, time 37721s
Jul 10 2024 13:54:41 cp41 maldet(31730): {scan} scan report saved, to view run: maldet --report 240710-0325.31730
Jul 10 2024 13:54:41 cp41 maldet(31730): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240710-0325.31730
Jul 11 2024 03:10:10 cp41 maldet(7957): {update} checking for available updates...
Jul 11 2024 03:10:10 cp41 maldet(7957): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 11 2024 03:10:10 cp41 maldet(7957): {update} hashing install files and checking against server...
Jul 11 2024 03:10:10 cp41 maldet(7957): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 11 2024 03:10:10 cp41 maldet(7957): {update} latest version already installed.
Jul 11 2024 03:10:10 cp41 maldet(8162): {sigup} performing signature update check...
Jul 11 2024 03:10:10 cp41 maldet(8162): {sigup} local signature set is version 202407072976550
Jul 11 2024 03:10:10 cp41 maldet(8162): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 11 2024 03:10:11 cp41 maldet(8162): {sigup} new signature set 202407103729275 available
Jul 11 2024 03:10:11 cp41 maldet(8162): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 11 2024 03:10:12 cp41 maldet(8162): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 11 2024 03:10:12 cp41 maldet(8162): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 11 2024 03:10:12 cp41 maldet(8162): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 11 2024 03:10:12 cp41 maldet(8162): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 11 2024 03:10:12 cp41 maldet(8162): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 11 2024 03:10:12 cp41 maldet(8162): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 11 2024 03:10:16 cp41 maldet(8162): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 11 2024 03:10:18 cp41 maldet(8162): {sigup} verified md5sum of maldet-clean.tgz
Jul 11 2024 03:10:19 cp41 maldet(8162): {sigup} unpacked and installed maldet-clean.tgz
Jul 11 2024 03:10:19 cp41 maldet(8162): {sigup} signature set update completed
Jul 11 2024 03:10:19 cp41 maldet(8162): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 11 2024 03:10:22 cp41 maldet(8516): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 11 2024 03:10:23 cp41 maldet(8516): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 11 2024 03:10:23 cp41 maldet(8516): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 11 2024 03:10:23 cp41 maldet(8516): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 11 2024 03:10:23 cp41 maldet(8516): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 11 2024 11:54:07 cp41 maldet(8516): {scan} file list completed in 31424s, found 7101 files...
Jul 11 2024 11:54:07 cp41 maldet(8516): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 11 2024 11:54:07 cp41 maldet(8516): {scan} scan of (7101 files) in progress...
Jul 11 2024 11:56:20 cp41 maldet(8516): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 11 2024 11:56:20 cp41 maldet(8516): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/wp-includes/zwso.php
Jul 11 2024 11:56:20 cp41 maldet(8516): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/wp-includes/luxx.php
Jul 11 2024 11:56:20 cp41 maldet(8516): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jul 11 2024 11:56:20 cp41 maldet(8516): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jul 11 2024 11:56:20 cp41 maldet(8516): {scan} scan completed on : files 7101, malware hits 5, cleaned hits 0, time 31558s
Jul 11 2024 11:56:20 cp41 maldet(8516): {scan} scan report saved, to view run: maldet --report 240711-0310.8516
Jul 11 2024 11:56:20 cp41 maldet(8516): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240711-0310.8516
Jul 12 2024 03:10:52 cp41 maldet(13704): {update} checking for available updates...
Jul 12 2024 03:10:52 cp41 maldet(13704): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 12 2024 03:10:52 cp41 maldet(13704): {update} hashing install files and checking against server...
Jul 12 2024 03:10:54 cp41 maldet(13704): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 12 2024 03:10:54 cp41 maldet(13704): {update} latest version already installed.
Jul 12 2024 03:10:55 cp41 maldet(13885): {sigup} performing signature update check...
Jul 12 2024 03:10:55 cp41 maldet(13885): {sigup} local signature set is version 202407103729275
Jul 12 2024 03:10:56 cp41 maldet(13885): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 12 2024 03:10:59 cp41 maldet(13885): {sigup} latest signature set already installed
Jul 12 2024 03:11:06 cp41 maldet(14061): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 12 2024 03:11:23 cp41 maldet(14061): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 12 2024 03:11:23 cp41 maldet(14061): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 12 2024 03:11:23 cp41 maldet(14061): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 12 2024 03:11:23 cp41 maldet(14061): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 12 2024 06:44:41 cp41 maldet(14061): {scan} file list completed in 12798s, found 387 files...
Jul 12 2024 06:44:41 cp41 maldet(14061): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 12 2024 06:44:41 cp41 maldet(14061): {scan} scan of (387 files) in progress...
Jul 12 2024 06:44:58 cp41 maldet(14061): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 12 2024 06:44:58 cp41 maldet(14061): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/military/public_html/js/wp-login.php
Jul 12 2024 06:44:58 cp41 maldet(14061): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/military/public_html/wp-admin/wp-login.php
Jul 12 2024 06:44:58 cp41 maldet(14061): {scan} scan completed on : files 387, malware hits 3, cleaned hits 0, time 12832s
Jul 12 2024 06:44:58 cp41 maldet(14061): {scan} scan report saved, to view run: maldet --report 240712-0311.14061
Jul 12 2024 06:44:58 cp41 maldet(14061): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240712-0311.14061
Jul 13 2024 03:16:11 cp41 maldet(22066): {update} checking for available updates...
Jul 13 2024 03:16:11 cp41 maldet(22066): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 13 2024 03:16:11 cp41 maldet(22066): {update} hashing install files and checking against server...
Jul 13 2024 03:16:11 cp41 maldet(22066): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 13 2024 03:16:11 cp41 maldet(22066): {update} latest version already installed.
Jul 13 2024 03:16:11 cp41 maldet(22281): {sigup} performing signature update check...
Jul 13 2024 03:16:11 cp41 maldet(22281): {sigup} local signature set is version 202407103729275
Jul 13 2024 03:16:11 cp41 maldet(22281): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 13 2024 03:16:12 cp41 maldet(22281): {sigup} latest signature set already installed
Jul 13 2024 03:16:12 cp41 maldet(22408): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 13 2024 03:16:14 cp41 maldet(22408): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 13 2024 03:16:14 cp41 maldet(22408): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 13 2024 03:16:14 cp41 maldet(22408): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 13 2024 03:16:14 cp41 maldet(22408): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 13 2024 09:12:15 cp41 maldet(22408): {scan} file list completed in 21360s, found 6962 files...
Jul 13 2024 09:12:15 cp41 maldet(22408): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 13 2024 09:12:15 cp41 maldet(22408): {scan} scan of (6962 files) in progress...
Jul 13 2024 09:14:05 cp41 maldet(22408): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 13 2024 09:14:05 cp41 maldet(22408): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jul 13 2024 09:14:05 cp41 maldet(22408): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jul 13 2024 09:14:05 cp41 maldet(22408): {scan} scan completed on : files 6962, malware hits 3, cleaned hits 0, time 21473s
Jul 13 2024 09:14:05 cp41 maldet(22408): {scan} scan report saved, to view run: maldet --report 240713-0316.22408
Jul 13 2024 09:14:05 cp41 maldet(22408): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240713-0316.22408
Jul 14 2024 03:31:11 cp41 maldet(18297): {update} checking for available updates...
Jul 14 2024 03:31:11 cp41 maldet(18297): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 14 2024 03:31:11 cp41 maldet(18297): {update} hashing install files and checking against server...
Jul 14 2024 03:31:12 cp41 maldet(18297): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 14 2024 03:31:12 cp41 maldet(18297): {update} latest version already installed.
Jul 14 2024 03:31:14 cp41 maldet(18474): {sigup} performing signature update check...
Jul 14 2024 03:31:14 cp41 maldet(18474): {sigup} local signature set is version 202407103729275
Jul 14 2024 03:31:15 cp41 maldet(18474): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 14 2024 03:31:15 cp41 maldet(18474): {sigup} latest signature set already installed
Jul 14 2024 03:31:19 cp41 maldet(18605): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 14 2024 03:31:20 cp41 maldet(18605): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 14 2024 03:31:20 cp41 maldet(18605): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 14 2024 03:31:20 cp41 maldet(18605): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 14 2024 03:31:20 cp41 maldet(18605): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 14 2024 07:25:03 cp41 maldet(18605): {scan} file list completed in 14022s, found 108 files...
Jul 14 2024 07:25:03 cp41 maldet(18605): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 14 2024 07:25:03 cp41 maldet(18605): {scan} scan of (108 files) in progress...
Jul 14 2024 07:25:11 cp41 maldet(18605): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jul 14 2024 07:25:11 cp41 maldet(18605): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jul 14 2024 07:25:11 cp41 maldet(18605): {scan} scan completed on : files 108, malware hits 2, cleaned hits 0, time 14032s
Jul 14 2024 07:25:11 cp41 maldet(18605): {scan} scan report saved, to view run: maldet --report 240714-0331.18605
Jul 14 2024 07:25:11 cp41 maldet(18605): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240714-0331.18605
Jul 15 2024 03:53:36 cp41 maldet(8645): {update} checking for available updates...
Jul 15 2024 03:53:37 cp41 maldet(8645): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 15 2024 03:53:37 cp41 maldet(8645): {update} hashing install files and checking against server...
Jul 15 2024 03:53:38 cp41 maldet(8645): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 15 2024 03:53:38 cp41 maldet(8645): {update} latest version already installed.
Jul 15 2024 03:53:38 cp41 maldet(8847): {sigup} performing signature update check...
Jul 15 2024 03:53:38 cp41 maldet(8847): {sigup} local signature set is version 202407103729275
Jul 15 2024 03:53:38 cp41 maldet(8847): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 15 2024 03:53:39 cp41 maldet(8847): {sigup} latest signature set already installed
Jul 15 2024 03:53:39 cp41 maldet(8970): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 15 2024 03:53:40 cp41 maldet(8970): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 15 2024 03:53:40 cp41 maldet(8970): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 15 2024 03:53:40 cp41 maldet(8970): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 15 2024 03:53:40 cp41 maldet(8970): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 15 2024 07:45:51 cp41 maldet(8970): {scan} file list completed in 13931s, found 96162 files...
Jul 15 2024 07:45:51 cp41 maldet(8970): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 15 2024 07:45:51 cp41 maldet(8970): {scan} scan of (96162 files) in progress...
Jul 15 2024 07:51:52 cp41 maldet(8970): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 15 2024 07:51:52 cp41 maldet(8970): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/cache/i/index.php
Jul 15 2024 07:51:52 cp41 maldet(8970): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/komline.co.uk/AZu6M/index.php
Jul 15 2024 07:51:52 cp41 maldet(8970): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/komline.co.uk/WdBvT/index.php
Jul 15 2024 07:51:52 cp41 maldet(8970): {hit} malware hit {HEX}php.base64.inject.181 found for /home/sethbook/public_html/.well-known/acme-challenge/bangu.php
Jul 15 2024 07:51:52 cp41 maldet(8970): {scan} scan completed on : files 96162, malware hits 5, cleaned hits 0, time 14293s
Jul 15 2024 07:51:52 cp41 maldet(8970): {scan} scan report saved, to view run: maldet --report 240715-0353.8970
Jul 15 2024 07:51:52 cp41 maldet(8970): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240715-0353.8970
Jul 16 2024 03:25:48 cp41 maldet(20298): {update} checking for available updates...
Jul 16 2024 03:25:51 cp41 maldet(20298): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 16 2024 03:25:51 cp41 maldet(20298): {update} hashing install files and checking against server...
Jul 16 2024 03:25:53 cp41 maldet(20298): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 16 2024 03:25:53 cp41 maldet(20298): {update} latest version already installed.
Jul 16 2024 03:25:55 cp41 maldet(20479): {sigup} performing signature update check...
Jul 16 2024 03:25:55 cp41 maldet(20479): {sigup} local signature set is version 202407103729275
Jul 16 2024 03:25:55 cp41 maldet(20479): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 16 2024 03:25:59 cp41 maldet(20479): {sigup} new signature set 20240716630849 available
Jul 16 2024 03:25:59 cp41 maldet(20479): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 16 2024 03:25:59 cp41 maldet(20479): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 16 2024 03:26:00 cp41 maldet(20479): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 16 2024 03:26:00 cp41 maldet(20479): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 16 2024 03:26:00 cp41 maldet(20479): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 16 2024 03:26:00 cp41 maldet(20479): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 16 2024 03:26:00 cp41 maldet(20479): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 16 2024 03:26:16 cp41 maldet(20479): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 16 2024 03:26:18 cp41 maldet(20479): {sigup} verified md5sum of maldet-clean.tgz
Jul 16 2024 03:26:19 cp41 maldet(20479): {sigup} unpacked and installed maldet-clean.tgz
Jul 16 2024 03:26:19 cp41 maldet(20479): {sigup} signature set update completed
Jul 16 2024 03:26:19 cp41 maldet(20479): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 16 2024 03:26:22 cp41 maldet(20766): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 16 2024 03:26:23 cp41 maldet(20766): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 16 2024 03:26:23 cp41 maldet(20766): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 16 2024 03:26:23 cp41 maldet(20766): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 16 2024 03:26:23 cp41 maldet(20766): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 16 2024 09:55:52 cp41 maldet(20766): {scan} file list completed in 23367s, found 66408 files...
Jul 16 2024 09:55:52 cp41 maldet(20766): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 16 2024 09:55:52 cp41 maldet(20766): {scan} scan of (66408 files) in progress...
Jul 16 2024 10:35:11 cp41 maldet(20766): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 16 2024 10:35:11 cp41 maldet(20766): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/i/xmrig-6.14.0-linux-x64.tar.gz
Jul 16 2024 10:35:11 cp41 maldet(20766): {hit} malware hit {HEX}php.mailer.Mzh.557 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/8d6fe6aee4.php
Jul 16 2024 10:35:11 cp41 maldet(20766): {hit} malware hit {HEX}php.base64.inject.181 found for /home/sethbook/public_html/.well-known/acme-challenge/Tr7Ch/index.php
Jul 16 2024 10:35:11 cp41 maldet(20766): {scan} scan completed on : files 66408, malware hits 4, cleaned hits 0, time 25729s
Jul 16 2024 10:35:11 cp41 maldet(20766): {scan} scan report saved, to view run: maldet --report 240716-0326.20766
Jul 16 2024 10:35:11 cp41 maldet(20766): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240716-0326.20766
Jul 17 2024 03:18:10 cp41 maldet(7849): {update} checking for available updates...
Jul 17 2024 03:18:11 cp41 maldet(7849): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 17 2024 03:18:11 cp41 maldet(7849): {update} hashing install files and checking against server...
Jul 17 2024 03:18:11 cp41 maldet(7849): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 17 2024 03:18:11 cp41 maldet(7849): {update} latest version already installed.
Jul 17 2024 03:18:11 cp41 maldet(7992): {sigup} performing signature update check...
Jul 17 2024 03:18:11 cp41 maldet(7992): {sigup} local signature set is version 20240716630849
Jul 17 2024 03:18:12 cp41 maldet(7992): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 17 2024 03:18:12 cp41 maldet(7992): {sigup} latest signature set already installed
Jul 17 2024 03:18:12 cp41 maldet(8108): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 17 2024 03:18:13 cp41 maldet(8108): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 17 2024 03:18:13 cp41 maldet(8108): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 17 2024 03:18:13 cp41 maldet(8108): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 17 2024 03:18:13 cp41 maldet(8108): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 17 2024 06:58:04 cp41 maldet(8108): {scan} file list completed in 13191s, found 71457 files...
Jul 17 2024 06:58:04 cp41 maldet(8108): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 17 2024 06:58:04 cp41 maldet(8108): {scan} scan of (71457 files) in progress...
Jul 17 2024 07:05:58 cp41 maldet(8108): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 17 2024 07:05:58 cp41 maldet(8108): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jul 17 2024 07:05:58 cp41 maldet(8108): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jul 17 2024 07:05:58 cp41 maldet(8108): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-conf.php
Jul 17 2024 07:05:58 cp41 maldet(8108): {scan} scan completed on : files 71457, malware hits 4, cleaned hits 0, time 13666s
Jul 17 2024 07:05:58 cp41 maldet(8108): {scan} scan report saved, to view run: maldet --report 240717-0318.8108
Jul 17 2024 07:05:58 cp41 maldet(8108): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240717-0318.8108
Jul 18 2024 03:54:57 cp41 maldet(10258): {update} checking for available updates...
Jul 18 2024 03:54:57 cp41 maldet(10258): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 18 2024 03:54:57 cp41 maldet(10258): {update} hashing install files and checking against server...
Jul 18 2024 03:54:59 cp41 maldet(10258): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 18 2024 03:54:59 cp41 maldet(10258): {update} latest version already installed.
Jul 18 2024 03:55:04 cp41 maldet(10471): {sigup} performing signature update check...
Jul 18 2024 03:55:04 cp41 maldet(10471): {sigup} local signature set is version 20240716630849
Jul 18 2024 03:55:05 cp41 maldet(10471): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 18 2024 03:55:10 cp41 maldet(10471): {sigup} latest signature set already installed
Jul 18 2024 03:55:16 cp41 maldet(10764): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 18 2024 03:55:24 cp41 maldet(10764): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 18 2024 03:55:24 cp41 maldet(10764): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 18 2024 03:55:24 cp41 maldet(10764): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 18 2024 03:55:24 cp41 maldet(10764): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 18 2024 08:15:28 cp41 maldet(10764): {scan} file list completed in 15604s, found 96599 files...
Jul 18 2024 08:15:28 cp41 maldet(10764): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 18 2024 08:15:28 cp41 maldet(10764): {scan} scan of (96599 files) in progress...
Jul 18 2024 08:34:29 cp41 maldet(10764): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/cache/i/index.php
Jul 18 2024 08:34:30 cp41 maldet(10764): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/komline.co.uk/VsTFx/index.php
Jul 18 2024 08:34:30 cp41 maldet(10764): {hit} malware hit {HEX}php.base64.inject.181 found for /home/military/public_html/ixdwH/index.php
Jul 18 2024 08:34:30 cp41 maldet(10764): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/wp-conf.php
Jul 18 2024 08:34:30 cp41 maldet(10764): {hit} malware hit {HEX}php.base64.inject.181 found for /home/olshsdco/public_html/wqbLo/index.php
Jul 18 2024 08:34:30 cp41 maldet(10764): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-conf.php
Jul 18 2024 08:34:30 cp41 maldet(10764): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pointlak/public_html/wp-includes/options.php
Jul 18 2024 08:34:30 cp41 maldet(10764): {hit} malware hit {HEX}php.base64.inject.181 found for /home/sethbook/public_html/ZK7JU/index.php
Jul 18 2024 08:34:30 cp41 maldet(10764): {hit} malware hit {HEX}php.base64.inject.181 found for /home/sethbook/public_html/cKAEg/index.php
Jul 18 2024 08:34:31 cp41 maldet(10764): {scan} scan completed on : files 96599, malware hits 9, cleaned hits 0, time 16754s
Jul 18 2024 08:34:31 cp41 maldet(10764): {scan} scan report saved, to view run: maldet --report 240718-0355.10764
Jul 18 2024 08:34:31 cp41 maldet(10764): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240718-0355.10764
Jul 19 2024 03:52:18 cp41 maldet(4585): {update} checking for available updates...
Jul 19 2024 03:52:19 cp41 maldet(4585): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 19 2024 03:52:19 cp41 maldet(4585): {update} hashing install files and checking against server...
Jul 19 2024 03:52:19 cp41 maldet(4585): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 19 2024 03:52:19 cp41 maldet(4585): {update} latest version already installed.
Jul 19 2024 03:52:20 cp41 maldet(4741): {sigup} performing signature update check...
Jul 19 2024 03:52:20 cp41 maldet(4741): {sigup} local signature set is version 20240716630849
Jul 19 2024 03:52:20 cp41 maldet(4741): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 19 2024 03:52:21 cp41 maldet(4741): {sigup} new signature set 20240719566530 available
Jul 19 2024 03:52:21 cp41 maldet(4741): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 19 2024 03:52:21 cp41 maldet(4741): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 19 2024 03:52:21 cp41 maldet(4741): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 19 2024 03:52:21 cp41 maldet(4741): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 19 2024 03:52:22 cp41 maldet(4741): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 19 2024 03:52:22 cp41 maldet(4741): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 19 2024 03:52:22 cp41 maldet(4741): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 19 2024 03:52:23 cp41 maldet(4741): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 19 2024 03:52:23 cp41 maldet(4741): {sigup} verified md5sum of maldet-clean.tgz
Jul 19 2024 03:52:23 cp41 maldet(4741): {sigup} unpacked and installed maldet-clean.tgz
Jul 19 2024 03:52:23 cp41 maldet(4741): {sigup} signature set update completed
Jul 19 2024 03:52:23 cp41 maldet(4741): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 19 2024 03:52:23 cp41 maldet(5013): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 19 2024 03:52:24 cp41 maldet(5013): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 19 2024 03:52:24 cp41 maldet(5013): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 19 2024 03:52:24 cp41 maldet(5013): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 19 2024 03:52:24 cp41 maldet(5013): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 19 2024 06:31:01 cp41 maldet(5013): {scan} file list completed in 9517s, found 779 files...
Jul 19 2024 06:31:01 cp41 maldet(5013): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 19 2024 06:31:01 cp41 maldet(5013): {scan} scan of (779 files) in progress...
Jul 19 2024 06:31:19 cp41 maldet(5013): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 19 2024 06:31:19 cp41 maldet(5013): {scan} scan completed on : files 779, malware hits 1, cleaned hits 0, time 9536s
Jul 19 2024 06:31:19 cp41 maldet(5013): {scan} scan report saved, to view run: maldet --report 240719-0352.5013
Jul 19 2024 06:31:19 cp41 maldet(5013): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240719-0352.5013
Jul 20 2024 03:49:52 cp41 maldet(15232): {update} checking for available updates...
Jul 20 2024 03:49:52 cp41 maldet(15232): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 20 2024 03:49:52 cp41 maldet(15232): {update} hashing install files and checking against server...
Jul 20 2024 03:49:53 cp41 maldet(15232): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 20 2024 03:49:53 cp41 maldet(15232): {update} latest version already installed.
Jul 20 2024 03:49:53 cp41 maldet(15373): {sigup} performing signature update check...
Jul 20 2024 03:49:53 cp41 maldet(15373): {sigup} local signature set is version 20240719566530
Jul 20 2024 03:49:53 cp41 maldet(15373): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 20 2024 03:49:54 cp41 maldet(15373): {sigup} latest signature set already installed
Jul 20 2024 03:49:54 cp41 maldet(15494): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 20 2024 03:49:55 cp41 maldet(15494): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 20 2024 03:49:55 cp41 maldet(15494): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 20 2024 03:49:55 cp41 maldet(15494): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 20 2024 03:49:55 cp41 maldet(15494): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 20 2024 04:51:18 cp41 maldet(15494): {scan} file list completed in 3683s, found 743 files...
Jul 20 2024 04:51:18 cp41 maldet(15494): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 20 2024 04:51:18 cp41 maldet(15494): {scan} scan of (743 files) in progress...
Jul 20 2024 04:51:37 cp41 maldet(15494): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 20 2024 04:51:37 cp41 maldet(15494): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cgi-bin__f48db49/index.php
Jul 20 2024 04:51:37 cp41 maldet(15494): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/Webss__f48db49/index.php
Jul 20 2024 04:51:37 cp41 maldet(15494): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/3Jm2tg__f48db49/index.php
Jul 20 2024 04:51:37 cp41 maldet(15494): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/WEBS__f48db49/index.php
Jul 20 2024 04:51:37 cp41 maldet(15494): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/jp__f48db49/index.php
Jul 20 2024 04:51:37 cp41 maldet(15494): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cache__f48db49/index.php
Jul 20 2024 04:51:37 cp41 maldet(15494): {hit} malware hit {YARA}spam_mailer found for /home/sethbook/public_html/saiga/index.php
Jul 20 2024 04:51:37 cp41 maldet(15494): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-includes/blocks/paragraph/index.php
Jul 20 2024 04:51:37 cp41 maldet(15494): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/SELLEX.zip
Jul 20 2024 04:51:38 cp41 maldet(15494): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/sethbook/public_html/shell_wso.php7
Jul 20 2024 04:51:38 cp41 maldet(15494): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-admin/images/index.php
Jul 20 2024 04:51:38 cp41 maldet(15494): {scan} scan completed on : files 743, malware hits 12, cleaned hits 0, time 3704s
Jul 20 2024 04:51:38 cp41 maldet(15494): {scan} scan report saved, to view run: maldet --report 240720-0349.15494
Jul 20 2024 04:51:38 cp41 maldet(15494): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240720-0349.15494
Jul 21 2024 03:11:26 cp41 maldet(20849): {update} checking for available updates...
Jul 21 2024 03:11:26 cp41 maldet(20849): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 21 2024 03:11:26 cp41 maldet(20849): {update} hashing install files and checking against server...
Jul 21 2024 03:11:27 cp41 maldet(20849): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 21 2024 03:11:27 cp41 maldet(20849): {update} latest version already installed.
Jul 21 2024 03:11:27 cp41 maldet(21014): {sigup} performing signature update check...
Jul 21 2024 03:11:27 cp41 maldet(21014): {sigup} local signature set is version 20240719566530
Jul 21 2024 03:11:27 cp41 maldet(21014): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 21 2024 03:11:27 cp41 maldet(21014): {sigup} latest signature set already installed
Jul 21 2024 03:11:28 cp41 maldet(21141): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 21 2024 03:11:29 cp41 maldet(21141): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 21 2024 03:11:29 cp41 maldet(21141): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 21 2024 03:11:29 cp41 maldet(21141): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 21 2024 03:11:29 cp41 maldet(21141): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 21 2024 04:37:38 cp41 maldet(21141): {scan} file list completed in 5169s, found 521 files...
Jul 21 2024 04:37:38 cp41 maldet(21141): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 21 2024 04:37:38 cp41 maldet(21141): {scan} scan of (521 files) in progress...
Jul 21 2024 04:37:47 cp41 maldet(21141): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pointlak/public_html/wp-includes/options.php
Jul 21 2024 04:37:47 cp41 maldet(21141): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/wp-content/plugin.php
Jul 21 2024 04:37:47 cp41 maldet(21141): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/pki-validation/f/h/b/index.php
Jul 21 2024 04:37:47 cp41 maldet(21141): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/pki-validation/g/a/f/index.php
Jul 21 2024 04:37:47 cp41 maldet(21141): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/pki-validation/g/b/a/index.php
Jul 21 2024 04:37:47 cp41 maldet(21141): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/rharchit/public_html/well-known/acme-challenge/e/c/e/index.php
Jul 21 2024 04:37:47 cp41 maldet(21141): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/b/a/g/index.php
Jul 21 2024 04:37:47 cp41 maldet(21141): {hit} malware hit {HEX}php.base64.inject.182 found for /home/rharchit/public_html/well-known/acme-challenge/g/a/f/index.php
Jul 21 2024 04:37:47 cp41 maldet(21141): {scan} scan completed on : files 521, malware hits 8, cleaned hits 0, time 5179s
Jul 21 2024 04:37:47 cp41 maldet(21141): {scan} scan report saved, to view run: maldet --report 240721-0311.21141
Jul 21 2024 04:37:47 cp41 maldet(21141): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240721-0311.21141
Jul 22 2024 03:21:58 cp41 maldet(32174): {update} checking for available updates...
Jul 22 2024 03:21:58 cp41 maldet(32174): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 22 2024 03:21:58 cp41 maldet(32174): {update} hashing install files and checking against server...
Jul 22 2024 03:21:59 cp41 maldet(32174): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 22 2024 03:21:59 cp41 maldet(32174): {update} latest version already installed.
Jul 22 2024 03:21:59 cp41 maldet(32321): {sigup} performing signature update check...
Jul 22 2024 03:21:59 cp41 maldet(32321): {sigup} local signature set is version 20240719566530
Jul 22 2024 03:21:59 cp41 maldet(32321): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 22 2024 03:21:59 cp41 maldet(32321): {sigup} new signature set 202407221321576 available
Jul 22 2024 03:21:59 cp41 maldet(32321): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 22 2024 03:22:00 cp41 maldet(32321): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 22 2024 03:22:00 cp41 maldet(32321): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 22 2024 03:22:00 cp41 maldet(32321): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 22 2024 03:22:00 cp41 maldet(32321): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 22 2024 03:22:01 cp41 maldet(32321): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 22 2024 03:22:01 cp41 maldet(32321): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 22 2024 03:22:02 cp41 maldet(32321): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 22 2024 03:22:02 cp41 maldet(32321): {sigup} verified md5sum of maldet-clean.tgz
Jul 22 2024 03:22:02 cp41 maldet(32321): {sigup} unpacked and installed maldet-clean.tgz
Jul 22 2024 03:22:02 cp41 maldet(32321): {sigup} signature set update completed
Jul 22 2024 03:22:02 cp41 maldet(32321): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 22 2024 03:22:03 cp41 maldet(32608): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 22 2024 03:22:05 cp41 maldet(32608): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 22 2024 03:22:05 cp41 maldet(32608): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 22 2024 03:22:05 cp41 maldet(32608): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 22 2024 03:22:05 cp41 maldet(32608): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 22 2024 04:59:17 cp41 maldet(32608): {scan} file list completed in 5832s, found 589 files...
Jul 22 2024 04:59:17 cp41 maldet(32608): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 22 2024 04:59:17 cp41 maldet(32608): {scan} scan of (589 files) in progress...
Jul 22 2024 04:59:30 cp41 maldet(32608): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 22 2024 04:59:30 cp41 maldet(32608): {hit} malware hit {YARA}php_in_image found for /home/pointlak/public_html/wp-admin/nyx.php
Jul 22 2024 04:59:30 cp41 maldet(32608): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-includes/images/media/plugin.php
Jul 22 2024 04:59:30 cp41 maldet(32608): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-includes/js/dist/dist/index.php
Jul 22 2024 04:59:30 cp41 maldet(32608): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sethbook/public_html/wp-includes/click.php
Jul 22 2024 04:59:30 cp41 maldet(32608): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/SELLEX.zip
Jul 22 2024 04:59:30 cp41 maldet(32608): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/sethbook/public_html/shell_wso.php7
Jul 22 2024 04:59:30 cp41 maldet(32608): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sethbook/public_html/wp-admin/options.php
Jul 22 2024 04:59:31 cp41 maldet(32608): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-admin/images/index.php
Jul 22 2024 04:59:31 cp41 maldet(32608): {hit} malware hit {YARA}spam_mailer found for /home/sethbook/public_html/wp-admin/css/index.php
Jul 22 2024 04:59:31 cp41 maldet(32608): {scan} scan completed on : files 589, malware hits 10, cleaned hits 0, time 5848s
Jul 22 2024 04:59:31 cp41 maldet(32608): {scan} scan report saved, to view run: maldet --report 240722-0322.32608
Jul 22 2024 04:59:31 cp41 maldet(32608): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240722-0322.32608
Jul 23 2024 03:21:38 cp41 maldet(32505): {update} checking for available updates...
Jul 23 2024 03:21:38 cp41 maldet(32505): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 23 2024 03:21:38 cp41 maldet(32505): {update} hashing install files and checking against server...
Jul 23 2024 03:21:38 cp41 maldet(32505): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 23 2024 03:21:38 cp41 maldet(32505): {update} latest version already installed.
Jul 23 2024 03:21:39 cp41 maldet(32650): {sigup} performing signature update check...
Jul 23 2024 03:21:39 cp41 maldet(32650): {sigup} local signature set is version 202407221321576
Jul 23 2024 03:21:39 cp41 maldet(32650): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 23 2024 03:21:39 cp41 maldet(32650): {sigup} latest signature set already installed
Jul 23 2024 03:21:39 cp41 maldet(303): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 23 2024 03:21:40 cp41 maldet(303): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 23 2024 03:21:40 cp41 maldet(303): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 23 2024 03:21:40 cp41 maldet(303): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 23 2024 03:21:40 cp41 maldet(303): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 23 2024 04:50:48 cp41 maldet(303): {scan} file list completed in 5348s, found 12538 files...
Jul 23 2024 04:50:48 cp41 maldet(303): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 23 2024 04:50:48 cp41 maldet(303): {scan} scan of (12538 files) in progress...
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cgi-bin__f48db49/index.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/Webss__f48db49/index.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/3Jm2tg__f48db49/index.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/WEBS__f48db49/index.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/jp__f48db49/index.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cache__f48db49/index.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/komline.co.uk/WdBvT/index.php-hacked
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/sts.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/SELLEX.zip
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/saturnst/public_html/shell_wso.php7
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/saturnst/public_html/wp-admin/zfclfxghu.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/saturnst/public_html/wp-admin/zfchbwnya.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {YARA}spam_mailer found for /home/sethbook/public_html/wp-includes/images/index.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-includes/js/jquery/index.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-content/themes/mah.php
Jul 23 2024 04:51:15 cp41 maldet(303): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-admin/css/colors/modern/index.php
Jul 23 2024 04:51:15 cp41 maldet(303): {scan} scan completed on : files 12538, malware hits 16, cleaned hits 0, time 5376s
Jul 23 2024 04:51:15 cp41 maldet(303): {scan} scan report saved, to view run: maldet --report 240723-0321.303
Jul 23 2024 04:51:15 cp41 maldet(303): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240723-0321.303
Jul 24 2024 03:50:51 cp41 maldet(24232): {update} checking for available updates...
Jul 24 2024 03:50:52 cp41 maldet(24232): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 24 2024 03:50:52 cp41 maldet(24232): {update} hashing install files and checking against server...
Jul 24 2024 03:50:52 cp41 maldet(24232): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 24 2024 03:50:52 cp41 maldet(24232): {update} latest version already installed.
Jul 24 2024 03:50:53 cp41 maldet(24409): {sigup} performing signature update check...
Jul 24 2024 03:50:53 cp41 maldet(24409): {sigup} local signature set is version 202407221321576
Jul 24 2024 03:50:53 cp41 maldet(24409): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 24 2024 03:50:54 cp41 maldet(24409): {sigup} latest signature set already installed
Jul 24 2024 03:50:56 cp41 maldet(24573): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 24 2024 03:51:00 cp41 maldet(24573): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 24 2024 03:51:00 cp41 maldet(24573): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 24 2024 03:51:00 cp41 maldet(24573): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 24 2024 03:51:00 cp41 maldet(24573): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 24 2024 06:09:09 cp41 maldet(24573): {scan} file list completed in 8289s, found 667 files...
Jul 24 2024 06:09:09 cp41 maldet(24573): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 24 2024 06:09:09 cp41 maldet(24573): {scan} scan of (667 files) in progress...
Jul 24 2024 06:09:43 cp41 maldet(24573): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 24 2024 06:09:44 cp41 maldet(24573): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/komline.co.uk/WdBvT/index.php-hacked
Jul 24 2024 06:09:44 cp41 maldet(24573): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/about.php
Jul 24 2024 06:09:44 cp41 maldet(24573): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/SELLEX.zip
Jul 24 2024 06:09:45 cp41 maldet(24573): {scan} scan completed on : files 667, malware hits 4, cleaned hits 0, time 8328s
Jul 24 2024 06:09:45 cp41 maldet(24573): {scan} scan report saved, to view run: maldet --report 240724-0350.24573
Jul 24 2024 06:09:45 cp41 maldet(24573): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240724-0350.24573
Jul 25 2024 03:18:45 cp41 maldet(31668): {update} checking for available updates...
Jul 25 2024 03:18:45 cp41 maldet(31668): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 25 2024 03:18:45 cp41 maldet(31668): {update} hashing install files and checking against server...
Jul 25 2024 03:18:45 cp41 maldet(31668): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 25 2024 03:18:45 cp41 maldet(31668): {update} latest version already installed.
Jul 25 2024 03:18:45 cp41 maldet(31829): {sigup} performing signature update check...
Jul 25 2024 03:18:45 cp41 maldet(31829): {sigup} local signature set is version 202407221321576
Jul 25 2024 03:18:46 cp41 maldet(31829): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 25 2024 03:18:46 cp41 maldet(31829): {sigup} latest signature set already installed
Jul 25 2024 03:18:47 cp41 maldet(31955): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 25 2024 03:18:48 cp41 maldet(31955): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 25 2024 03:18:48 cp41 maldet(31955): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 25 2024 03:18:48 cp41 maldet(31955): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 25 2024 03:18:48 cp41 maldet(31955): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 25 2024 06:07:15 cp41 maldet(31955): {scan} file list completed in 10107s, found 26276 files...
Jul 25 2024 06:07:15 cp41 maldet(31955): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 25 2024 06:07:15 cp41 maldet(31955): {scan} scan of (26276 files) in progress...
Jul 25 2024 06:22:45 cp41 maldet(31955): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Jul 25 2024 06:22:45 cp41 maldet(31955): {scan} scan completed on : files 26276, malware hits 0, cleaned hits 0, time 11038s
Jul 25 2024 06:22:45 cp41 maldet(31955): {scan} scan report saved, to view run: maldet --report 240725-0318.31955
Jul 26 2024 03:22:58 cp41 maldet(11784): {update} checking for available updates...
Jul 26 2024 03:22:58 cp41 maldet(11784): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 26 2024 03:22:58 cp41 maldet(11784): {update} hashing install files and checking against server...
Jul 26 2024 03:22:59 cp41 maldet(11784): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 26 2024 03:22:59 cp41 maldet(11784): {update} latest version already installed.
Jul 26 2024 03:22:59 cp41 maldet(11929): {sigup} performing signature update check...
Jul 26 2024 03:22:59 cp41 maldet(11929): {sigup} local signature set is version 202407221321576
Jul 26 2024 03:22:59 cp41 maldet(11929): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 26 2024 03:23:00 cp41 maldet(11929): {sigup} new signature set 202407252077283 available
Jul 26 2024 03:23:00 cp41 maldet(11929): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 26 2024 03:23:00 cp41 maldet(11929): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 26 2024 03:23:00 cp41 maldet(11929): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 26 2024 03:23:00 cp41 maldet(11929): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 26 2024 03:23:01 cp41 maldet(11929): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 26 2024 03:23:01 cp41 maldet(11929): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 26 2024 03:23:01 cp41 maldet(11929): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 26 2024 03:23:02 cp41 maldet(11929): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 26 2024 03:23:02 cp41 maldet(11929): {sigup} verified md5sum of maldet-clean.tgz
Jul 26 2024 03:23:02 cp41 maldet(11929): {sigup} unpacked and installed maldet-clean.tgz
Jul 26 2024 03:23:02 cp41 maldet(11929): {sigup} signature set update completed
Jul 26 2024 03:23:02 cp41 maldet(11929): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 26 2024 03:23:02 cp41 maldet(12206): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 26 2024 03:23:03 cp41 maldet(12206): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 26 2024 03:23:03 cp41 maldet(12206): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 26 2024 03:23:03 cp41 maldet(12206): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 26 2024 03:23:03 cp41 maldet(12206): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 26 2024 05:23:11 cp41 maldet(12206): {scan} file list completed in 7208s, found 24955 files...
Jul 26 2024 05:23:11 cp41 maldet(12206): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 26 2024 05:23:11 cp41 maldet(12206): {scan} scan of (24955 files) in progress...
Jul 26 2024 05:24:07 cp41 maldet(12206): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 26 2024 05:24:07 cp41 maldet(12206): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cgi-bin__f48db49/index.php
Jul 26 2024 05:24:07 cp41 maldet(12206): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/Webss__f48db49/index.php
Jul 26 2024 05:24:07 cp41 maldet(12206): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/3Jm2tg__f48db49/index.php
Jul 26 2024 05:24:07 cp41 maldet(12206): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/WEBS__f48db49/index.php
Jul 26 2024 05:24:07 cp41 maldet(12206): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/jp__f48db49/index.php
Jul 26 2024 05:24:07 cp41 maldet(12206): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cache__f48db49/index.php
Jul 26 2024 05:24:08 cp41 maldet(12206): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/pulseaudio
Jul 26 2024 05:24:08 cp41 maldet(12206): {scan} scan completed on : files 24955, malware hits 8, cleaned hits 0, time 7266s
Jul 26 2024 05:24:08 cp41 maldet(12206): {scan} scan report saved, to view run: maldet --report 240726-0323.12206
Jul 26 2024 05:24:08 cp41 maldet(12206): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240726-0323.12206
Jul 27 2024 03:39:31 cp41 maldet(23844): {update} checking for available updates...
Jul 27 2024 03:39:32 cp41 maldet(23844): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 27 2024 03:39:32 cp41 maldet(23844): {update} hashing install files and checking against server...
Jul 27 2024 03:39:32 cp41 maldet(23844): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 27 2024 03:39:32 cp41 maldet(23844): {update} latest version already installed.
Jul 27 2024 03:39:33 cp41 maldet(24819): {sigup} performing signature update check...
Jul 27 2024 03:39:33 cp41 maldet(24819): {sigup} local signature set is version 202407252077283
Jul 27 2024 03:39:33 cp41 maldet(24819): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 27 2024 03:39:34 cp41 maldet(24819): {sigup} latest signature set already installed
Jul 27 2024 03:39:34 cp41 maldet(25662): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 27 2024 03:39:35 cp41 maldet(25662): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 27 2024 03:39:35 cp41 maldet(25662): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 27 2024 03:39:35 cp41 maldet(25662): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 27 2024 03:39:35 cp41 maldet(25662): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dervinis/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 27 2024 05:30:23 cp41 maldet(25662): {scan} file list completed in 6648s, found 24846 files...
Jul 27 2024 05:30:23 cp41 maldet(25662): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 27 2024 05:30:23 cp41 maldet(25662): {scan} scan of (24846 files) in progress...
Jul 27 2024 05:32:42 cp41 maldet(25662): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 27 2024 05:32:42 cp41 maldet(25662): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/alsa_dev
Jul 27 2024 05:32:43 cp41 maldet(25662): {scan} scan completed on : files 24846, malware hits 2, cleaned hits 0, time 6789s
Jul 27 2024 05:32:43 cp41 maldet(25662): {scan} scan report saved, to view run: maldet --report 240727-0339.25662
Jul 27 2024 05:32:43 cp41 maldet(25662): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240727-0339.25662
Jul 28 2024 03:46:17 cp41 maldet(4116): {update} checking for available updates...
Jul 28 2024 03:46:17 cp41 maldet(4116): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 28 2024 03:46:17 cp41 maldet(4116): {update} hashing install files and checking against server...
Jul 28 2024 03:46:18 cp41 maldet(4116): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 28 2024 03:46:18 cp41 maldet(4116): {update} latest version already installed.
Jul 28 2024 03:46:18 cp41 maldet(4392): {sigup} performing signature update check...
Jul 28 2024 03:46:18 cp41 maldet(4392): {sigup} local signature set is version 202407252077283
Jul 28 2024 03:46:18 cp41 maldet(4392): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 28 2024 03:46:18 cp41 maldet(4392): {sigup} new signature set 20240728593846 available
Jul 28 2024 03:46:18 cp41 maldet(4392): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 28 2024 03:46:19 cp41 maldet(4392): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 28 2024 03:46:19 cp41 maldet(4392): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 28 2024 03:46:19 cp41 maldet(4392): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 28 2024 03:46:19 cp41 maldet(4392): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 28 2024 03:46:20 cp41 maldet(4392): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 28 2024 03:46:20 cp41 maldet(4392): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 28 2024 03:46:25 cp41 maldet(4392): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 28 2024 03:46:25 cp41 maldet(4392): {sigup} verified md5sum of maldet-clean.tgz
Jul 28 2024 03:46:25 cp41 maldet(4392): {sigup} unpacked and installed maldet-clean.tgz
Jul 28 2024 03:46:25 cp41 maldet(4392): {sigup} signature set update completed
Jul 28 2024 03:46:26 cp41 maldet(4392): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 28 2024 03:46:26 cp41 maldet(4959): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 28 2024 03:46:28 cp41 maldet(4959): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 28 2024 03:46:28 cp41 maldet(4959): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 28 2024 03:46:28 cp41 maldet(4959): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 28 2024 03:46:28 cp41 maldet(4959): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 28 2024 09:00:53 cp41 maldet(4959): {scan} file list completed in 18864s, found 24525 files...
Jul 28 2024 09:00:53 cp41 maldet(4959): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 28 2024 09:00:53 cp41 maldet(4959): {scan} scan of (24525 files) in progress...
Jul 28 2024 09:17:55 cp41 maldet(4959): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Jul 28 2024 09:17:55 cp41 maldet(4959): {scan} scan completed on : files 24525, malware hits 0, cleaned hits 0, time 19889s
Jul 28 2024 09:17:55 cp41 maldet(4959): {scan} scan report saved, to view run: maldet --report 240728-0346.4959
Jul 29 2024 03:54:58 cp41 maldet(4620): {update} checking for available updates...
Jul 29 2024 03:55:08 cp41 maldet(4620): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 29 2024 03:55:08 cp41 maldet(4620): {update} hashing install files and checking against server...
Jul 29 2024 03:55:17 cp41 maldet(4620): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 29 2024 03:55:17 cp41 maldet(4620): {update} latest version already installed.
Jul 29 2024 03:55:21 cp41 maldet(5063): {sigup} performing signature update check...
Jul 29 2024 03:55:21 cp41 maldet(5063): {sigup} local signature set is version 20240728593846
Jul 29 2024 03:55:26 cp41 maldet(5063): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 29 2024 03:55:29 cp41 maldet(5063): {sigup} latest signature set already installed
Jul 29 2024 03:55:31 cp41 maldet(5316): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 29 2024 03:55:54 cp41 maldet(5316): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 29 2024 03:55:54 cp41 maldet(5316): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 29 2024 03:55:54 cp41 maldet(5316): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 29 2024 03:55:54 cp41 maldet(5316): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 29 2024 13:45:29 cp41 maldet(5316): {scan} file list completed in 35375s, found 24922 files...
Jul 29 2024 13:45:29 cp41 maldet(5316): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 29 2024 13:45:29 cp41 maldet(5316): {scan} scan of (24922 files) in progress...
Jul 29 2024 13:47:48 cp41 maldet(5316): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/admin/options.php
Jul 29 2024 13:47:48 cp41 maldet(5316): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/wp-includes/defaults.php
Jul 29 2024 13:47:48 cp41 maldet(5316): {hit} malware hit {HEX}php.base64.inject.182 found for /home/military/public_html/wp-includes/product.php
Jul 29 2024 13:47:48 cp41 maldet(5316): {hit} malware hit {YARA}spam_mailer found for /home/military/public_html/wp-admin/mah.php
Jul 29 2024 13:47:48 cp41 maldet(5316): {hit} malware hit {YARA}spam_mailer found for /home/military/public_html/wp-admin/product.php
Jul 29 2024 13:47:48 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/alsa_hwdep
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/l2test
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/l2ping
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/flatpak-builder-tools-tools
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/jack_wait
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/alsa_seq_dump
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/alsa_jack
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/alsa_hwdep
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/l2test
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/l2ping
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/flatpak-builder-tools-tools
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/jack_wait
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/alsa_seq_dump
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/alsa_jack
Jul 29 2024 13:47:49 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/alsa_hwdep
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/l2test
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/l2ping
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/flatpak-builder-tools-tools
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/jack_wait
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/alsa_seq_dump
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/alsa_jack
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/alsa_hwdep
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/l2test
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/l2ping
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:50 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/flatpak-builder-tools-tools
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/jack_wait
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/alsa_seq_dump
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/alsa_jack
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/alsa_hwdep
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/l2test
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/l2ping
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/flatpak-builder-tools-tools
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/jack_wait
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/alsa_seq_dump
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/alsa_hwdep
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/l2test
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/l2ping
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/flatpak-builder-tools-tools
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/jack_wait
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/alsa_seq_dump
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/alsa_jack
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/alsa_jack
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/alsa_hwdep
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/l2test
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/alsa_hwdep
Jul 29 2024 13:47:51 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/l2test
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/l2ping
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/flatpak-builder-tools-tools
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/jack_wait
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/alsa_seq_dump
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/alsa_jack
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/alsa_hwdep
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/l2test
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/l2ping
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/flatpak-builder-tools-tools
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/jack_wait
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/alsa_seq_dump
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/alsa_jack
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/alsa_hwdep
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/l2test
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/l2ping
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/alsa_hwdep
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/l2test
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/l2ping
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/flatpak-builder-tools-tools
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/jack_wait
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/alsa_seq_dump
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/alsa_jack
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/flatpak-builder-tools-tools
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/jack_wait
Jul 29 2024 13:47:52 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/alsa_seq_dump
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/alsa_jack
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/alsa_hwdep
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/l2test
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/l2ping
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/flatpak-builder-tools-tools
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/jack_wait
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/alsa_seq_dump
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/alsa_jack
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/l2ping
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/alsa_hwdep
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/l2test
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/l2ping
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/flatpak-builder-tools-tools
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/jack_wait
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/alsa_seq_dump
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/alsa_jack
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/alsa_hwdep
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/l2test
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:53 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/l2ping
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/flatpak-builder-tools-tools
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/jack_wait
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/alsa_seq_dump
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/alsa_jack
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/flatpak-builder-tools-tools
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/alsa_hwdep
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/l2test
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/l2ping
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/flatpak-builder-tools-tools
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/jack_wait
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/alsa_seq_dump
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/alsa_jack
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/alsa_hwdep
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/l2test
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/l2ping
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/flatpak-builder-tools-tools
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/jack_wait
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/alsa_seq_dump
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/alsa_jack
Jul 29 2024 13:47:54 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/alsa_hwdep
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/l2test
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/l2ping
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/flatpak-builder-tools-tools
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/jack_wait
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/alsa_seq_dump
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/alsa_jack
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/alsa_hwdep
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/l2test
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/l2ping
Jul 29 2024 13:47:55 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/flatpak-builder-tools-tools
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/jack_wait
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/alsa_seq_dump
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/alsa_hwdep
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/l2test
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/l2ping
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/flatpak-builder-tools-tools
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/jack_wait
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/alsa_seq_dump
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/alsa_jack
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/alsa_jack
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/alsa_hwdep
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/l2test
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/l2ping
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:56 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/flatpak-builder-tools-tools
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/jack_wait
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/alsa_seq_dump
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/alsa_jack
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/jack_wait
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/alsa_seq_dump
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/alsa_hwdep
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/l2test
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/alsa_hwdep
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/l2test
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/l2ping
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/flatpak-builder-tools-tools
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/jack_wait
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/alsa_seq_dump
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/alsa_jack
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/l2ping
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/flatpak-builder-tools-tools
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/jack_wait
Jul 29 2024 13:47:57 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/alsa_seq_dump
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/alsa_jack
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/alsa_hwdep
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/l2test
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/l2ping
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/flatpak-builder-tools-tools
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/jack_wait
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/alsa_seq_dump
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/alsa_jack
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/fetchmail
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/alsa_hwdep
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/l2test
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/l2ping
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/flatpak-builder-tools-tools
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/jack_wait
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/alsa_seq_dump
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/alsa_jack
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/alsa_hwdep
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/l2test
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/l2ping
Jul 29 2024 13:47:58 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/flatpak-builder-tools-tools
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/jack_wait
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/alsa_seq_dump
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/alsa_jack
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/alsa_jack
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/alsa_hwdep
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/l2test
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/l2ping
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/flatpak-builder-tools-tools
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/jack_wait
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/alsa_seq_dump
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/alsa_jack
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/alsa_hwdep
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/l2test
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/l2ping
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/flatpak-builder-tools-build-commit
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/flatpak-builder-tools-tools
Jul 29 2024 13:47:59 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/jack_wait
Jul 29 2024 13:48:00 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/alsa_seq_dump
Jul 29 2024 13:48:00 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/alsa_hwdep
Jul 29 2024 13:48:00 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/l2test
Jul 29 2024 13:48:00 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/flatpak-builder-tools-tools-build-commit
Jul 29 2024 13:48:00 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/l2ping
Jul 29 2024 13:48:00 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/flatpak-builder-tools-build-commit
Jul 29 2024 13:48:00 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/flatpak-builder-tools-tools
Jul 29 2024 13:48:00 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/jack_wait
Jul 29 2024 13:48:00 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/alsa_seq_dump
Jul 29 2024 13:48:00 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/alsa_jack
Jul 29 2024 13:48:00 cp41 maldet(5316): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/alsa_jack
Jul 29 2024 13:48:00 cp41 maldet(5316): {scan} scan completed on : files 24922, malware hits 258, cleaned hits 0, time 35549s
Jul 29 2024 13:48:00 cp41 maldet(5316): {scan} scan report saved, to view run: maldet --report 240729-0355.5316
Jul 29 2024 13:48:00 cp41 maldet(5316): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240729-0355.5316
Jul 30 2024 03:41:46 cp41 maldet(16405): {update} checking for available updates...
Jul 30 2024 03:41:51 cp41 maldet(16405): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 30 2024 03:41:51 cp41 maldet(16405): {update} hashing install files and checking against server...
Jul 30 2024 03:41:51 cp41 maldet(16405): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 30 2024 03:41:51 cp41 maldet(16405): {update} latest version already installed.
Jul 30 2024 03:41:54 cp41 maldet(16706): {sigup} performing signature update check...
Jul 30 2024 03:41:54 cp41 maldet(16706): {sigup} local signature set is version 20240728593846
Jul 30 2024 03:41:54 cp41 maldet(16706): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 30 2024 03:41:56 cp41 maldet(16706): {sigup} latest signature set already installed
Jul 30 2024 03:42:05 cp41 maldet(16850): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 30 2024 03:42:25 cp41 maldet(16850): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 30 2024 03:42:28 cp41 maldet(16850): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 30 2024 03:42:32 cp41 maldet(16850): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 30 2024 03:42:32 cp41 maldet(16850): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 30 2024 07:49:26 cp41 maldet(16850): {scan} file list completed in 14814s, found 25178 files...
Jul 30 2024 07:49:26 cp41 maldet(16850): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 30 2024 07:49:27 cp41 maldet(16850): {scan} scan of (25178 files) in progress...
Jul 30 2024 07:50:54 cp41 maldet(16850): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 30 2024 07:50:54 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/fetchmail
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/zwso.php
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/e/e/a/jack_transport_ctl
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/e/e/b/jack_transport_ctl
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/e/c/b/h/jack_transport_ctl
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/e/h/e/d/jack_transport_ctl
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/c/a/f/a/jack_transport_ctl
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/a/a/e/d/jack_release_timebase
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/a/b/f/e/jack_transport_ctl
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/h/e/a/jack_release_timebase
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/b/a/b/b/flatpak-builder-tools-make
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/b/b/e/c/jack_release_timebase
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/b/b/b/d/jack_release_timebase
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/b/d/a/b/flatpak-builder-tools-make
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/f/g/f/f/jack_release_timebase
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/d/h/b/d/jack_transport_ctl
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/d/f/f/b/jack_transport_ctl
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/d/d/f/f/flatpak-builder-tools-make
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/g/b/c/d/jack_release_timebase
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/cache/g/g/b/b/flatpak-builder-tools-make
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/local-PrestaShop7-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/blayos-WordPress-wordpress-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:55 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/yawani-Magento.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/markantony-Joomla-joomla.txt404/jack_transport_ctl
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/priya-WHMCS-whmcs-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/dreileen-WordPress.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/heddroom-Joomla-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/games-WHMCS-whmcs-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/mydental-OpenCart-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/shoplace-OpenCart.txt404/jack_release_timebase
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/titanicn-WHMCS-client.txt404/jack_transport_ctl
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/teamyike-PrestaShop-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/clolderg-Joomla-portal.txt404/jack_release_timebase
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/aaronleh-PrestaShop7-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/puccinif-WHMCS-whmcs.txt404/alsa_rtp
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/schaffins-Drupal-web-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/jalbanese-Joomla-blogs-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/salmonte-PrestaShop-prestashop-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/salmonte-WHMCS-panel-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/jfisher-WHMCS-cliente-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/ohabimana-Drupal-portal.txt404/jack_release_timebase
Jul 30 2024 07:50:56 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/dnsuser-Joomla-wp-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/dnsuser-Joomla-joomla.txt404/jack_transport_ctl
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/abeegailj-env-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/abhinkp-WHMCS-order-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/akhilep-WHMCS-accounts.txt404/jack_transport_ctl
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/ashaso-WHMCS-host.txt404/jack_release_timebase
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/ashaso-WHMCS-cliente.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/aaronleh-WordPress-beta-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/aswathyd-Joomla-web.txt404/jack_release_timebase
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/azhari-Drupal-site-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/azhari-WHMCS-central.txt404/jack_transport_ctl
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/babageru-WHMCS-hosting-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/bibinkf-WordPress-wordpress-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/csimmons-WHMCS-central-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:57 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/dannydd-WHMCS-members-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:58 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/ipanainte-PrestaShop7-store-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:58 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/joseph-WordPress-blog.txt404/jack_release_timebase
Jul 30 2024 07:50:58 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/lajinj-WHMCS-customers.txt404/jack_release_timebase
Jul 30 2024 07:50:58 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/neethusb-WordPress-web-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:58 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/nevint-WHMCS-supports-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:58 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/pwanky-WHMCS-painel-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:58 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/rahuler-WordPress-demo-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:58 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/sandhyav-WHMCS-accounts-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:58 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/swathip-Joomla-beta-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:58 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/vyshnavlalp-WHMCS-cp-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:58 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/chare-WHMCS-my.txt404/jack_release_timebase
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/arribave-myconf-cPanel-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/applpldol-WHMCS-domains.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/acushnet-WHMCS-portal.txt404/jack_release_timebase
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/asquare1-WHMCS-cp-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/bryansch-Joomla-home-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/bryansch-WHMCS-main.txt404/jack_transport_ctl
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/chrisjga-old-env-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/colorad7-WordPress-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/darkhors-WHMCS-panel.txt404/jack_release_timebase
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/erxgrafx-PrestaShop-prestashop-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/erxgrafx-WordPress-demo-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/federico-WHMCS-control-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/federico-WHMCS-control-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/frankbla-Magento-shop-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/frankbla-WordPress-wordpress-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/heddroom-Magento-magento-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/heddroom-WHMCS-core.txt404/flatpak-builder-tools-make
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/imaginin-WHMCS-panel-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/imaginin-WordPress-site-public_html.txt404/jack_release_timebase
Jul 30 2024 07:50:59 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/joelconn-WHMCS-core-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/livingaw-WordPress-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/lpldol-WHMCS-domains-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/macfixer-Joomla-demo-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/macjaunt-WordPress-beta-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/marvello-WHMCS-whmcs.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/nolandwh-PrestaShop7-market-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/patdeluxe-PrestaShop-shop.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/philosof-WHMCS-domains.txt404/jack_release_timebase
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/redsummitmedia-WHMCS-manage-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/soflafcp-WHMCS-hosting.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/studior1-Drupal-drupal-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/audittre-WHMCS-central.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/agriesti-OpenCart-test-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/brennabu-WHMCS-support.txt404/jack_release_timebase
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/briancol-PrestaShop7-market-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/briancol-WHMCS-whm-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/brianhsc-WHMCS-painel.txt404/jack_release_timebase
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/chaplane-Drupal-site-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/cribbage-demo-env-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/evpinfoc-WHMCS-domains.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/gusbaran-WHMCS-painel.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/healthyg-PrestaShop-prestashop-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/krisbryl-PrestaShop7-shop-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/krisbryl-WHMCS-core-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/krisbryl-WHMCS-billings-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:00 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/mcmrailv-WordPress-home-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/olshsdco-WHMCS-support-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/pipedrea-WHMCS-client.txt404/jack_release_timebase
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/riffingo-WHMCS-main.txt404/jack_transport_ctl
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/saturnst-Joomla-portal-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/snipesca-laravel-env-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/ksmanual-WHMCS-hosting.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/ksmanual-WHMCS-cp.txt404/jack_transport_ctl
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/ksmanual-WordPress-wordpress.txt404/jack_release_timebase
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/lindsayg-WordPress-wp.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/caringpr-WHMCS-supports.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/screenin-OpenCart-old-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/artemisi-PrestaShop-store-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/puccinif-accesshash-WHMCS-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:01 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/customdemo1-OpenCart-shop-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/ajithva-PrestaShop.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/anjum-PrestaShop7.txt404/jack_release_timebase
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/jayaganeshr-Joomla.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/servicep-PrestaShop7.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/shelleyg-WordPress.txt404/jack_release_timebase
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/evpinfoc-Joomla-portal.txt404/jack_transport_ctl
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/focusont-WordPress.txt404/jack_transport_ctl
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/acppubso-Joomla-portal.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/titanicn-WHMCS-domains.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/local-PrestaShop7-market-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/schaffins-WHMCS-core.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/dshull-WHMCS-clientes.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/blayos-WHMCS-domains.txt404/jack_transport_ctl
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/hjumpline-gfl-WHMCS-control-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/ccascanjumpline-WHMCS-client-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/ccascanjumpline-Drupal-web-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/ccascanjumpline-WHMCS-support.txt404/jack_transport_ctl
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/ccascanjumpline-WHMCS-painel.txt404/jack_release_timebase
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/akumar-WordPress-blog-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/anjalyb-WHMCS-control.txt404/jack_transport_ctl
Jul 30 2024 07:51:02 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/anjubose-OpenCart-new-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/arunsankark-WHMCS-main.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/ashaso-WHMCS-whmcs.txt404/jack_release_timebase
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/azhari-WHMCS-billing.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/babageru-Drupal-portal-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/csimmons-Drupal-portal.txt404/jack_release_timebase
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/dennisj-PrestaShop-store-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/dennisj-WHMCS-cp.txt404/jack_transport_ctl
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/ipanainte-Magento-store-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/ipanainte-PrestaShop7-store-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/jayaganeshr-WordPress-wp.txt404/jack_transport_ctl
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/jishnum-WHMCS-panel.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/lajinj-Drupal-home-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/nafias-OpenCart-shop-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/neethusb-Drupal-site-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/neethusb-OpenCart-oc-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/nevint-test-env-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/opsbot-OpenCart-store-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/pwanky-WHMCS-core-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/rahuler-Drupal-web-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sabirsk-myconf-cPanel-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sandhyav-WHMCS-clientarea-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sandhyav-laravel-env-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sgopinath-Magento-shop-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sgopinath-test-env-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/swathip-WHMCS-user-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/arribave-PrestaShop7-prestashop.txt404/jack_transport_ctl
Jul 30 2024 07:51:03 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/applpldol-PrestaShop-prestashop-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/applpldol-Drupal-web-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/applpldol-WHMCS-clientearea-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/bencassa-WHMCS-support-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/acushnet-PrestaShop-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/acushnet-WHMCS-clients-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/bluedogm-Joomla-old-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/calmesta-PrestaShop7-prestashop-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/casadees-Joomla-joomla.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/cornerla-WHMCS-host.txt404/jack_release_timebase
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/erxgrafx-PrestaShop-prestashop.txt404/jack_transport_ctl
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/ethantom-WHMCS-clients-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/frankbla-Joomla-joomla-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/frankbla-WordPress-wordpress-public_html.txt404/jack_record
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/grantree-Magento-magento-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/heddroom-WHMCS-hosting-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/homerepa-OpenCart-opencart-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:04 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/imaginin-WHMCS-support-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/imaginin-WHMCS-accounts.txt404/jack_transport_ctl
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/joelconn-PrestaShop-store-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/lpldol-PrestaShop7-shop-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/macfixer-Drupal-portal-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/macfixer-laravel-env-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/macjaunt-WHMCS-account.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/miraclem-admin-env-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/musicroo-env-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/neverend-WHMCS-core.txt404/jack_transport_ctl
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/neverend-WHMCS-central.txt404/jack_transport_ctl
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/patdeluxe-Drupal-home-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/ratmotoc-Joomla-home-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/redsummitmedia-WHMCS-accounts-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:05 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/redsummitmedia-Joomla-joomla.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/project4-WHMCS-accounts.txt404/jack_transport_ctl
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/rjgassoc-PrestaShop7-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/rjgassoc-PrestaShop7-prestashop-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/rockymo1-WHMCS-portal.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sandjack-Joomla-web-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sandjack-WHMCS-manager.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/scottysw-WordPress-new-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/scottysw-WHMCS-central.txt404/jack_release_timebase
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/shelleyg-WordPress-wordpress-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/smashled-WHMCS-accounts.txt404/jack_transport_ctl
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/smashled-WHMCS-members.txt404/jack_transport_ctl
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/socherpr-OpenCart-old-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/socherpr-WHMCS-order.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/soflafcp-Joomla-portal-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sportsco-WordPress-wp.txt404/jack_release_timebase
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/tbhbaorg-Drupal-drupal-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:06 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/tbintern-WHMCS-order-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:07 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/zdesignc-OpenCart-opencart-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:07 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/brennabu-WHMCS-central.txt404/jack_release_timebase
Jul 30 2024 07:51:07 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/briancol-OpenCart-opencart.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:08 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/brfisher-PrestaShop7-prestashop.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:08 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/brianhsc-WordPress-wp-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:08 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/chalkboa-WHMCS-support.txt404/jack_transport_ctl
Jul 30 2024 07:51:08 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/cvsmithc-Joomla-demo-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:08 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/gusbaran-Magento-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:08 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/henderso-WHMCS-members.txt404/jack_transport_ctl
Jul 30 2024 07:51:08 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/highdese-accesshash-WHMCS.txt404/jack_release_timebase
Jul 30 2024 07:51:08 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/howlandu-WHMCS-panel-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/howlandu-WHMCS-billing-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/howlandu-Drupal-portal.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/insectsi-WHMCS-cp.txt404/jack_transport_ctl
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/mcmrailv-Joomla-demo-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/michaelh-WHMCS-user.txt404/jack_transport_ctl
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/michaelh-WHMCS-members.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/nycellis-WHMCS-user.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/olshsdco-PrestaShop-store-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/olshsdco-PrestaShop7-prestashop.txt404/jack_release_timebase
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/pointlak-PrestaShop7-prestashop.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/riffingo-WHMCS-panel-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:09 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/shoplace-WordPress-blogs-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:10 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/snipesca-OpenCart-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:10 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/snipesca-WordPress-demo-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:10 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/snipesca-WHMCS-client.txt404/jack_release_timebase
Jul 30 2024 07:51:10 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sonsofdo-WHMCS-client-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:10 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sonsofdo-WHMCS-hosting-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:10 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/superio1-Magento-magento-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:10 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/trespeti-Drupal-web-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:10 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/trespeti-WHMCS-supports.txt404/jack_transport_ctl
Jul 30 2024 07:51:10 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/weareroy-admin-env-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:10 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/theeastf-OpenCart-new-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:10 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/grimoire-WHMCS-cp.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/rharchit-PrestaShop7-store-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sandersm-WordPress-beta-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sandersm-Joomla-wp-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sandersm-WHMCS-clientearea.txt404/jack_release_timebase
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/clolderg-myconf-cPanel.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/screenin-PrestaShop7-store-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/aaronleh-Magento-store-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/aaronleh-WHMCS-domains-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/keeperss-WHMCS-main-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/artemisi-WHMCS-supports.txt404/jack_transport_ctl
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/puccinif-WordPress-blogs-public_html.txt404/jack_release_timebase
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/customdemo1-admin-env-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/acppubso-OpenCart-demo-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:11 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/acppubso-accesshash-WHMCS.txt404/jack_release_timebase
Jul 30 2024 07:51:12 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/jhernandez-WHMCS-clients-public_html.txt404/jack_transport_ctl
Jul 30 2024 07:51:12 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/local-PrestaShop7.txt404/jack_release_timebase
Jul 30 2024 07:51:12 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/cmiersch-PrestaShop7.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:12 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/neethusb-PrestaShop7.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:12 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/swathip-WordPress.txt404/jack_release_timebase
Jul 30 2024 07:51:12 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/bryansch-WHMCS-customer-public_html.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:12 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/calmesta-WHMCS-customer.txt404/jack_release_timebase
Jul 30 2024 07:51:12 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/erxgrafx-WHMCS-customer.txt404/jack_transport_ctl
Jul 30 2024 07:51:12 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/sonsofdo-Joomla-portal.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:12 cp41 maldet(16850): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/wp-admin-hacked/404FBS/puccinif-WHMCS-customer.txt404/flatpak-builder-tools-make
Jul 30 2024 07:51:12 cp41 maldet(16850): {scan} scan completed on : files 25178, malware hits 282, cleaned hits 0, time 14947s
Jul 30 2024 07:51:12 cp41 maldet(16850): {scan} scan report saved, to view run: maldet --report 240730-0341.16850
Jul 30 2024 07:51:12 cp41 maldet(16850): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240730-0341.16850
Jul 31 2024 03:23:13 cp41 maldet(1048): {update} checking for available updates...
Jul 31 2024 03:23:14 cp41 maldet(1048): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 31 2024 03:23:14 cp41 maldet(1048): {update} hashing install files and checking against server...
Jul 31 2024 03:23:16 cp41 maldet(1048): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 31 2024 03:23:16 cp41 maldet(1048): {update} latest version already installed.
Jul 31 2024 03:23:19 cp41 maldet(1238): {sigup} performing signature update check...
Jul 31 2024 03:23:19 cp41 maldet(1238): {sigup} local signature set is version 20240728593846
Jul 31 2024 03:23:19 cp41 maldet(1238): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 31 2024 03:23:20 cp41 maldet(1238): {sigup} latest signature set already installed
Jul 31 2024 03:23:22 cp41 maldet(1368): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 31 2024 03:23:24 cp41 maldet(1368): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 31 2024 03:23:24 cp41 maldet(1368): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Jul 31 2024 03:23:24 cp41 maldet(1368): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 31 2024 03:23:24 cp41 maldet(1368): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Jul 31 2024 08:40:23 cp41 maldet(1368): {scan} file list completed in 19019s, found 1003 files...
Jul 31 2024 08:40:23 cp41 maldet(1368): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 31 2024 08:40:23 cp41 maldet(1368): {scan} scan of (1003 files) in progress...
Jul 31 2024 08:41:59 cp41 maldet(1368): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Jul 31 2024 08:41:59 cp41 maldet(1368): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/saturnst/public_html/404MZP/puccinif-WHMCS-whmcs.txt404/alsa_rtp
Jul 31 2024 08:41:59 cp41 maldet(1368): {scan} scan completed on : files 1003, malware hits 2, cleaned hits 0, time 19117s
Jul 31 2024 08:41:59 cp41 maldet(1368): {scan} scan report saved, to view run: maldet --report 240731-0323.1368
Jul 31 2024 08:41:59 cp41 maldet(1368): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240731-0323.1368
Aug 01 2024 03:41:40 cp41 maldet(9608): {update} checking for available updates...
Aug 01 2024 03:41:40 cp41 maldet(9608): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 01 2024 03:41:40 cp41 maldet(9608): {update} hashing install files and checking against server...
Aug 01 2024 03:41:42 cp41 maldet(9608): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 01 2024 03:41:42 cp41 maldet(9608): {update} latest version already installed.
Aug 01 2024 03:41:44 cp41 maldet(9825): {sigup} performing signature update check...
Aug 01 2024 03:41:44 cp41 maldet(9825): {sigup} local signature set is version 20240728593846
Aug 01 2024 03:41:44 cp41 maldet(9825): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 01 2024 03:41:50 cp41 maldet(9825): {sigup} latest signature set already installed
Aug 01 2024 03:41:53 cp41 maldet(9993): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 01 2024 03:41:56 cp41 maldet(9993): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 01 2024 03:41:56 cp41 maldet(9993): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 01 2024 03:41:56 cp41 maldet(9993): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 01 2024 03:41:56 cp41 maldet(9993): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 01 2024 07:29:14 cp41 maldet(9993): {scan} file list completed in 13637s, found 278 files...
Aug 01 2024 07:29:14 cp41 maldet(9993): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 01 2024 07:29:14 cp41 maldet(9993): {scan} scan of (278 files) in progress...
Aug 01 2024 07:29:32 cp41 maldet(9993): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/luuf.php
Aug 01 2024 07:29:32 cp41 maldet(9993): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/onedrive_download/plugins/bootstrap-wysihtml5/item.php
Aug 01 2024 07:29:32 cp41 maldet(9993): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-includes/product.php
Aug 01 2024 07:29:32 cp41 maldet(9993): {hit} malware hit {HEX}php.base64.inject.181 found for /home/olshsdco/public_html/bangu.php
Aug 01 2024 07:29:32 cp41 maldet(9993): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-content/wp-content/index.php
Aug 01 2024 07:29:32 cp41 maldet(9993): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-admin/click.php
Aug 01 2024 07:29:32 cp41 maldet(9993): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/olshsdco/public_html/ob/dist/js/index.php
Aug 01 2024 07:29:33 cp41 maldet(9993): {scan} scan completed on : files 278, malware hits 7, cleaned hits 0, time 13659s
Aug 01 2024 07:29:33 cp41 maldet(9993): {scan} scan report saved, to view run: maldet --report 240801-0341.9993
Aug 01 2024 07:29:33 cp41 maldet(9993): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240801-0341.9993
Aug 02 2024 03:58:36 cp41 maldet(12215): {update} checking for available updates...
Aug 02 2024 03:58:37 cp41 maldet(12215): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 02 2024 03:58:37 cp41 maldet(12215): {update} hashing install files and checking against server...
Aug 02 2024 03:58:38 cp41 maldet(12215): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 02 2024 03:58:38 cp41 maldet(12215): {update} latest version already installed.
Aug 02 2024 03:58:38 cp41 maldet(12384): {sigup} performing signature update check...
Aug 02 2024 03:58:38 cp41 maldet(12384): {sigup} local signature set is version 20240728593846
Aug 02 2024 03:58:39 cp41 maldet(12384): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 02 2024 03:58:41 cp41 maldet(12384): {sigup} latest signature set already installed
Aug 02 2024 03:58:43 cp41 maldet(12546): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 02 2024 03:58:46 cp41 maldet(12546): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 02 2024 03:58:46 cp41 maldet(12546): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 02 2024 03:58:46 cp41 maldet(12546): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 02 2024 03:58:46 cp41 maldet(12546): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 02 2024 07:07:45 cp41 maldet(12546): {scan} file list completed in 11339s, found 551 files...
Aug 02 2024 07:07:45 cp41 maldet(12546): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 02 2024 07:07:45 cp41 maldet(12546): {scan} scan of (551 files) in progress...
Aug 02 2024 07:08:16 cp41 maldet(12546): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Aug 02 2024 07:08:16 cp41 maldet(12546): {scan} scan completed on : files 551, malware hits 1, cleaned hits 0, time 11373s
Aug 02 2024 07:08:16 cp41 maldet(12546): {scan} scan report saved, to view run: maldet --report 240802-0358.12546
Aug 02 2024 07:08:16 cp41 maldet(12546): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240802-0358.12546
Aug 03 2024 03:17:27 cp41 maldet(26620): {update} checking for available updates...
Aug 03 2024 03:17:27 cp41 maldet(26620): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 03 2024 03:17:27 cp41 maldet(26620): {update} hashing install files and checking against server...
Aug 03 2024 03:17:28 cp41 maldet(26620): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 03 2024 03:17:28 cp41 maldet(26620): {update} latest version already installed.
Aug 03 2024 03:17:30 cp41 maldet(26764): {sigup} performing signature update check...
Aug 03 2024 03:17:30 cp41 maldet(26764): {sigup} local signature set is version 20240728593846
Aug 03 2024 03:17:30 cp41 maldet(26764): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 03 2024 03:17:31 cp41 maldet(26764): {sigup} new signature set 202407311290191 available
Aug 03 2024 03:17:31 cp41 maldet(26764): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 03 2024 03:17:31 cp41 maldet(26764): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 03 2024 03:17:32 cp41 maldet(26764): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 03 2024 03:17:32 cp41 maldet(26764): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 03 2024 03:17:32 cp41 maldet(26764): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 03 2024 03:17:32 cp41 maldet(26764): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 03 2024 03:17:32 cp41 maldet(26764): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 03 2024 03:17:33 cp41 maldet(26764): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 03 2024 03:17:33 cp41 maldet(26764): {sigup} verified md5sum of maldet-clean.tgz
Aug 03 2024 03:17:33 cp41 maldet(26764): {sigup} unpacked and installed maldet-clean.tgz
Aug 03 2024 03:17:33 cp41 maldet(26764): {sigup} signature set update completed
Aug 03 2024 03:17:33 cp41 maldet(26764): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 03 2024 03:17:34 cp41 maldet(27029): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 03 2024 03:17:35 cp41 maldet(27029): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 03 2024 03:17:35 cp41 maldet(27029): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 03 2024 03:17:35 cp41 maldet(27029): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 03 2024 03:17:35 cp41 maldet(27029): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 03 2024 05:59:02 cp41 maldet(27029): {scan} file list completed in 9687s, found 22826 files...
Aug 03 2024 05:59:02 cp41 maldet(27029): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 03 2024 05:59:02 cp41 maldet(27029): {scan} scan of (22826 files) in progress...
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-includes/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Ussamer/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/acme-challenge/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/jack_cpu_load
Aug 03 2024 06:00:42 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/flatpak-remotes
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/jack_cpu_load
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/jack_cpu_load
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/jack_cpu_load
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/h/jack_cpu_load
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-content/jack_cpu_load
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/jack_cpu_load
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-admin/jack_cpu_load
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Havalpatter/jack_cpu_load
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-include/jack_cpu_load
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/komline.co.uk/gvKn3/index.php
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/ifconfig
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/ifconfig
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/ifconfig
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/ifconfig
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/ifconfig
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/ifconfig
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/ifconfig
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/ifconfig
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/ifconfig
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/ifconfig
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/ifconfig
Aug 03 2024 06:00:43 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/ifconfig
Aug 03 2024 06:00:44 cp41 maldet(27029): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/blog/luuf.php
Aug 03 2024 06:00:45 cp41 maldet(27029): {scan} scan completed on : files 22826, malware hits 57, cleaned hits 0, time 9790s
Aug 03 2024 06:00:45 cp41 maldet(27029): {scan} scan report saved, to view run: maldet --report 240803-0317.27029
Aug 03 2024 06:00:45 cp41 maldet(27029): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240803-0317.27029
Aug 04 2024 03:41:49 cp41 maldet(5085): {update} checking for available updates...
Aug 04 2024 03:41:49 cp41 maldet(5085): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 04 2024 03:41:49 cp41 maldet(5085): {update} hashing install files and checking against server...
Aug 04 2024 03:41:50 cp41 maldet(5085): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 04 2024 03:41:50 cp41 maldet(5085): {update} latest version already installed.
Aug 04 2024 03:41:50 cp41 maldet(5228): {sigup} performing signature update check...
Aug 04 2024 03:41:50 cp41 maldet(5228): {sigup} local signature set is version 202407311290191
Aug 04 2024 03:41:50 cp41 maldet(5228): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 04 2024 03:41:50 cp41 maldet(5228): {sigup} new signature set 20240804573718 available
Aug 04 2024 03:41:50 cp41 maldet(5228): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 04 2024 03:41:51 cp41 maldet(5228): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 04 2024 03:41:51 cp41 maldet(5228): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 04 2024 03:41:51 cp41 maldet(5228): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 04 2024 03:41:51 cp41 maldet(5228): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 04 2024 03:41:51 cp41 maldet(5228): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 04 2024 03:41:51 cp41 maldet(5228): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 04 2024 03:41:55 cp41 maldet(5228): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 04 2024 03:41:56 cp41 maldet(5228): {sigup} verified md5sum of maldet-clean.tgz
Aug 04 2024 03:41:57 cp41 maldet(5228): {sigup} unpacked and installed maldet-clean.tgz
Aug 04 2024 03:41:57 cp41 maldet(5228): {sigup} signature set update completed
Aug 04 2024 03:41:57 cp41 maldet(5228): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 04 2024 03:41:57 cp41 maldet(5509): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 04 2024 03:41:59 cp41 maldet(5509): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 04 2024 03:41:59 cp41 maldet(5509): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 04 2024 03:41:59 cp41 maldet(5509): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 04 2024 03:41:59 cp41 maldet(5509): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 04 2024 07:43:25 cp41 maldet(5509): {scan} file list completed in 14486s, found 30925 files...
Aug 04 2024 07:43:25 cp41 maldet(5509): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 04 2024 07:43:25 cp41 maldet(5509): {scan} scan of (30925 files) in progress...
Aug 04 2024 07:50:22 cp41 maldet(5509): {hit} malware hit {HEX}php.base64.inject.181 found for /home/authorsd/public_html/bangu.php
Aug 04 2024 07:50:22 cp41 maldet(5509): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/jack_cpu_load
Aug 04 2024 07:50:22 cp41 maldet(5509): {hit} malware hit {HEX}php.malware.fopo.566 found for /home/saturnst/public_html/wp-includes/bna.php
Aug 04 2024 07:50:23 cp41 maldet(5509): {scan} scan completed on : files 30925, malware hits 3, cleaned hits 0, time 14905s
Aug 04 2024 07:50:23 cp41 maldet(5509): {scan} scan report saved, to view run: maldet --report 240804-0341.5509
Aug 04 2024 07:50:23 cp41 maldet(5509): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240804-0341.5509
Aug 05 2024 03:45:25 cp41 maldet(27461): {update} checking for available updates...
Aug 05 2024 03:45:25 cp41 maldet(27461): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 05 2024 03:45:25 cp41 maldet(27461): {update} hashing install files and checking against server...
Aug 05 2024 03:45:25 cp41 maldet(27461): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 05 2024 03:45:25 cp41 maldet(27461): {update} latest version already installed.
Aug 05 2024 03:45:26 cp41 maldet(27647): {sigup} performing signature update check...
Aug 05 2024 03:45:26 cp41 maldet(27647): {sigup} local signature set is version 20240804573718
Aug 05 2024 03:45:26 cp41 maldet(27647): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 05 2024 03:45:27 cp41 maldet(27647): {sigup} latest signature set already installed
Aug 05 2024 03:45:27 cp41 maldet(27768): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 05 2024 03:45:29 cp41 maldet(27768): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 05 2024 03:45:29 cp41 maldet(27768): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 05 2024 03:45:29 cp41 maldet(27768): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 05 2024 03:45:29 cp41 maldet(27768): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 05 2024 06:21:02 cp41 maldet(27768): {scan} file list completed in 9333s, found 220 files...
Aug 05 2024 06:21:02 cp41 maldet(27768): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 05 2024 06:21:02 cp41 maldet(27768): {scan} scan of (220 files) in progress...
Aug 05 2024 06:21:07 cp41 maldet(27768): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/komline.co.uk/install.php
Aug 05 2024 06:21:07 cp41 maldet(27768): {scan} scan completed on : files 220, malware hits 1, cleaned hits 0, time 9340s
Aug 05 2024 06:21:07 cp41 maldet(27768): {scan} scan report saved, to view run: maldet --report 240805-0345.27768
Aug 05 2024 06:21:07 cp41 maldet(27768): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240805-0345.27768
Aug 06 2024 03:27:44 cp41 maldet(14319): {update} checking for available updates...
Aug 06 2024 03:27:45 cp41 maldet(14319): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 06 2024 03:27:45 cp41 maldet(14319): {update} hashing install files and checking against server...
Aug 06 2024 03:27:45 cp41 maldet(14319): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 06 2024 03:27:45 cp41 maldet(14319): {update} latest version already installed.
Aug 06 2024 03:27:49 cp41 maldet(14516): {sigup} performing signature update check...
Aug 06 2024 03:27:49 cp41 maldet(14516): {sigup} local signature set is version 20240804573718
Aug 06 2024 03:27:50 cp41 maldet(14516): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 06 2024 03:27:52 cp41 maldet(14516): {sigup} latest signature set already installed
Aug 06 2024 03:27:54 cp41 maldet(14718): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 06 2024 03:27:56 cp41 maldet(14718): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 06 2024 03:27:56 cp41 maldet(14718): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 06 2024 03:27:56 cp41 maldet(14718): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 06 2024 03:27:56 cp41 maldet(14718): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 06 2024 07:40:44 cp41 maldet(14718): {scan} file list completed in 15168s, found 2216 files...
Aug 06 2024 07:40:44 cp41 maldet(14718): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 06 2024 07:40:44 cp41 maldet(14718): {scan} scan of (2216 files) in progress...
Aug 06 2024 07:42:40 cp41 maldet(14718): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Aug 06 2024 07:42:41 cp41 maldet(14718): {hit} malware hit {HEX}php.generic.malware.447 found for /home/impactme/public_html/wp-includes/index.php
Aug 06 2024 07:42:41 cp41 maldet(14718): {hit} malware hit {HEX}php.generic.malware.447 found for /home/impactme/public_html/wp-cli/index.php
Aug 06 2024 07:42:41 cp41 maldet(14718): {scan} scan completed on : files 2216, malware hits 3, cleaned hits 0, time 15287s
Aug 06 2024 07:42:41 cp41 maldet(14718): {scan} scan report saved, to view run: maldet --report 240806-0327.14718
Aug 06 2024 07:42:41 cp41 maldet(14718): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240806-0327.14718
Aug 07 2024 03:23:51 cp41 maldet(2569): {update} checking for available updates...
Aug 07 2024 03:23:51 cp41 maldet(2569): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 07 2024 03:23:51 cp41 maldet(2569): {update} hashing install files and checking against server...
Aug 07 2024 03:23:53 cp41 maldet(2569): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 07 2024 03:23:53 cp41 maldet(2569): {update} latest version already installed.
Aug 07 2024 03:23:54 cp41 maldet(2733): {sigup} performing signature update check...
Aug 07 2024 03:23:54 cp41 maldet(2733): {sigup} local signature set is version 20240804573718
Aug 07 2024 03:23:54 cp41 maldet(2733): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 07 2024 03:23:54 cp41 maldet(2733): {sigup} new signature set 202408071328483 available
Aug 07 2024 03:23:54 cp41 maldet(2733): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 07 2024 03:23:55 cp41 maldet(2733): {sigup} could not download https://cdn.rfxn.com/downloads/maldet-sigpack.tgz, please try again later.
Aug 07 2024 03:23:55 cp41 maldet(2733): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 07 2024 03:23:55 cp41 maldet(2733): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 07 2024 03:23:55 cp41 maldet(2733): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 07 2024 03:23:56 cp41 maldet(2733): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 07 2024 03:23:56 cp41 maldet(2733): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
Aug 07 2024 03:23:56 cp41 maldet(2733): {sigup} verified md5sum of maldet-clean.tgz
Aug 07 2024 03:23:56 cp41 maldet(2733): {sigup} unpacked and installed maldet-clean.tgz
Aug 07 2024 03:23:58 cp41 maldet(2926): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 07 2024 03:23:59 cp41 maldet(2926): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 07 2024 03:23:59 cp41 maldet(2926): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 07 2024 03:23:59 cp41 maldet(2926): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 07 2024 03:24:00 cp41 maldet(2926): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 07 2024 07:39:05 cp41 maldet(2926): {scan} file list completed in 15302s, found 96115 files...
Aug 07 2024 07:39:05 cp41 maldet(2926): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 07 2024 07:39:05 cp41 maldet(2926): {scan} scan of (96115 files) in progress...
Aug 07 2024 07:56:59 cp41 maldet(2926): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/military/public_html/.well-known/1212.php
Aug 07 2024 07:56:59 cp41 maldet(2926): {scan} scan completed on : files 96115, malware hits 1, cleaned hits 0, time 16381s
Aug 07 2024 07:56:59 cp41 maldet(2926): {scan} scan report saved, to view run: maldet --report 240807-0323.2926
Aug 07 2024 07:56:59 cp41 maldet(2926): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240807-0323.2926
Aug 08 2024 03:41:02 cp41 maldet(3768): {update} checking for available updates...
Aug 08 2024 03:41:02 cp41 maldet(3768): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 08 2024 03:41:02 cp41 maldet(3768): {update} hashing install files and checking against server...
Aug 08 2024 03:41:02 cp41 maldet(3768): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 08 2024 03:41:02 cp41 maldet(3768): {update} latest version already installed.
Aug 08 2024 03:41:02 cp41 maldet(3939): {sigup} performing signature update check...
Aug 08 2024 03:41:02 cp41 maldet(3939): {sigup} local signature set is version 20240804573718
Aug 08 2024 03:41:03 cp41 maldet(3939): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 08 2024 03:41:03 cp41 maldet(3939): {sigup} new signature set 202408071328483 available
Aug 08 2024 03:41:03 cp41 maldet(3939): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 08 2024 03:41:04 cp41 maldet(3939): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 08 2024 03:41:04 cp41 maldet(3939): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 08 2024 03:41:04 cp41 maldet(3939): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 08 2024 03:41:04 cp41 maldet(3939): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 08 2024 03:41:04 cp41 maldet(3939): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 08 2024 03:41:04 cp41 maldet(3939): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 08 2024 03:41:06 cp41 maldet(3939): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 08 2024 03:41:06 cp41 maldet(3939): {sigup} verified md5sum of maldet-clean.tgz
Aug 08 2024 03:41:06 cp41 maldet(3939): {sigup} unpacked and installed maldet-clean.tgz
Aug 08 2024 03:41:06 cp41 maldet(3939): {sigup} signature set update completed
Aug 08 2024 03:41:06 cp41 maldet(3939): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 08 2024 03:41:06 cp41 maldet(4227): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 08 2024 03:41:08 cp41 maldet(4227): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 08 2024 03:41:08 cp41 maldet(4227): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 08 2024 03:41:08 cp41 maldet(4227): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 08 2024 03:41:08 cp41 maldet(4227): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 08 2024 06:43:47 cp41 maldet(4227): {scan} file list completed in 10959s, found 803 files...
Aug 08 2024 06:43:48 cp41 maldet(4227): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 08 2024 06:43:48 cp41 maldet(4227): {scan} scan of (803 files) in progress...
Aug 08 2024 06:44:05 cp41 maldet(4227): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Aug 08 2024 06:44:06 cp41 maldet(4227): {hit} malware hit {YARA}eval_post found for /home/sethbook/public_html/wp-includes/images/JaJYJQMn.php
Aug 08 2024 06:44:06 cp41 maldet(4227): {hit} malware hit {HEX}php.exe.globals.416 found for /home/sethbook/public_html/wp-includes/epqtkg.php
Aug 08 2024 06:44:06 cp41 maldet(4227): {hit} malware hit {HEX}php.nested.base64.652 found for /home/sethbook/public_html/wp-content/includes/plugins/met/user/wp/DUbNIYhOSC.php
Aug 08 2024 06:44:06 cp41 maldet(4227): {scan} scan completed on : files 803, malware hits 4, cleaned hits 0, time 10980s
Aug 08 2024 06:44:06 cp41 maldet(4227): {scan} scan report saved, to view run: maldet --report 240808-0341.4227
Aug 08 2024 06:44:06 cp41 maldet(4227): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240808-0341.4227
Aug 09 2024 03:51:58 cp41 maldet(16699): {update} checking for available updates...
Aug 09 2024 03:51:58 cp41 maldet(16699): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 09 2024 03:51:58 cp41 maldet(16699): {update} hashing install files and checking against server...
Aug 09 2024 03:51:58 cp41 maldet(16699): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 09 2024 03:51:58 cp41 maldet(16699): {update} latest version already installed.
Aug 09 2024 03:51:58 cp41 maldet(16862): {sigup} performing signature update check...
Aug 09 2024 03:51:58 cp41 maldet(16862): {sigup} local signature set is version 202408071328483
Aug 09 2024 03:51:58 cp41 maldet(16862): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 09 2024 03:52:03 cp41 maldet(16862): {sigup} latest signature set already installed
Aug 09 2024 03:52:03 cp41 maldet(17030): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 09 2024 03:52:06 cp41 maldet(17030): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 09 2024 03:52:06 cp41 maldet(17030): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 09 2024 03:52:06 cp41 maldet(17030): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 09 2024 03:52:06 cp41 maldet(17030): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 09 2024 08:38:27 cp41 maldet(17030): {scan} file list completed in 17180s, found 713 files...
Aug 09 2024 08:38:27 cp41 maldet(17030): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 09 2024 08:38:27 cp41 maldet(17030): {scan} scan of (713 files) in progress...
Aug 09 2024 08:38:51 cp41 maldet(17030): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Aug 09 2024 08:38:51 cp41 maldet(17030): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/mah.php
Aug 09 2024 08:38:51 cp41 maldet(17030): {scan} scan completed on : files 713, malware hits 2, cleaned hits 0, time 17208s
Aug 09 2024 08:38:51 cp41 maldet(17030): {scan} scan report saved, to view run: maldet --report 240809-0352.17030
Aug 09 2024 08:38:51 cp41 maldet(17030): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240809-0352.17030
Aug 10 2024 03:15:33 cp41 maldet(18321): {update} checking for available updates...
Aug 10 2024 03:15:33 cp41 maldet(18321): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 10 2024 03:15:33 cp41 maldet(18321): {update} hashing install files and checking against server...
Aug 10 2024 03:15:35 cp41 maldet(18321): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 10 2024 03:15:35 cp41 maldet(18321): {update} latest version already installed.
Aug 10 2024 03:15:37 cp41 maldet(18499): {sigup} performing signature update check...
Aug 10 2024 03:15:37 cp41 maldet(18499): {sigup} local signature set is version 202408071328483
Aug 10 2024 03:15:37 cp41 maldet(18499): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 10 2024 03:15:37 cp41 maldet(18499): {sigup} new signature set 202408102084908 available
Aug 10 2024 03:15:37 cp41 maldet(18499): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 10 2024 03:15:38 cp41 maldet(18499): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 10 2024 03:15:38 cp41 maldet(18499): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 10 2024 03:15:38 cp41 maldet(18499): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 10 2024 03:15:38 cp41 maldet(18499): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 10 2024 03:15:39 cp41 maldet(18499): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 10 2024 03:15:39 cp41 maldet(18499): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 10 2024 03:15:41 cp41 maldet(18499): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 10 2024 03:15:41 cp41 maldet(18499): {sigup} verified md5sum of maldet-clean.tgz
Aug 10 2024 03:15:41 cp41 maldet(18499): {sigup} unpacked and installed maldet-clean.tgz
Aug 10 2024 03:15:41 cp41 maldet(18499): {sigup} signature set update completed
Aug 10 2024 03:15:41 cp41 maldet(18499): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 10 2024 03:15:41 cp41 maldet(18780): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 10 2024 03:15:43 cp41 maldet(18780): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 10 2024 03:15:43 cp41 maldet(18780): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 10 2024 03:15:43 cp41 maldet(18780): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 10 2024 03:15:43 cp41 maldet(18780): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 10 2024 06:42:39 cp41 maldet(18780): {scan} file list completed in 12416s, found 2631 files...
Aug 10 2024 06:42:39 cp41 maldet(18780): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 10 2024 06:42:39 cp41 maldet(18780): {scan} scan of (2631 files) in progress...
Aug 10 2024 06:47:32 cp41 maldet(18780): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Aug 10 2024 06:47:32 cp41 maldet(18780): {scan} scan completed on : files 2631, malware hits 1, cleaned hits 0, time 12711s
Aug 10 2024 06:47:32 cp41 maldet(18780): {scan} scan report saved, to view run: maldet --report 240810-0315.18780
Aug 10 2024 06:47:32 cp41 maldet(18780): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240810-0315.18780
Aug 11 2024 03:16:05 cp41 maldet(15839): {update} checking for available updates...
Aug 11 2024 03:16:06 cp41 maldet(15839): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 11 2024 03:16:06 cp41 maldet(15839): {update} hashing install files and checking against server...
Aug 11 2024 03:16:06 cp41 maldet(15839): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 11 2024 03:16:06 cp41 maldet(15839): {update} latest version already installed.
Aug 11 2024 03:16:06 cp41 maldet(15984): {sigup} performing signature update check...
Aug 11 2024 03:16:06 cp41 maldet(15984): {sigup} local signature set is version 202408102084908
Aug 11 2024 03:16:06 cp41 maldet(15984): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 11 2024 03:16:07 cp41 maldet(15984): {sigup} latest signature set already installed
Aug 11 2024 03:16:07 cp41 maldet(16114): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 11 2024 03:16:08 cp41 maldet(16114): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 11 2024 03:16:08 cp41 maldet(16114): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 11 2024 03:16:08 cp41 maldet(16114): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 11 2024 03:16:08 cp41 maldet(16114): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 11 2024 08:33:33 cp41 maldet(16114): {scan} file list completed in 19045s, found 842 files...
Aug 11 2024 08:33:33 cp41 maldet(16114): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 11 2024 08:33:33 cp41 maldet(16114): {scan} scan of (842 files) in progress...
Aug 11 2024 08:36:26 cp41 maldet(16114): {hit} malware hit {HEX}php.base64.inject.182 found for /home/authorsd/public_html/luuf.php
Aug 11 2024 08:36:28 cp41 maldet(16114): {scan} scan completed on : files 842, malware hits 1, cleaned hits 0, time 19219s
Aug 11 2024 08:36:28 cp41 maldet(16114): {scan} scan report saved, to view run: maldet --report 240811-0316.16114
Aug 11 2024 08:36:28 cp41 maldet(16114): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240811-0316.16114
Aug 12 2024 03:18:08 cp41 maldet(10272): {update} checking for available updates...
Aug 12 2024 03:18:08 cp41 maldet(10272): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 12 2024 03:18:08 cp41 maldet(10272): {update} hashing install files and checking against server...
Aug 12 2024 03:18:09 cp41 maldet(10272): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 12 2024 03:18:09 cp41 maldet(10272): {update} latest version already installed.
Aug 12 2024 03:18:09 cp41 maldet(10422): {sigup} performing signature update check...
Aug 12 2024 03:18:09 cp41 maldet(10422): {sigup} local signature set is version 202408102084908
Aug 12 2024 03:18:09 cp41 maldet(10422): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 12 2024 03:18:09 cp41 maldet(10422): {sigup} latest signature set already installed
Aug 12 2024 03:18:10 cp41 maldet(10537): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 12 2024 03:18:11 cp41 maldet(10537): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 12 2024 03:18:11 cp41 maldet(10537): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 12 2024 03:18:11 cp41 maldet(10537): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 12 2024 03:18:11 cp41 maldet(10537): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 12 2024 06:46:04 cp41 maldet(10537): {scan} file list completed in 12472s, found 788 files...
Aug 12 2024 06:46:04 cp41 maldet(10537): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 12 2024 06:46:04 cp41 maldet(10537): {scan} scan of (788 files) in progress...
Aug 12 2024 06:47:17 cp41 maldet(10537): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Aug 12 2024 06:47:17 cp41 maldet(10537): {scan} scan completed on : files 788, malware hits 0, cleaned hits 0, time 12547s
Aug 12 2024 06:47:17 cp41 maldet(10537): {scan} scan report saved, to view run: maldet --report 240812-0318.10537
Aug 13 2024 03:11:03 cp41 maldet(26502): {update} checking for available updates...
Aug 13 2024 03:11:03 cp41 maldet(26502): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 13 2024 03:11:03 cp41 maldet(26502): {update} hashing install files and checking against server...
Aug 13 2024 03:11:07 cp41 maldet(26502): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 13 2024 03:11:07 cp41 maldet(26502): {update} latest version already installed.
Aug 13 2024 03:11:16 cp41 maldet(26960): {sigup} performing signature update check...
Aug 13 2024 03:11:16 cp41 maldet(26960): {sigup} local signature set is version 202408102084908
Aug 13 2024 03:11:21 cp41 maldet(26960): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 13 2024 03:11:24 cp41 maldet(26960): {sigup} latest signature set already installed
Aug 13 2024 03:11:24 cp41 maldet(27641): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 13 2024 03:11:30 cp41 maldet(27641): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 13 2024 03:11:30 cp41 maldet(27641): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 13 2024 03:11:30 cp41 maldet(27641): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 13 2024 03:11:30 cp41 maldet(27641): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 13 2024 08:00:52 cp41 maldet(27641): {scan} file list completed in 17361s, found 7331 files...
Aug 13 2024 08:00:52 cp41 maldet(27641): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 13 2024 08:00:52 cp41 maldet(27641): {scan} scan of (7331 files) in progress...
Aug 13 2024 08:02:24 cp41 maldet(27641): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/wp-includes/defaults.php
Aug 13 2024 08:02:24 cp41 maldet(27641): {hit} malware hit {YARA}spam_mailer found for /home/neverend/public_html/wp-includes/Text/Diff/Engine/index.php
Aug 13 2024 08:02:24 cp41 maldet(27641): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/wp-includes/images/index.php
Aug 13 2024 08:02:24 cp41 maldet(27641): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/Neverending_Films/Scripts/Widgets/Navbar/item.php
Aug 13 2024 08:02:24 cp41 maldet(27641): {hit} malware hit {YARA}spam_mailer found for /home/neverend/public_html/Neverending_Films/Scripts/Widgets/SharedResources/defaults.php
Aug 13 2024 08:02:24 cp41 maldet(27641): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/mm8zu/index.php
Aug 13 2024 08:02:24 cp41 maldet(27641): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/wp-content/item.php
Aug 13 2024 08:02:24 cp41 maldet(27641): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/wmzf9r/index/click.php
Aug 13 2024 08:02:24 cp41 maldet(27641): {scan} scan completed on : files 7331, malware hits 8, cleaned hits 0, time 17460s
Aug 13 2024 08:02:24 cp41 maldet(27641): {scan} scan report saved, to view run: maldet --report 240813-0311.27641
Aug 13 2024 08:02:24 cp41 maldet(27641): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240813-0311.27641
Aug 14 2024 03:23:13 cp41 maldet(6008): {update} checking for available updates...
Aug 14 2024 03:23:13 cp41 maldet(6008): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 14 2024 03:23:13 cp41 maldet(6008): {update} hashing install files and checking against server...
Aug 14 2024 03:23:14 cp41 maldet(6008): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 14 2024 03:23:14 cp41 maldet(6008): {update} latest version already installed.
Aug 14 2024 03:23:14 cp41 maldet(6163): {sigup} performing signature update check...
Aug 14 2024 03:23:14 cp41 maldet(6163): {sigup} local signature set is version 202408102084908
Aug 14 2024 03:23:14 cp41 maldet(6163): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 14 2024 03:23:15 cp41 maldet(6163): {sigup} latest signature set already installed
Aug 14 2024 03:23:15 cp41 maldet(6284): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 14 2024 03:23:16 cp41 maldet(6284): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 14 2024 03:23:16 cp41 maldet(6284): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 14 2024 03:23:16 cp41 maldet(6284): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 14 2024 03:23:16 cp41 maldet(6284): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 14 2024 05:27:56 cp41 maldet(6284): {scan} file list completed in 7480s, found 7323 files...
Aug 14 2024 05:27:56 cp41 maldet(6284): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 14 2024 05:27:56 cp41 maldet(6284): {scan} scan of (7323 files) in progress...
Aug 14 2024 05:28:31 cp41 maldet(6284): {hit} malware hit {HEX}php.generic.malware.447 found for /home/authorsd/public_html/yt2024/index.php
Aug 14 2024 05:28:31 cp41 maldet(6284): {hit} malware hit {YARA}php_in_image found for /home/authorsd/public_html/hix.php
Aug 14 2024 05:28:31 cp41 maldet(6284): {hit} malware hit {YARA}php_in_image found for /home/authorsd/public_html/knc.php
Aug 14 2024 05:28:31 cp41 maldet(6284): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/wp-includes/defaults.php
Aug 14 2024 05:28:31 cp41 maldet(6284): {hit} malware hit {YARA}spam_mailer found for /home/neverend/public_html/wp-includes/Text/Diff/Engine/index.php
Aug 14 2024 05:28:31 cp41 maldet(6284): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/wp-includes/images/index.php
Aug 14 2024 05:28:31 cp41 maldet(6284): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/Neverending_Films/Scripts/Widgets/Navbar/item.php
Aug 14 2024 05:28:31 cp41 maldet(6284): {hit} malware hit {YARA}spam_mailer found for /home/neverend/public_html/Neverending_Films/Scripts/Widgets/SharedResources/defaults.php
Aug 14 2024 05:28:32 cp41 maldet(6284): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/mm8zu/index.php
Aug 14 2024 05:28:32 cp41 maldet(6284): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/wp-content/item.php
Aug 14 2024 05:28:32 cp41 maldet(6284): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/wmzf9r/index/click.php
Aug 14 2024 05:28:32 cp41 maldet(6284): {scan} scan completed on : files 7323, malware hits 11, cleaned hits 0, time 7517s
Aug 14 2024 05:28:32 cp41 maldet(6284): {scan} scan report saved, to view run: maldet --report 240814-0323.6284
Aug 14 2024 05:28:32 cp41 maldet(6284): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240814-0323.6284
Aug 15 2024 03:14:26 cp41 maldet(8928): {update} checking for available updates...
Aug 15 2024 03:14:26 cp41 maldet(8928): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 15 2024 03:14:26 cp41 maldet(8928): {update} hashing install files and checking against server...
Aug 15 2024 03:14:27 cp41 maldet(8928): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 15 2024 03:14:27 cp41 maldet(8928): {update} latest version already installed.
Aug 15 2024 03:14:27 cp41 maldet(9106): {sigup} performing signature update check...
Aug 15 2024 03:14:27 cp41 maldet(9106): {sigup} local signature set is version 202408102084908
Aug 15 2024 03:14:27 cp41 maldet(9106): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 15 2024 03:14:28 cp41 maldet(9106): {sigup} latest signature set already installed
Aug 15 2024 03:14:28 cp41 maldet(9225): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 15 2024 03:14:31 cp41 maldet(9225): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 15 2024 03:14:31 cp41 maldet(9225): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 15 2024 03:14:31 cp41 maldet(9225): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 15 2024 03:14:31 cp41 maldet(9225): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 15 2024 12:07:17 cp41 maldet(9225): {scan} file list completed in 31965s, found 4718 files...
Aug 15 2024 12:07:17 cp41 maldet(9225): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 15 2024 12:07:17 cp41 maldet(9225): {scan} scan of (4718 files) in progress...
Aug 15 2024 12:15:05 cp41 maldet(9225): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-includes/blocks/index.php
Aug 15 2024 12:15:06 cp41 maldet(9225): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sethbook/public_html/function.php
Aug 15 2024 12:15:06 cp41 maldet(9225): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sethbook/public_html/wp-content/themes/index.php
Aug 15 2024 12:15:06 cp41 maldet(9225): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-content/includes/plugins/index.php
Aug 15 2024 12:15:06 cp41 maldet(9225): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/index/function.php
Aug 15 2024 12:15:06 cp41 maldet(9225): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-admin/user/IXR/css/IXR/options.php
Aug 15 2024 12:15:06 cp41 maldet(9225): {hit} malware hit {YARA}spam_mailer found for /home/sethbook/public_html/wp-admin/css/colors/modern/index.php
Aug 15 2024 12:15:06 cp41 maldet(9225): {scan} scan completed on : files 4718, malware hits 7, cleaned hits 0, time 32438s
Aug 15 2024 12:15:06 cp41 maldet(9225): {scan} scan report saved, to view run: maldet --report 240815-0314.9225
Aug 15 2024 12:15:06 cp41 maldet(9225): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240815-0314.9225
Aug 16 2024 03:38:09 cp41 maldet(16400): {update} checking for available updates...
Aug 16 2024 03:38:18 cp41 maldet(16400): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 16 2024 03:38:18 cp41 maldet(16400): {update} hashing install files and checking against server...
Aug 16 2024 03:38:20 cp41 maldet(16400): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 16 2024 03:38:20 cp41 maldet(16400): {update} latest version already installed.
Aug 16 2024 03:38:22 cp41 maldet(16614): {sigup} performing signature update check...
Aug 16 2024 03:38:22 cp41 maldet(16614): {sigup} local signature set is version 202408102084908
Aug 16 2024 03:38:22 cp41 maldet(16614): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 16 2024 03:38:27 cp41 maldet(16614): {sigup} new signature set 20240816593955 available
Aug 16 2024 03:38:27 cp41 maldet(16614): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 16 2024 03:38:27 cp41 maldet(16614): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 16 2024 03:38:27 cp41 maldet(16614): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 16 2024 03:38:27 cp41 maldet(16614): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 16 2024 03:38:28 cp41 maldet(16614): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 16 2024 03:38:28 cp41 maldet(16614): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 16 2024 03:38:28 cp41 maldet(16614): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 16 2024 03:38:33 cp41 maldet(16614): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 16 2024 03:38:33 cp41 maldet(16614): {sigup} verified md5sum of maldet-clean.tgz
Aug 16 2024 03:38:37 cp41 maldet(16614): {sigup} unpacked and installed maldet-clean.tgz
Aug 16 2024 03:38:37 cp41 maldet(16614): {sigup} signature set update completed
Aug 16 2024 03:38:37 cp41 maldet(16614): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 16 2024 03:38:39 cp41 maldet(16960): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 16 2024 03:38:40 cp41 maldet(16960): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 16 2024 03:38:40 cp41 maldet(16960): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 16 2024 03:38:40 cp41 maldet(16960): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 16 2024 03:38:40 cp41 maldet(16960): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 16 2024 13:38:18 cp41 maldet(16960): {scan} file list completed in 35977s, found 3841 files...
Aug 16 2024 13:38:18 cp41 maldet(16960): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 16 2024 13:38:18 cp41 maldet(16960): {scan} scan of (3841 files) in progress...
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {HEX}php.base64.inject.182 found for /home/authorsd/public_html/nsts2.PhP7
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {HEX}php.base64.inject.182 found for /home/authorsd/public_html/nsts2.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/wp-includes/click.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/wp-includes/mah.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/saturnst/public_html/mah.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {YARA}spam_mailer found for /home/saturnst/public_html/pemain/network.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {YARA}spam_mailer found for /home/saturnst/public_html/wp-content/item.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-includes/blocks/index.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sethbook/public_html/function.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sethbook/public_html/wp-content/themes/index.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-content/includes/plugins/index.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {HEX}php.generic.malware.447 found for /home/sethbook/public_html/index/function.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-admin/user/IXR/css/IXR/options.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {hit} malware hit {YARA}spam_mailer found for /home/sethbook/public_html/wp-admin/css/colors/modern/index.php
Aug 16 2024 13:44:08 cp41 maldet(16960): {scan} scan completed on : files 3841, malware hits 14, cleaned hits 0, time 36329s
Aug 16 2024 13:44:08 cp41 maldet(16960): {scan} scan report saved, to view run: maldet --report 240816-0338.16960
Aug 16 2024 13:44:08 cp41 maldet(16960): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240816-0338.16960
Aug 17 2024 03:39:13 cp41 maldet(27825): {update} checking for available updates...
Aug 17 2024 03:39:13 cp41 maldet(27825): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 17 2024 03:39:13 cp41 maldet(27825): {update} hashing install files and checking against server...
Aug 17 2024 03:39:13 cp41 maldet(27825): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 17 2024 03:39:13 cp41 maldet(27825): {update} latest version already installed.
Aug 17 2024 03:39:14 cp41 maldet(27981): {sigup} performing signature update check...
Aug 17 2024 03:39:14 cp41 maldet(27981): {sigup} local signature set is version 20240816593955
Aug 17 2024 03:39:14 cp41 maldet(27981): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 17 2024 03:39:15 cp41 maldet(27981): {sigup} latest signature set already installed
Aug 17 2024 03:39:15 cp41 maldet(28112): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 17 2024 03:39:16 cp41 maldet(28112): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 17 2024 03:39:16 cp41 maldet(28112): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 17 2024 03:39:16 cp41 maldet(28112): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 17 2024 03:39:16 cp41 maldet(28112): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 17 2024 06:13:44 cp41 maldet(28112): {scan} file list completed in 9268s, found 63927 files...
Aug 17 2024 06:13:44 cp41 maldet(28112): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 17 2024 06:13:44 cp41 maldet(28112): {scan} scan of (63927 files) in progress...
Aug 17 2024 06:24:20 cp41 maldet(28112): {hit} malware hit {HEX}php.base64.inject.182 found for /home/authorsd/public_html/lufix8.php
Aug 17 2024 06:24:21 cp41 maldet(28112): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/komline.co.uk/install.php
Aug 17 2024 06:24:21 cp41 maldet(28112): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/luuf.php
Aug 17 2024 06:24:21 cp41 maldet(28112): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/nsts2.PhP7
Aug 17 2024 06:24:21 cp41 maldet(28112): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/wp-includes/product.php
Aug 17 2024 06:24:21 cp41 maldet(28112): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/wp-admin/index.php
Aug 17 2024 06:24:21 cp41 maldet(28112): {scan} scan completed on : files 63927, malware hits 6, cleaned hits 0, time 9906s
Aug 17 2024 06:24:21 cp41 maldet(28112): {scan} scan report saved, to view run: maldet --report 240817-0339.28112
Aug 17 2024 06:24:21 cp41 maldet(28112): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240817-0339.28112
Aug 18 2024 03:29:27 cp41 maldet(20749): {update} checking for available updates...
Aug 18 2024 03:29:27 cp41 maldet(20749): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 18 2024 03:29:27 cp41 maldet(20749): {update} hashing install files and checking against server...
Aug 18 2024 03:29:29 cp41 maldet(20749): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 18 2024 03:29:29 cp41 maldet(20749): {update} latest version already installed.
Aug 18 2024 03:29:30 cp41 maldet(20940): {sigup} performing signature update check...
Aug 18 2024 03:29:30 cp41 maldet(20940): {sigup} local signature set is version 20240816593955
Aug 18 2024 03:29:33 cp41 maldet(20940): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 18 2024 03:29:35 cp41 maldet(20940): {sigup} latest signature set already installed
Aug 18 2024 03:29:39 cp41 maldet(21103): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 18 2024 03:29:45 cp41 maldet(21103): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 18 2024 03:29:45 cp41 maldet(21103): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 18 2024 03:29:45 cp41 maldet(21103): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 18 2024 03:29:45 cp41 maldet(21103): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 18 2024 09:39:27 cp41 maldet(21103): {scan} file list completed in 22181s, found 368 files...
Aug 18 2024 09:39:27 cp41 maldet(21103): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 18 2024 09:39:27 cp41 maldet(21103): {scan} scan of (368 files) in progress...
Aug 18 2024 09:39:57 cp41 maldet(21103): {hit} malware hit {YARA}multiple_php_webshells found for /home/authorsd/public_html/yfiupvqr.php
Aug 18 2024 09:39:57 cp41 maldet(21103): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/luuf.php
Aug 18 2024 09:39:57 cp41 maldet(21103): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/nsts2.PhP7
Aug 18 2024 09:39:57 cp41 maldet(21103): {scan} scan completed on : files 368, malware hits 3, cleaned hits 0, time 22218s
Aug 18 2024 09:39:57 cp41 maldet(21103): {scan} scan report saved, to view run: maldet --report 240818-0329.21103
Aug 18 2024 09:39:57 cp41 maldet(21103): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240818-0329.21103
Aug 19 2024 03:47:04 cp41 maldet(25657): {update} checking for available updates...
Aug 19 2024 03:47:04 cp41 maldet(25657): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 19 2024 03:47:04 cp41 maldet(25657): {update} hashing install files and checking against server...
Aug 19 2024 03:47:05 cp41 maldet(25657): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 19 2024 03:47:05 cp41 maldet(25657): {update} latest version already installed.
Aug 19 2024 03:47:05 cp41 maldet(25803): {sigup} performing signature update check...
Aug 19 2024 03:47:05 cp41 maldet(25803): {sigup} local signature set is version 20240816593955
Aug 19 2024 03:47:05 cp41 maldet(25803): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 19 2024 03:47:06 cp41 maldet(25803): {sigup} new signature set 202408191348753 available
Aug 19 2024 03:47:06 cp41 maldet(25803): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 19 2024 03:47:06 cp41 maldet(25803): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 19 2024 03:47:06 cp41 maldet(25803): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 19 2024 03:47:06 cp41 maldet(25803): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 19 2024 03:47:07 cp41 maldet(25803): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 19 2024 03:47:07 cp41 maldet(25803): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 19 2024 03:47:07 cp41 maldet(25803): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 19 2024 03:47:08 cp41 maldet(25803): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 19 2024 03:47:08 cp41 maldet(25803): {sigup} verified md5sum of maldet-clean.tgz
Aug 19 2024 03:47:09 cp41 maldet(25803): {sigup} unpacked and installed maldet-clean.tgz
Aug 19 2024 03:47:09 cp41 maldet(25803): {sigup} signature set update completed
Aug 19 2024 03:47:09 cp41 maldet(25803): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 19 2024 03:47:10 cp41 maldet(26089): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 19 2024 03:47:11 cp41 maldet(26089): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 19 2024 03:47:11 cp41 maldet(26089): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 19 2024 03:47:11 cp41 maldet(26089): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 19 2024 03:47:11 cp41 maldet(26089): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 19 2024 06:55:37 cp41 maldet(26089): {scan} file list completed in 11306s, found 71 files...
Aug 19 2024 06:55:37 cp41 maldet(26089): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 19 2024 06:55:37 cp41 maldet(26089): {scan} scan of (71 files) in progress...
Aug 19 2024 06:55:42 cp41 maldet(26089): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/clolderg/public_html/yyy.php
Aug 19 2024 06:55:42 cp41 maldet(26089): {scan} scan completed on : files 71, malware hits 1, cleaned hits 0, time 11312s
Aug 19 2024 06:55:42 cp41 maldet(26089): {scan} scan report saved, to view run: maldet --report 240819-0347.26089
Aug 19 2024 06:55:42 cp41 maldet(26089): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240819-0347.26089
Aug 20 2024 03:35:25 cp41 maldet(30680): {update} checking for available updates...
Aug 20 2024 03:35:25 cp41 maldet(30680): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 20 2024 03:35:25 cp41 maldet(30680): {update} hashing install files and checking against server...
Aug 20 2024 03:35:25 cp41 maldet(30680): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 20 2024 03:35:25 cp41 maldet(30680): {update} latest version already installed.
Aug 20 2024 03:35:26 cp41 maldet(30850): {sigup} performing signature update check...
Aug 20 2024 03:35:26 cp41 maldet(30850): {sigup} local signature set is version 202408191348753
Aug 20 2024 03:35:26 cp41 maldet(30850): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 20 2024 03:35:27 cp41 maldet(30850): {sigup} latest signature set already installed
Aug 20 2024 03:35:29 cp41 maldet(30976): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 20 2024 03:35:30 cp41 maldet(30976): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 20 2024 03:35:30 cp41 maldet(30976): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 20 2024 03:35:30 cp41 maldet(30976): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 20 2024 03:35:30 cp41 maldet(30976): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 20 2024 10:52:05 cp41 maldet(30976): {scan} file list completed in 26195s, found 355 files...
Aug 20 2024 10:52:05 cp41 maldet(30976): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 20 2024 10:52:05 cp41 maldet(30976): {scan} scan of (355 files) in progress...
Aug 20 2024 10:52:39 cp41 maldet(30976): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/clolderg/public_html/yyy.php
Aug 20 2024 10:52:40 cp41 maldet(30976): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/Gavin_Scott/Creative_artwork_files/Media/CRISIS_1/index.php
Aug 20 2024 10:52:40 cp41 maldet(30976): {hit} malware hit {YARA}spam_mailer found for /home/gavinsco/public_html/Gavin_Scott/Creative_artwork_files/Media/WWF_1e/index.php
Aug 20 2024 10:52:41 cp41 maldet(30976): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/Gavin_Scott/Creative_artwork_files/Media/YELLOW_PAGES_1/options.php
Aug 20 2024 10:52:41 cp41 maldet(30976): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/gavinsco/public_html/Gavin_Scott/Creative_artwork_files/Media/TOYOTA_1/index.php
Aug 20 2024 10:52:41 cp41 maldet(30976): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/jd/resources/js/vendor/index.php
Aug 20 2024 10:52:41 cp41 maldet(30976): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/beltfilterpress.com/cache/x404sh.php
Aug 20 2024 10:52:41 cp41 maldet(30976): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/olshsdco/public_html/product.php
Aug 20 2024 10:52:41 cp41 maldet(30976): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/La Vaca de Oro, heladerÃa en la Ciudad de México CDMX_files/network.php
Aug 20 2024 10:52:41 cp41 maldet(30976): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-admin/options.php
Aug 20 2024 10:52:41 cp41 maldet(30976): {hit} malware hit {HEX}php.exe.globals.416 found for /home/sethbook/public_html/wp-includes/fqlgzg.php
Aug 20 2024 10:52:41 cp41 maldet(30976): {hit} malware hit {YARA}eval_post found for /home/sethbook/public_html/wp-admin/php/tMNOfI.php
Aug 20 2024 10:52:41 cp41 maldet(30976): {hit} malware hit {HEX}php.nested.base64.652 found for /home/sethbook/public_html/wp-admin/php/css/style-engine/pomo/network/wp/nKrjxwI.php
Aug 20 2024 10:52:41 cp41 maldet(30976): {scan} scan completed on : files 355, malware hits 13, cleaned hits 0, time 26232s
Aug 20 2024 10:52:41 cp41 maldet(30976): {scan} scan report saved, to view run: maldet --report 240820-0335.30976
Aug 20 2024 10:52:41 cp41 maldet(30976): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240820-0335.30976
Aug 21 2024 03:11:59 cp41 maldet(30039): {update} checking for available updates...
Aug 21 2024 03:12:00 cp41 maldet(30039): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 21 2024 03:12:00 cp41 maldet(30039): {update} hashing install files and checking against server...
Aug 21 2024 03:12:00 cp41 maldet(30039): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 21 2024 03:12:00 cp41 maldet(30039): {update} latest version already installed.
Aug 21 2024 03:12:03 cp41 maldet(30567): {sigup} performing signature update check...
Aug 21 2024 03:12:03 cp41 maldet(30567): {sigup} local signature set is version 202408191348753
Aug 21 2024 03:12:04 cp41 maldet(30567): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 21 2024 03:12:04 cp41 maldet(30567): {sigup} latest signature set already installed
Aug 21 2024 03:12:06 cp41 maldet(30865): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 21 2024 03:12:08 cp41 maldet(30865): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 21 2024 03:12:08 cp41 maldet(30865): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 21 2024 03:12:08 cp41 maldet(30865): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 21 2024 03:12:08 cp41 maldet(30865): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 21 2024 11:37:58 cp41 maldet(30865): {scan} file list completed in 30349s, found 274 files...
Aug 21 2024 11:37:58 cp41 maldet(30865): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 21 2024 11:37:58 cp41 maldet(30865): {scan} scan of (274 files) in progress...
Aug 21 2024 11:38:42 cp41 maldet(30865): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/Gavin_Scott/Creative_artwork_files/Media/CRISIS_1/index.php
Aug 21 2024 11:38:42 cp41 maldet(30865): {hit} malware hit {YARA}spam_mailer found for /home/gavinsco/public_html/Gavin_Scott/Creative_artwork_files/Media/WWF_1e/index.php
Aug 21 2024 11:38:42 cp41 maldet(30865): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/Gavin_Scott/Creative_artwork_files/Media/YELLOW_PAGES_1/options.php
Aug 21 2024 11:38:42 cp41 maldet(30865): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/gavinsco/public_html/Gavin_Scott/Creative_artwork_files/Media/TOYOTA_1/index.php
Aug 21 2024 11:38:42 cp41 maldet(30865): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/jd/resources/js/vendor/index.php
Aug 21 2024 11:38:42 cp41 maldet(30865): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/VsTFx/themes4.php
Aug 21 2024 11:38:42 cp41 maldet(30865): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/chosen/product.php
Aug 21 2024 11:38:43 cp41 maldet(30865): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-admin/click.php
Aug 21 2024 11:38:43 cp41 maldet(30865): {scan} scan completed on : files 274, malware hits 8, cleaned hits 0, time 30397s
Aug 21 2024 11:38:43 cp41 maldet(30865): {scan} scan report saved, to view run: maldet --report 240821-0312.30865
Aug 21 2024 11:38:43 cp41 maldet(30865): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240821-0312.30865
Aug 22 2024 03:30:53 cp41 maldet(23672): {update} checking for available updates...
Aug 22 2024 03:30:53 cp41 maldet(23672): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 22 2024 03:30:53 cp41 maldet(23672): {update} hashing install files and checking against server...
Aug 22 2024 03:30:55 cp41 maldet(23672): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 22 2024 03:30:55 cp41 maldet(23672): {update} latest version already installed.
Aug 22 2024 03:30:57 cp41 maldet(23850): {sigup} performing signature update check...
Aug 22 2024 03:30:57 cp41 maldet(23850): {sigup} local signature set is version 202408191348753
Aug 22 2024 03:30:57 cp41 maldet(23850): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 22 2024 03:30:58 cp41 maldet(23850): {sigup} latest signature set already installed
Aug 22 2024 03:31:02 cp41 maldet(23995): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 22 2024 03:31:08 cp41 maldet(23995): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 22 2024 03:31:08 cp41 maldet(23995): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 22 2024 03:31:08 cp41 maldet(23995): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 22 2024 03:31:08 cp41 maldet(23995): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 22 2024 12:16:22 cp41 maldet(23995): {scan} file list completed in 31513s, found 371 files...
Aug 22 2024 12:16:22 cp41 maldet(23995): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 22 2024 12:16:22 cp41 maldet(23995): {scan} scan of (371 files) in progress...
Aug 22 2024 12:16:53 cp41 maldet(23995): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/VsTFx/themes4.php
Aug 22 2024 12:16:53 cp41 maldet(23995): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/chosen/product.php
Aug 22 2024 12:16:53 cp41 maldet(23995): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/mah/index.php
Aug 22 2024 12:16:53 cp41 maldet(23995): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-admin/click.php
Aug 22 2024 12:16:54 cp41 maldet(23995): {scan} scan completed on : files 371, malware hits 4, cleaned hits 0, time 31551s
Aug 22 2024 12:16:54 cp41 maldet(23995): {scan} scan report saved, to view run: maldet --report 240822-0330.23995
Aug 22 2024 12:16:54 cp41 maldet(23995): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240822-0330.23995
Aug 23 2024 03:29:34 cp41 maldet(29768): {update} checking for available updates...
Aug 23 2024 03:29:34 cp41 maldet(29768): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 23 2024 03:29:34 cp41 maldet(29768): {update} hashing install files and checking against server...
Aug 23 2024 03:29:35 cp41 maldet(29768): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 23 2024 03:29:35 cp41 maldet(29768): {update} latest version already installed.
Aug 23 2024 03:29:37 cp41 maldet(29936): {sigup} performing signature update check...
Aug 23 2024 03:29:37 cp41 maldet(29936): {sigup} local signature set is version 202408191348753
Aug 23 2024 03:29:37 cp41 maldet(29936): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 23 2024 03:29:37 cp41 maldet(29936): {sigup} new signature set 202408222103536 available
Aug 23 2024 03:29:38 cp41 maldet(29936): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 23 2024 03:29:38 cp41 maldet(29936): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 23 2024 03:29:38 cp41 maldet(29936): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 23 2024 03:29:39 cp41 maldet(29936): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 23 2024 03:29:39 cp41 maldet(29936): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 23 2024 03:29:39 cp41 maldet(29936): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 23 2024 03:29:39 cp41 maldet(29936): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 23 2024 03:29:40 cp41 maldet(29936): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 23 2024 03:29:40 cp41 maldet(29936): {sigup} verified md5sum of maldet-clean.tgz
Aug 23 2024 03:29:41 cp41 maldet(29936): {sigup} unpacked and installed maldet-clean.tgz
Aug 23 2024 03:29:41 cp41 maldet(29936): {sigup} signature set update completed
Aug 23 2024 03:29:42 cp41 maldet(29936): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 23 2024 03:29:42 cp41 maldet(30212): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 23 2024 03:29:43 cp41 maldet(30212): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 23 2024 03:29:43 cp41 maldet(30212): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 23 2024 03:29:43 cp41 maldet(30212): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 23 2024 03:29:43 cp41 maldet(30212): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 23 2024 10:53:01 cp41 maldet(30212): {scan} file list completed in 26598s, found 240 files...
Aug 23 2024 10:53:01 cp41 maldet(30212): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 23 2024 10:53:01 cp41 maldet(30212): {scan} scan of (240 files) in progress...
Aug 23 2024 10:53:28 cp41 maldet(30212): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/AZu6M/themes4.php
Aug 23 2024 10:53:29 cp41 maldet(30212): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/VsTFx/themes4.php
Aug 23 2024 10:53:29 cp41 maldet(30212): {hit} malware hit {HEX}php.nested.base64.663 found for /home/neverend/public_html/c4.php
Aug 23 2024 10:53:29 cp41 maldet(30212): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/nsts2.PhP7
Aug 23 2024 10:53:29 cp41 maldet(30212): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/nsts2.php
Aug 23 2024 10:53:29 cp41 maldet(30212): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/mah/index.php
Aug 23 2024 10:53:30 cp41 maldet(30212): {scan} scan completed on : files 240, malware hits 6, cleaned hits 0, time 26628s
Aug 23 2024 10:53:30 cp41 maldet(30212): {scan} scan report saved, to view run: maldet --report 240823-0329.30212
Aug 23 2024 10:53:30 cp41 maldet(30212): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240823-0329.30212
Aug 24 2024 03:54:04 cp41 maldet(26499): {update} checking for available updates...
Aug 24 2024 03:54:07 cp41 maldet(26499): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 24 2024 03:54:07 cp41 maldet(26499): {update} hashing install files and checking against server...
Aug 24 2024 03:54:08 cp41 maldet(26499): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 24 2024 03:54:08 cp41 maldet(26499): {update} latest version already installed.
Aug 24 2024 03:54:09 cp41 maldet(26937): {sigup} performing signature update check...
Aug 24 2024 03:54:09 cp41 maldet(26937): {sigup} local signature set is version 202408222103536
Aug 24 2024 03:54:09 cp41 maldet(26937): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 24 2024 03:54:10 cp41 maldet(26937): {sigup} latest signature set already installed
Aug 24 2024 03:54:10 cp41 maldet(27200): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 24 2024 03:54:12 cp41 maldet(27200): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 24 2024 03:54:12 cp41 maldet(27200): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 24 2024 03:54:12 cp41 maldet(27200): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 24 2024 03:54:12 cp41 maldet(27200): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 24 2024 11:34:59 cp41 maldet(27200): {scan} file list completed in 27646s, found 33925 files...
Aug 24 2024 11:34:59 cp41 maldet(27200): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 24 2024 11:34:59 cp41 maldet(27200): {scan} scan of (33925 files) in progress...
Aug 24 2024 11:36:26 cp41 maldet(27200): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/AZu6M/themes4.php
Aug 24 2024 11:36:26 cp41 maldet(27200): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/VsTFx/themes4.php
Aug 24 2024 11:36:26 cp41 maldet(27200): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/lufix8.php
Aug 24 2024 11:36:26 cp41 maldet(27200): {hit} malware hit {HEX}php.generic.cav7.426 found for /home/saturnst/public_html/blackhat.php
Aug 24 2024 11:36:26 cp41 maldet(27200): {scan} scan completed on : files 33925, malware hits 4, cleaned hits 0, time 27736s
Aug 24 2024 11:36:26 cp41 maldet(27200): {scan} scan report saved, to view run: maldet --report 240824-0354.27200
Aug 24 2024 11:36:26 cp41 maldet(27200): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240824-0354.27200
Aug 25 2024 03:14:08 cp41 maldet(10764): {update} checking for available updates...
Aug 25 2024 03:14:08 cp41 maldet(10764): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 25 2024 03:14:08 cp41 maldet(10764): {update} hashing install files and checking against server...
Aug 25 2024 03:14:08 cp41 maldet(10764): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 25 2024 03:14:08 cp41 maldet(10764): {update} latest version already installed.
Aug 25 2024 03:14:08 cp41 maldet(10941): {sigup} performing signature update check...
Aug 25 2024 03:14:08 cp41 maldet(10941): {sigup} local signature set is version 202408222103536
Aug 25 2024 03:14:08 cp41 maldet(10941): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 25 2024 03:14:09 cp41 maldet(10941): {sigup} latest signature set already installed
Aug 25 2024 03:14:09 cp41 maldet(11123): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 25 2024 03:14:11 cp41 maldet(11123): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 25 2024 03:14:11 cp41 maldet(11123): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 25 2024 03:14:11 cp41 maldet(11123): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 25 2024 03:14:11 cp41 maldet(11123): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 25 2024 07:58:32 cp41 maldet(11123): {scan} file list completed in 17060s, found 33786 files...
Aug 25 2024 07:58:32 cp41 maldet(11123): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 25 2024 07:58:32 cp41 maldet(11123): {scan} scan of (33786 files) in progress...
Aug 25 2024 08:43:14 cp41 maldet(11123): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Aug 25 2024 08:43:15 cp41 maldet(11123): {scan} scan completed on : files 33786, malware hits 0, cleaned hits 0, time 19745s
Aug 25 2024 08:43:15 cp41 maldet(11123): {scan} scan report saved, to view run: maldet --report 240825-0314.11123
Aug 26 2024 03:31:13 cp41 maldet(9131): {update} checking for available updates...
Aug 26 2024 03:31:16 cp41 maldet(9131): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 26 2024 03:31:16 cp41 maldet(9131): {update} hashing install files and checking against server...
Aug 26 2024 03:31:18 cp41 maldet(9131): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 26 2024 03:31:18 cp41 maldet(9131): {update} latest version already installed.
Aug 26 2024 03:31:21 cp41 maldet(9520): {sigup} performing signature update check...
Aug 26 2024 03:31:21 cp41 maldet(9520): {sigup} local signature set is version 202408222103536
Aug 26 2024 03:31:21 cp41 maldet(9520): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 26 2024 03:31:22 cp41 maldet(9520): {sigup} new signature set 202408252858527 available
Aug 26 2024 03:31:22 cp41 maldet(9520): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 26 2024 03:31:22 cp41 maldet(9520): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 26 2024 03:31:23 cp41 maldet(9520): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 26 2024 03:31:23 cp41 maldet(9520): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 26 2024 03:31:23 cp41 maldet(9520): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 26 2024 03:31:24 cp41 maldet(9520): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 26 2024 03:31:24 cp41 maldet(9520): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 26 2024 03:31:30 cp41 maldet(9520): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 26 2024 03:31:31 cp41 maldet(9520): {sigup} verified md5sum of maldet-clean.tgz
Aug 26 2024 03:31:33 cp41 maldet(9520): {sigup} unpacked and installed maldet-clean.tgz
Aug 26 2024 03:31:33 cp41 maldet(9520): {sigup} signature set update completed
Aug 26 2024 03:31:33 cp41 maldet(9520): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 26 2024 03:31:38 cp41 maldet(9920): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 26 2024 03:31:54 cp41 maldet(9920): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 26 2024 03:31:54 cp41 maldet(9920): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 26 2024 03:31:54 cp41 maldet(9920): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 26 2024 03:31:54 cp41 maldet(9920): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 26 2024 16:49:10 cp41 maldet(9920): {scan} file list completed in 47833s, found 67778 files...
Aug 26 2024 16:49:10 cp41 maldet(9920): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 26 2024 16:49:10 cp41 maldet(9920): {scan} scan of (67778 files) in progress...
Aug 26 2024 17:16:12 cp41 maldet(9920): {hit} malware hit {HEX}php.nested.base64.652 found for /home/saturnst/public_html/wp-includes/blurbs.php
Aug 26 2024 17:16:12 cp41 maldet(9920): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/wp-includes/product.php
Aug 26 2024 17:16:12 cp41 maldet(9920): {hit} malware hit {HEX}php.generic.cav7.426 found for /home/saturnst/public_html/blackhat.php
Aug 26 2024 17:16:12 cp41 maldet(9920): {hit} malware hit {YARA}spam_mailer found for /home/saturnst/public_html/pemain/network.php
Aug 26 2024 17:16:12 cp41 maldet(9920): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/mah/index.php
Aug 26 2024 17:16:12 cp41 maldet(9920): {hit} malware hit {YARA}spam_mailer found for /home/saturnst/public_html/wp-content/item.php
Aug 26 2024 17:16:12 cp41 maldet(9920): {scan} scan completed on : files 67778, malware hits 6, cleaned hits 0, time 49474s
Aug 26 2024 17:16:12 cp41 maldet(9920): {scan} scan report saved, to view run: maldet --report 240826-0331.9920
Aug 26 2024 17:16:13 cp41 maldet(9920): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240826-0331.9920
Aug 27 2024 03:34:31 cp41 maldet(20953): {update} checking for available updates...
Aug 27 2024 03:34:31 cp41 maldet(20953): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 27 2024 03:34:31 cp41 maldet(20953): {update} hashing install files and checking against server...
Aug 27 2024 03:34:34 cp41 maldet(20953): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 27 2024 03:34:35 cp41 maldet(20953): {update} latest version already installed.
Aug 27 2024 03:34:37 cp41 maldet(21267): {sigup} performing signature update check...
Aug 27 2024 03:34:38 cp41 maldet(21267): {sigup} local signature set is version 202408252858527
Aug 27 2024 03:34:38 cp41 maldet(21267): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 27 2024 03:34:39 cp41 maldet(21267): {sigup} latest signature set already installed
Aug 27 2024 03:34:49 cp41 maldet(21429): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 27 2024 03:34:55 cp41 maldet(21429): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 27 2024 03:34:55 cp41 maldet(21429): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 27 2024 03:34:55 cp41 maldet(21429): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 27 2024 03:34:55 cp41 maldet(21429): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 27 2024 18:44:41 cp41 maldet(21429): {scan} file list completed in 54585s, found 34132 files...
Aug 27 2024 18:44:41 cp41 maldet(21429): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 27 2024 18:44:41 cp41 maldet(21429): {scan} scan of (34132 files) in progress...
Aug 27 2024 18:55:30 cp41 maldet(21429): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/i/xmrig-6.14.0-linux-x64.tar.gz.1
Aug 27 2024 18:55:30 cp41 maldet(21429): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/AZu6M/themes4.php
Aug 27 2024 18:55:30 cp41 maldet(21429): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/VsTFx/themes4.php
Aug 27 2024 18:55:30 cp41 maldet(21429): {hit} malware hit {HEX}php.nested.base64.652 found for /home/saturnst/public_html/wp-includes/blurbs.php
Aug 27 2024 18:55:30 cp41 maldet(21429): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/wp-includes/product.php
Aug 27 2024 18:55:30 cp41 maldet(21429): {hit} malware hit {HEX}php.generic.cav7.426 found for /home/saturnst/public_html/blackhat.php
Aug 27 2024 18:55:30 cp41 maldet(21429): {hit} malware hit {YARA}spam_mailer found for /home/saturnst/public_html/pemain/network.php
Aug 27 2024 18:55:30 cp41 maldet(21429): {hit} malware hit {HEX}php.base64.inject.182 found for /home/saturnst/public_html/mah/index.php
Aug 27 2024 18:55:30 cp41 maldet(21429): {hit} malware hit {YARA}spam_mailer found for /home/saturnst/public_html/wp-content/item.php
Aug 27 2024 18:55:30 cp41 maldet(21429): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/sethbook/public_html/.well-known/acme-challenge/xmrig-6.14.0-linux-x64.tar.gz
Aug 27 2024 18:55:30 cp41 maldet(21429): {scan} scan completed on : files 34132, malware hits 10, cleaned hits 0, time 55241s
Aug 27 2024 18:55:30 cp41 maldet(21429): {scan} scan report saved, to view run: maldet --report 240827-0334.21429
Aug 27 2024 18:55:30 cp41 maldet(21429): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240827-0334.21429
Aug 28 2024 03:52:03 cp41 maldet(30557): {update} checking for available updates...
Aug 28 2024 03:52:03 cp41 maldet(30557): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 28 2024 03:52:03 cp41 maldet(30557): {update} hashing install files and checking against server...
Aug 28 2024 03:52:04 cp41 maldet(30557): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 28 2024 03:52:04 cp41 maldet(30557): {update} latest version already installed.
Aug 28 2024 03:52:04 cp41 maldet(30700): {sigup} performing signature update check...
Aug 28 2024 03:52:04 cp41 maldet(30700): {sigup} local signature set is version 202408252858527
Aug 28 2024 03:52:04 cp41 maldet(30700): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 28 2024 03:52:05 cp41 maldet(30700): {sigup} new signature set 202408283551914 available
Aug 28 2024 03:52:05 cp41 maldet(30700): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 28 2024 03:52:05 cp41 maldet(30700): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 28 2024 03:52:06 cp41 maldet(30700): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 28 2024 03:52:06 cp41 maldet(30700): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 28 2024 03:52:06 cp41 maldet(30700): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 28 2024 03:52:06 cp41 maldet(30700): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 28 2024 03:52:06 cp41 maldet(30700): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 28 2024 03:52:07 cp41 maldet(30700): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 28 2024 03:52:08 cp41 maldet(30700): {sigup} verified md5sum of maldet-clean.tgz
Aug 28 2024 03:52:08 cp41 maldet(30700): {sigup} unpacked and installed maldet-clean.tgz
Aug 28 2024 03:52:08 cp41 maldet(30700): {sigup} signature set update completed
Aug 28 2024 03:52:08 cp41 maldet(30700): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 28 2024 03:52:08 cp41 maldet(30979): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 28 2024 03:52:09 cp41 maldet(30979): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 28 2024 03:52:09 cp41 maldet(30979): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 28 2024 03:52:09 cp41 maldet(30979): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 28 2024 03:52:09 cp41 maldet(30979): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 28 2024 07:49:58 cp41 maldet(30979): {scan} file list completed in 14269s, found 73 files...
Aug 28 2024 07:49:58 cp41 maldet(30979): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 28 2024 07:49:58 cp41 maldet(30979): {scan} scan of (73 files) in progress...
Aug 28 2024 07:50:07 cp41 maldet(30979): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Aug 28 2024 07:50:07 cp41 maldet(30979): {scan} scan completed on : files 73, malware hits 0, cleaned hits 0, time 14279s
Aug 28 2024 07:50:07 cp41 maldet(30979): {scan} scan report saved, to view run: maldet --report 240828-0352.30979
Aug 29 2024 03:28:20 cp41 maldet(11398): {update} checking for available updates...
Aug 29 2024 03:28:31 cp41 maldet(11398): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 29 2024 03:28:33 cp41 maldet(11398): {update} hashing install files and checking against server...
Aug 29 2024 03:28:36 cp41 maldet(11398): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 29 2024 03:28:36 cp41 maldet(11398): {update} latest version already installed.
Aug 29 2024 03:28:56 cp41 maldet(11936): {sigup} performing signature update check...
Aug 29 2024 03:28:56 cp41 maldet(11936): {sigup} local signature set is version 202408283551914
Aug 29 2024 03:28:59 cp41 maldet(11936): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 29 2024 03:29:02 cp41 maldet(11936): {sigup} latest signature set already installed
Aug 29 2024 03:29:06 cp41 maldet(12292): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 29 2024 03:29:12 cp41 maldet(12292): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 29 2024 03:29:12 cp41 maldet(12292): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 29 2024 03:29:12 cp41 maldet(12292): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 29 2024 03:29:13 cp41 maldet(12292): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 29 2024 12:46:24 cp41 maldet(12292): {scan} file list completed in 33432s, found 126 files...
Aug 29 2024 12:46:24 cp41 maldet(12292): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 29 2024 12:46:24 cp41 maldet(12292): {scan} scan of (126 files) in progress...
Aug 29 2024 12:46:33 cp41 maldet(12292): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/olshsdco/public_html/options.php
Aug 29 2024 12:46:33 cp41 maldet(12292): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-content/index.php
Aug 29 2024 12:46:33 cp41 maldet(12292): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-content/mah.php
Aug 29 2024 12:46:33 cp41 maldet(12292): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-content/product.php
Aug 29 2024 12:46:33 cp41 maldet(12292): {scan} scan completed on : files 126, malware hits 4, cleaned hits 0, time 33447s
Aug 29 2024 12:46:33 cp41 maldet(12292): {scan} scan report saved, to view run: maldet --report 240829-0329.12292
Aug 29 2024 12:46:33 cp41 maldet(12292): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240829-0329.12292
Aug 30 2024 03:48:43 cp41 maldet(32125): {update} checking for available updates...
Aug 30 2024 03:48:44 cp41 maldet(32125): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 30 2024 03:48:44 cp41 maldet(32125): {update} hashing install files and checking against server...
Aug 30 2024 03:48:45 cp41 maldet(32125): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 30 2024 03:48:45 cp41 maldet(32125): {update} latest version already installed.
Aug 30 2024 03:48:51 cp41 maldet(32312): {sigup} performing signature update check...
Aug 30 2024 03:48:51 cp41 maldet(32312): {sigup} local signature set is version 202408283551914
Aug 30 2024 03:48:55 cp41 maldet(32312): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 30 2024 03:48:58 cp41 maldet(32312): {sigup} latest signature set already installed
Aug 30 2024 03:48:59 cp41 maldet(32620): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 30 2024 03:49:14 cp41 maldet(32620): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 30 2024 03:49:14 cp41 maldet(32620): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 30 2024 03:49:14 cp41 maldet(32620): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 30 2024 03:49:14 cp41 maldet(32620): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 30 2024 08:54:17 cp41 maldet(32620): {scan} file list completed in 18303s, found 253 files...
Aug 30 2024 08:54:17 cp41 maldet(32620): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 30 2024 08:54:17 cp41 maldet(32620): {scan} scan of (253 files) in progress...
Aug 30 2024 08:54:29 cp41 maldet(32620): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Aug 30 2024 08:54:29 cp41 maldet(32620): {scan} scan completed on : files 253, malware hits 0, cleaned hits 0, time 18330s
Aug 30 2024 08:54:29 cp41 maldet(32620): {scan} scan report saved, to view run: maldet --report 240830-0348.32620
Aug 31 2024 03:28:31 cp41 maldet(18356): {update} checking for available updates...
Aug 31 2024 03:28:31 cp41 maldet(18356): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 31 2024 03:28:31 cp41 maldet(18356): {update} hashing install files and checking against server...
Aug 31 2024 03:28:34 cp41 maldet(18356): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 31 2024 03:28:35 cp41 maldet(18356): {update} latest version already installed.
Aug 31 2024 03:28:39 cp41 maldet(18504): {sigup} performing signature update check...
Aug 31 2024 03:28:39 cp41 maldet(18504): {sigup} local signature set is version 202408283551914
Aug 31 2024 03:28:40 cp41 maldet(18504): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 31 2024 03:28:41 cp41 maldet(18504): {sigup} new signature set 20240831113504 available
Aug 31 2024 03:28:41 cp41 maldet(18504): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 31 2024 03:28:42 cp41 maldet(18504): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 31 2024 03:28:42 cp41 maldet(18504): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 31 2024 03:28:42 cp41 maldet(18504): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 31 2024 03:28:43 cp41 maldet(18504): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 31 2024 03:28:43 cp41 maldet(18504): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 31 2024 03:28:43 cp41 maldet(18504): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 31 2024 03:28:51 cp41 maldet(18504): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 31 2024 03:28:51 cp41 maldet(18504): {sigup} verified md5sum of maldet-clean.tgz
Aug 31 2024 03:28:52 cp41 maldet(18504): {sigup} unpacked and installed maldet-clean.tgz
Aug 31 2024 03:28:52 cp41 maldet(18504): {sigup} signature set update completed
Aug 31 2024 03:28:52 cp41 maldet(18504): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 31 2024 03:28:54 cp41 maldet(18766): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 31 2024 03:28:55 cp41 maldet(18766): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 31 2024 03:28:55 cp41 maldet(18766): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Aug 31 2024 03:28:55 cp41 maldet(18766): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 31 2024 03:28:55 cp41 maldet(18766): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Aug 31 2024 08:50:19 cp41 maldet(18766): {scan} file list completed in 19284s, found 91 files...
Aug 31 2024 08:50:19 cp41 maldet(18766): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 31 2024 08:50:19 cp41 maldet(18766): {scan} scan of (91 files) in progress...
Aug 31 2024 08:50:27 cp41 maldet(18766): {scan} scan completed on : files 91, malware hits 0, cleaned hits 0, time 19293s
Aug 31 2024 08:50:27 cp41 maldet(18766): {scan} scan report saved, to view run: maldet --report 240831-0328.18766
Sep 01 2024 03:28:41 cp41 maldet(1954): {update} checking for available updates...
Sep 01 2024 03:28:41 cp41 maldet(1954): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 01 2024 03:28:41 cp41 maldet(1954): {update} hashing install files and checking against server...
Sep 01 2024 03:28:42 cp41 maldet(1954): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 01 2024 03:28:42 cp41 maldet(1954): {update} latest version already installed.
Sep 01 2024 03:28:45 cp41 maldet(2176): {sigup} performing signature update check...
Sep 01 2024 03:28:45 cp41 maldet(2176): {sigup} local signature set is version 20240831113504
Sep 01 2024 03:28:46 cp41 maldet(2176): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 01 2024 03:28:46 cp41 maldet(2176): {sigup} new signature set 20240901866020 available
Sep 01 2024 03:28:46 cp41 maldet(2176): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 01 2024 03:28:47 cp41 maldet(2176): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 01 2024 03:28:47 cp41 maldet(2176): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Sep 01 2024 03:28:47 cp41 maldet(2176): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 01 2024 03:28:47 cp41 maldet(2176): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 01 2024 03:28:48 cp41 maldet(2176): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Sep 01 2024 03:28:48 cp41 maldet(2176): {sigup} verified md5sum of maldet-sigpack.tgz
Sep 01 2024 03:29:06 cp41 maldet(2176): {sigup} unpacked and installed maldet-sigpack.tgz
Sep 01 2024 03:29:12 cp41 maldet(2176): {sigup} verified md5sum of maldet-clean.tgz
Sep 01 2024 03:29:23 cp41 maldet(2176): {sigup} unpacked and installed maldet-clean.tgz
Sep 01 2024 03:29:23 cp41 maldet(2176): {sigup} signature set update completed
Sep 01 2024 03:29:24 cp41 maldet(2176): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 01 2024 03:29:27 cp41 maldet(2915): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 01 2024 03:29:28 cp41 maldet(2915): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 01 2024 03:29:28 cp41 maldet(2915): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 01 2024 03:29:28 cp41 maldet(2915): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 01 2024 03:29:28 cp41 maldet(2915): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 01 2024 10:55:55 cp41 maldet(2915): {scan} file list completed in 26787s, found 90 files...
Sep 01 2024 10:55:55 cp41 maldet(2915): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 01 2024 10:55:55 cp41 maldet(2915): {scan} scan of (90 files) in progress...
Sep 01 2024 10:56:06 cp41 maldet(2915): {scan} scan completed on : files 90, malware hits 0, cleaned hits 0, time 26799s
Sep 01 2024 10:56:06 cp41 maldet(2915): {scan} scan report saved, to view run: maldet --report 240901-0329.2915
Sep 02 2024 03:51:17 cp41 maldet(21589): {update} checking for available updates...
Sep 02 2024 03:51:21 cp41 maldet(21589): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 02 2024 03:51:22 cp41 maldet(21589): {update} hashing install files and checking against server...
Sep 02 2024 03:51:23 cp41 maldet(21589): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 02 2024 03:51:23 cp41 maldet(21589): {update} latest version already installed.
Sep 02 2024 03:51:26 cp41 maldet(21731): {sigup} performing signature update check...
Sep 02 2024 03:51:26 cp41 maldet(21731): {sigup} local signature set is version 20240901866020
Sep 02 2024 03:51:26 cp41 maldet(21731): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 02 2024 03:51:27 cp41 maldet(21731): {sigup} latest signature set already installed
Sep 02 2024 03:51:30 cp41 maldet(21847): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 02 2024 03:51:32 cp41 maldet(21847): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 02 2024 03:51:32 cp41 maldet(21847): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 02 2024 03:51:32 cp41 maldet(21847): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 02 2024 03:51:32 cp41 maldet(21847): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 02 2024 09:28:21 cp41 maldet(21847): {scan} file list completed in 20209s, found 105 files...
Sep 02 2024 09:28:21 cp41 maldet(21847): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 02 2024 09:28:21 cp41 maldet(21847): {scan} scan of (105 files) in progress...
Sep 02 2024 09:28:32 cp41 maldet(21847): {scan} scan completed on : files 105, malware hits 0, cleaned hits 0, time 20222s
Sep 02 2024 09:28:32 cp41 maldet(21847): {scan} scan report saved, to view run: maldet --report 240902-0351.21847
Sep 03 2024 03:15:54 cp41 maldet(2770): {update} checking for available updates...
Sep 03 2024 03:15:55 cp41 maldet(2770): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 03 2024 03:15:55 cp41 maldet(2770): {update} hashing install files and checking against server...
Sep 03 2024 03:15:55 cp41 maldet(2770): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 03 2024 03:15:55 cp41 maldet(2770): {update} latest version already installed.
Sep 03 2024 03:15:55 cp41 maldet(2925): {sigup} performing signature update check...
Sep 03 2024 03:15:55 cp41 maldet(2925): {sigup} local signature set is version 20240901866020
Sep 03 2024 03:15:56 cp41 maldet(2925): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 03 2024 03:15:56 cp41 maldet(2925): {sigup} latest signature set already installed
Sep 03 2024 03:15:56 cp41 maldet(3058): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 03 2024 03:15:58 cp41 maldet(3058): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 03 2024 03:15:58 cp41 maldet(3058): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 03 2024 03:15:58 cp41 maldet(3058): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 03 2024 03:15:58 cp41 maldet(3058): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 03 2024 04:48:07 cp41 maldet(3058): {scan} file list completed in 5529s, found 34305 files...
Sep 03 2024 04:48:07 cp41 maldet(3058): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 03 2024 04:48:07 cp41 maldet(3058): {scan} scan of (34305 files) in progress...
Sep 03 2024 04:51:40 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/mcdesign/public_html/wp-includes/network.php
Sep 03 2024 04:51:40 cp41 maldet(3058): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/mcdesign/public_html/zfcwygofv/function.php
Sep 03 2024 04:51:40 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/mcdesign/public_html/well-known/pki-validation/b/b/b/index.php
Sep 03 2024 04:51:40 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/mcdesign/public_html/well-known/acme-challenge/f/g/b/defaults.php
Sep 03 2024 04:51:40 cp41 maldet(3058): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/mcdesign/public_html/well-known/acme-challenge/d/g/a/index.php
Sep 03 2024 04:51:40 cp41 maldet(3058): {hit} malware hit {YARA}spam_mailer found for /home/mcdesign/public_html/well-known/acme-challenge/g/e/a/index.php
Sep 03 2024 04:51:40 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/mcdesign/public_html/well-known/acme-challenge/g/g/h/index.php
Sep 03 2024 04:51:40 cp41 maldet(3058): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/olshsdco/public_html/wWikGXU/SELLEX.zip
Sep 03 2024 04:51:40 cp41 maldet(3058): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/olshsdco/public_html/wWikGXU/shell_wso.php7
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.nested.base64.663 found for /home/olshsdco/public_html/c4.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/applpldol-BoxBilling.txt404/index.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/architec-phpBB.txt404/index.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/arunantony-Wordpress.txt404/index.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/darkhors-IPB.txt404/index.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {YARA}spam_mailer found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/ftoth-Vbulletin.txt404/index.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/ossecr-^WHMCS.txt404/index.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {YARA}spam_mailer found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/sshd-Drupal.txt404/index.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/thehardw-Wordpress.txt404/index.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/thewelld-Lokomedia.txt404/function.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/pipedrea/public_html/zfcdcsqgn/function.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/function.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-content/plugin.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/well-known/acme-challenge/a/a/g/index.php
Sep 03 2024 04:51:41 cp41 maldet(3058): {scan} scan completed on : files 34305, malware hits 23, cleaned hits 0, time 5745s
Sep 03 2024 04:51:41 cp41 maldet(3058): {scan} scan report saved, to view run: maldet --report 240903-0315.3058
Sep 03 2024 04:51:41 cp41 maldet(3058): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240903-0315.3058
Sep 04 2024 03:48:03 cp41 maldet(31393): {update} checking for available updates...
Sep 04 2024 03:48:04 cp41 maldet(31393): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 04 2024 03:48:04 cp41 maldet(31393): {update} hashing install files and checking against server...
Sep 04 2024 03:48:04 cp41 maldet(31393): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 04 2024 03:48:04 cp41 maldet(31393): {update} latest version already installed.
Sep 04 2024 03:48:04 cp41 maldet(31542): {sigup} performing signature update check...
Sep 04 2024 03:48:04 cp41 maldet(31542): {sigup} local signature set is version 20240901866020
Sep 04 2024 03:48:05 cp41 maldet(31542): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 04 2024 03:48:05 cp41 maldet(31542): {sigup} latest signature set already installed
Sep 04 2024 03:48:05 cp41 maldet(31661): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 04 2024 03:48:07 cp41 maldet(31661): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 04 2024 03:48:07 cp41 maldet(31661): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 04 2024 03:48:07 cp41 maldet(31661): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 04 2024 03:48:07 cp41 maldet(31661): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 04 2024 05:02:45 cp41 maldet(31661): {scan} file list completed in 4478s, found 37777 files...
Sep 04 2024 05:02:45 cp41 maldet(31661): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 04 2024 05:02:45 cp41 maldet(31661): {scan} scan of (37777 files) in progress...
Sep 04 2024 05:13:29 cp41 maldet(31661): {hit} malware hit {HEX}php.mailer.Mzh.557 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/8d6fe6aee4.php
Sep 04 2024 05:13:29 cp41 maldet(31661): {scan} scan completed on : files 37777, malware hits 1, cleaned hits 0, time 5124s
Sep 04 2024 05:13:29 cp41 maldet(31661): {scan} scan report saved, to view run: maldet --report 240904-0348.31661
Sep 04 2024 05:13:29 cp41 maldet(31661): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240904-0348.31661
Sep 05 2024 03:26:03 cp41 maldet(22166): {update} checking for available updates...
Sep 05 2024 03:26:04 cp41 maldet(22166): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 05 2024 03:26:04 cp41 maldet(22166): {update} hashing install files and checking against server...
Sep 05 2024 03:26:05 cp41 maldet(22166): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 05 2024 03:26:05 cp41 maldet(22166): {update} latest version already installed.
Sep 05 2024 03:26:06 cp41 maldet(22411): {sigup} performing signature update check...
Sep 05 2024 03:26:06 cp41 maldet(22411): {sigup} local signature set is version 20240901866020
Sep 05 2024 03:26:07 cp41 maldet(22411): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 05 2024 03:26:09 cp41 maldet(22411): {sigup} new signature set 202409041575765 available
Sep 05 2024 03:26:09 cp41 maldet(22411): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 05 2024 03:26:09 cp41 maldet(22411): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 05 2024 03:26:10 cp41 maldet(22411): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Sep 05 2024 03:26:10 cp41 maldet(22411): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 05 2024 03:26:10 cp41 maldet(22411): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 05 2024 03:26:10 cp41 maldet(22411): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Sep 05 2024 03:26:10 cp41 maldet(22411): {sigup} verified md5sum of maldet-sigpack.tgz
Sep 05 2024 03:26:12 cp41 maldet(22411): {sigup} unpacked and installed maldet-sigpack.tgz
Sep 05 2024 03:26:12 cp41 maldet(22411): {sigup} verified md5sum of maldet-clean.tgz
Sep 05 2024 03:26:13 cp41 maldet(22411): {sigup} unpacked and installed maldet-clean.tgz
Sep 05 2024 03:26:13 cp41 maldet(22411): {sigup} signature set update completed
Sep 05 2024 03:26:13 cp41 maldet(22411): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 05 2024 03:26:13 cp41 maldet(22750): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 05 2024 03:26:15 cp41 maldet(22750): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 05 2024 03:26:15 cp41 maldet(22750): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 05 2024 03:26:15 cp41 maldet(22750): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 05 2024 03:26:15 cp41 maldet(22750): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 05 2024 07:36:44 cp41 maldet(22750): {scan} file list completed in 15029s, found 3889 files...
Sep 05 2024 07:36:44 cp41 maldet(22750): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 05 2024 07:36:44 cp41 maldet(22750): {scan} scan of (3889 files) in progress...
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-includes/flatpak-run
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/flatpak-run
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/flatpak-run
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/flatpak-run
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/flatpak-run
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/flatpak-run
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/flatpak-run
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/flatpak-run
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/flatpak-run
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/jack_control
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Menner/flatpak-run
Sep 05 2024 07:45:54 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Ussamer/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/acme-challenge/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/h/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-content/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/index/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-admin/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Havalpatter/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-include/flatpak-run
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/jack_server_control
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/jack_server_control
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/jack_server_control
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/jack_server_control
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/jack_server_control
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/jack_server_control
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/jack_server_control
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/jack_server_control
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/jack_server_control
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/jack_server_control
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/jack_server_control
Sep 05 2024 07:45:55 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/jack_server_control
Sep 05 2024 07:45:56 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/jack_server_control
Sep 05 2024 07:45:57 cp41 maldet(22750): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/jack_server_control
Sep 05 2024 07:45:57 cp41 maldet(22750): {scan} scan completed on : files 3889, malware hits 54, cleaned hits 0, time 15584s
Sep 05 2024 07:45:57 cp41 maldet(22750): {scan} scan report saved, to view run: maldet --report 240905-0326.22750
Sep 05 2024 07:45:57 cp41 maldet(22750): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240905-0326.22750
Sep 06 2024 03:48:56 cp41 maldet(32611): {update} checking for available updates...
Sep 06 2024 03:48:56 cp41 maldet(32611): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 06 2024 03:48:56 cp41 maldet(32611): {update} hashing install files and checking against server...
Sep 06 2024 03:48:57 cp41 maldet(32611): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 06 2024 03:48:57 cp41 maldet(32611): {update} latest version already installed.
Sep 06 2024 03:48:57 cp41 maldet(32749): {sigup} performing signature update check...
Sep 06 2024 03:48:57 cp41 maldet(32749): {sigup} local signature set is version 202409041575765
Sep 06 2024 03:48:57 cp41 maldet(32749): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 06 2024 03:48:58 cp41 maldet(32749): {sigup} latest signature set already installed
Sep 06 2024 03:48:58 cp41 maldet(399): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 06 2024 03:49:01 cp41 maldet(399): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 06 2024 03:49:01 cp41 maldet(399): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 06 2024 03:49:01 cp41 maldet(399): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 06 2024 03:49:01 cp41 maldet(399): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 06 2024 05:14:07 cp41 maldet(399): {scan} file list completed in 5106s, found 318 files...
Sep 06 2024 05:14:07 cp41 maldet(399): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 06 2024 05:14:07 cp41 maldet(399): {scan} scan of (318 files) in progress...
Sep 06 2024 05:14:20 cp41 maldet(399): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/flatpak-build
Sep 06 2024 05:14:20 cp41 maldet(399): {scan} scan completed on : files 318, malware hits 1, cleaned hits 0, time 5121s
Sep 06 2024 05:14:20 cp41 maldet(399): {scan} scan report saved, to view run: maldet --report 240906-0348.399
Sep 06 2024 05:14:20 cp41 maldet(399): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240906-0348.399
Sep 06 2024 12:10:47 cp41 maldet(16749): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 06 2024 12:10:47 cp41 maldet(16749): {scan} building file list for /home/sportsco, this might take awhile...
Sep 06 2024 12:10:47 cp41 maldet(16749): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 06 2024 12:10:47 cp41 maldet(16749): {scan} executed eval /bin/nice -n 19 /bin/find "/home/sportsco" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 06 2024 12:10:49 cp41 maldet(16749): {scan} file list completed in 2s, found 17562 files...
Sep 06 2024 12:10:49 cp41 maldet(16749): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 06 2024 12:10:49 cp41 maldet(16749): {scan} scan of /home/sportsco (17562 files) in progress...
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/tmp/4033.php
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/tmp/403.php
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.599 found for /home/sportsco/tmp/awstats/awstats122023.sportscoscuba.com.txt
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.599 found for /home/sportsco/tmp/awstats/awstats082023.sportscoscuba.com.txt
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.599 found for /home/sportsco/tmp/awstats/awstats072023.sportscoscuba.com.txt
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.599 found for /home/sportsco/tmp/awstats/awstats092023.sportscoscuba.com.txt
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.uploader.max.725 found for /home/sportsco/tmp/analog/ssl/sportscoscuba.com/cache
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.htpasswds/4033.php
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.htpasswds/403.php
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/ssl/4033.php
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/ssl/403.php
Sep 06 2024 12:26:38 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/cache/4033.php
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/cache/403.php
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.cl.selector/4033.php
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.cl.selector/403.php
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.softaculous/4033.php
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.softaculous/403.php
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.cagefs/4033.php
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.cagefs/403.php
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.612 found for /home/sportsco/logs/sportscoscuba.com-Sep-2017.gz
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.599 found for /home/sportsco/logs/sportscoscuba.com-Nov-2023.gz
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {YARA}eval_post found for /home/sportsco/logs/sportscoscuba.com-Oct-2021.gz
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/logs/4033.php
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.612 found for /home/sportsco/logs/sportscoscuba.com-Dec-2017.gz
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.612 found for /home/sportsco/logs/sportscoscuba.com-Feb-2018.gz
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.612 found for /home/sportsco/logs/sportscoscuba.com-Sep-2018.gz
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.612 found for /home/sportsco/logs/sportscoscuba.com-Nov-2017.gz
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/logs/403.php
Sep 06 2024 12:26:39 cp41 maldet(16749): {hit} malware hit {YARA}eval_post found for /home/sportsco/logs/sportscoscuba.com-May-2021.gz
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.599 found for /home/sportsco/logs/sportscoscuba.com-Aug-2023.gz
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.599 found for /home/sportsco/logs/sportscoscuba.com-Dec-2023.gz
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.599 found for /home/sportsco/logs/sportscoscuba.com-Jul-2023.gz
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.612 found for /home/sportsco/logs/sportscoscuba.com-Mar-2019.gz
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.612 found for /home/sportsco/logs/sportscoscuba.com-Nov-2018.gz
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.612 found for /home/sportsco/logs/sportscoscuba.com-Feb-2019.gz
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.malware.magento.599 found for /home/sportsco/logs/sportscoscuba.com-Sep-2023.gz
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.subaccounts/4033.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.subaccounts/403.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/public_ftp/4033.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/public_ftp/403.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/etc/4033.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/etc/403.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.security/4033.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.security/403.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/cpmove.psql/4033.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/cpmove.psql/403.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.attracta/4033.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.attracta/403.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.cphorde/4033.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.cphorde/403.php
Sep 06 2024 12:26:40 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.mozilla/4033.php
Sep 06 2024 12:26:41 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.mozilla/403.php
Sep 06 2024 12:26:41 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.cpanel/4033.php
Sep 06 2024 12:26:41 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/.cpanel/403.php
Sep 06 2024 12:26:41 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/mail/4033.php
Sep 06 2024 12:26:41 cp41 maldet(16749): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sportsco/mail/403.php
Sep 06 2024 12:26:41 cp41 maldet(16749): {hit} malware hit {CAV}Unix.Exploit.Pkexecexploit-10034078-0 found for /var/tmp/cakilroot
Sep 06 2024 12:26:41 cp41 maldet(16749): {scan} scan completed on /home/sportsco: files 17562, malware hits 57, cleaned hits 0, time 955s
Sep 06 2024 12:26:41 cp41 maldet(16749): {scan} scan report saved, to view run: maldet --report 240906-1210.16749
Sep 06 2024 12:26:41 cp41 maldet(16749): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240906-1210.16749
Sep 07 2024 03:24:50 cp41 maldet(14883): {update} checking for available updates...
Sep 07 2024 03:24:51 cp41 maldet(14883): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 07 2024 03:24:51 cp41 maldet(14883): {update} hashing install files and checking against server...
Sep 07 2024 03:24:54 cp41 maldet(14883): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 07 2024 03:24:54 cp41 maldet(14883): {update} latest version already installed.
Sep 07 2024 03:24:55 cp41 maldet(15079): {sigup} performing signature update check...
Sep 07 2024 03:24:55 cp41 maldet(15079): {sigup} local signature set is version 202409041575765
Sep 07 2024 03:24:55 cp41 maldet(15079): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 07 2024 03:24:56 cp41 maldet(15079): {sigup} latest signature set already installed
Sep 07 2024 03:24:56 cp41 maldet(15204): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 07 2024 03:24:58 cp41 maldet(15204): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 07 2024 03:24:58 cp41 maldet(15204): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 07 2024 03:24:58 cp41 maldet(15204): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 07 2024 03:24:58 cp41 maldet(15204): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 07 2024 07:15:19 cp41 maldet(15204): {scan} file list completed in 13820s, found 390 files...
Sep 07 2024 07:15:19 cp41 maldet(15204): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 07 2024 07:15:19 cp41 maldet(15204): {scan} scan of (390 files) in progress...
Sep 07 2024 07:15:36 cp41 maldet(15204): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/WdBvT/themes4.php
Sep 07 2024 07:15:36 cp41 maldet(15204): {hit} malware hit {HEX}php.mailer.Mzh.557 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/8d6fe6aee4.php
Sep 07 2024 07:15:36 cp41 maldet(15204): {scan} scan completed on : files 390, malware hits 2, cleaned hits 0, time 13840s
Sep 07 2024 07:15:36 cp41 maldet(15204): {scan} scan report saved, to view run: maldet --report 240907-0324.15204
Sep 07 2024 07:15:36 cp41 maldet(15204): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240907-0324.15204
Sep 08 2024 03:27:36 cp41 maldet(17760): {update} checking for available updates...
Sep 08 2024 03:27:36 cp41 maldet(17760): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 08 2024 03:27:36 cp41 maldet(17760): {update} hashing install files and checking against server...
Sep 08 2024 03:27:38 cp41 maldet(17760): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 08 2024 03:27:38 cp41 maldet(17760): {update} latest version already installed.
Sep 08 2024 03:27:42 cp41 maldet(17912): {sigup} performing signature update check...
Sep 08 2024 03:27:42 cp41 maldet(17912): {sigup} local signature set is version 202409041575765
Sep 08 2024 03:27:42 cp41 maldet(17912): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 08 2024 03:27:43 cp41 maldet(17912): {sigup} new signature set 202409072330795 available
Sep 08 2024 03:27:43 cp41 maldet(17912): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 08 2024 03:27:43 cp41 maldet(17912): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 08 2024 03:27:44 cp41 maldet(17912): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Sep 08 2024 03:27:44 cp41 maldet(17912): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 08 2024 03:27:44 cp41 maldet(17912): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 08 2024 03:27:45 cp41 maldet(17912): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Sep 08 2024 03:27:45 cp41 maldet(17912): {sigup} verified md5sum of maldet-sigpack.tgz
Sep 08 2024 03:27:49 cp41 maldet(17912): {sigup} unpacked and installed maldet-sigpack.tgz
Sep 08 2024 03:27:49 cp41 maldet(17912): {sigup} verified md5sum of maldet-clean.tgz
Sep 08 2024 03:27:50 cp41 maldet(17912): {sigup} unpacked and installed maldet-clean.tgz
Sep 08 2024 03:27:50 cp41 maldet(17912): {sigup} signature set update completed
Sep 08 2024 03:27:50 cp41 maldet(17912): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 08 2024 03:27:51 cp41 maldet(18325): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 08 2024 03:27:52 cp41 maldet(18325): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 08 2024 03:27:52 cp41 maldet(18325): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 08 2024 03:27:52 cp41 maldet(18325): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 08 2024 03:27:52 cp41 maldet(18325): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 08 2024 08:39:37 cp41 maldet(18325): {scan} file list completed in 18704s, found 114 files...
Sep 08 2024 08:39:37 cp41 maldet(18325): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 08 2024 08:39:37 cp41 maldet(18325): {scan} scan of (114 files) in progress...
Sep 08 2024 08:40:20 cp41 maldet(18325): {hit} malware hit {HEX}php.mailer.Mzh.557 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/8d6fe6aee4.php
Sep 08 2024 08:40:21 cp41 maldet(18325): {scan} scan completed on : files 114, malware hits 1, cleaned hits 0, time 18750s
Sep 08 2024 08:40:21 cp41 maldet(18325): {scan} scan report saved, to view run: maldet --report 240908-0327.18325
Sep 08 2024 08:40:21 cp41 maldet(18325): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240908-0327.18325
Sep 09 2024 03:50:04 cp41 maldet(1492): {update} checking for available updates...
Sep 09 2024 03:50:05 cp41 maldet(1492): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 09 2024 03:50:05 cp41 maldet(1492): {update} hashing install files and checking against server...
Sep 09 2024 03:50:08 cp41 maldet(1492): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 09 2024 03:50:08 cp41 maldet(1492): {update} latest version already installed.
Sep 09 2024 03:50:11 cp41 maldet(1782): {sigup} performing signature update check...
Sep 09 2024 03:50:12 cp41 maldet(1782): {sigup} local signature set is version 202409072330795
Sep 09 2024 03:50:13 cp41 maldet(1782): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 09 2024 03:50:13 cp41 maldet(1782): {sigup} latest signature set already installed
Sep 09 2024 03:50:13 cp41 maldet(1982): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 09 2024 03:50:15 cp41 maldet(1982): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 09 2024 03:50:15 cp41 maldet(1982): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 09 2024 03:50:15 cp41 maldet(1982): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 09 2024 03:50:15 cp41 maldet(1982): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 09 2024 15:55:50 cp41 maldet(1982): {scan} file list completed in 43535s, found 366 files...
Sep 09 2024 15:55:50 cp41 maldet(1982): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 09 2024 15:55:50 cp41 maldet(1982): {scan} scan of (366 files) in progress...
Sep 09 2024 15:56:33 cp41 maldet(1982): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/VsTFx/themes4.php
Sep 09 2024 15:56:33 cp41 maldet(1982): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/nsts2.PhP7
Sep 09 2024 15:56:33 cp41 maldet(1982): {hit} malware hit {HEX}php.base64.inject.182 found for /home/neverend/public_html/nsts2.php
Sep 09 2024 15:56:33 cp41 maldet(1982): {hit} malware hit {CAV}Unix.Exploit.CVE_2021_4034-9951523-0 found for /home/neverend/public_html/update/CVE-2021-4034/cve-2021-4034
Sep 09 2024 15:56:33 cp41 maldet(1982): {hit} malware hit {CAV}Unix.Exploit.CVE_2021_4034-9951523-0 found for /home/neverend/public_html/update/polkit.zip
Sep 09 2024 15:56:33 cp41 maldet(1982): {hit} malware hit {YARA}php_reverse_shell found for /home/neverend/public_html/update/bc.php
Sep 09 2024 15:56:33 cp41 maldet(1982): {hit} malware hit {YARA}spam_mailer found for /home/sethbook/public_html/wp-content/index.php
Sep 09 2024 15:56:33 cp41 maldet(1982): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-content/themes/twentytwenty/index.php
Sep 09 2024 15:56:33 cp41 maldet(1982): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sethbook/public_html/wp-admin/user/IXR/index.php
Sep 09 2024 15:56:33 cp41 maldet(1982): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-admin/images/index.php
Sep 09 2024 15:56:33 cp41 maldet(1982): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-admin/php/css/style-engine/pomo/index.php
Sep 09 2024 15:56:33 cp41 maldet(1982): {scan} scan completed on : files 366, malware hits 11, cleaned hits 0, time 43580s
Sep 09 2024 15:56:33 cp41 maldet(1982): {scan} scan report saved, to view run: maldet --report 240909-0350.1982
Sep 09 2024 15:56:33 cp41 maldet(1982): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240909-0350.1982
Sep 10 2024 03:23:00 cp41 maldet(22893): {update} checking for available updates...
Sep 10 2024 03:23:07 cp41 maldet(22893): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 10 2024 03:23:07 cp41 maldet(22893): {update} hashing install files and checking against server...
Sep 10 2024 03:23:20 cp41 maldet(22893): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 10 2024 03:23:21 cp41 maldet(22893): {update} latest version already installed.
Sep 10 2024 03:23:27 cp41 maldet(23446): {sigup} performing signature update check...
Sep 10 2024 03:23:27 cp41 maldet(23446): {sigup} local signature set is version 202409072330795
Sep 10 2024 03:23:27 cp41 maldet(23446): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 10 2024 03:23:28 cp41 maldet(23446): {sigup} new signature set 202409103087802 available
Sep 10 2024 03:23:28 cp41 maldet(23446): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 10 2024 03:23:36 cp41 maldet(23446): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 10 2024 03:23:37 cp41 maldet(23446): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Sep 10 2024 03:23:37 cp41 maldet(23446): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 10 2024 03:23:37 cp41 maldet(23446): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 10 2024 03:23:37 cp41 maldet(23446): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Sep 10 2024 03:23:37 cp41 maldet(23446): {sigup} verified md5sum of maldet-sigpack.tgz
Sep 10 2024 03:24:04 cp41 maldet(23446): {sigup} unpacked and installed maldet-sigpack.tgz
Sep 10 2024 03:24:09 cp41 maldet(23446): {sigup} verified md5sum of maldet-clean.tgz
Sep 10 2024 03:24:10 cp41 maldet(23446): {sigup} unpacked and installed maldet-clean.tgz
Sep 10 2024 03:24:11 cp41 maldet(23446): {sigup} signature set update completed
Sep 10 2024 03:24:12 cp41 maldet(23446): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 10 2024 03:24:18 cp41 maldet(24388): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 10 2024 03:24:24 cp41 maldet(24388): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 10 2024 03:24:24 cp41 maldet(24388): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 10 2024 03:24:24 cp41 maldet(24388): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 10 2024 03:24:25 cp41 maldet(24388): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 10 2024 12:50:50 cp41 maldet(24388): {scan} file list completed in 33986s, found 108 files...
Sep 10 2024 12:50:50 cp41 maldet(24388): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 10 2024 12:50:50 cp41 maldet(24388): {scan} scan of (108 files) in progress...
Sep 10 2024 12:51:02 cp41 maldet(24388): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/WdBvT/themes4.php
Sep 10 2024 12:51:02 cp41 maldet(24388): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/VsTFx/themes4.php
Sep 10 2024 12:51:03 cp41 maldet(24388): {scan} scan completed on : files 108, malware hits 2, cleaned hits 0, time 34004s
Sep 10 2024 12:51:03 cp41 maldet(24388): {scan} scan report saved, to view run: maldet --report 240910-0324.24388
Sep 10 2024 12:51:03 cp41 maldet(24388): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240910-0324.24388
Sep 11 2024 03:25:59 cp41 maldet(32544): {update} checking for available updates...
Sep 11 2024 03:26:04 cp41 maldet(32544): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 11 2024 03:26:06 cp41 maldet(32544): {update} hashing install files and checking against server...
Sep 11 2024 03:26:15 cp41 maldet(32544): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 11 2024 03:26:15 cp41 maldet(32544): {update} latest version already installed.
Sep 11 2024 03:26:17 cp41 maldet(314): {sigup} performing signature update check...
Sep 11 2024 03:26:17 cp41 maldet(314): {sigup} local signature set is version 202409103087802
Sep 11 2024 03:26:24 cp41 maldet(314): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 11 2024 03:26:26 cp41 maldet(314): {sigup} latest signature set already installed
Sep 11 2024 03:26:28 cp41 maldet(516): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 11 2024 03:26:35 cp41 maldet(516): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 11 2024 03:26:35 cp41 maldet(516): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 11 2024 03:26:35 cp41 maldet(516): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 11 2024 03:26:35 cp41 maldet(516): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 11 2024 08:43:48 cp41 maldet(516): {scan} file list completed in 19032s, found 543 files...
Sep 11 2024 08:43:48 cp41 maldet(516): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 11 2024 08:43:48 cp41 maldet(516): {scan} scan of (543 files) in progress...
Sep 11 2024 08:44:50 cp41 maldet(516): {hit} malware hit {HEX}php.nested.base64.663 found for /home/olshsdco/public_html/c4.php
Sep 11 2024 08:44:51 cp41 maldet(516): {hit} malware hit {HEX}php.mailer.Mzh.557 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/8d6fe6aee4.php
Sep 11 2024 08:44:51 cp41 maldet(516): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/index/zwso.php
Sep 11 2024 08:44:51 cp41 maldet(516): {scan} scan completed on : files 543, malware hits 3, cleaned hits 0, time 19103s
Sep 11 2024 08:44:51 cp41 maldet(516): {scan} scan report saved, to view run: maldet --report 240911-0326.516
Sep 11 2024 08:44:51 cp41 maldet(516): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240911-0326.516
Sep 12 2024 03:34:21 cp41 maldet(729): {update} checking for available updates...
Sep 12 2024 03:34:21 cp41 maldet(729): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 12 2024 03:34:21 cp41 maldet(729): {update} hashing install files and checking against server...
Sep 12 2024 03:34:22 cp41 maldet(729): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 12 2024 03:34:22 cp41 maldet(729): {update} latest version already installed.
Sep 12 2024 03:34:22 cp41 maldet(866): {sigup} performing signature update check...
Sep 12 2024 03:34:22 cp41 maldet(866): {sigup} local signature set is version 202409103087802
Sep 12 2024 03:34:22 cp41 maldet(866): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 12 2024 03:34:23 cp41 maldet(866): {sigup} latest signature set already installed
Sep 12 2024 03:34:23 cp41 maldet(981): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 12 2024 03:34:24 cp41 maldet(981): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 12 2024 03:34:24 cp41 maldet(981): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 12 2024 03:34:24 cp41 maldet(981): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 12 2024 03:34:24 cp41 maldet(981): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 12 2024 05:10:29 cp41 maldet(981): {scan} file list completed in 5765s, found 243 files...
Sep 12 2024 05:10:29 cp41 maldet(981): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 12 2024 05:10:29 cp41 maldet(981): {scan} scan of (243 files) in progress...
Sep 12 2024 05:10:48 cp41 maldet(981): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/rx.php
Sep 12 2024 05:10:48 cp41 maldet(981): {hit} malware hit {HEX}php.generic.cav7.426 found for /home/olshsdco/public_html/01.php
Sep 12 2024 05:10:48 cp41 maldet(981): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-includes/pomo/images/style-engine/blocks/index.php
Sep 12 2024 05:10:48 cp41 maldet(981): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/item.php
Sep 12 2024 05:10:48 cp41 maldet(981): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sethbook/public_html/wp-content/themes/twentytwenty/index.php
Sep 12 2024 05:10:48 cp41 maldet(981): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/index/zwso.php
Sep 12 2024 05:10:48 cp41 maldet(981): {hit} malware hit {YARA}spam_mailer found for /home/sethbook/public_html/oldsites/index.php
Sep 12 2024 05:10:48 cp41 maldet(981): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-admin/user/IXR/index.php
Sep 12 2024 05:10:48 cp41 maldet(981): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-admin/images/index.php
Sep 12 2024 05:10:48 cp41 maldet(981): {scan} scan completed on : files 243, malware hits 9, cleaned hits 0, time 5785s
Sep 12 2024 05:10:49 cp41 maldet(981): {scan} scan report saved, to view run: maldet --report 240912-0334.981
Sep 12 2024 05:10:49 cp41 maldet(981): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240912-0334.981
Sep 13 2024 03:42:59 cp41 maldet(32223): {update} checking for available updates...
Sep 13 2024 03:43:00 cp41 maldet(32223): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 13 2024 03:43:00 cp41 maldet(32223): {update} hashing install files and checking against server...
Sep 13 2024 03:43:00 cp41 maldet(32223): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 13 2024 03:43:00 cp41 maldet(32223): {update} latest version already installed.
Sep 13 2024 03:43:00 cp41 maldet(539): {sigup} performing signature update check...
Sep 13 2024 03:43:00 cp41 maldet(539): {sigup} local signature set is version 202409103087802
Sep 13 2024 03:43:01 cp41 maldet(539): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 13 2024 03:43:01 cp41 maldet(539): {sigup} new signature set 202409133842495 available
Sep 13 2024 03:43:01 cp41 maldet(539): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 13 2024 03:43:01 cp41 maldet(539): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 13 2024 03:43:02 cp41 maldet(539): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Sep 13 2024 03:43:02 cp41 maldet(539): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 13 2024 03:43:02 cp41 maldet(539): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 13 2024 03:43:03 cp41 maldet(539): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Sep 13 2024 03:43:03 cp41 maldet(539): {sigup} verified md5sum of maldet-sigpack.tgz
Sep 13 2024 03:43:03 cp41 maldet(539): {sigup} unpacked and installed maldet-sigpack.tgz
Sep 13 2024 03:43:04 cp41 maldet(539): {sigup} verified md5sum of maldet-clean.tgz
Sep 13 2024 03:43:04 cp41 maldet(539): {sigup} unpacked and installed maldet-clean.tgz
Sep 13 2024 03:43:04 cp41 maldet(539): {sigup} signature set update completed
Sep 13 2024 03:43:04 cp41 maldet(539): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 13 2024 03:43:04 cp41 maldet(2122): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 13 2024 03:43:05 cp41 maldet(2122): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 13 2024 03:43:05 cp41 maldet(2122): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 13 2024 03:43:05 cp41 maldet(2122): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 13 2024 03:43:05 cp41 maldet(2122): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 13 2024 06:30:52 cp41 maldet(2122): {scan} file list completed in 10066s, found 152 files...
Sep 13 2024 06:30:52 cp41 maldet(2122): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 13 2024 06:30:52 cp41 maldet(2122): {scan} scan of (152 files) in progress...
Sep 13 2024 06:31:03 cp41 maldet(2122): {scan} scan completed on : files 152, malware hits 0, cleaned hits 0, time 10079s
Sep 13 2024 06:31:03 cp41 maldet(2122): {scan} scan report saved, to view run: maldet --report 240913-0343.2122
Sep 14 2024 03:33:53 cp41 maldet(11900): {update} checking for available updates...
Sep 14 2024 03:33:53 cp41 maldet(11900): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 14 2024 03:33:53 cp41 maldet(11900): {update} hashing install files and checking against server...
Sep 14 2024 03:33:54 cp41 maldet(11900): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 14 2024 03:33:55 cp41 maldet(11900): {update} latest version already installed.
Sep 14 2024 03:33:58 cp41 maldet(12136): {sigup} performing signature update check...
Sep 14 2024 03:33:58 cp41 maldet(12136): {sigup} local signature set is version 202409133842495
Sep 14 2024 03:33:58 cp41 maldet(12136): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 14 2024 03:33:59 cp41 maldet(12136): {sigup} latest signature set already installed
Sep 14 2024 03:34:00 cp41 maldet(12310): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 14 2024 03:34:03 cp41 maldet(12310): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 14 2024 03:34:03 cp41 maldet(12310): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 14 2024 03:34:03 cp41 maldet(12310): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 14 2024 03:34:03 cp41 maldet(12310): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 14 2024 07:23:37 cp41 maldet(12310): {scan} file list completed in 13774s, found 1221 files...
Sep 14 2024 07:23:37 cp41 maldet(12310): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 14 2024 07:23:37 cp41 maldet(12310): {scan} scan of (1221 files) in progress...
Sep 14 2024 07:24:43 cp41 maldet(12310): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-includes/defaults.php
Sep 14 2024 07:24:43 cp41 maldet(12310): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/olshsdco/public_html/wp-includes/function.php
Sep 14 2024 07:24:44 cp41 maldet(12310): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/network.php
Sep 14 2024 07:24:44 cp41 maldet(12310): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/ap2ws/__MACOSX/uber.com_es/req/options.php
Sep 14 2024 07:24:44 cp41 maldet(12310): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/ap2ws/uber.com_es/req/click.php
Sep 14 2024 07:24:44 cp41 maldet(12310): {hit} malware hit {YARA}spam_mailer found for /home/olshsdco/public_html/wp-admin/index.php
Sep 14 2024 07:24:44 cp41 maldet(12310): {scan} scan completed on : files 1221, malware hits 6, cleaned hits 0, time 13844s
Sep 14 2024 07:24:44 cp41 maldet(12310): {scan} scan report saved, to view run: maldet --report 240914-0333.12310
Sep 14 2024 07:24:44 cp41 maldet(12310): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240914-0333.12310
Sep 15 2024 03:55:37 cp41 maldet(23475): {update} checking for available updates...
Sep 15 2024 03:55:38 cp41 maldet(23475): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 15 2024 03:55:38 cp41 maldet(23475): {update} hashing install files and checking against server...
Sep 15 2024 03:55:40 cp41 maldet(23475): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 15 2024 03:55:40 cp41 maldet(23475): {update} latest version already installed.
Sep 15 2024 03:55:42 cp41 maldet(23694): {sigup} performing signature update check...
Sep 15 2024 03:55:42 cp41 maldet(23694): {sigup} local signature set is version 202409133842495
Sep 15 2024 03:55:42 cp41 maldet(23694): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 15 2024 03:55:43 cp41 maldet(23694): {sigup} latest signature set already installed
Sep 15 2024 03:55:43 cp41 maldet(23836): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 15 2024 03:55:48 cp41 maldet(23836): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 15 2024 03:55:48 cp41 maldet(23836): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 15 2024 03:55:48 cp41 maldet(23836): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 15 2024 03:55:48 cp41 maldet(23836): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 15 2024 05:23:01 cp41 maldet(23836): {scan} file list completed in 5233s, found 326 files...
Sep 15 2024 05:23:01 cp41 maldet(23836): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 15 2024 05:23:01 cp41 maldet(23836): {scan} scan of (326 files) in progress...
Sep 15 2024 05:23:26 cp41 maldet(23836): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/pipedrea/public_html/.well-known/pki-validation/zfceptyct.php
Sep 15 2024 05:23:26 cp41 maldet(23836): {hit} malware hit {HEX}php.mailer.Mzh.557 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/8d6fe6aee4.php
Sep 15 2024 05:23:26 cp41 maldet(23836): {scan} scan completed on : files 326, malware hits 2, cleaned hits 0, time 5263s
Sep 15 2024 05:23:26 cp41 maldet(23836): {scan} scan report saved, to view run: maldet --report 240915-0355.23836
Sep 15 2024 05:23:26 cp41 maldet(23836): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240915-0355.23836
Sep 16 2024 03:44:34 cp41 maldet(4970): {update} checking for available updates...
Sep 16 2024 03:44:35 cp41 maldet(4970): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 16 2024 03:44:35 cp41 maldet(4970): {update} hashing install files and checking against server...
Sep 16 2024 03:44:35 cp41 maldet(4970): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 16 2024 03:44:35 cp41 maldet(4970): {update} latest version already installed.
Sep 16 2024 03:44:35 cp41 maldet(5238): {sigup} performing signature update check...
Sep 16 2024 03:44:35 cp41 maldet(5238): {sigup} local signature set is version 202409133842495
Sep 16 2024 03:44:55 cp41 maldet(5238): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 16 2024 03:44:56 cp41 maldet(5238): {sigup} latest signature set already installed
Sep 16 2024 03:44:58 cp41 maldet(7398): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 16 2024 03:45:00 cp41 maldet(7398): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 16 2024 03:45:00 cp41 maldet(7398): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 16 2024 03:45:00 cp41 maldet(7398): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 16 2024 03:45:00 cp41 maldet(7398): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 16 2024 07:21:52 cp41 maldet(7398): {scan} file list completed in 13011s, found 104 files...
Sep 16 2024 07:21:52 cp41 maldet(7398): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 16 2024 07:21:52 cp41 maldet(7398): {scan} scan of (104 files) in progress...
Sep 16 2024 07:21:56 cp41 maldet(7398): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/zwso.php
Sep 16 2024 07:21:56 cp41 maldet(7398): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/.well-known/pki-validation/luuf.php
Sep 16 2024 07:21:56 cp41 maldet(7398): {scan} scan completed on : files 104, malware hits 2, cleaned hits 0, time 13018s
Sep 16 2024 07:21:56 cp41 maldet(7398): {scan} scan report saved, to view run: maldet --report 240916-0344.7398
Sep 16 2024 07:21:56 cp41 maldet(7398): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240916-0344.7398
Sep 17 2024 03:37:58 cp41 maldet(11847): {update} checking for available updates...
Sep 17 2024 03:37:58 cp41 maldet(11847): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 17 2024 03:37:58 cp41 maldet(11847): {update} hashing install files and checking against server...
Sep 17 2024 03:38:00 cp41 maldet(11847): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 17 2024 03:38:00 cp41 maldet(11847): {update} latest version already installed.
Sep 17 2024 03:38:04 cp41 maldet(12065): {sigup} performing signature update check...
Sep 17 2024 03:38:04 cp41 maldet(12065): {sigup} local signature set is version 202409133842495
Sep 17 2024 03:38:05 cp41 maldet(12065): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 17 2024 03:38:07 cp41 maldet(12065): {sigup} new signature set 20240916341534 available
Sep 17 2024 03:38:07 cp41 maldet(12065): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 17 2024 03:38:08 cp41 maldet(12065): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 17 2024 03:38:08 cp41 maldet(12065): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Sep 17 2024 03:38:08 cp41 maldet(12065): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 17 2024 03:38:08 cp41 maldet(12065): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 17 2024 03:38:09 cp41 maldet(12065): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Sep 17 2024 03:38:09 cp41 maldet(12065): {sigup} verified md5sum of maldet-sigpack.tgz
Sep 17 2024 03:38:12 cp41 maldet(12065): {sigup} unpacked and installed maldet-sigpack.tgz
Sep 17 2024 03:38:13 cp41 maldet(12065): {sigup} verified md5sum of maldet-clean.tgz
Sep 17 2024 03:38:15 cp41 maldet(12065): {sigup} unpacked and installed maldet-clean.tgz
Sep 17 2024 03:38:15 cp41 maldet(12065): {sigup} signature set update completed
Sep 17 2024 03:38:15 cp41 maldet(12065): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 17 2024 03:38:19 cp41 maldet(12530): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 17 2024 03:38:22 cp41 maldet(12530): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 17 2024 03:38:22 cp41 maldet(12530): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 17 2024 03:38:22 cp41 maldet(12530): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 17 2024 03:38:22 cp41 maldet(12530): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 17 2024 09:08:25 cp41 maldet(12530): {scan} file list completed in 19803s, found 189 files...
Sep 17 2024 09:08:25 cp41 maldet(12530): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 17 2024 09:08:25 cp41 maldet(12530): {scan} scan of (189 files) in progress...
Sep 17 2024 09:08:48 cp41 maldet(12530): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Sep 17 2024 09:08:48 cp41 maldet(12530): {scan} scan completed on : files 189, malware hits 0, cleaned hits 0, time 19829s
Sep 17 2024 09:08:48 cp41 maldet(12530): {scan} scan report saved, to view run: maldet --report 240917-0338.12530
Sep 18 2024 03:20:49 cp41 maldet(24695): {update} checking for available updates...
Sep 18 2024 03:20:50 cp41 maldet(24695): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 18 2024 03:20:50 cp41 maldet(24695): {update} hashing install files and checking against server...
Sep 18 2024 03:20:52 cp41 maldet(24695): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 18 2024 03:20:52 cp41 maldet(24695): {update} latest version already installed.
Sep 18 2024 03:20:55 cp41 maldet(24970): {sigup} performing signature update check...
Sep 18 2024 03:20:56 cp41 maldet(24970): {sigup} local signature set is version 20240916341534
Sep 18 2024 03:20:56 cp41 maldet(24970): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 18 2024 03:20:56 cp41 maldet(24970): {sigup} latest signature set already installed
Sep 18 2024 03:20:59 cp41 maldet(25146): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 18 2024 03:21:06 cp41 maldet(25146): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 18 2024 03:21:06 cp41 maldet(25146): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 18 2024 03:21:06 cp41 maldet(25146): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 18 2024 03:21:06 cp41 maldet(25146): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 18 2024 07:23:54 cp41 maldet(25146): {scan} file list completed in 14567s, found 83 files...
Sep 18 2024 07:23:54 cp41 maldet(25146): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 18 2024 07:23:54 cp41 maldet(25146): {scan} scan of (83 files) in progress...
Sep 18 2024 07:24:00 cp41 maldet(25146): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/pipedrea/public_html/about.php
Sep 18 2024 07:24:00 cp41 maldet(25146): {scan} scan completed on : files 83, malware hits 1, cleaned hits 0, time 14581s
Sep 18 2024 07:24:00 cp41 maldet(25146): {scan} scan report saved, to view run: maldet --report 240918-0320.25146
Sep 18 2024 07:24:00 cp41 maldet(25146): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240918-0320.25146
Sep 19 2024 03:45:43 cp41 maldet(31927): {update} checking for available updates...
Sep 19 2024 03:45:44 cp41 maldet(31927): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 19 2024 03:45:44 cp41 maldet(31927): {update} hashing install files and checking against server...
Sep 19 2024 03:45:46 cp41 maldet(31927): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 19 2024 03:45:46 cp41 maldet(31927): {update} latest version already installed.
Sep 19 2024 03:45:48 cp41 maldet(32167): {sigup} performing signature update check...
Sep 19 2024 03:45:48 cp41 maldet(32167): {sigup} local signature set is version 20240916341534
Sep 19 2024 03:45:48 cp41 maldet(32167): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 19 2024 03:45:49 cp41 maldet(32167): {sigup} latest signature set already installed
Sep 19 2024 03:45:53 cp41 maldet(32311): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 19 2024 03:45:57 cp41 maldet(32311): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 19 2024 03:45:57 cp41 maldet(32311): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 19 2024 03:45:57 cp41 maldet(32311): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 19 2024 03:45:57 cp41 maldet(32311): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 19 2024 10:48:10 cp41 maldet(32311): {scan} file list completed in 25333s, found 426 files...
Sep 19 2024 10:48:10 cp41 maldet(32311): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 19 2024 10:48:10 cp41 maldet(32311): {scan} scan of (426 files) in progress...
Sep 19 2024 10:48:40 cp41 maldet(32311): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/options.php
Sep 19 2024 10:48:40 cp41 maldet(32311): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/anjubose-Wordpress.txt404/index.php
Sep 19 2024 10:48:40 cp41 maldet(32311): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/knowingc-BoxBilling.txt404/index.php
Sep 19 2024 10:48:41 cp41 maldet(32311): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/rubeneph-Wordpress.txt404/index.php
Sep 19 2024 10:48:41 cp41 maldet(32311): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includes/SimplePie/Net/sym404/sethmsh1-Hostbills.txt404/product.php
Sep 19 2024 10:48:41 cp41 maldet(32311): {scan} scan completed on : files 426, malware hits 5, cleaned hits 0, time 25368s
Sep 19 2024 10:48:41 cp41 maldet(32311): {scan} scan report saved, to view run: maldet --report 240919-0345.32311
Sep 19 2024 10:48:41 cp41 maldet(32311): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240919-0345.32311
Sep 20 2024 03:25:51 cp41 maldet(5211): {update} checking for available updates...
Sep 20 2024 03:25:51 cp41 maldet(5211): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 20 2024 03:25:51 cp41 maldet(5211): {update} hashing install files and checking against server...
Sep 20 2024 03:25:51 cp41 maldet(5211): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 20 2024 03:25:51 cp41 maldet(5211): {update} latest version already installed.
Sep 20 2024 03:25:52 cp41 maldet(5388): {sigup} performing signature update check...
Sep 20 2024 03:25:52 cp41 maldet(5388): {sigup} local signature set is version 20240916341534
Sep 20 2024 03:25:52 cp41 maldet(5388): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 20 2024 03:25:52 cp41 maldet(5388): {sigup} new signature set 202409191126888 available
Sep 20 2024 03:25:52 cp41 maldet(5388): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 20 2024 03:25:53 cp41 maldet(5388): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 20 2024 03:25:53 cp41 maldet(5388): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Sep 20 2024 03:25:53 cp41 maldet(5388): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 20 2024 03:25:53 cp41 maldet(5388): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 20 2024 03:25:54 cp41 maldet(5388): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Sep 20 2024 03:25:54 cp41 maldet(5388): {sigup} verified md5sum of maldet-sigpack.tgz
Sep 20 2024 03:25:54 cp41 maldet(5388): {sigup} unpacked and installed maldet-sigpack.tgz
Sep 20 2024 03:25:55 cp41 maldet(5388): {sigup} verified md5sum of maldet-clean.tgz
Sep 20 2024 03:25:55 cp41 maldet(5388): {sigup} unpacked and installed maldet-clean.tgz
Sep 20 2024 03:25:55 cp41 maldet(5388): {sigup} signature set update completed
Sep 20 2024 03:25:55 cp41 maldet(5388): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 20 2024 03:25:55 cp41 maldet(5782): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 20 2024 03:25:56 cp41 maldet(5782): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 20 2024 03:25:56 cp41 maldet(5782): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 20 2024 03:25:56 cp41 maldet(5782): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 20 2024 03:25:56 cp41 maldet(5782): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 20 2024 05:54:15 cp41 maldet(5782): {scan} file list completed in 8899s, found 581 files...
Sep 20 2024 05:54:15 cp41 maldet(5782): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 20 2024 05:54:15 cp41 maldet(5782): {scan} scan of (581 files) in progress...
Sep 20 2024 05:54:33 cp41 maldet(5782): {hit} malware hit {HEX}php.nested.base64.663 found for /home/ksmanual/public_html/komline.co.uk-hacked/WdBvT/themes4.php
Sep 20 2024 05:54:33 cp41 maldet(5782): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includesc93c43/SimplePie/Net/sym404/bluedogm-OpenCart.txt404/index.php
Sep 20 2024 05:54:33 cp41 maldet(5782): {hit} malware hit {YARA}spam_mailer found for /home/pipedrea/public_html/wp-includesc93c43/SimplePie/Net/sym404/danfreed-IPB.txt404/index.php
Sep 20 2024 05:54:33 cp41 maldet(5782): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pipedrea/public_html/wp-includesc93c43/SimplePie/Net/sym404/hannahdo-Wordpress.txt404/index.php
Sep 20 2024 05:54:33 cp41 maldet(5782): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includesc93c43/SimplePie/Net/sym404/marvinal-OsCommerce.txt404/index.php
Sep 20 2024 05:54:33 cp41 maldet(5782): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includesc93c43/SimplePie/Net/sym404/riffingo-PrestaShop.txt404/index.php
Sep 20 2024 05:54:33 cp41 maldet(5782): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pipedrea/public_html/wp-content/defaults.php
Sep 20 2024 05:54:33 cp41 maldet(5782): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pipedrea/public_html/wp-content/plugin.php
Sep 20 2024 05:54:34 cp41 maldet(5782): {scan} scan completed on : files 581, malware hits 8, cleaned hits 0, time 8918s
Sep 20 2024 05:54:34 cp41 maldet(5782): {scan} scan report saved, to view run: maldet --report 240920-0325.5782
Sep 20 2024 05:54:34 cp41 maldet(5782): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240920-0325.5782
Sep 21 2024 03:12:29 cp41 maldet(13145): {update} checking for available updates...
Sep 21 2024 03:12:30 cp41 maldet(13145): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 21 2024 03:12:30 cp41 maldet(13145): {update} hashing install files and checking against server...
Sep 21 2024 03:12:31 cp41 maldet(13145): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 21 2024 03:12:31 cp41 maldet(13145): {update} latest version already installed.
Sep 21 2024 03:12:32 cp41 maldet(13297): {sigup} performing signature update check...
Sep 21 2024 03:12:32 cp41 maldet(13297): {sigup} local signature set is version 202409191126888
Sep 21 2024 03:12:32 cp41 maldet(13297): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 21 2024 03:12:32 cp41 maldet(13297): {sigup} latest signature set already installed
Sep 21 2024 03:12:32 cp41 maldet(13412): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 21 2024 03:12:35 cp41 maldet(13412): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 21 2024 03:12:35 cp41 maldet(13412): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 21 2024 03:12:35 cp41 maldet(13412): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 21 2024 03:12:35 cp41 maldet(13412): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 21 2024 10:14:43 cp41 maldet(13412): {scan} file list completed in 25328s, found 387 files...
Sep 21 2024 10:14:43 cp41 maldet(13412): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 21 2024 10:14:43 cp41 maldet(13412): {scan} scan of (387 files) in progress...
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includesc93c43/SimplePie/Net/sym404/bluedogm-OpenCart.txt404/index.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {YARA}spam_mailer found for /home/pipedrea/public_html/wp-includesc93c43/SimplePie/Net/sym404/danfreed-IPB.txt404/index.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pipedrea/public_html/wp-includesc93c43/SimplePie/Net/sym404/hannahdo-Wordpress.txt404/index.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includesc93c43/SimplePie/Net/sym404/marvinal-OsCommerce.txt404/index.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {HEX}php.base64.inject.182 found for /home/pipedrea/public_html/wp-includesc93c43/SimplePie/Net/sym404/riffingo-PrestaShop.txt404/index.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pipedrea/public_html/wp-content/defaults.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/pipedrea/public_html/wp-content/plugin.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/sethbook/public_html/wp-includes/images/media/defaults.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-includes/blocks/paragraph/index.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {YARA}spam_mailer found for /home/sethbook/public_html/oldsites/index.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-admin/user/index.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {hit} malware hit {HEX}php.base64.inject.182 found for /home/sethbook/public_html/wp-admin/pomo/languages/network/IXR/index.php
Sep 21 2024 10:15:15 cp41 maldet(13412): {scan} scan completed on : files 387, malware hits 12, cleaned hits 0, time 25363s
Sep 21 2024 10:15:15 cp41 maldet(13412): {scan} scan report saved, to view run: maldet --report 240921-0312.13412
Sep 21 2024 10:15:15 cp41 maldet(13412): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240921-0312.13412
Sep 22 2024 03:23:20 cp41 maldet(3707): {update} checking for available updates...
Sep 22 2024 03:23:21 cp41 maldet(3707): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 22 2024 03:23:21 cp41 maldet(3707): {update} hashing install files and checking against server...
Sep 22 2024 03:23:23 cp41 maldet(3707): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 22 2024 03:23:23 cp41 maldet(3707): {update} latest version already installed.
Sep 22 2024 03:23:27 cp41 maldet(3955): {sigup} performing signature update check...
Sep 22 2024 03:23:27 cp41 maldet(3955): {sigup} local signature set is version 202409191126888
Sep 22 2024 03:23:28 cp41 maldet(3955): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 22 2024 03:23:30 cp41 maldet(3955): {sigup} new signature set 20240922576214 available
Sep 22 2024 03:23:30 cp41 maldet(3955): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 22 2024 03:23:30 cp41 maldet(3955): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 22 2024 03:23:31 cp41 maldet(3955): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Sep 22 2024 03:23:31 cp41 maldet(3955): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 22 2024 03:23:31 cp41 maldet(3955): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 22 2024 03:23:31 cp41 maldet(3955): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Sep 22 2024 03:23:31 cp41 maldet(3955): {sigup} verified md5sum of maldet-sigpack.tgz
Sep 22 2024 03:23:33 cp41 maldet(3955): {sigup} unpacked and installed maldet-sigpack.tgz
Sep 22 2024 03:23:34 cp41 maldet(3955): {sigup} verified md5sum of maldet-clean.tgz
Sep 22 2024 03:23:36 cp41 maldet(3955): {sigup} unpacked and installed maldet-clean.tgz
Sep 22 2024 03:23:36 cp41 maldet(3955): {sigup} signature set update completed
Sep 22 2024 03:23:36 cp41 maldet(3955): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 22 2024 03:23:39 cp41 maldet(4344): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 22 2024 03:23:46 cp41 maldet(4344): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 22 2024 03:23:46 cp41 maldet(4344): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 22 2024 03:23:46 cp41 maldet(4344): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 22 2024 03:23:46 cp41 maldet(4344): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 22 2024 14:40:50 cp41 maldet(4344): {scan} file list completed in 40624s, found 30502 files...
Sep 22 2024 14:40:50 cp41 maldet(4344): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 22 2024 14:40:50 cp41 maldet(4344): {scan} scan of (30502 files) in progress...
Sep 22 2024 14:49:55 cp41 maldet(4344): {hit} malware hit {HEX}php.base64.inject.181 found for /home/olshsdco/public_html/zuCgT/index.php
Sep 22 2024 14:49:55 cp41 maldet(4344): {hit} malware hit {HEX}php.base64.inject.181 found for /home/olshsdco/public_html/bangu.php
Sep 22 2024 14:49:57 cp41 maldet(4344): {scan} scan completed on : files 30502, malware hits 2, cleaned hits 0, time 41176s
Sep 22 2024 14:49:57 cp41 maldet(4344): {scan} scan report saved, to view run: maldet --report 240922-0323.4344
Sep 22 2024 14:49:57 cp41 maldet(4344): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240922-0323.4344
Sep 23 2024 03:23:44 cp41 maldet(22534): {update} checking for available updates...
Sep 23 2024 03:23:44 cp41 maldet(22534): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 23 2024 03:23:44 cp41 maldet(22534): {update} hashing install files and checking against server...
Sep 23 2024 03:23:45 cp41 maldet(22534): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 23 2024 03:23:45 cp41 maldet(22534): {update} latest version already installed.
Sep 23 2024 03:23:46 cp41 maldet(22834): {sigup} performing signature update check...
Sep 23 2024 03:23:46 cp41 maldet(22834): {sigup} local signature set is version 20240922576214
Sep 23 2024 03:23:47 cp41 maldet(22834): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 23 2024 03:23:47 cp41 maldet(22834): {sigup} latest signature set already installed
Sep 23 2024 03:23:49 cp41 maldet(23044): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 23 2024 03:23:52 cp41 maldet(23044): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 23 2024 03:23:52 cp41 maldet(23044): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 23 2024 03:23:52 cp41 maldet(23044): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 23 2024 03:23:52 cp41 maldet(23044): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 23 2024 15:20:28 cp41 maldet(23044): {scan} file list completed in 42994s, found 32490 files...
Sep 23 2024 15:20:28 cp41 maldet(23044): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 23 2024 15:20:28 cp41 maldet(23044): {scan} scan of (32490 files) in progress...
Sep 23 2024 15:40:46 cp41 maldet(23044): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/erxgrafx/public_html/item.php
Sep 23 2024 15:40:46 cp41 maldet(23044): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/erxgrafx/public_html/wp-content__f48db49/plugins/revslider/404WUZ/opsbot-OpenCart-old-public_html.txt404/index.php
Sep 23 2024 15:40:46 cp41 maldet(23044): {hit} malware hit {HEX}php.base64.inject.182 found for /home/erxgrafx/public_html/wp-content__f48db49/plugins/revslider/404WUZ/sandhyav-WHMCS-hosting-public_html.txt404/network.php
Sep 23 2024 15:40:47 cp41 maldet(23044): {hit} malware hit {HEX}php.base64.inject.182 found for /home/erxgrafx/public_html/wp-content__f48db49/plugins/revslider/404WUZ/sandjack-WHMCS-clients.txt404/index.php
Sep 23 2024 15:40:47 cp41 maldet(23044): {hit} malware hit {YARA}spam_mailer found for /home/erxgrafx/public_html/wp-content__f48db49/plugins/revslider/404WUZ/screenin-Drupal-web-public_html.txt404/index.php
Sep 23 2024 15:40:47 cp41 maldet(23044): {hit} malware hit {HEX}php.base64.inject.182 found for /home/erxgrafx/public_html/cache__f48db49/h/d/a/b/index.php
Sep 23 2024 15:40:47 cp41 maldet(23044): {hit} malware hit {YARA}php_in_image found for /home/krisbryl/public_html/mh.php
Sep 23 2024 15:40:47 cp41 maldet(23044): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/zuCgT/index.php
Sep 23 2024 15:40:47 cp41 maldet(23044): {hit} malware hit {YARA}spam_mailer found for /home/olshsdco/public_html/wp-includes/index.php
Sep 23 2024 15:40:47 cp41 maldet(23044): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/wp-includes/product.php
Sep 23 2024 15:40:47 cp41 maldet(23044): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/chosen/index.php
Sep 23 2024 15:40:47 cp41 maldet(23044): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/function.php
Sep 23 2024 15:40:48 cp41 maldet(23044): {scan} scan completed on : files 32490, malware hits 12, cleaned hits 0, time 44218s
Sep 23 2024 15:40:48 cp41 maldet(23044): {scan} scan report saved, to view run: maldet --report 240923-0323.23044
Sep 23 2024 15:40:48 cp41 maldet(23044): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240923-0323.23044
Sep 24 2024 03:32:39 cp41 maldet(20502): {update} checking for available updates...
Sep 24 2024 03:32:41 cp41 maldet(20502): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 24 2024 03:32:41 cp41 maldet(20502): {update} hashing install files and checking against server...
Sep 24 2024 03:32:42 cp41 maldet(20502): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 24 2024 03:32:42 cp41 maldet(20502): {update} latest version already installed.
Sep 24 2024 03:32:47 cp41 maldet(21045): {sigup} performing signature update check...
Sep 24 2024 03:32:47 cp41 maldet(21045): {sigup} local signature set is version 20240922576214
Sep 24 2024 03:32:48 cp41 maldet(21045): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 24 2024 03:32:53 cp41 maldet(21045): {sigup} latest signature set already installed
Sep 24 2024 03:32:58 cp41 maldet(21660): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 24 2024 03:33:16 cp41 maldet(21660): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 24 2024 03:33:16 cp41 maldet(21660): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 24 2024 03:33:16 cp41 maldet(21660): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 24 2024 03:33:16 cp41 maldet(21660): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 24 2024 11:16:29 cp41 maldet(21660): {scan} file list completed in 27793s, found 3497 files...
Sep 24 2024 11:16:29 cp41 maldet(21660): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 24 2024 11:16:29 cp41 maldet(21660): {scan} scan of (3497 files) in progress...
Sep 24 2024 11:18:18 cp41 maldet(21660): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/erxgrafx/public_html/item.php
Sep 24 2024 11:18:18 cp41 maldet(21660): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/erxgrafx/public_html/wp-content__f48db49/plugins/revslider/404WUZ/opsbot-OpenCart-old-public_html.txt404/index.php
Sep 24 2024 11:18:18 cp41 maldet(21660): {hit} malware hit {HEX}php.base64.inject.182 found for /home/erxgrafx/public_html/wp-content__f48db49/plugins/revslider/404WUZ/sandhyav-WHMCS-hosting-public_html.txt404/network.php
Sep 24 2024 11:18:18 cp41 maldet(21660): {hit} malware hit {HEX}php.base64.inject.182 found for /home/erxgrafx/public_html/wp-content__f48db49/plugins/revslider/404WUZ/sandjack-WHMCS-clients.txt404/index.php
Sep 24 2024 11:18:18 cp41 maldet(21660): {hit} malware hit {YARA}spam_mailer found for /home/erxgrafx/public_html/wp-content__f48db49/plugins/revslider/404WUZ/screenin-Drupal-web-public_html.txt404/index.php
Sep 24 2024 11:18:18 cp41 maldet(21660): {hit} malware hit {HEX}php.base64.inject.182 found for /home/erxgrafx/public_html/cache__f48db49/h/d/a/b/index.php
Sep 24 2024 11:18:18 cp41 maldet(21660): {scan} scan completed on : files 3497, malware hits 6, cleaned hits 0, time 27920s
Sep 24 2024 11:18:18 cp41 maldet(21660): {scan} scan report saved, to view run: maldet --report 240924-0332.21660
Sep 24 2024 11:18:18 cp41 maldet(21660): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240924-0332.21660
Sep 25 2024 03:18:44 cp41 maldet(11328): {update} checking for available updates...
Sep 25 2024 03:18:45 cp41 maldet(11328): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 25 2024 03:18:45 cp41 maldet(11328): {update} hashing install files and checking against server...
Sep 25 2024 03:18:45 cp41 maldet(11328): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 25 2024 03:18:45 cp41 maldet(11328): {update} latest version already installed.
Sep 25 2024 03:18:45 cp41 maldet(11495): {sigup} performing signature update check...
Sep 25 2024 03:18:45 cp41 maldet(11495): {sigup} local signature set is version 20240922576214
Sep 25 2024 03:18:46 cp41 maldet(11495): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 25 2024 03:18:46 cp41 maldet(11495): {sigup} latest signature set already installed
Sep 25 2024 03:18:47 cp41 maldet(11633): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 25 2024 03:18:49 cp41 maldet(11633): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 25 2024 03:18:49 cp41 maldet(11633): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 25 2024 03:18:49 cp41 maldet(11633): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 25 2024 03:18:49 cp41 maldet(11633): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 25 2024 05:59:18 cp41 maldet(21434): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 25 2024 05:59:18 cp41 maldet(21434): {scan} building file list for /home/brianhsc, this might take awhile...
Sep 25 2024 05:59:18 cp41 maldet(21434): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 25 2024 05:59:18 cp41 maldet(21434): {scan} executed eval /bin/nice -n 19 /bin/find "/home/brianhsc" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 25 2024 06:02:48 cp41 maldet(21434): {scan} file list completed in 210s, found 100651 files...
Sep 25 2024 06:02:48 cp41 maldet(21434): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 25 2024 06:02:48 cp41 maldet(21434): {scan} scan of /home/brianhsc (100651 files) in progress...
Sep 25 2024 09:11:58 cp41 maldet(21434): {quar} fatal error handling '/home/brianhsc/4033.php'
Sep 25 2024 09:11:58 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/tmp/4033.php
Sep 25 2024 09:11:58 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/tmp/403.php
Sep 25 2024 09:11:58 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/tmp/awstats/awstats082023.brianhscott.com.txt
Sep 25 2024 09:11:59 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/tmp/awstats/awstats022024.brianhscott.com.txt
Sep 25 2024 09:11:59 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/tmp/awstats/awstats012024.brianhscott.com.txt
Sep 25 2024 09:12:00 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/tmp/awstats/awstats022024.cff-from-sb.brianhscott.com.txt
Sep 25 2024 09:12:00 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/tmp/awstats/awstats092023.brianhscott.com.txt
Sep 25 2024 09:12:00 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/tmp/analog/ssl/cff-from-sb.brianhscott.com/cache
Sep 25 2024 09:12:01 cp41 maldet(21434): {hit} malware hit {HEX}php.uploader.max.725 found for /home/brianhsc/tmp/analog/cff-from-sb.brianhscott.com/cache
Sep 25 2024 09:12:01 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.htpasswds/4033.php
Sep 25 2024 09:12:01 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.htpasswds/403.php
Sep 25 2024 09:12:01 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/ssl/4033.php
Sep 25 2024 09:12:01 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/ssl/403.php
Sep 25 2024 09:12:02 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.trash/4033.php
Sep 25 2024 09:12:02 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.trash/403.php
Sep 25 2024 09:12:02 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.trash/403.php.1
Sep 25 2024 09:12:02 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.trash/4033.php.1
Sep 25 2024 09:12:02 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.cl.selector/4033.php
Sep 25 2024 09:12:02 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.cl.selector/403.php
Sep 25 2024 09:12:02 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.softaculous/4033.php
Sep 25 2024 09:12:02 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.softaculous/403.php
Sep 25 2024 09:12:03 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.cagefs/4033.php
Sep 25 2024 09:12:03 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.cagefs/403.php
Sep 25 2024 09:12:03 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/cff-from-sb.brianhscott.com-Sep-2024.gz
Sep 25 2024 09:12:03 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/brianhscott.com-Sep-2023.gz
Sep 25 2024 09:12:03 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.612 found for /home/brianhsc/logs/brianhscott.com-May-2018.gz
Sep 25 2024 09:12:03 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/logs/4033.php
Sep 25 2024 09:12:03 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.612 found for /home/brianhsc/logs/brianhscott.com-Dec-2017.gz
Sep 25 2024 09:12:04 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.612 found for /home/brianhsc/logs/brianhscott.com-Nov-2019.gz
Sep 25 2024 09:12:04 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/brianhscott.com-Jan-2024.gz
Sep 25 2024 09:12:05 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.597 found for /home/brianhsc/logs/brianhscott.com-Jul-2024.gz
Sep 25 2024 09:12:05 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.612 found for /home/brianhsc/logs/brianhscott.com-Sep-2018.gz
Sep 25 2024 09:12:05 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.612 found for /home/brianhsc/logs/brianhscott.com-Mar-2019.gz
Sep 25 2024 09:12:05 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/brianhscott.com-Jun-2024.gz
Sep 25 2024 09:12:05 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/logs/403.php
Sep 25 2024 09:12:05 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/brianhscott.com-ssl_log-Feb-2024.gz
Sep 25 2024 09:12:05 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.612 found for /home/brianhsc/logs/brianhscott.com-Aug-2018.gz
Sep 25 2024 09:12:05 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.612 found for /home/brianhsc/logs/brianhscott.com-Dec-2018.gz
Sep 25 2024 09:12:05 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/cff-from-sb.brianhscott.com-Jun-2024.gz
Sep 25 2024 09:12:06 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.597 found for /home/brianhsc/logs/brianhscott.com-Mar-2024.gz
Sep 25 2024 09:12:06 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/brianhscott.com-Apr-2024.gz
Sep 25 2024 09:12:06 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/brianhscott.com-Aug-2024.gz
Sep 25 2024 09:12:06 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.597 found for /home/brianhsc/logs/cff-from-sb.brianhscott.com-Mar-2024.gz
Sep 25 2024 09:12:06 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.612 found for /home/brianhsc/logs/brianhscott.com-Dec-2019.gz
Sep 25 2024 09:12:06 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/cff-from-sb.brianhscott.com-ssl_log-Mar-2024.gz
Sep 25 2024 09:12:06 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.612 found for /home/brianhsc/logs/brianhscott.com-Jan-2019.gz
Sep 25 2024 09:12:06 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.597 found for /home/brianhsc/logs/cff-from-sb.brianhscott.com-Jul-2024.gz
Sep 25 2024 09:12:07 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/brianhscott.com-Aug-2023.gz
Sep 25 2024 09:12:07 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/brianhscott.com-Feb-2024.gz
Sep 25 2024 09:12:07 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.612 found for /home/brianhsc/logs/brianhscott.com-Jun-2017.gz
Sep 25 2024 09:12:07 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/cff-from-sb.brianhscott.com-Aug-2024.gz
Sep 25 2024 09:12:08 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.612 found for /home/brianhsc/logs/brianhscott.com-Jan-2018.gz
Sep 25 2024 09:12:08 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/cff-from-sb.brianhscott.com-Feb-2024.gz
Sep 25 2024 09:12:08 cp41 maldet(21434): {hit} malware hit {HEX}php.malware.magento.599 found for /home/brianhsc/logs/brianhscott.com-May-2024.gz
Sep 25 2024 09:12:08 cp41 maldet(21434): {quar} fatal error handling '/home/brianhsc/.subaccounts/4033.php'
Sep 25 2024 09:12:08 cp41 maldet(21434): {quar} fatal error handling '/home/brianhsc/.subaccounts/403.php'
Sep 25 2024 09:12:08 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/public_ftp/4033.php
Sep 25 2024 09:12:08 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/public_ftp/403.php
Sep 25 2024 09:12:08 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/etc/4033.php
Sep 25 2024 09:12:08 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/etc/403.php
Sep 25 2024 09:12:08 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/CgJiIsX/x.zip
Sep 25 2024 09:12:09 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/brianhsc/public_html/CgJiIsX/alfa-shell-v4.1-tesla-decoded.php
Sep 25 2024 09:12:09 cp41 maldet(21434): {hit} malware hit {YARA}webshell_iMHaPFtp_2 found for /home/brianhsc/public_html/CgJiIsX/webadmin.php
Sep 25 2024 09:12:09 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/CgJiIsX/lu.php
Sep 25 2024 09:12:09 cp41 maldet(21434): {hit} malware hit {CAV}Php.Malware.Agent-9851729-0 found for /home/brianhsc/public_html/wsa.php
Sep 25 2024 09:12:09 cp41 maldet(21434): {hit} malware hit {CAV}Php.Malware.Agent-9851729-0 found for /home/brianhsc/public_html/wp-pano.php
Sep 25 2024 09:12:09 cp41 maldet(21434): {hit} malware hit {CAV}Php.Malware.Agent-9851729-0 found for /home/brianhsc/public_html/neccfhpp.php
Sep 25 2024 09:12:09 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/GUdaJrE/x.zip
Sep 25 2024 09:12:10 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/brianhsc/public_html/GUdaJrE/alfa-shell-v4.1-tesla-decoded.php
Sep 25 2024 09:12:10 cp41 maldet(21434): {hit} malware hit {YARA}webshell_iMHaPFtp_2 found for /home/brianhsc/public_html/GUdaJrE/webadmin.php
Sep 25 2024 09:12:10 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/GUdaJrE/lu.php
Sep 25 2024 09:12:10 cp41 maldet(21434): {hit} malware hit {CAV}Php.Malware.Agent-9851729-0 found for /home/brianhsc/public_html/P71uT6heUnt.php
Sep 25 2024 09:12:10 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/public_html/well-known/pki-validation/c/b/a/index.php
Sep 25 2024 09:12:11 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/well-known/pki-validation/h/d/d/index.php
Sep 25 2024 09:12:11 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/well-known/pki-validation/d/d/a/index.php
Sep 25 2024 09:12:11 cp41 maldet(21434): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/brianhsc/public_html/well-known/acme-challenge/b/c/b/index.php
Sep 25 2024 09:12:12 cp41 maldet(21434): {hit} malware hit {YARA}webshell_iMHaPFtp_2 found for /home/brianhsc/public_html/well-known/acme-challenge/g/h/d/index.php
Sep 25 2024 09:12:12 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/680026.php
Sep 25 2024 09:12:12 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/edit.php
Sep 25 2024 09:12:12 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/CmayuGf/x.zip
Sep 25 2024 09:12:12 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/CmayuGf/alfa-shell-v4.1-tesla-decoded.php
Sep 25 2024 09:12:12 cp41 maldet(21434): {hit} malware hit {YARA}webshell_iMHaPFtp_2 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/CmayuGf/webadmin.php
Sep 25 2024 09:12:12 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/CmayuGf/lu.php
Sep 25 2024 09:12:13 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/wyyvlxmv.php
Sep 25 2024 09:12:13 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/XByOvcn/x.zip
Sep 25 2024 09:12:13 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/XByOvcn/alfa-shell-v4.1-tesla-decoded.php
Sep 25 2024 09:12:13 cp41 maldet(21434): {hit} malware hit {YARA}webshell_iMHaPFtp_2 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/XByOvcn/webadmin.php
Sep 25 2024 09:12:13 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/XByOvcn/lu.php
Sep 25 2024 09:12:13 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/cff-from-sb.brianhscott.com/wp-register.php
Sep 25 2024 09:12:13 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/wp-admin/l.php
Sep 25 2024 09:12:13 cp41 maldet(21434): {hit} malware hit {HEX}php.base64.inject.182 found for /home/brianhsc/public_html/wp-register.php
Sep 25 2024 09:12:13 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.spamassassin/4033.php
Sep 25 2024 09:12:13 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.spamassassin/403.php
Sep 25 2024 09:12:13 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.security/4033.php
Sep 25 2024 09:12:14 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.security/403.php
Sep 25 2024 09:12:14 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/cpmove.psql/4033.php
Sep 25 2024 09:12:14 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/cpmove.psql/403.php
Sep 25 2024 09:12:14 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.attracta/4033.php
Sep 25 2024 09:12:14 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.attracta/403.php
Sep 25 2024 09:12:14 cp41 maldet(21434): {quar} fatal error handling '/home/brianhsc/.cphorde/4033.php'
Sep 25 2024 09:12:14 cp41 maldet(21434): {quar} fatal error handling '/home/brianhsc/.cphorde/403.php'
Sep 25 2024 09:12:14 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.mozilla/4033.php
Sep 25 2024 09:12:15 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.mozilla/403.php
Sep 25 2024 09:12:15 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.cpanel/4033.php
Sep 25 2024 09:12:15 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.cpanel/403.php
Sep 25 2024 09:12:15 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/mail/4033.php
Sep 25 2024 09:12:15 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/mail/403.php
Sep 25 2024 09:12:15 cp41 maldet(21434): {quar} fatal error handling '/home/brianhsc/mail/brianhscott.com/brian/cur/1571185518.M367054P15403.cp05.machighway.com,S=1040031,W=1054332'
Sep 25 2024 09:12:15 cp41 maldet(21434): {quar} fatal error handling '/home/brianhsc/mail/brianhscott.com/brian/cur/1607952103.M428926P17013.cp05.machighway.com,S=1053517,W=1067271'
Sep 25 2024 09:12:15 cp41 maldet(21434): {quar} fatal error handling '/home/brianhsc/mail/brianhscott.com/brian/cur/1571019376.M231784P18991.cp05.machighway.com,S=31872,W=32366'
Sep 25 2024 09:12:15 cp41 maldet(21434): {quar} fatal error handling '/home/brianhsc/mail/brianhscott.com/brian/cur/1466283542.H421180P1976.cp05.machighway.com,S=11979'
Sep 25 2024 09:12:15 cp41 maldet(21434): {hit} malware hit {CAV}Win.Packed.Generic-10022695-0 found for /home/brianhsc/mail/brianhscott.com/brian/new/1709783117.M620760P30581.cp41.machighway.com,S=932447,W=945263
Sep 25 2024 09:12:16 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.razor/4033.php
Sep 25 2024 09:12:16 cp41 maldet(21434): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/brianhsc/.razor/403.php
Sep 25 2024 09:12:17 cp41 maldet(21434): {hit} malware hit {CAV}Unix.Exploit.Pkexecexploit-10034078-0 found for /var/tmp/cakilroot
Sep 25 2024 09:12:18 cp41 maldet(21434): {scan} scan completed on /home/brianhsc: files 100651, malware hits 107, cleaned hits 0, time 11580s
Sep 25 2024 09:12:18 cp41 maldet(21434): {scan} scan report saved, to view run: maldet --report 240925-0559.21434
Sep 25 2024 09:12:18 cp41 maldet(21434): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240925-0559.21434
Sep 25 2024 11:09:54 cp41 maldet(11633): {scan} file list completed in 28264s, found 13642 files...
Sep 25 2024 11:09:54 cp41 maldet(11633): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 25 2024 11:09:54 cp41 maldet(11633): {scan} scan of (13642 files) in progress...
Sep 25 2024 11:34:07 cp41 maldet(11633): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Sep 25 2024 11:34:08 cp41 maldet(11633): {scan} scan completed on : files 13642, malware hits 0, cleaned hits 0, time 29720s
Sep 25 2024 11:34:08 cp41 maldet(11633): {scan} scan report saved, to view run: maldet --report 240925-0318.11633
Sep 25 2024 17:09:35 cp41 maldet(976): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 25 2024 17:09:35 cp41 maldet(976): {scan} building file list for /home/brianhsc/, this might take awhile...
Sep 25 2024 17:09:35 cp41 maldet(976): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 25 2024 17:09:35 cp41 maldet(976): {scan} executed eval /usr/bin/nice -n 19 /usr/bin/find "/home/brianhsc/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 25 2024 17:09:57 cp41 maldet(976): {glob} scan interrupt by user, aborting scan...
Sep 25 2024 17:09:57 cp41 maldet(976): {scan} scan report saved, to view run: maldet --report 240925-1709.976
Sep 25 2024 17:10:19 cp41 maldet(3637): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 25 2024 17:10:19 cp41 maldet(3637): {scan} building file list for /home/brianhsc/, this might take awhile...
Sep 25 2024 17:10:19 cp41 maldet(3637): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 25 2024 17:10:19 cp41 maldet(3637): {scan} executed eval /usr/bin/nice -n 19 /usr/bin/find "/home/brianhsc/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 25 2024 17:10:53 cp41 maldet(3637): {glob} scan interrupt by user, aborting scan...
Sep 25 2024 17:10:53 cp41 maldet(3637): {scan} scan report saved, to view run: maldet --report 240925-1710.3637
Sep 26 2024 03:15:36 cp41 maldet(4686): {update} checking for available updates...
Sep 26 2024 03:15:38 cp41 maldet(4686): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 26 2024 03:15:41 cp41 maldet(4686): {update} hashing install files and checking against server...
Sep 26 2024 03:15:44 cp41 maldet(4686): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 26 2024 03:15:44 cp41 maldet(4686): {update} latest version already installed.
Sep 26 2024 03:15:47 cp41 maldet(4976): {sigup} performing signature update check...
Sep 26 2024 03:15:47 cp41 maldet(4976): {sigup} local signature set is version 20240922576214
Sep 26 2024 03:15:55 cp41 maldet(4976): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 26 2024 03:15:58 cp41 maldet(4976): {sigup} new signature set 202409251332019 available
Sep 26 2024 03:15:58 cp41 maldet(4976): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 26 2024 03:15:59 cp41 maldet(4976): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 26 2024 03:16:01 cp41 maldet(4976): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Sep 26 2024 03:16:01 cp41 maldet(4976): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 26 2024 03:16:04 cp41 maldet(4976): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 26 2024 03:16:04 cp41 maldet(4976): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Sep 26 2024 03:16:04 cp41 maldet(4976): {sigup} verified md5sum of maldet-sigpack.tgz
Sep 26 2024 03:16:26 cp41 maldet(4976): {sigup} unpacked and installed maldet-sigpack.tgz
Sep 26 2024 03:16:30 cp41 maldet(4976): {sigup} verified md5sum of maldet-clean.tgz
Sep 26 2024 03:16:33 cp41 maldet(4976): {sigup} unpacked and installed maldet-clean.tgz
Sep 26 2024 03:16:33 cp41 maldet(4976): {sigup} signature set update completed
Sep 26 2024 03:16:34 cp41 maldet(4976): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 26 2024 03:16:40 cp41 maldet(6065): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 26 2024 03:16:48 cp41 maldet(6065): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 26 2024 03:16:48 cp41 maldet(6065): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 26 2024 03:16:48 cp41 maldet(6065): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 26 2024 03:16:48 cp41 maldet(6065): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 26 2024 11:07:37 cp41 maldet(6065): {scan} file list completed in 28248s, found 1121 files...
Sep 26 2024 11:07:37 cp41 maldet(6065): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 26 2024 11:07:37 cp41 maldet(6065): {scan} scan of (1121 files) in progress...
Sep 26 2024 11:08:55 cp41 maldet(6065): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/a/alsamixer
Sep 26 2024 11:08:55 cp41 maldet(6065): {hit} malware hit {HEX}php.base64.inject.182 found for /home/colorad7/public_html/404GPN/games-WHMCS-central.txt404/network.php
Sep 26 2024 11:08:55 cp41 maldet(6065): {hit} malware hit {HEX}php.base64.inject.182 found for /home/colorad7/public_html/404GPN/hjumpline-gfl-WHMCS-cliente-public_html.txt404/index.php
Sep 26 2024 11:08:55 cp41 maldet(6065): {hit} malware hit {YARA}spam_mailer found for /home/colorad7/public_html/404GPN/calmesta-PrestaShop-prestashop.txt404/index.php
Sep 26 2024 11:08:55 cp41 maldet(6065): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/colorad7/public_html/404GPN/michaelh-myconf-cPanel-public_html.txt404/index.php
Sep 26 2024 11:08:55 cp41 maldet(6065): {hit} malware hit {HEX}php.base64.inject.182 found for /home/colorad7/public_html/404GPN/mcdesign-WHMCS-support.txt404/index.php
Sep 26 2024 11:08:55 cp41 maldet(6065): {scan} scan completed on : files 1121, malware hits 6, cleaned hits 0, time 28335s
Sep 26 2024 11:08:55 cp41 maldet(6065): {scan} scan report saved, to view run: maldet --report 240926-0316.6065
Sep 26 2024 11:08:55 cp41 maldet(6065): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240926-0316.6065
Sep 27 2024 03:39:57 cp41 maldet(11068): {update} checking for available updates...
Sep 27 2024 03:39:57 cp41 maldet(11068): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 27 2024 03:39:57 cp41 maldet(11068): {update} hashing install files and checking against server...
Sep 27 2024 03:39:58 cp41 maldet(11068): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 27 2024 03:39:58 cp41 maldet(11068): {update} latest version already installed.
Sep 27 2024 03:39:59 cp41 maldet(11233): {sigup} performing signature update check...
Sep 27 2024 03:39:59 cp41 maldet(11233): {sigup} local signature set is version 202409251332019
Sep 27 2024 03:39:59 cp41 maldet(11233): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 27 2024 03:40:02 cp41 maldet(11233): {sigup} latest signature set already installed
Sep 27 2024 03:40:08 cp41 maldet(11530): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 27 2024 03:40:22 cp41 maldet(11530): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 27 2024 03:40:22 cp41 maldet(11530): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 27 2024 03:40:22 cp41 maldet(11530): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 27 2024 03:40:22 cp41 maldet(11530): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 27 2024 09:12:21 cp41 maldet(11530): {scan} file list completed in 19918s, found 82 files...
Sep 27 2024 09:12:21 cp41 maldet(11530): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 27 2024 09:12:22 cp41 maldet(11530): {scan} scan of (82 files) in progress...
Sep 27 2024 09:12:29 cp41 maldet(11530): {hit} malware hit {CAV}Multios.Coinminer.Miner-6781728-2 found for /home/ksmanual/public_html/beltfilterpress.com/cache/i/xmrig-6.14.0-linux-x64.tar.gz.2
Sep 27 2024 09:12:29 cp41 maldet(11530): {scan} scan completed on : files 82, malware hits 1, cleaned hits 0, time 19941s
Sep 27 2024 09:12:29 cp41 maldet(11530): {scan} scan report saved, to view run: maldet --report 240927-0340.11530
Sep 27 2024 09:12:29 cp41 maldet(11530): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240927-0340.11530
Sep 28 2024 03:26:30 cp41 maldet(17603): {update} checking for available updates...
Sep 28 2024 03:26:30 cp41 maldet(17603): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 28 2024 03:26:30 cp41 maldet(17603): {update} hashing install files and checking against server...
Sep 28 2024 03:26:31 cp41 maldet(17603): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 28 2024 03:26:31 cp41 maldet(17603): {update} latest version already installed.
Sep 28 2024 03:26:34 cp41 maldet(17751): {sigup} performing signature update check...
Sep 28 2024 03:26:34 cp41 maldet(17751): {sigup} local signature set is version 202409251332019
Sep 28 2024 03:26:34 cp41 maldet(17751): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 28 2024 03:26:35 cp41 maldet(17751): {sigup} new signature set 202409282086558 available
Sep 28 2024 03:26:35 cp41 maldet(17751): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 28 2024 03:26:35 cp41 maldet(17751): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Sep 28 2024 03:26:35 cp41 maldet(17751): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Sep 28 2024 03:26:35 cp41 maldet(17751): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 28 2024 03:26:36 cp41 maldet(17751): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Sep 28 2024 03:26:36 cp41 maldet(17751): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Sep 28 2024 03:26:36 cp41 maldet(17751): {sigup} verified md5sum of maldet-sigpack.tgz
Sep 28 2024 03:26:37 cp41 maldet(17751): {sigup} unpacked and installed maldet-sigpack.tgz
Sep 28 2024 03:26:37 cp41 maldet(17751): {sigup} verified md5sum of maldet-clean.tgz
Sep 28 2024 03:26:38 cp41 maldet(17751): {sigup} unpacked and installed maldet-clean.tgz
Sep 28 2024 03:26:38 cp41 maldet(17751): {sigup} signature set update completed
Sep 28 2024 03:26:38 cp41 maldet(17751): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 28 2024 03:26:41 cp41 maldet(18061): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 28 2024 03:26:54 cp41 maldet(18061): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 28 2024 03:26:54 cp41 maldet(18061): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 28 2024 03:26:54 cp41 maldet(18061): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 28 2024 03:26:54 cp41 maldet(18061): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 28 2024 08:17:20 cp41 maldet(18061): {scan} file list completed in 17425s, found 193 files...
Sep 28 2024 08:17:20 cp41 maldet(18061): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 28 2024 08:17:20 cp41 maldet(18061): {scan} scan of (193 files) in progress...
Sep 28 2024 08:17:42 cp41 maldet(18061): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Sep 28 2024 08:17:43 cp41 maldet(18061): {scan} scan completed on : files 193, malware hits 0, cleaned hits 0, time 17461s
Sep 28 2024 08:17:43 cp41 maldet(18061): {scan} scan report saved, to view run: maldet --report 240928-0326.18061
Sep 29 2024 03:46:17 cp41 maldet(16695): {update} checking for available updates...
Sep 29 2024 03:46:17 cp41 maldet(16695): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 29 2024 03:46:17 cp41 maldet(16695): {update} hashing install files and checking against server...
Sep 29 2024 03:46:17 cp41 maldet(16695): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 29 2024 03:46:17 cp41 maldet(16695): {update} latest version already installed.
Sep 29 2024 03:46:18 cp41 maldet(16879): {sigup} performing signature update check...
Sep 29 2024 03:46:18 cp41 maldet(16879): {sigup} local signature set is version 202409282086558
Sep 29 2024 03:46:18 cp41 maldet(16879): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 29 2024 03:46:18 cp41 maldet(16879): {sigup} latest signature set already installed
Sep 29 2024 03:46:18 cp41 maldet(17001): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 29 2024 03:46:22 cp41 maldet(17001): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 29 2024 03:46:22 cp41 maldet(17001): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 29 2024 03:46:22 cp41 maldet(17001): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 29 2024 03:46:22 cp41 maldet(17001): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 29 2024 06:27:22 cp41 maldet(17001): {scan} file list completed in 9659s, found 163 files...
Sep 29 2024 06:27:22 cp41 maldet(17001): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 29 2024 06:27:22 cp41 maldet(17001): {scan} scan of (163 files) in progress...
Sep 29 2024 06:27:38 cp41 maldet(17001): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Sep 29 2024 06:27:39 cp41 maldet(17001): {scan} scan completed on : files 163, malware hits 0, cleaned hits 0, time 9680s
Sep 29 2024 06:27:39 cp41 maldet(17001): {scan} scan report saved, to view run: maldet --report 240929-0346.17001
Sep 30 2024 03:22:58 cp41 maldet(9283): {update} checking for available updates...
Sep 30 2024 03:22:58 cp41 maldet(9283): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Sep 30 2024 03:22:58 cp41 maldet(9283): {update} hashing install files and checking against server...
Sep 30 2024 03:22:59 cp41 maldet(9283): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Sep 30 2024 03:22:59 cp41 maldet(9283): {update} latest version already installed.
Sep 30 2024 03:22:59 cp41 maldet(9443): {sigup} performing signature update check...
Sep 30 2024 03:22:59 cp41 maldet(9443): {sigup} local signature set is version 202409282086558
Sep 30 2024 03:22:59 cp41 maldet(9443): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Sep 30 2024 03:23:00 cp41 maldet(9443): {sigup} latest signature set already installed
Sep 30 2024 03:23:00 cp41 maldet(9571): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Sep 30 2024 03:23:02 cp41 maldet(9571): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Sep 30 2024 03:23:02 cp41 maldet(9571): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Sep 30 2024 03:23:02 cp41 maldet(9571): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Sep 30 2024 03:23:02 cp41 maldet(9571): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Sep 30 2024 07:02:59 cp41 maldet(9571): {scan} file list completed in 13196s, found 395 files...
Sep 30 2024 07:02:59 cp41 maldet(9571): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Sep 30 2024 07:02:59 cp41 maldet(9571): {scan} scan of (395 files) in progress...
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {HEX}php.nested.base64.652 found for /home/gavinsco/public_html/5e2ee/folder/pqhhddfyJ.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {YARA}eval_post found for /home/gavinsco/public_html/GavinScott/About_Me_files/MBlAJWL.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {HEX}php.nested.base64.652 found for /home/gavinsco/public_html/wp-admin/includes/fonts/met/style-engine/wp/XVjTwAy.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/ap2ws/__MACOSX/uber.com_es/req/options.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/ap2ws/uber.com_es/req/click.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {YARA}multiple_php_webshells found for /home/olshsdco/public_html/ap2ws/uber.com_es/req/function.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/function.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {YARA}multiple_php_webshells found for /home/olshsdco/public_html/La Vaca de Oro, heladerÃa en la Ciudad de México CDMX_files/item.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/olshsdco/public_html/wp-admin/dir/click.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {YARA}webshell_itsec_itsecteam_shell_jHn found for /home/olshsdco/public_html/wp-admin/dir/mah.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/olshsdco/public_html/wp-admin/dir/function.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/olshsdco/public_html/wp-admin/dir/product.php
Sep 30 2024 07:03:31 cp41 maldet(9571): {scan} scan completed on : files 395, malware hits 12, cleaned hits 0, time 13231s
Sep 30 2024 07:03:31 cp41 maldet(9571): {scan} scan report saved, to view run: maldet --report 240930-0323.9571
Sep 30 2024 07:03:31 cp41 maldet(9571): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 240930-0323.9571
Oct 01 2024 03:27:40 cp41 maldet(17272): {update} checking for available updates...
Oct 01 2024 03:27:41 cp41 maldet(17272): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 01 2024 03:27:41 cp41 maldet(17272): {update} hashing install files and checking against server...
Oct 01 2024 03:27:43 cp41 maldet(17272): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 01 2024 03:27:44 cp41 maldet(17272): {update} latest version already installed.
Oct 01 2024 03:27:45 cp41 maldet(17677): {sigup} performing signature update check...
Oct 01 2024 03:27:45 cp41 maldet(17677): {sigup} local signature set is version 202409282086558
Oct 01 2024 03:27:46 cp41 maldet(17677): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 01 2024 03:27:46 cp41 maldet(17677): {sigup} new signature set 20241001551621 available
Oct 01 2024 03:27:46 cp41 maldet(17677): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 01 2024 03:27:47 cp41 maldet(17677): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 01 2024 03:27:47 cp41 maldet(17677): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 01 2024 03:27:47 cp41 maldet(17677): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 01 2024 03:27:48 cp41 maldet(17677): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 01 2024 03:27:52 cp41 maldet(17677): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 01 2024 03:27:52 cp41 maldet(17677): {sigup} verified md5sum of maldet-sigpack.tgz
Oct 01 2024 03:27:53 cp41 maldet(17677): {sigup} unpacked and installed maldet-sigpack.tgz
Oct 01 2024 03:27:53 cp41 maldet(17677): {sigup} verified md5sum of maldet-clean.tgz
Oct 01 2024 03:27:54 cp41 maldet(17677): {sigup} unpacked and installed maldet-clean.tgz
Oct 01 2024 03:27:54 cp41 maldet(17677): {sigup} signature set update completed
Oct 01 2024 03:27:54 cp41 maldet(17677): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 01 2024 03:27:54 cp41 maldet(18328): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 01 2024 03:27:56 cp41 maldet(18328): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 01 2024 03:27:56 cp41 maldet(18328): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 01 2024 03:27:56 cp41 maldet(18328): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 01 2024 03:27:56 cp41 maldet(18328): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 01 2024 10:45:19 cp41 maldet(18328): {scan} file list completed in 26242s, found 245 files...
Oct 01 2024 10:45:19 cp41 maldet(18328): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 01 2024 10:45:19 cp41 maldet(18328): {scan} scan of (245 files) in progress...
Oct 01 2024 10:45:50 cp41 maldet(18328): {hit} malware hit {HEX}php.nested.base64.652 found for /home/gavinsco/public_html/5e2ee/folder/pqhhddfyJ.php
Oct 01 2024 10:45:50 cp41 maldet(18328): {hit} malware hit {YARA}eval_post found for /home/gavinsco/public_html/GavinScott/About_Me_files/MBlAJWL.php
Oct 01 2024 10:45:50 cp41 maldet(18328): {hit} malware hit {HEX}php.nested.base64.652 found for /home/gavinsco/public_html/wp-admin/includes/fonts/met/style-engine/wp/XVjTwAy.php
Oct 01 2024 10:45:51 cp41 maldet(18328): {scan} scan completed on : files 245, malware hits 3, cleaned hits 0, time 26276s
Oct 01 2024 10:45:51 cp41 maldet(18328): {scan} scan report saved, to view run: maldet --report 241001-0327.18328
Oct 01 2024 10:45:51 cp41 maldet(18328): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241001-0327.18328
Oct 02 2024 03:17:27 cp41 maldet(16904): {update} checking for available updates...
Oct 02 2024 03:17:27 cp41 maldet(16904): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 02 2024 03:17:27 cp41 maldet(16904): {update} hashing install files and checking against server...
Oct 02 2024 03:17:28 cp41 maldet(16904): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 02 2024 03:17:28 cp41 maldet(16904): {update} latest version already installed.
Oct 02 2024 03:17:30 cp41 maldet(17067): {sigup} performing signature update check...
Oct 02 2024 03:17:30 cp41 maldet(17067): {sigup} local signature set is version 20241001551621
Oct 02 2024 03:17:31 cp41 maldet(17067): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 02 2024 03:17:31 cp41 maldet(17067): {sigup} latest signature set already installed
Oct 02 2024 03:17:32 cp41 maldet(17227): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 02 2024 03:17:36 cp41 maldet(17227): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 02 2024 03:17:36 cp41 maldet(17227): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 02 2024 03:17:36 cp41 maldet(17227): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 02 2024 03:17:36 cp41 maldet(17227): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 02 2024 06:38:45 cp41 maldet(17227): {scan} file list completed in 12068s, found 180 files...
Oct 02 2024 06:38:45 cp41 maldet(17227): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 02 2024 06:38:45 cp41 maldet(17227): {scan} scan of (180 files) in progress...
Oct 02 2024 06:38:56 cp41 maldet(17227): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Oct 02 2024 06:38:56 cp41 maldet(17227): {scan} scan completed on : files 180, malware hits 0, cleaned hits 0, time 12084s
Oct 02 2024 06:38:56 cp41 maldet(17227): {scan} scan report saved, to view run: maldet --report 241002-0317.17227
Oct 03 2024 03:53:04 cp41 maldet(4434): {update} checking for available updates...
Oct 03 2024 03:53:04 cp41 maldet(4434): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 03 2024 03:53:04 cp41 maldet(4434): {update} hashing install files and checking against server...
Oct 03 2024 03:53:05 cp41 maldet(4434): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 03 2024 03:53:05 cp41 maldet(4434): {update} latest version already installed.
Oct 03 2024 03:53:06 cp41 maldet(4602): {sigup} performing signature update check...
Oct 03 2024 03:53:06 cp41 maldet(4602): {sigup} local signature set is version 20241001551621
Oct 03 2024 03:53:06 cp41 maldet(4602): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 03 2024 03:53:07 cp41 maldet(4602): {sigup} latest signature set already installed
Oct 03 2024 03:53:07 cp41 maldet(4752): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 03 2024 03:53:11 cp41 maldet(4752): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 03 2024 03:53:11 cp41 maldet(4752): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 03 2024 03:53:11 cp41 maldet(4752): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 03 2024 03:53:11 cp41 maldet(4752): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 03 2024 08:39:26 cp41 maldet(4752): {scan} file list completed in 17174s, found 1506 files...
Oct 03 2024 08:39:26 cp41 maldet(4752): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 03 2024 08:39:26 cp41 maldet(4752): {scan} scan of (1506 files) in progress...
Oct 03 2024 08:41:30 cp41 maldet(4752): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Oct 03 2024 08:41:31 cp41 maldet(4752): {scan} scan completed on : files 1506, malware hits 0, cleaned hits 0, time 17303s
Oct 03 2024 08:41:31 cp41 maldet(4752): {scan} scan report saved, to view run: maldet --report 241003-0353.4752
Oct 04 2024 03:38:49 cp41 maldet(731): {update} checking for available updates...
Oct 04 2024 03:38:50 cp41 maldet(731): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 04 2024 03:38:50 cp41 maldet(731): {update} hashing install files and checking against server...
Oct 04 2024 03:38:51 cp41 maldet(731): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 04 2024 03:38:51 cp41 maldet(731): {update} latest version already installed.
Oct 04 2024 03:38:51 cp41 maldet(931): {sigup} performing signature update check...
Oct 04 2024 03:38:51 cp41 maldet(931): {sigup} local signature set is version 20241001551621
Oct 04 2024 03:38:51 cp41 maldet(931): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 04 2024 03:38:52 cp41 maldet(931): {sigup} new signature set 202410041307746 available
Oct 04 2024 03:38:52 cp41 maldet(931): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 04 2024 03:38:52 cp41 maldet(931): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 04 2024 03:38:52 cp41 maldet(931): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 04 2024 03:38:52 cp41 maldet(931): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 04 2024 03:38:53 cp41 maldet(931): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 04 2024 03:38:53 cp41 maldet(931): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 04 2024 03:38:53 cp41 maldet(931): {sigup} verified md5sum of maldet-sigpack.tgz
Oct 04 2024 03:38:54 cp41 maldet(931): {sigup} unpacked and installed maldet-sigpack.tgz
Oct 04 2024 03:38:55 cp41 maldet(931): {sigup} verified md5sum of maldet-clean.tgz
Oct 04 2024 03:38:55 cp41 maldet(931): {sigup} unpacked and installed maldet-clean.tgz
Oct 04 2024 03:38:55 cp41 maldet(931): {sigup} signature set update completed
Oct 04 2024 03:38:55 cp41 maldet(931): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 04 2024 03:39:01 cp41 maldet(1197): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 04 2024 03:39:07 cp41 maldet(1197): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 04 2024 03:39:07 cp41 maldet(1197): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 04 2024 03:39:07 cp41 maldet(1197): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 04 2024 03:39:07 cp41 maldet(1197): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 04 2024 06:13:49 cp41 maldet(1197): {scan} file list completed in 9282s, found 26211 files...
Oct 04 2024 06:13:49 cp41 maldet(1197): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 04 2024 06:13:49 cp41 maldet(1197): {scan} scan of (26211 files) in progress...
Oct 04 2024 06:22:45 cp41 maldet(1197): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Oct 04 2024 06:22:45 cp41 maldet(1197): {scan} scan completed on : files 26211, malware hits 0, cleaned hits 0, time 9824s
Oct 04 2024 06:22:45 cp41 maldet(1197): {scan} scan report saved, to view run: maldet --report 241004-0338.1197
Oct 05 2024 03:30:41 cp41 maldet(21027): {update} checking for available updates...
Oct 05 2024 03:30:45 cp41 maldet(21027): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 05 2024 03:30:45 cp41 maldet(21027): {update} hashing install files and checking against server...
Oct 05 2024 03:30:55 cp41 maldet(21027): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 05 2024 03:30:55 cp41 maldet(21027): {update} latest version already installed.
Oct 05 2024 03:31:03 cp41 maldet(21393): {sigup} performing signature update check...
Oct 05 2024 03:31:03 cp41 maldet(21393): {sigup} local signature set is version 202410041307746
Oct 05 2024 03:31:03 cp41 maldet(21393): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 05 2024 03:31:04 cp41 maldet(21393): {sigup} latest signature set already installed
Oct 05 2024 03:31:08 cp41 maldet(21645): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 05 2024 03:31:14 cp41 maldet(21645): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 05 2024 03:31:14 cp41 maldet(21645): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 05 2024 03:31:14 cp41 maldet(21645): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 05 2024 03:31:14 cp41 maldet(21645): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 05 2024 07:08:26 cp41 maldet(21645): {scan} file list completed in 13031s, found 14113 files...
Oct 05 2024 07:08:26 cp41 maldet(21645): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 05 2024 07:08:26 cp41 maldet(21645): {scan} scan of (14113 files) in progress...
Oct 05 2024 07:27:06 cp41 maldet(21645): {hit} malware hit {HEX}php.exe.globals.416 found for /home/gavinsco/public_html/wp-includes/ppeadg.php
Oct 05 2024 07:27:06 cp41 maldet(21645): {hit} malware hit {YARA}eval_post found for /home/gavinsco/public_html/wp-includes/IXR/style-engine/IXR/QEkeamY.php
Oct 05 2024 07:27:06 cp41 maldet(21645): {hit} malware hit {HEX}php.nested.base64.652 found for /home/gavinsco/public_html/wp-admin/Text/css/languages/certificates/wp/mszoURw.php
Oct 05 2024 07:27:06 cp41 maldet(21645): {scan} scan completed on : files 14113, malware hits 3, cleaned hits 0, time 14157s
Oct 05 2024 07:27:06 cp41 maldet(21645): {scan} scan report saved, to view run: maldet --report 241005-0331.21645
Oct 05 2024 07:27:06 cp41 maldet(21645): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241005-0331.21645
Oct 06 2024 03:21:42 cp41 maldet(32261): {update} checking for available updates...
Oct 06 2024 03:21:42 cp41 maldet(32261): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 06 2024 03:21:42 cp41 maldet(32261): {update} hashing install files and checking against server...
Oct 06 2024 03:21:43 cp41 maldet(32261): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 06 2024 03:21:43 cp41 maldet(32261): {update} latest version already installed.
Oct 06 2024 03:21:43 cp41 maldet(32399): {sigup} performing signature update check...
Oct 06 2024 03:21:43 cp41 maldet(32399): {sigup} local signature set is version 202410041307746
Oct 06 2024 03:21:43 cp41 maldet(32399): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 06 2024 03:21:44 cp41 maldet(32399): {sigup} latest signature set already installed
Oct 06 2024 03:21:44 cp41 maldet(32529): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 06 2024 03:21:47 cp41 maldet(32529): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 06 2024 03:21:47 cp41 maldet(32529): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 06 2024 03:21:47 cp41 maldet(32529): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 06 2024 03:21:47 cp41 maldet(32529): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 06 2024 05:07:16 cp41 maldet(32529): {scan} file list completed in 6329s, found 174 files...
Oct 06 2024 05:07:16 cp41 maldet(32529): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 06 2024 05:07:17 cp41 maldet(32529): {scan} scan of (174 files) in progress...
Oct 06 2024 05:07:24 cp41 maldet(32529): {hit} malware hit {HEX}php.nested.base64.652 found for /home/gavinsco/public_html/wp-includes/images/wp/rCKmB.php
Oct 06 2024 05:07:24 cp41 maldet(32529): {hit} malware hit {HEX}php.exe.globals.416 found for /home/gavinsco/public_html/wp-includes/ysatrj.php
Oct 06 2024 05:07:24 cp41 maldet(32529): {hit} malware hit {HEX}php.nested.base64.652 found for /home/gavinsco/public_html/Gavin_Scott/curriculum_vitae_files/lwRhYdbI.php
Oct 06 2024 05:07:24 cp41 maldet(32529): {hit} malware hit {YARA}eval_post found for /home/gavinsco/public_html/wp-content/Text/apuHVPvp.php
Oct 06 2024 05:07:24 cp41 maldet(32529): {scan} scan completed on : files 174, malware hits 4, cleaned hits 0, time 6340s
Oct 06 2024 05:07:24 cp41 maldet(32529): {scan} scan report saved, to view run: maldet --report 241006-0321.32529
Oct 06 2024 05:07:24 cp41 maldet(32529): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241006-0321.32529
Oct 07 2024 03:14:00 cp41 maldet(19864): {update} checking for available updates...
Oct 07 2024 03:14:00 cp41 maldet(19864): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 07 2024 03:14:00 cp41 maldet(19864): {update} hashing install files and checking against server...
Oct 07 2024 03:14:01 cp41 maldet(19864): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 07 2024 03:14:01 cp41 maldet(19864): {update} latest version already installed.
Oct 07 2024 03:14:01 cp41 maldet(20517): {sigup} performing signature update check...
Oct 07 2024 03:14:01 cp41 maldet(20517): {sigup} local signature set is version 202410041307746
Oct 07 2024 03:14:02 cp41 maldet(20517): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 07 2024 03:14:02 cp41 maldet(20517): {sigup} latest signature set already installed
Oct 07 2024 03:14:03 cp41 maldet(20853): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 07 2024 03:14:05 cp41 maldet(20853): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 07 2024 03:14:05 cp41 maldet(20853): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 07 2024 03:14:05 cp41 maldet(20853): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 07 2024 03:14:05 cp41 maldet(20853): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 07 2024 05:14:39 cp41 maldet(20853): {scan} file list completed in 7234s, found 710 files...
Oct 07 2024 05:14:39 cp41 maldet(20853): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 07 2024 05:14:39 cp41 maldet(20853): {scan} scan of (710 files) in progress...
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {HEX}php.exe.globals.416 found for /home/emthonje/public_html/wp-includes/sytfko.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {YARA}eval_post found for /home/emthonje/public_html/lumbee/js/vwhMONz.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {HEX}php.nested.base64.652 found for /home/emthonje/public_html/Emthonjeni_Arts_Mission/Emthonjeni_&_Sweetwaters/Pages/Emothonjeni_files/FzpipJBF.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {HEX}php.nested.base64.652 found for /home/emthonje/public_html/wp-admin/php/IXR/SimplePie/Text/blocks/ID3/wp/cnSEjZ.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/wp-includes/options.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {YARA}spam_mailer found for /home/ksmanual/public_html/beltfilterpress.com/cache/c/c/h/e/mah.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/ksmanual/public_html/beltfilterpress.com/cache/c/d/h/a/index.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/cache/a/a/g/f/index.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {YARA}spam_mailer found for /home/ksmanual/public_html/beltfilterpress.com/cache/a/d/a/a/index.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/ksmanual/public_html/beltfilterpress.com/cache/h/h/e/b/index.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/cache/h/g/b/c/index.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/cache/h/g/g/e/function.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/ksmanual/public_html/beltfilterpress.com/cache/f/h/d/a/index.php
Oct 07 2024 05:15:12 cp41 maldet(20853): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/cache/f/d/e/g/mah.php
Oct 07 2024 05:15:13 cp41 maldet(20853): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/cache/d/f/h/f/index.php
Oct 07 2024 05:15:13 cp41 maldet(20853): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/cache/g/g/b/b/index.php
Oct 07 2024 05:15:13 cp41 maldet(20853): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/well-known/pki-validation/c/f/b/index.php
Oct 07 2024 05:15:13 cp41 maldet(20853): {hit} malware hit {YARA}spam_mailer found for /home/ksmanual/public_html/beltfilterpress.com/well-known/acme-challenge/c/g/b/index.php
Oct 07 2024 05:15:13 cp41 maldet(20853): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/beltfilterpress.com/well-known/acme-challenge/f/c/g/index.php
Oct 07 2024 05:15:13 cp41 maldet(20853): {scan} scan completed on : files 710, malware hits 19, cleaned hits 0, time 7270s
Oct 07 2024 05:15:13 cp41 maldet(20853): {scan} scan report saved, to view run: maldet --report 241007-0314.20853
Oct 07 2024 05:15:13 cp41 maldet(20853): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241007-0314.20853
Oct 08 2024 03:13:37 cp41 maldet(18932): {update} checking for available updates...
Oct 08 2024 03:13:37 cp41 maldet(18932): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 08 2024 03:13:37 cp41 maldet(18932): {update} hashing install files and checking against server...
Oct 08 2024 03:13:37 cp41 maldet(18932): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 08 2024 03:13:37 cp41 maldet(18932): {update} latest version already installed.
Oct 08 2024 03:13:37 cp41 maldet(19102): {sigup} performing signature update check...
Oct 08 2024 03:13:37 cp41 maldet(19102): {sigup} local signature set is version 202410041307746
Oct 08 2024 03:13:38 cp41 maldet(19102): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 08 2024 03:13:38 cp41 maldet(19102): {sigup} new signature set 202410072062761 available
Oct 08 2024 03:13:38 cp41 maldet(19102): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 08 2024 03:13:38 cp41 maldet(19102): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 08 2024 03:13:39 cp41 maldet(19102): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 08 2024 03:13:39 cp41 maldet(19102): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 08 2024 03:13:39 cp41 maldet(19102): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 08 2024 03:13:39 cp41 maldet(19102): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 08 2024 03:13:39 cp41 maldet(19102): {sigup} verified md5sum of maldet-sigpack.tgz
Oct 08 2024 03:13:40 cp41 maldet(19102): {sigup} unpacked and installed maldet-sigpack.tgz
Oct 08 2024 03:13:40 cp41 maldet(19102): {sigup} verified md5sum of maldet-clean.tgz
Oct 08 2024 03:13:40 cp41 maldet(19102): {sigup} unpacked and installed maldet-clean.tgz
Oct 08 2024 03:13:40 cp41 maldet(19102): {sigup} signature set update completed
Oct 08 2024 03:13:40 cp41 maldet(19102): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 08 2024 03:13:40 cp41 maldet(19471): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 08 2024 03:13:41 cp41 maldet(19471): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 08 2024 03:13:41 cp41 maldet(19471): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 08 2024 03:13:41 cp41 maldet(19471): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 08 2024 03:13:41 cp41 maldet(19471): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 08 2024 05:16:16 cp41 maldet(19471): {scan} file list completed in 7355s, found 30132 files...
Oct 08 2024 05:16:16 cp41 maldet(19471): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 08 2024 05:16:16 cp41 maldet(19471): {scan} scan of (30132 files) in progress...
Oct 08 2024 05:17:46 cp41 maldet(19471): {hit} malware hit {HEX}php.base64.inject.182 found for /home/mcdesign/public_html/well-known/acme-challenge/a/d/g/c/index.zip
Oct 08 2024 05:17:46 cp41 maldet(19471): {hit} malware hit {HEX}php.base64.inject.182 found for /home/mcdesign/public_html/well-known/acme-challenge/b/b/d/a/index.zip
Oct 08 2024 05:17:46 cp41 maldet(19471): {hit} malware hit {HEX}php.nested.base64.663 found for /home/mcdesign/public_html/well-known/acme-challenge/g/a/e/index.php
Oct 08 2024 05:17:46 cp41 maldet(19471): {scan} scan completed on : files 30132, malware hits 3, cleaned hits 0, time 7446s
Oct 08 2024 05:17:46 cp41 maldet(19471): {scan} scan report saved, to view run: maldet --report 241008-0313.19471
Oct 08 2024 05:17:46 cp41 maldet(19471): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241008-0313.19471
Oct 09 2024 03:34:28 cp41 maldet(1068): {update} checking for available updates...
Oct 09 2024 03:34:28 cp41 maldet(1068): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 09 2024 03:34:28 cp41 maldet(1068): {update} hashing install files and checking against server...
Oct 09 2024 03:34:30 cp41 maldet(1068): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 09 2024 03:34:30 cp41 maldet(1068): {update} latest version already installed.
Oct 09 2024 03:34:32 cp41 maldet(1267): {sigup} performing signature update check...
Oct 09 2024 03:34:32 cp41 maldet(1267): {sigup} local signature set is version 202410072062761
Oct 09 2024 03:34:33 cp41 maldet(1267): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 09 2024 03:34:33 cp41 maldet(1267): {sigup} latest signature set already installed
Oct 09 2024 03:34:35 cp41 maldet(1421): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 09 2024 03:34:39 cp41 maldet(1421): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 09 2024 03:34:39 cp41 maldet(1421): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 09 2024 03:34:39 cp41 maldet(1421): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 09 2024 03:34:39 cp41 maldet(1421): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 09 2024 07:03:18 cp41 maldet(1421): {scan} file list completed in 12518s, found 60127 files...
Oct 09 2024 07:03:18 cp41 maldet(1421): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 09 2024 07:03:18 cp41 maldet(1421): {scan} scan of (60127 files) in progress...
Oct 09 2024 07:15:02 cp41 maldet(1421): {hit} malware hit {HEX}php.base64.inject.182 found for /home/ksmanual/public_html/komline.co.uk/install.php
Oct 09 2024 07:15:02 cp41 maldet(1421): {scan} scan completed on : files 60127, malware hits 1, cleaned hits 0, time 13227s
Oct 09 2024 07:15:02 cp41 maldet(1421): {scan} scan report saved, to view run: maldet --report 241009-0334.1421
Oct 09 2024 07:15:02 cp41 maldet(1421): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241009-0334.1421
Oct 10 2024 03:48:04 cp41 maldet(14827): {update} checking for available updates...
Oct 10 2024 03:48:04 cp41 maldet(14827): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 10 2024 03:48:04 cp41 maldet(14827): {update} hashing install files and checking against server...
Oct 10 2024 03:48:06 cp41 maldet(14827): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 10 2024 03:48:06 cp41 maldet(14827): {update} latest version already installed.
Oct 10 2024 03:48:06 cp41 maldet(15186): {sigup} performing signature update check...
Oct 10 2024 03:48:06 cp41 maldet(15186): {sigup} local signature set is version 202410072062761
Oct 10 2024 03:48:07 cp41 maldet(15186): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 10 2024 03:48:07 cp41 maldet(15186): {sigup} new signature set 202410102917829 available
Oct 10 2024 03:48:07 cp41 maldet(15186): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 10 2024 03:48:07 cp41 maldet(15186): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 10 2024 03:48:10 cp41 maldet(15186): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 10 2024 03:48:10 cp41 maldet(15186): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 10 2024 03:48:10 cp41 maldet(15186): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 10 2024 03:48:11 cp41 maldet(15186): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 10 2024 03:48:11 cp41 maldet(15186): {sigup} verified md5sum of maldet-sigpack.tgz
Oct 10 2024 03:48:12 cp41 maldet(15186): {sigup} unpacked and installed maldet-sigpack.tgz
Oct 10 2024 03:48:13 cp41 maldet(15186): {sigup} verified md5sum of maldet-clean.tgz
Oct 10 2024 03:48:13 cp41 maldet(15186): {sigup} unpacked and installed maldet-clean.tgz
Oct 10 2024 03:48:13 cp41 maldet(15186): {sigup} signature set update completed
Oct 10 2024 03:48:13 cp41 maldet(15186): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 10 2024 03:48:13 cp41 maldet(15528): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 10 2024 03:48:15 cp41 maldet(15528): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 10 2024 03:48:15 cp41 maldet(15528): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 10 2024 03:48:15 cp41 maldet(15528): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 10 2024 03:48:15 cp41 maldet(15528): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 10 2024 09:38:01 cp41 maldet(15528): {scan} file list completed in 20985s, found 11208 files...
Oct 10 2024 09:38:01 cp41 maldet(15528): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 10 2024 09:38:01 cp41 maldet(15528): {scan} scan of (11208 files) in progress...
Oct 10 2024 09:47:19 cp41 maldet(15528): {scan} scan completed on : files 11208, malware hits 0, cleaned hits 0, time 21546s
Oct 10 2024 09:47:19 cp41 maldet(15528): {scan} scan report saved, to view run: maldet --report 241010-0348.15528
Oct 11 2024 03:40:16 cp41 maldet(25920): {update} checking for available updates...
Oct 11 2024 03:40:17 cp41 maldet(25920): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 11 2024 03:40:17 cp41 maldet(25920): {update} hashing install files and checking against server...
Oct 11 2024 03:40:17 cp41 maldet(25920): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 11 2024 03:40:17 cp41 maldet(25920): {update} latest version already installed.
Oct 11 2024 03:40:21 cp41 maldet(26074): {sigup} performing signature update check...
Oct 11 2024 03:40:21 cp41 maldet(26074): {sigup} local signature set is version 202410102917829
Oct 11 2024 03:40:21 cp41 maldet(26074): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 11 2024 03:40:22 cp41 maldet(26074): {sigup} latest signature set already installed
Oct 11 2024 03:40:26 cp41 maldet(26260): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 11 2024 03:40:33 cp41 maldet(26260): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 11 2024 03:40:33 cp41 maldet(26260): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 11 2024 03:40:33 cp41 maldet(26260): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 11 2024 03:40:33 cp41 maldet(26260): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 11 2024 09:53:46 cp41 maldet(26260): {scan} file list completed in 22392s, found 58 files...
Oct 11 2024 09:53:46 cp41 maldet(26260): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 11 2024 09:53:46 cp41 maldet(26260): {scan} scan of (58 files) in progress...
Oct 11 2024 09:53:51 cp41 maldet(26260): {scan} scan completed on : files 58, malware hits 0, cleaned hits 0, time 22405s
Oct 11 2024 09:53:51 cp41 maldet(26260): {scan} scan report saved, to view run: maldet --report 241011-0340.26260
Oct 12 2024 03:30:48 cp41 maldet(24147): {update} checking for available updates...
Oct 12 2024 03:30:48 cp41 maldet(24147): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 12 2024 03:30:48 cp41 maldet(24147): {update} hashing install files and checking against server...
Oct 12 2024 03:30:49 cp41 maldet(24147): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 12 2024 03:30:49 cp41 maldet(24147): {update} latest version already installed.
Oct 12 2024 03:30:50 cp41 maldet(24378): {sigup} performing signature update check...
Oct 12 2024 03:30:50 cp41 maldet(24378): {sigup} local signature set is version 202410102917829
Oct 12 2024 03:30:50 cp41 maldet(24378): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 12 2024 03:30:51 cp41 maldet(24378): {sigup} latest signature set already installed
Oct 12 2024 03:30:52 cp41 maldet(24510): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 12 2024 03:31:03 cp41 maldet(24510): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 12 2024 03:31:03 cp41 maldet(24510): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 12 2024 03:31:03 cp41 maldet(24510): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 12 2024 03:31:03 cp41 maldet(24510): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 12 2024 10:28:17 cp41 maldet(24510): {scan} file list completed in 25034s, found 52 files...
Oct 12 2024 10:28:17 cp41 maldet(24510): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 12 2024 10:28:17 cp41 maldet(24510): {scan} scan of (52 files) in progress...
Oct 12 2024 10:28:23 cp41 maldet(24510): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Oct 12 2024 10:28:23 cp41 maldet(24510): {scan} scan completed on : files 52, malware hits 0, cleaned hits 0, time 25051s
Oct 12 2024 10:28:23 cp41 maldet(24510): {scan} scan report saved, to view run: maldet --report 241012-0330.24510
Oct 13 2024 03:17:22 cp41 maldet(27837): {update} checking for available updates...
Oct 13 2024 03:17:22 cp41 maldet(27837): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 13 2024 03:17:22 cp41 maldet(27837): {update} hashing install files and checking against server...
Oct 13 2024 03:17:23 cp41 maldet(27837): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 13 2024 03:17:23 cp41 maldet(27837): {update} latest version already installed.
Oct 13 2024 03:17:24 cp41 maldet(28004): {sigup} performing signature update check...
Oct 13 2024 03:17:24 cp41 maldet(28004): {sigup} local signature set is version 202410102917829
Oct 13 2024 03:17:24 cp41 maldet(28004): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 13 2024 03:17:25 cp41 maldet(28004): {sigup} new signature set 202410133691617 available
Oct 13 2024 03:17:25 cp41 maldet(28004): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 13 2024 03:17:25 cp41 maldet(28004): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 13 2024 03:17:26 cp41 maldet(28004): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 13 2024 03:17:26 cp41 maldet(28004): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 13 2024 03:17:26 cp41 maldet(28004): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 13 2024 03:17:26 cp41 maldet(28004): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 13 2024 03:17:26 cp41 maldet(28004): {sigup} verified md5sum of maldet-sigpack.tgz
Oct 13 2024 03:17:29 cp41 maldet(28004): {sigup} unpacked and installed maldet-sigpack.tgz
Oct 13 2024 03:17:29 cp41 maldet(28004): {sigup} verified md5sum of maldet-clean.tgz
Oct 13 2024 03:17:29 cp41 maldet(28004): {sigup} unpacked and installed maldet-clean.tgz
Oct 13 2024 03:17:29 cp41 maldet(28004): {sigup} signature set update completed
Oct 13 2024 03:17:29 cp41 maldet(28004): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 13 2024 03:17:29 cp41 maldet(28318): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 13 2024 03:17:30 cp41 maldet(28318): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 13 2024 03:17:30 cp41 maldet(28318): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 13 2024 03:17:30 cp41 maldet(28318): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 13 2024 03:17:30 cp41 maldet(28318): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 13 2024 09:44:01 cp41 maldet(28318): {scan} file list completed in 23190s, found 41 files...
Oct 13 2024 09:44:01 cp41 maldet(28318): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 13 2024 09:44:01 cp41 maldet(28318): {scan} scan of (41 files) in progress...
Oct 13 2024 09:44:13 cp41 maldet(28318): {scan} scan completed on : files 41, malware hits 0, cleaned hits 0, time 23204s
Oct 13 2024 09:44:13 cp41 maldet(28318): {scan} scan report saved, to view run: maldet --report 241013-0317.28318
Oct 14 2024 03:30:54 cp41 maldet(24741): {update} checking for available updates...
Oct 14 2024 03:30:54 cp41 maldet(24741): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 14 2024 03:30:54 cp41 maldet(24741): {update} hashing install files and checking against server...
Oct 14 2024 03:30:55 cp41 maldet(24741): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 14 2024 03:30:55 cp41 maldet(24741): {update} latest version already installed.
Oct 14 2024 03:30:58 cp41 maldet(24908): {sigup} performing signature update check...
Oct 14 2024 03:30:58 cp41 maldet(24908): {sigup} local signature set is version 202410133691617
Oct 14 2024 03:30:58 cp41 maldet(24908): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 14 2024 03:30:58 cp41 maldet(24908): {sigup} latest signature set already installed
Oct 14 2024 03:31:01 cp41 maldet(25043): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 14 2024 03:31:04 cp41 maldet(25043): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 14 2024 03:31:04 cp41 maldet(25043): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 14 2024 03:31:04 cp41 maldet(25043): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 14 2024 03:31:04 cp41 maldet(25043): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 14 2024 10:54:09 cp41 maldet(25043): {scan} file list completed in 26584s, found 28 files...
Oct 14 2024 10:54:09 cp41 maldet(25043): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 14 2024 10:54:09 cp41 maldet(25043): {scan} scan of (28 files) in progress...
Oct 14 2024 10:54:14 cp41 maldet(25043): {scan} scan completed on : files 28, malware hits 0, cleaned hits 0, time 26593s
Oct 14 2024 10:54:14 cp41 maldet(25043): {scan} scan report saved, to view run: maldet --report 241014-0330.25043
Oct 15 2024 03:46:49 cp41 maldet(29451): {update} checking for available updates...
Oct 15 2024 03:46:50 cp41 maldet(29451): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 15 2024 03:46:50 cp41 maldet(29451): {update} hashing install files and checking against server...
Oct 15 2024 03:46:50 cp41 maldet(29451): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 15 2024 03:46:51 cp41 maldet(29451): {update} latest version already installed.
Oct 15 2024 03:46:54 cp41 maldet(29631): {sigup} performing signature update check...
Oct 15 2024 03:46:54 cp41 maldet(29631): {sigup} local signature set is version 202410133691617
Oct 15 2024 03:46:54 cp41 maldet(29631): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 15 2024 03:46:55 cp41 maldet(29631): {sigup} latest signature set already installed
Oct 15 2024 03:46:57 cp41 maldet(29795): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 15 2024 03:46:59 cp41 maldet(29795): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 15 2024 03:46:59 cp41 maldet(29795): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 15 2024 03:46:59 cp41 maldet(29795): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 15 2024 03:46:59 cp41 maldet(29795): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 15 2024 10:23:20 cp41 maldet(29795): {scan} file list completed in 23781s, found 86 files...
Oct 15 2024 10:23:20 cp41 maldet(29795): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 15 2024 10:23:20 cp41 maldet(29795): {scan} scan of (86 files) in progress...
Oct 15 2024 10:23:29 cp41 maldet(29795): {scan} scan completed on : files 86, malware hits 0, cleaned hits 0, time 23792s
Oct 15 2024 10:23:29 cp41 maldet(29795): {scan} scan report saved, to view run: maldet --report 241015-0346.29795
Oct 16 2024 03:45:44 cp41 maldet(26367): {update} checking for available updates...
Oct 16 2024 03:45:44 cp41 maldet(26367): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 16 2024 03:45:44 cp41 maldet(26367): {update} hashing install files and checking against server...
Oct 16 2024 03:45:45 cp41 maldet(26367): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 16 2024 03:45:45 cp41 maldet(26367): {update} latest version already installed.
Oct 16 2024 03:45:46 cp41 maldet(26530): {sigup} performing signature update check...
Oct 16 2024 03:45:46 cp41 maldet(26530): {sigup} local signature set is version 202410133691617
Oct 16 2024 03:45:46 cp41 maldet(26530): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 16 2024 03:45:47 cp41 maldet(26530): {sigup} new signature set 20241016273515 available
Oct 16 2024 03:45:47 cp41 maldet(26530): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 16 2024 03:45:47 cp41 maldet(26530): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 16 2024 03:45:48 cp41 maldet(26530): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 16 2024 03:45:48 cp41 maldet(26530): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 16 2024 03:45:48 cp41 maldet(26530): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 16 2024 03:45:48 cp41 maldet(26530): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 16 2024 03:45:48 cp41 maldet(26530): {sigup} verified md5sum of maldet-sigpack.tgz
Oct 16 2024 03:45:49 cp41 maldet(26530): {sigup} unpacked and installed maldet-sigpack.tgz
Oct 16 2024 03:45:49 cp41 maldet(26530): {sigup} verified md5sum of maldet-clean.tgz
Oct 16 2024 03:45:49 cp41 maldet(26530): {sigup} unpacked and installed maldet-clean.tgz
Oct 16 2024 03:45:49 cp41 maldet(26530): {sigup} signature set update completed
Oct 16 2024 03:45:50 cp41 maldet(26530): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 16 2024 03:45:50 cp41 maldet(26818): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 16 2024 03:45:51 cp41 maldet(26818): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 16 2024 03:45:51 cp41 maldet(26818): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 16 2024 03:45:51 cp41 maldet(26818): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 16 2024 03:45:51 cp41 maldet(26818): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 16 2024 10:28:41 cp41 maldet(26818): {scan} file list completed in 24170s, found 81 files...
Oct 16 2024 10:28:41 cp41 maldet(26818): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 16 2024 10:28:41 cp41 maldet(26818): {scan} scan of (81 files) in progress...
Oct 16 2024 10:28:50 cp41 maldet(26818): {scan} scan completed on : files 81, malware hits 0, cleaned hits 0, time 24180s
Oct 16 2024 10:28:50 cp41 maldet(26818): {scan} scan report saved, to view run: maldet --report 241016-0345.26818
Oct 17 2024 03:50:26 cp41 maldet(20174): {update} checking for available updates...
Oct 17 2024 03:50:26 cp41 maldet(20174): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 17 2024 03:50:26 cp41 maldet(20174): {update} hashing install files and checking against server...
Oct 17 2024 03:50:27 cp41 maldet(20174): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 17 2024 03:50:27 cp41 maldet(20174): {update} latest version already installed.
Oct 17 2024 03:50:27 cp41 maldet(20333): {sigup} performing signature update check...
Oct 17 2024 03:50:27 cp41 maldet(20333): {sigup} local signature set is version 202410133691617
Oct 17 2024 03:50:27 cp41 maldet(20333): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 17 2024 03:50:28 cp41 maldet(20333): {sigup} new signature set 20241016273515 available
Oct 17 2024 03:50:28 cp41 maldet(20333): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 17 2024 03:50:28 cp41 maldet(20333): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 17 2024 03:50:28 cp41 maldet(20333): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 17 2024 03:50:28 cp41 maldet(20333): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 17 2024 03:50:29 cp41 maldet(20333): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 17 2024 03:50:29 cp41 maldet(20333): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 17 2024 03:50:29 cp41 maldet(20333): {sigup} verified md5sum of maldet-sigpack.tgz
Oct 17 2024 03:50:32 cp41 maldet(20333): {sigup} unpacked and installed maldet-sigpack.tgz
Oct 17 2024 03:50:32 cp41 maldet(20333): {sigup} verified md5sum of maldet-clean.tgz
Oct 17 2024 03:50:32 cp41 maldet(20333): {sigup} unpacked and installed maldet-clean.tgz
Oct 17 2024 03:50:32 cp41 maldet(20333): {sigup} signature set update completed
Oct 17 2024 03:50:33 cp41 maldet(20333): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 17 2024 03:50:33 cp41 maldet(20635): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 17 2024 03:50:35 cp41 maldet(20635): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 17 2024 03:50:35 cp41 maldet(20635): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 17 2024 03:50:35 cp41 maldet(20635): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 17 2024 03:50:35 cp41 maldet(20635): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 17 2024 06:51:40 cp41 maldet(20635): {scan} file list completed in 10865s, found 107 files...
Oct 17 2024 06:51:40 cp41 maldet(20635): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 17 2024 06:51:40 cp41 maldet(20635): {scan} scan of (107 files) in progress...
Oct 17 2024 06:51:43 cp41 maldet(20635): {scan} scan completed on : files 107, malware hits 0, cleaned hits 0, time 10870s
Oct 17 2024 06:51:43 cp41 maldet(20635): {scan} scan report saved, to view run: maldet --report 241017-0350.20635
Oct 18 2024 03:32:59 cp41 maldet(1521): {update} checking for available updates...
Oct 18 2024 03:32:59 cp41 maldet(1521): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 18 2024 03:32:59 cp41 maldet(1521): {update} hashing install files and checking against server...
Oct 18 2024 03:33:00 cp41 maldet(1521): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 18 2024 03:33:00 cp41 maldet(1521): {update} latest version already installed.
Oct 18 2024 03:33:04 cp41 maldet(1707): {sigup} performing signature update check...
Oct 18 2024 03:33:04 cp41 maldet(1707): {sigup} local signature set is version 20241016273515
Oct 18 2024 03:33:07 cp41 maldet(1707): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 18 2024 03:33:10 cp41 maldet(1707): {sigup} latest signature set already installed
Oct 18 2024 03:33:13 cp41 maldet(2003): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 18 2024 03:33:16 cp41 maldet(2003): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 18 2024 03:33:16 cp41 maldet(2003): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 18 2024 03:33:16 cp41 maldet(2003): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 18 2024 03:33:16 cp41 maldet(2003): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 18 2024 08:40:34 cp41 maldet(2003): {scan} file list completed in 18437s, found 415 files...
Oct 18 2024 08:40:34 cp41 maldet(2003): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 18 2024 08:40:34 cp41 maldet(2003): {scan} scan of (415 files) in progress...
Oct 18 2024 08:41:12 cp41 maldet(2003): {hit} malware hit {HEX}php.exe.globals.416 found for /home/emthonje/public_html/wp-includes/sytfko.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {YARA}eval_post found for /home/emthonje/public_html/wp.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {HEX}php.nested.base64.652 found for /home/emthonje/public_html/.well-known/pki-validation/class.api.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {HEX}php.base64.inject.182 found for /home/emthonje/public_html/.well-known/pki-validation/rafa.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/ap2ws/__MACOSX/uber.com_es/req/options.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/ap2ws/uber.com_es/req/click.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {YARA}multiple_php_webshells found for /home/olshsdco/public_html/ap2ws/uber.com_es/req/function.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {HEX}php.base64.inject.182 found for /home/olshsdco/public_html/function.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {YARA}multiple_php_webshells found for /home/olshsdco/public_html/La Vaca de Oro, heladerÃa en la Ciudad de México CDMX_files/item.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/olshsdco/public_html/wp-admin/dir/click.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {YARA}webshell_itsec_itsecteam_shell_jHn found for /home/olshsdco/public_html/wp-admin/dir/mah.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/olshsdco/public_html/wp-admin/dir/function.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/olshsdco/public_html/wp-admin/dir/product.php
Oct 18 2024 08:41:13 cp41 maldet(2003): {scan} scan completed on : files 415, malware hits 13, cleaned hits 0, time 18480s
Oct 18 2024 08:41:13 cp41 maldet(2003): {scan} scan report saved, to view run: maldet --report 241018-0333.2003
Oct 18 2024 08:41:13 cp41 maldet(2003): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241018-0333.2003
Oct 19 2024 03:14:11 cp41 maldet(25985): {update} checking for available updates...
Oct 19 2024 03:14:11 cp41 maldet(25985): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 19 2024 03:14:11 cp41 maldet(25985): {update} hashing install files and checking against server...
Oct 19 2024 03:14:12 cp41 maldet(25985): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 19 2024 03:14:12 cp41 maldet(25985): {update} latest version already installed.
Oct 19 2024 03:14:12 cp41 maldet(26240): {sigup} performing signature update check...
Oct 19 2024 03:14:12 cp41 maldet(26240): {sigup} local signature set is version 20241016273515
Oct 19 2024 03:14:12 cp41 maldet(26240): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 19 2024 03:14:13 cp41 maldet(26240): {sigup} new signature set 20241019573743 available
Oct 19 2024 03:14:13 cp41 maldet(26240): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 19 2024 03:14:14 cp41 maldet(26240): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 19 2024 03:14:14 cp41 maldet(26240): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 19 2024 03:14:14 cp41 maldet(26240): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 19 2024 03:14:14 cp41 maldet(26240): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 19 2024 03:14:15 cp41 maldet(26240): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 19 2024 03:14:15 cp41 maldet(26240): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
Oct 19 2024 03:14:15 cp41 maldet(26240): {sigup} verified md5sum of maldet-clean.tgz
Oct 19 2024 03:14:15 cp41 maldet(26240): {sigup} unpacked and installed maldet-clean.tgz
Oct 19 2024 03:14:15 cp41 maldet(26482): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 19 2024 03:14:19 cp41 maldet(26482): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 19 2024 03:14:19 cp41 maldet(26482): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 19 2024 03:14:19 cp41 maldet(26482): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 19 2024 03:14:19 cp41 maldet(26482): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 19 2024 07:54:51 cp41 maldet(26482): {scan} file list completed in 16831s, found 183 files...
Oct 19 2024 07:54:51 cp41 maldet(26482): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 19 2024 07:54:51 cp41 maldet(26482): {scan} scan of (183 files) in progress...
Oct 19 2024 07:54:56 cp41 maldet(26482): {hit} malware hit {HEX}php.exe.globals.416 found for /home/emthonje/public_html/wp-includes/sytfko.php
Oct 19 2024 07:54:56 cp41 maldet(26482): {hit} malware hit {YARA}eval_post found for /home/emthonje/public_html/wp.php
Oct 19 2024 07:54:56 cp41 maldet(26482): {hit} malware hit {HEX}php.nested.base64.652 found for /home/emthonje/public_html/.well-known/pki-validation/class.api.php
Oct 19 2024 07:54:56 cp41 maldet(26482): {hit} malware hit {HEX}php.generic.malware.447 found for /home/philosof/public_html/index.php
Oct 19 2024 07:54:56 cp41 maldet(26482): {scan} scan completed on : files 183, malware hits 4, cleaned hits 0, time 16841s
Oct 19 2024 07:54:56 cp41 maldet(26482): {scan} scan report saved, to view run: maldet --report 241019-0314.26482
Oct 19 2024 07:54:56 cp41 maldet(26482): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241019-0314.26482
Oct 20 2024 03:53:17 cp41 maldet(622): {update} checking for available updates...
Oct 20 2024 03:53:17 cp41 maldet(622): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 20 2024 03:53:17 cp41 maldet(622): {update} hashing install files and checking against server...
Oct 20 2024 03:53:18 cp41 maldet(622): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 20 2024 03:53:18 cp41 maldet(622): {update} latest version already installed.
Oct 20 2024 03:53:18 cp41 maldet(774): {sigup} performing signature update check...
Oct 20 2024 03:53:18 cp41 maldet(774): {sigup} local signature set is version 20241016273515
Oct 20 2024 03:53:18 cp41 maldet(774): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 20 2024 03:53:19 cp41 maldet(774): {sigup} new signature set 20241019573743 available
Oct 20 2024 03:53:19 cp41 maldet(774): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 20 2024 03:53:19 cp41 maldet(774): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 20 2024 03:53:20 cp41 maldet(774): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 20 2024 03:53:20 cp41 maldet(774): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 20 2024 03:53:20 cp41 maldet(774): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 20 2024 03:53:20 cp41 maldet(774): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 20 2024 03:53:20 cp41 maldet(774): {sigup} verified md5sum of maldet-sigpack.tgz
Oct 20 2024 03:53:25 cp41 maldet(774): {sigup} unpacked and installed maldet-sigpack.tgz
Oct 20 2024 03:53:25 cp41 maldet(774): {sigup} verified md5sum of maldet-clean.tgz
Oct 20 2024 03:53:25 cp41 maldet(774): {sigup} unpacked and installed maldet-clean.tgz
Oct 20 2024 03:53:25 cp41 maldet(774): {sigup} signature set update completed
Oct 20 2024 03:53:25 cp41 maldet(774): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 20 2024 03:53:26 cp41 maldet(1147): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 20 2024 03:53:27 cp41 maldet(1147): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 20 2024 03:53:27 cp41 maldet(1147): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 20 2024 03:53:27 cp41 maldet(1147): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 20 2024 03:53:27 cp41 maldet(1147): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 20 2024 07:39:57 cp41 maldet(1147): {scan} file list completed in 13590s, found 143 files...
Oct 20 2024 07:39:57 cp41 maldet(1147): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 20 2024 07:39:57 cp41 maldet(1147): {scan} scan of (143 files) in progress...
Oct 20 2024 07:40:02 cp41 maldet(1147): {scan} scan completed on : files 143, malware hits 0, cleaned hits 0, time 13596s
Oct 20 2024 07:40:02 cp41 maldet(1147): {scan} scan report saved, to view run: maldet --report 241020-0353.1147
Oct 21 2024 03:13:11 cp41 maldet(6606): {update} checking for available updates...
Oct 21 2024 03:13:12 cp41 maldet(6606): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 21 2024 03:13:12 cp41 maldet(6606): {update} hashing install files and checking against server...
Oct 21 2024 03:13:12 cp41 maldet(6606): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 21 2024 03:13:12 cp41 maldet(6606): {update} latest version already installed.
Oct 21 2024 03:13:12 cp41 maldet(6772): {sigup} performing signature update check...
Oct 21 2024 03:13:12 cp41 maldet(6772): {sigup} local signature set is version 20241019573743
Oct 21 2024 03:13:12 cp41 maldet(6772): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 21 2024 03:13:13 cp41 maldet(6772): {sigup} latest signature set already installed
Oct 21 2024 03:13:14 cp41 maldet(6923): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 21 2024 03:13:15 cp41 maldet(6923): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 21 2024 03:13:15 cp41 maldet(6923): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 21 2024 03:13:15 cp41 maldet(6923): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 21 2024 03:13:15 cp41 maldet(6923): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 21 2024 05:33:12 cp41 maldet(6923): {scan} file list completed in 8396s, found 103 files...
Oct 21 2024 05:33:12 cp41 maldet(6923): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 21 2024 05:33:12 cp41 maldet(6923): {scan} scan of (103 files) in progress...
Oct 21 2024 05:33:26 cp41 maldet(6923): {hit} malware hit {HEX}php.generic.malware.447 found for /home/philosof/public_html/index.php
Oct 21 2024 05:33:27 cp41 maldet(6923): {hit} malware hit {HEX}php.cmdshell.generic.280 found for /home/pipedrea/public_html/mah/WSOxEnigma.php
Oct 21 2024 05:33:27 cp41 maldet(6923): {scan} scan completed on : files 103, malware hits 2, cleaned hits 0, time 8413s
Oct 21 2024 05:33:27 cp41 maldet(6923): {scan} scan report saved, to view run: maldet --report 241021-0313.6923
Oct 21 2024 05:33:27 cp41 maldet(6923): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241021-0313.6923
Oct 22 2024 03:59:12 cp41 maldet(25911): {update} checking for available updates...
Oct 22 2024 03:59:13 cp41 maldet(25911): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 22 2024 03:59:13 cp41 maldet(25911): {update} hashing install files and checking against server...
Oct 22 2024 03:59:15 cp41 maldet(25911): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 22 2024 03:59:15 cp41 maldet(25911): {update} latest version already installed.
Oct 22 2024 03:59:17 cp41 maldet(26081): {sigup} performing signature update check...
Oct 22 2024 03:59:17 cp41 maldet(26081): {sigup} local signature set is version 20241019573743
Oct 22 2024 03:59:18 cp41 maldet(26081): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 22 2024 03:59:19 cp41 maldet(26081): {sigup} latest signature set already installed
Oct 22 2024 03:59:22 cp41 maldet(26198): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 22 2024 03:59:25 cp41 maldet(26198): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 22 2024 03:59:25 cp41 maldet(26198): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 22 2024 03:59:25 cp41 maldet(26198): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 22 2024 03:59:25 cp41 maldet(26198): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 22 2024 10:54:10 cp41 maldet(26198): {scan} file list completed in 24884s, found 148 files...
Oct 22 2024 10:54:10 cp41 maldet(26198): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 22 2024 10:54:10 cp41 maldet(26198): {scan} scan of (148 files) in progress...
Oct 22 2024 10:54:18 cp41 maldet(26198): {scan} scan completed on : files 148, malware hits 0, cleaned hits 0, time 24896s
Oct 22 2024 10:54:18 cp41 maldet(26198): {scan} scan report saved, to view run: maldet --report 241022-0359.26198
Oct 23 2024 03:45:10 cp41 maldet(3617): {update} checking for available updates...
Oct 23 2024 03:45:12 cp41 maldet(3617): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 23 2024 03:45:12 cp41 maldet(3617): {update} hashing install files and checking against server...
Oct 23 2024 03:45:14 cp41 maldet(3617): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 23 2024 03:45:14 cp41 maldet(3617): {update} latest version already installed.
Oct 23 2024 03:45:19 cp41 maldet(3864): {sigup} performing signature update check...
Oct 23 2024 03:45:19 cp41 maldet(3864): {sigup} local signature set is version 20241019573743
Oct 23 2024 03:45:20 cp41 maldet(3864): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 23 2024 03:45:21 cp41 maldet(3864): {sigup} latest signature set already installed
Oct 23 2024 03:45:21 cp41 maldet(4076): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 23 2024 03:45:23 cp41 maldet(4076): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 23 2024 03:45:23 cp41 maldet(4076): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 23 2024 03:45:23 cp41 maldet(4076): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 23 2024 03:45:23 cp41 maldet(4076): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 23 2024 07:20:58 cp41 maldet(4076): {scan} file list completed in 12934s, found 93 files...
Oct 23 2024 07:20:58 cp41 maldet(4076): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 23 2024 07:20:58 cp41 maldet(4076): {scan} scan of (93 files) in progress...
Oct 23 2024 07:21:07 cp41 maldet(4076): {scan} scan completed on : files 93, malware hits 0, cleaned hits 0, time 12945s
Oct 23 2024 07:21:07 cp41 maldet(4076): {scan} scan report saved, to view run: maldet --report 241023-0345.4076
Oct 24 2024 03:37:37 cp41 maldet(19343): {update} checking for available updates...
Oct 24 2024 03:37:37 cp41 maldet(19343): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 24 2024 03:37:37 cp41 maldet(19343): {update} hashing install files and checking against server...
Oct 24 2024 03:37:37 cp41 maldet(19343): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 24 2024 03:37:37 cp41 maldet(19343): {update} latest version already installed.
Oct 24 2024 03:37:37 cp41 maldet(19507): {sigup} performing signature update check...
Oct 24 2024 03:37:37 cp41 maldet(19507): {sigup} local signature set is version 20241019573743
Oct 24 2024 03:37:38 cp41 maldet(19507): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 24 2024 03:37:39 cp41 maldet(19507): {sigup} new signature set 202410221331455 available
Oct 24 2024 03:37:39 cp41 maldet(19507): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 24 2024 03:37:39 cp41 maldet(19507): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 24 2024 03:37:39 cp41 maldet(19507): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 24 2024 03:37:39 cp41 maldet(19507): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 24 2024 03:37:40 cp41 maldet(19507): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 24 2024 03:37:40 cp41 maldet(19507): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 24 2024 03:37:40 cp41 maldet(19507): {sigup} verified md5sum of maldet-sigpack.tgz
Oct 24 2024 03:37:42 cp41 maldet(19507): {sigup} unpacked and installed maldet-sigpack.tgz
Oct 24 2024 03:37:42 cp41 maldet(19507): {sigup} verified md5sum of maldet-clean.tgz
Oct 24 2024 03:37:43 cp41 maldet(19507): {sigup} unpacked and installed maldet-clean.tgz
Oct 24 2024 03:37:43 cp41 maldet(19507): {sigup} signature set update completed
Oct 24 2024 03:37:43 cp41 maldet(19507): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 24 2024 03:37:43 cp41 maldet(19781): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 24 2024 03:37:45 cp41 maldet(19781): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 24 2024 03:37:45 cp41 maldet(19781): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 24 2024 03:37:45 cp41 maldet(19781): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 24 2024 03:37:45 cp41 maldet(19781): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 24 2024 05:13:37 cp41 maldet(19781): {scan} file list completed in 5752s, found 398 files...
Oct 24 2024 05:13:37 cp41 maldet(19781): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 24 2024 05:13:37 cp41 maldet(19781): {scan} scan of (398 files) in progress...
Oct 24 2024 05:13:46 cp41 maldet(19781): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/jack_netsource
Oct 24 2024 05:13:46 cp41 maldet(19781): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/jack_netsource
Oct 24 2024 05:13:46 cp41 maldet(19781): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/g/q/jack_netsource
Oct 24 2024 05:13:46 cp41 maldet(19781): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/jack_netsource
Oct 24 2024 05:13:46 cp41 maldet(19781): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/t/jack_netsource
Oct 24 2024 05:13:46 cp41 maldet(19781): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/jack_netsource
Oct 24 2024 05:13:46 cp41 maldet(19781): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/jack_netsource
Oct 24 2024 05:13:46 cp41 maldet(19781): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wp-content/jack_netsource
Oct 24 2024 05:13:46 cp41 maldet(19781): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/jack_netsource
Oct 24 2024 05:13:46 cp41 maldet(19781): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/jack_transport
Oct 24 2024 05:13:47 cp41 maldet(19781): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/Havalpatter/jack_netsource
Oct 24 2024 05:13:47 cp41 maldet(19781): {hit} malware hit {CAV}Win.Trojan.Hide-1 found for /home/gavinsco/public_html/wp-includes/dir/MATzcpuD.php
Oct 24 2024 05:13:47 cp41 maldet(19781): {hit} malware hit {HEX}php.malware.magento.599 found for /home/gavinsco/public_html/wp-includes/languages/dir/qVINKCoc.php
Oct 24 2024 05:13:47 cp41 maldet(19781): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/gavinsco/public_html/wp-includes/images/dir/zvuzddvy.php
Oct 24 2024 05:13:47 cp41 maldet(19781): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/gavinsco/public_html/wp-includes/blocks/paragraph/dir/GJLADoIo.php
Oct 24 2024 05:13:47 cp41 maldet(19781): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/wp-content/themes/twentytwenty/inc/dir/iqNfqdLw.php
Oct 24 2024 05:13:47 cp41 maldet(19781): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/wp-admin/js/dir/dFPmhiHn.php
Oct 24 2024 05:13:47 cp41 maldet(19781): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/gavinsco/public_html/wp-admin/css/colors/dir/CUqlZyIx.php
Oct 24 2024 05:13:47 cp41 maldet(19781): {scan} scan completed on : files 398, malware hits 18, cleaned hits 0, time 5764s
Oct 24 2024 05:13:47 cp41 maldet(19781): {scan} scan report saved, to view run: maldet --report 241024-0337.19781
Oct 24 2024 05:13:47 cp41 maldet(19781): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241024-0337.19781
Oct 25 2024 03:36:57 cp41 maldet(21120): {update} checking for available updates...
Oct 25 2024 03:36:58 cp41 maldet(21120): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 25 2024 03:36:58 cp41 maldet(21120): {update} hashing install files and checking against server...
Oct 25 2024 03:36:58 cp41 maldet(21120): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 25 2024 03:36:58 cp41 maldet(21120): {update} latest version already installed.
Oct 25 2024 03:36:58 cp41 maldet(21284): {sigup} performing signature update check...
Oct 25 2024 03:36:58 cp41 maldet(21284): {sigup} local signature set is version 202410221331455
Oct 25 2024 03:36:58 cp41 maldet(21284): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 25 2024 03:36:59 cp41 maldet(21284): {sigup} latest signature set already installed
Oct 25 2024 03:36:59 cp41 maldet(21408): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 25 2024 03:37:01 cp41 maldet(21408): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 25 2024 03:37:01 cp41 maldet(21408): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 25 2024 03:37:01 cp41 maldet(21408): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 25 2024 03:37:01 cp41 maldet(21408): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 25 2024 05:01:37 cp41 maldet(21408): {scan} file list completed in 5076s, found 357 files...
Oct 25 2024 05:01:37 cp41 maldet(21408): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 25 2024 05:01:37 cp41 maldet(21408): {scan} scan of (357 files) in progress...
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {CAV}Win.Trojan.Hide-1 found for /home/gavinsco/public_html/wp-includes/dir/MATzcpuD.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {CAV}Win.Trojan.Hide-1 found for /home/gavinsco/public_html/wp-includes/IXR/style-engine/dir/fJhUrogn.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {HEX}php.malware.magento.599 found for /home/gavinsco/public_html/wp-includes/languages/dir/qVINKCoc.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/gavinsco/public_html/wp-includes/languages/dir/uXkGOzeh.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {HEX}php.malware.magento.606 found for /home/gavinsco/public_html/wp-includes/languages/plugins/style-engine/dir/mwvwIFDt.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/gavinsco/public_html/wp-includes/images/dir/zvuzddvy.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {HEX}php.malware.magento.599 found for /home/gavinsco/public_html/wp-includes/js/dir/dir/JVGWVQTS.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/gavinsco/public_html/wp-includes/blocks/paragraph/dir/GJLADoIo.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/wp-content/themes/twentytwenty/dir/MbDZOhIi.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/wp-content/themes/twentytwenty/inc/dir/iqNfqdLw.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {HEX}php.malware.magento.606 found for /home/gavinsco/public_html/wp-admin/dir/dir/WqerRLmT.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/wp-admin/js/dir/dFPmhiHn.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/gavinsco/public_html/wp-admin/css/colors/dir/CUqlZyIx.php
Oct 25 2024 05:01:47 cp41 maldet(21408): {scan} scan completed on : files 357, malware hits 13, cleaned hits 0, time 5088s
Oct 25 2024 05:01:47 cp41 maldet(21408): {scan} scan report saved, to view run: maldet --report 241025-0336.21408
Oct 25 2024 05:01:47 cp41 maldet(21408): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241025-0336.21408
Oct 26 2024 03:45:29 cp41 maldet(14613): {update} checking for available updates...
Oct 26 2024 03:45:29 cp41 maldet(14613): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 26 2024 03:45:29 cp41 maldet(14613): {update} hashing install files and checking against server...
Oct 26 2024 03:45:29 cp41 maldet(14613): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 26 2024 03:45:29 cp41 maldet(14613): {update} latest version already installed.
Oct 26 2024 03:45:29 cp41 maldet(14756): {sigup} performing signature update check...
Oct 26 2024 03:45:29 cp41 maldet(14756): {sigup} local signature set is version 202410221331455
Oct 26 2024 03:45:30 cp41 maldet(14756): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 26 2024 03:45:30 cp41 maldet(14756): {sigup} new signature set 202410252090927 available
Oct 26 2024 03:45:30 cp41 maldet(14756): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 26 2024 03:45:30 cp41 maldet(14756): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 26 2024 03:45:31 cp41 maldet(14756): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 26 2024 03:45:31 cp41 maldet(14756): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 26 2024 03:45:31 cp41 maldet(14756): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 26 2024 03:45:31 cp41 maldet(14756): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 26 2024 03:45:31 cp41 maldet(14756): {sigup} verified md5sum of maldet-sigpack.tgz
Oct 26 2024 03:45:32 cp41 maldet(14756): {sigup} unpacked and installed maldet-sigpack.tgz
Oct 26 2024 03:45:32 cp41 maldet(14756): {sigup} verified md5sum of maldet-clean.tgz
Oct 26 2024 03:45:32 cp41 maldet(14756): {sigup} unpacked and installed maldet-clean.tgz
Oct 26 2024 03:45:32 cp41 maldet(14756): {sigup} signature set update completed
Oct 26 2024 03:45:32 cp41 maldet(14756): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 26 2024 03:45:32 cp41 maldet(15029): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 26 2024 03:45:33 cp41 maldet(15029): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 26 2024 03:45:33 cp41 maldet(15029): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 26 2024 03:45:33 cp41 maldet(15029): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 26 2024 03:45:33 cp41 maldet(15029): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 26 2024 06:52:46 cp41 maldet(15029): {scan} file list completed in 11231s, found 102 files...
Oct 26 2024 06:52:46 cp41 maldet(15029): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 26 2024 06:52:46 cp41 maldet(15029): {scan} scan of (102 files) in progress...
Oct 26 2024 06:53:02 cp41 maldet(15029): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/wpconten/a/a/b/g/ifconfig
Oct 26 2024 06:53:02 cp41 maldet(15029): {scan} scan completed on : files 102, malware hits 1, cleaned hits 0, time 11250s
Oct 26 2024 06:53:02 cp41 maldet(15029): {scan} scan report saved, to view run: maldet --report 241026-0345.15029
Oct 26 2024 06:53:02 cp41 maldet(15029): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241026-0345.15029
Oct 27 2024 03:17:04 cp41 maldet(1529): {update} checking for available updates...
Oct 27 2024 03:17:04 cp41 maldet(1529): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 27 2024 03:17:04 cp41 maldet(1529): {update} hashing install files and checking against server...
Oct 27 2024 03:17:05 cp41 maldet(1529): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 27 2024 03:17:05 cp41 maldet(1529): {update} latest version already installed.
Oct 27 2024 03:17:05 cp41 maldet(1707): {sigup} performing signature update check...
Oct 27 2024 03:17:05 cp41 maldet(1707): {sigup} local signature set is version 202410252090927
Oct 27 2024 03:17:05 cp41 maldet(1707): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 27 2024 03:17:05 cp41 maldet(1707): {sigup} latest signature set already installed
Oct 27 2024 03:17:06 cp41 maldet(1838): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 27 2024 03:17:08 cp41 maldet(1838): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 27 2024 03:17:08 cp41 maldet(1838): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 27 2024 03:17:08 cp41 maldet(1838): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 27 2024 03:17:08 cp41 maldet(1838): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 27 2024 05:27:21 cp41 maldet(1838): {scan} file list completed in 7813s, found 57 files...
Oct 27 2024 05:27:21 cp41 maldet(1838): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 27 2024 05:27:21 cp41 maldet(1838): {scan} scan of (57 files) in progress...
Oct 27 2024 05:27:27 cp41 maldet(1838): {scan} scan completed on : files 57, malware hits 0, cleaned hits 0, time 7821s
Oct 27 2024 05:27:27 cp41 maldet(1838): {scan} scan report saved, to view run: maldet --report 241027-0317.1838
Oct 28 2024 03:42:19 cp41 maldet(18084): {update} checking for available updates...
Oct 28 2024 03:42:19 cp41 maldet(18084): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 28 2024 03:42:19 cp41 maldet(18084): {update} hashing install files and checking against server...
Oct 28 2024 03:42:20 cp41 maldet(18084): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 28 2024 03:42:20 cp41 maldet(18084): {update} latest version already installed.
Oct 28 2024 03:42:20 cp41 maldet(18300): {sigup} performing signature update check...
Oct 28 2024 03:42:20 cp41 maldet(18300): {sigup} local signature set is version 202410252090927
Oct 28 2024 03:42:20 cp41 maldet(18300): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 28 2024 03:42:21 cp41 maldet(18300): {sigup} latest signature set already installed
Oct 28 2024 03:42:22 cp41 maldet(18429): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 28 2024 03:42:30 cp41 maldet(18429): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 28 2024 03:42:30 cp41 maldet(18429): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 28 2024 03:42:30 cp41 maldet(18429): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 28 2024 03:42:30 cp41 maldet(18429): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 28 2024 05:22:08 cp41 maldet(18429): {scan} file list completed in 5978s, found 256 files...
Oct 28 2024 05:22:08 cp41 maldet(18429): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 28 2024 05:22:08 cp41 maldet(18429): {scan} scan of (256 files) in progress...
Oct 28 2024 05:22:23 cp41 maldet(18429): {hit} malware hit {HEX}php.base64.inject.182 found for /home/mcdesign/public_html/wp-includes/network.php
Oct 28 2024 05:22:24 cp41 maldet(18429): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/mcdesign/public_html/zfctgfmxp/function.php
Oct 28 2024 05:22:24 cp41 maldet(18429): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/mcdesign/public_html/zfcwygofv/function.php
Oct 28 2024 05:22:24 cp41 maldet(18429): {hit} malware hit {HEX}php.base64.inject.182 found for /home/mcdesign/public_html/.well-known/pki-validation/wp-foter.php
Oct 28 2024 05:22:24 cp41 maldet(18429): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/mcdesign/public_html/well-known/pki-validation/a/c/g/index.php
Oct 28 2024 05:22:24 cp41 maldet(18429): {hit} malware hit {YARA}webshell_itsec_itsecteam_shell_jHn found for /home/mcdesign/public_html/well-known/pki-validation/b/e/g/network.php
Oct 28 2024 05:22:24 cp41 maldet(18429): {hit} malware hit {HEX}php.base64.inject.182 found for /home/mcdesign/public_html/well-known/pki-validation/b/b/b/index.php
Oct 28 2024 05:22:24 cp41 maldet(18429): {hit} malware hit {YARA}webshell_iMHaPFtp_2 found for /home/mcdesign/public_html/well-known/acme-challenge/c/b/e/index.php
Oct 28 2024 05:22:24 cp41 maldet(18429): {scan} scan completed on : files 256, malware hits 8, cleaned hits 0, time 6002s
Oct 28 2024 05:22:24 cp41 maldet(18429): {scan} scan report saved, to view run: maldet --report 241028-0342.18429
Oct 28 2024 05:22:24 cp41 maldet(18429): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241028-0342.18429
Oct 29 2024 03:24:31 cp41 maldet(22970): {update} checking for available updates...
Oct 29 2024 03:24:31 cp41 maldet(22970): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 29 2024 03:24:31 cp41 maldet(22970): {update} hashing install files and checking against server...
Oct 29 2024 03:24:32 cp41 maldet(22970): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 29 2024 03:24:32 cp41 maldet(22970): {update} latest version already installed.
Oct 29 2024 03:24:32 cp41 maldet(23117): {sigup} performing signature update check...
Oct 29 2024 03:24:32 cp41 maldet(23117): {sigup} local signature set is version 202410252090927
Oct 29 2024 03:24:32 cp41 maldet(23117): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 29 2024 03:24:32 cp41 maldet(23117): {sigup} new signature set 202410282846833 available
Oct 29 2024 03:24:32 cp41 maldet(23117): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 29 2024 03:24:33 cp41 maldet(23117): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Oct 29 2024 03:24:34 cp41 maldet(23117): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Oct 29 2024 03:24:34 cp41 maldet(23117): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 29 2024 03:24:34 cp41 maldet(23117): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Oct 29 2024 03:24:34 cp41 maldet(23117): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Oct 29 2024 03:24:34 cp41 maldet(23117): {sigup} verified md5sum of maldet-sigpack.tgz
Oct 29 2024 03:24:35 cp41 maldet(23117): {sigup} unpacked and installed maldet-sigpack.tgz
Oct 29 2024 03:24:36 cp41 maldet(23117): {sigup} verified md5sum of maldet-clean.tgz
Oct 29 2024 03:24:36 cp41 maldet(23117): {sigup} unpacked and installed maldet-clean.tgz
Oct 29 2024 03:24:36 cp41 maldet(23117): {sigup} signature set update completed
Oct 29 2024 03:24:36 cp41 maldet(23117): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 29 2024 03:24:36 cp41 maldet(23394): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 29 2024 03:24:37 cp41 maldet(23394): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 29 2024 03:24:37 cp41 maldet(23394): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 29 2024 03:24:37 cp41 maldet(23394): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 29 2024 03:24:37 cp41 maldet(23394): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 29 2024 04:51:07 cp41 maldet(23394): {scan} file list completed in 5190s, found 58 files...
Oct 29 2024 04:51:07 cp41 maldet(23394): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 29 2024 04:51:07 cp41 maldet(23394): {scan} scan of (58 files) in progress...
Oct 29 2024 04:51:10 cp41 maldet(23394): {scan} scan completed on : files 58, malware hits 0, cleaned hits 0, time 5194s
Oct 29 2024 04:51:10 cp41 maldet(23394): {scan} scan report saved, to view run: maldet --report 241029-0324.23394
Oct 30 2024 03:29:13 cp41 maldet(28182): {update} checking for available updates...
Oct 30 2024 03:29:13 cp41 maldet(28182): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 30 2024 03:29:13 cp41 maldet(28182): {update} hashing install files and checking against server...
Oct 30 2024 03:29:14 cp41 maldet(28182): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 30 2024 03:29:14 cp41 maldet(28182): {update} latest version already installed.
Oct 30 2024 03:29:14 cp41 maldet(28385): {sigup} performing signature update check...
Oct 30 2024 03:29:14 cp41 maldet(28385): {sigup} local signature set is version 202410282846833
Oct 30 2024 03:29:14 cp41 maldet(28385): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 30 2024 03:29:15 cp41 maldet(28385): {sigup} latest signature set already installed
Oct 30 2024 03:29:15 cp41 maldet(28505): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 30 2024 03:29:16 cp41 maldet(28505): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 30 2024 03:29:16 cp41 maldet(28505): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 30 2024 03:29:16 cp41 maldet(28505): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 30 2024 03:29:16 cp41 maldet(28505): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 30 2024 04:59:26 cp41 maldet(28505): {scan} file list completed in 5410s, found 76 files...
Oct 30 2024 04:59:26 cp41 maldet(28505): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 30 2024 04:59:26 cp41 maldet(28505): {scan} scan of (76 files) in progress...
Oct 30 2024 04:59:28 cp41 maldet(28505): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Oct 30 2024 04:59:28 cp41 maldet(28505): {scan} scan completed on : files 76, malware hits 0, cleaned hits 0, time 5413s
Oct 30 2024 04:59:28 cp41 maldet(28505): {scan} scan report saved, to view run: maldet --report 241030-0329.28505
Oct 31 2024 03:12:52 cp41 maldet(26958): {update} checking for available updates...
Oct 31 2024 03:12:52 cp41 maldet(26958): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Oct 31 2024 03:12:52 cp41 maldet(26958): {update} hashing install files and checking against server...
Oct 31 2024 03:12:52 cp41 maldet(26958): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Oct 31 2024 03:12:52 cp41 maldet(26958): {update} latest version already installed.
Oct 31 2024 03:12:52 cp41 maldet(27104): {sigup} performing signature update check...
Oct 31 2024 03:12:52 cp41 maldet(27104): {sigup} local signature set is version 202410282846833
Oct 31 2024 03:12:53 cp41 maldet(27104): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Oct 31 2024 03:12:53 cp41 maldet(27104): {sigup} latest signature set already installed
Oct 31 2024 03:12:53 cp41 maldet(27227): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Oct 31 2024 03:12:54 cp41 maldet(27227): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Oct 31 2024 03:12:54 cp41 maldet(27227): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Oct 31 2024 03:12:54 cp41 maldet(27227): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Oct 31 2024 03:12:54 cp41 maldet(27227): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Oct 31 2024 04:29:52 cp41 maldet(27227): {scan} file list completed in 4618s, found 30249 files...
Oct 31 2024 04:29:52 cp41 maldet(27227): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Oct 31 2024 04:29:52 cp41 maldet(27227): {scan} scan of (30249 files) in progress...
Oct 31 2024 04:31:06 cp41 maldet(27227): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Oct 31 2024 04:31:07 cp41 maldet(27227): {scan} scan completed on : files 30249, malware hits 0, cleaned hits 0, time 4693s
Oct 31 2024 04:31:07 cp41 maldet(27227): {scan} scan report saved, to view run: maldet --report 241031-0312.27227
Nov 01 2024 03:46:17 cp41 maldet(12615): {update} checking for available updates...
Nov 01 2024 03:46:18 cp41 maldet(12615): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 01 2024 03:46:18 cp41 maldet(12615): {update} hashing install files and checking against server...
Nov 01 2024 03:46:18 cp41 maldet(12615): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 01 2024 03:46:18 cp41 maldet(12615): {update} latest version already installed.
Nov 01 2024 03:46:18 cp41 maldet(12773): {sigup} performing signature update check...
Nov 01 2024 03:46:18 cp41 maldet(12773): {sigup} local signature set is version 202410282846833
Nov 01 2024 03:46:18 cp41 maldet(12773): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 01 2024 03:46:19 cp41 maldet(12773): {sigup} new signature set 202410313602166 available
Nov 01 2024 03:46:19 cp41 maldet(12773): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 01 2024 03:46:19 cp41 maldet(12773): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 01 2024 03:46:20 cp41 maldet(12773): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Nov 01 2024 03:46:20 cp41 maldet(12773): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 01 2024 03:46:20 cp41 maldet(12773): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 01 2024 03:46:20 cp41 maldet(12773): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Nov 01 2024 03:46:20 cp41 maldet(12773): {sigup} verified md5sum of maldet-sigpack.tgz
Nov 01 2024 03:46:21 cp41 maldet(12773): {sigup} unpacked and installed maldet-sigpack.tgz
Nov 01 2024 03:46:21 cp41 maldet(12773): {sigup} verified md5sum of maldet-clean.tgz
Nov 01 2024 03:46:21 cp41 maldet(12773): {sigup} unpacked and installed maldet-clean.tgz
Nov 01 2024 03:46:21 cp41 maldet(12773): {sigup} signature set update completed
Nov 01 2024 03:46:21 cp41 maldet(12773): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 01 2024 03:46:21 cp41 maldet(13063): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 01 2024 03:46:22 cp41 maldet(13063): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 01 2024 03:46:22 cp41 maldet(13063): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 01 2024 03:46:22 cp41 maldet(13063): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 01 2024 03:46:22 cp41 maldet(13063): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 01 2024 05:56:37 cp41 maldet(13063): {scan} file list completed in 7814s, found 180 files...
Nov 01 2024 05:56:37 cp41 maldet(13063): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 01 2024 05:56:37 cp41 maldet(13063): {scan} scan of (180 files) in progress...
Nov 01 2024 05:56:41 cp41 maldet(13063): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 01 2024 05:56:41 cp41 maldet(13063): {scan} scan completed on : files 180, malware hits 0, cleaned hits 0, time 7820s
Nov 01 2024 05:56:41 cp41 maldet(13063): {scan} scan report saved, to view run: maldet --report 241101-0346.13063
Nov 02 2024 03:37:24 cp41 maldet(8337): {update} checking for available updates...
Nov 02 2024 03:37:24 cp41 maldet(8337): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 02 2024 03:37:24 cp41 maldet(8337): {update} hashing install files and checking against server...
Nov 02 2024 03:37:25 cp41 maldet(8337): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 02 2024 03:37:25 cp41 maldet(8337): {update} latest version already installed.
Nov 02 2024 03:37:25 cp41 maldet(8494): {sigup} performing signature update check...
Nov 02 2024 03:37:25 cp41 maldet(8494): {sigup} local signature set is version 202410313602166
Nov 02 2024 03:37:26 cp41 maldet(8494): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 02 2024 03:37:26 cp41 maldet(8494): {sigup} new signature set 20241101119716 available
Nov 02 2024 03:37:26 cp41 maldet(8494): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 02 2024 03:37:27 cp41 maldet(8494): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 02 2024 03:37:27 cp41 maldet(8494): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Nov 02 2024 03:37:27 cp41 maldet(8494): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 02 2024 03:37:27 cp41 maldet(8494): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 02 2024 03:37:27 cp41 maldet(8494): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Nov 02 2024 03:37:27 cp41 maldet(8494): {sigup} verified md5sum of maldet-sigpack.tgz
Nov 02 2024 03:37:29 cp41 maldet(8494): {sigup} unpacked and installed maldet-sigpack.tgz
Nov 02 2024 03:37:29 cp41 maldet(8494): {sigup} verified md5sum of maldet-clean.tgz
Nov 02 2024 03:37:30 cp41 maldet(8494): {sigup} unpacked and installed maldet-clean.tgz
Nov 02 2024 03:37:30 cp41 maldet(8494): {sigup} signature set update completed
Nov 02 2024 03:37:30 cp41 maldet(8494): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 02 2024 03:37:32 cp41 maldet(8806): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 02 2024 03:37:34 cp41 maldet(8806): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 02 2024 03:37:34 cp41 maldet(8806): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 02 2024 03:37:34 cp41 maldet(8806): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 02 2024 03:37:34 cp41 maldet(8806): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 02 2024 05:35:51 cp41 maldet(8806): {scan} file list completed in 7097s, found 303 files...
Nov 02 2024 05:35:51 cp41 maldet(8806): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 02 2024 05:35:51 cp41 maldet(8806): {scan} scan of (303 files) in progress...
Nov 02 2024 05:36:00 cp41 maldet(8806): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/images/plugins/com/c/nslookup
Nov 02 2024 05:36:00 cp41 maldet(8806): {scan} scan completed on : files 303, malware hits 1, cleaned hits 0, time 7108s
Nov 02 2024 05:36:00 cp41 maldet(8806): {scan} scan report saved, to view run: maldet --report 241102-0337.8806
Nov 02 2024 05:36:00 cp41 maldet(8806): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241102-0337.8806
Nov 03 2024 03:09:37 cp41 maldet(24847): {update} checking for available updates...
Nov 03 2024 03:09:37 cp41 maldet(24847): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 03 2024 03:09:37 cp41 maldet(24847): {update} hashing install files and checking against server...
Nov 03 2024 03:09:37 cp41 maldet(24847): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 03 2024 03:09:37 cp41 maldet(24847): {update} latest version already installed.
Nov 03 2024 03:09:37 cp41 maldet(24995): {sigup} performing signature update check...
Nov 03 2024 03:09:37 cp41 maldet(24995): {sigup} local signature set is version 20241101119716
Nov 03 2024 03:09:38 cp41 maldet(24995): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 03 2024 03:09:38 cp41 maldet(24995): {sigup} latest signature set already installed
Nov 03 2024 03:09:38 cp41 maldet(25118): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 03 2024 03:09:40 cp41 maldet(25118): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 03 2024 03:09:40 cp41 maldet(25118): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 03 2024 03:09:40 cp41 maldet(25118): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 03 2024 03:09:40 cp41 maldet(25118): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 03 2024 04:52:48 cp41 maldet(25118): {scan} file list completed in 6188s, found 543 files...
Nov 03 2024 04:52:48 cp41 maldet(25118): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 03 2024 04:52:48 cp41 maldet(25118): {scan} scan of (543 files) in progress...
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.exe.globals.416 found for /home/gavinsco/public_html/wp-includes/ppeadg.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {YARA}eval_post found for /home/gavinsco/public_html/wp-includes/IXR/style-engine/IXR/QEkeamY.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.malware.magento.599 found for /home/gavinsco/public_html/wp-includes/languages/dir/qVINKCoc.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/gavinsco/public_html/wp-includes/languages/dir/uXkGOzeh.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.malware.magento.606 found for /home/gavinsco/public_html/wp-includes/languages/plugins/style-engine/dir/mwvwIFDt.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.cmdshell.egyspider.244 found for /home/gavinsco/public_html/wp-includes/images/dir/zvuzddvy.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.nested.base64.652 found for /home/gavinsco/public_html/wp-includes/images/wp/rCKmB.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.malware.magento.599 found for /home/gavinsco/public_html/wp-includes/js/dir/dir/JVGWVQTS.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.exe.globals.416 found for /home/gavinsco/public_html/wp-includes/ysatrj.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/gavinsco/public_html/wp-includes/blocks/paragraph/dir/GJLADoIo.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.nested.base64.652 found for /home/gavinsco/public_html/Gavin_Scott/curriculum_vitae_files/lwRhYdbI.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {YARA}eval_post found for /home/gavinsco/public_html/wp-content/Text/apuHVPvp.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {YARA}webshell_iMHaPFtp_2 found for /home/gavinsco/public_html/wp-content/network.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.malware.magento.606 found for /home/gavinsco/public_html/wp-admin/dir/dir/WqerRLmT.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.nested.base64.652 found for /home/gavinsco/public_html/wp-admin/Text/css/languages/certificates/wp/mszoURw.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.cmdshell.byp2.222 found for /home/gavinsco/public_html/wp-admin/images/wp/dir/oBOvlyXB.php
Nov 03 2024 04:53:25 cp41 maldet(25118): {hit} malware hit {HEX}php.base64.inject.182 found for /home/gavinsco/public_html/wp-admin/js/dir/dFPmhiHn.php
Nov 03 2024 04:53:26 cp41 maldet(25118): {hit} malware hit {HEX}php.gzbase64.inject.457 found for /home/gavinsco/public_html/wp-admin/css/colors/dir/CUqlZyIx.php
Nov 03 2024 04:53:26 cp41 maldet(25118): {hit} malware hit {HEX}php.nested.base64.652 found for /home/gavinsco/public_html/wp-admin/includes/fonts/met/style-engine/wp/XVjTwAy.php
Nov 03 2024 04:53:26 cp41 maldet(25118): {scan} scan completed on : files 543, malware hits 19, cleaned hits 0, time 6228s
Nov 03 2024 04:53:26 cp41 maldet(25118): {scan} scan report saved, to view run: maldet --report 241103-0309.25118
Nov 03 2024 04:53:26 cp41 maldet(25118): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241103-0309.25118
Nov 04 2024 03:39:04 cp41 maldet(8205): {update} checking for available updates...
Nov 04 2024 03:39:04 cp41 maldet(8205): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 04 2024 03:39:04 cp41 maldet(8205): {update} hashing install files and checking against server...
Nov 04 2024 03:39:04 cp41 maldet(8205): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 04 2024 03:39:04 cp41 maldet(8205): {update} latest version already installed.
Nov 04 2024 03:39:05 cp41 maldet(8362): {sigup} performing signature update check...
Nov 04 2024 03:39:05 cp41 maldet(8362): {sigup} local signature set is version 20241101119716
Nov 04 2024 03:39:05 cp41 maldet(8362): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 04 2024 03:39:05 cp41 maldet(8362): {sigup} new signature set 20241104598085 available
Nov 04 2024 03:39:05 cp41 maldet(8362): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 04 2024 03:39:05 cp41 maldet(8362): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 04 2024 03:39:06 cp41 maldet(8362): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Nov 04 2024 03:39:06 cp41 maldet(8362): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 04 2024 03:39:06 cp41 maldet(8362): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 04 2024 03:39:06 cp41 maldet(8362): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Nov 04 2024 03:39:06 cp41 maldet(8362): {sigup} verified md5sum of maldet-sigpack.tgz
Nov 04 2024 03:39:09 cp41 maldet(8362): {sigup} unpacked and installed maldet-sigpack.tgz
Nov 04 2024 03:39:09 cp41 maldet(8362): {sigup} verified md5sum of maldet-clean.tgz
Nov 04 2024 03:39:09 cp41 maldet(8362): {sigup} unpacked and installed maldet-clean.tgz
Nov 04 2024 03:39:09 cp41 maldet(8362): {sigup} signature set update completed
Nov 04 2024 03:39:09 cp41 maldet(8362): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 04 2024 03:39:10 cp41 maldet(8648): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 04 2024 03:39:11 cp41 maldet(8648): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 04 2024 03:39:11 cp41 maldet(8648): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 04 2024 03:39:11 cp41 maldet(8648): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 04 2024 03:39:11 cp41 maldet(8648): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 04 2024 10:32:29 cp41 maldet(8648): {scan} file list completed in 24798s, found 1095 files...
Nov 04 2024 10:32:30 cp41 maldet(8648): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 04 2024 10:32:30 cp41 maldet(8648): {scan} scan of (1095 files) in progress...
Nov 04 2024 10:34:07 cp41 maldet(8648): {hit} malware hit {HEX}php.base64.inject.182 found for /home/colorad7/public_html/404GPN/games-WHMCS-central.txt404/network.php
Nov 04 2024 10:34:07 cp41 maldet(8648): {hit} malware hit {HEX}php.base64.inject.182 found for /home/colorad7/public_html/404GPN/hjumpline-gfl-WHMCS-cliente-public_html.txt404/index.php
Nov 04 2024 10:34:07 cp41 maldet(8648): {hit} malware hit {YARA}webshell_iMHaPFtp_2 found for /home/colorad7/public_html/404GPN/sabirsk-WHMCS-billings.txt404/index.php
Nov 04 2024 10:34:07 cp41 maldet(8648): {hit} malware hit {YARA}spam_mailer found for /home/colorad7/public_html/404GPN/calmesta-PrestaShop-prestashop.txt404/index.php
Nov 04 2024 10:34:07 cp41 maldet(8648): {hit} malware hit {YARA}multiple_php_webshells found for /home/colorad7/public_html/404GPN/musicroo-PrestaShop7-prestashop-public_html.txt404/index.php
Nov 04 2024 10:34:07 cp41 maldet(8648): {hit} malware hit {YARA}webshell_itsec_itsecteam_shell_jHn found for /home/colorad7/public_html/404GPN/soflafcp-WHMCS-user.txt404/index.php
Nov 04 2024 10:34:07 cp41 maldet(8648): {hit} malware hit {HEX}php.shell.black-id.719 found for /home/colorad7/public_html/404GPN/briancol-Joomla-portal-public_html.txt404/index.php
Nov 04 2024 10:34:07 cp41 maldet(8648): {hit} malware hit {HEX}php.cmdshell.rgod.363 found for /home/colorad7/public_html/404GPN/michaelh-myconf-cPanel-public_html.txt404/index.php
Nov 04 2024 10:34:07 cp41 maldet(8648): {hit} malware hit {HEX}php.base64.inject.182 found for /home/colorad7/public_html/404GPN/mcdesign-WHMCS-support.txt404/index.php
Nov 04 2024 10:34:07 cp41 maldet(8648): {scan} scan completed on : files 1095, malware hits 9, cleaned hits 0, time 24897s
Nov 04 2024 10:34:07 cp41 maldet(8648): {scan} scan report saved, to view run: maldet --report 241104-0339.8648
Nov 04 2024 10:34:07 cp41 maldet(8648): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241104-0339.8648
Nov 05 2024 03:42:26 cp41 maldet(29039): {update} checking for available updates...
Nov 05 2024 03:42:26 cp41 maldet(29039): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 05 2024 03:42:26 cp41 maldet(29039): {update} hashing install files and checking against server...
Nov 05 2024 03:42:27 cp41 maldet(29039): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 05 2024 03:42:27 cp41 maldet(29039): {update} latest version already installed.
Nov 05 2024 03:42:27 cp41 maldet(29234): {sigup} performing signature update check...
Nov 05 2024 03:42:27 cp41 maldet(29234): {sigup} local signature set is version 20241104598085
Nov 05 2024 03:42:27 cp41 maldet(29234): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 05 2024 03:42:27 cp41 maldet(29234): {sigup} latest signature set already installed
Nov 05 2024 03:42:28 cp41 maldet(29352): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 05 2024 03:42:29 cp41 maldet(29352): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 05 2024 03:42:29 cp41 maldet(29352): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 05 2024 03:42:29 cp41 maldet(29352): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 05 2024 03:42:29 cp41 maldet(29352): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 05 2024 05:48:46 cp41 maldet(29352): {scan} file list completed in 7577s, found 153 files...
Nov 05 2024 05:48:46 cp41 maldet(29352): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 05 2024 05:48:46 cp41 maldet(29352): {scan} scan of (153 files) in progress...
Nov 05 2024 05:48:53 cp41 maldet(29352): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 05 2024 05:48:53 cp41 maldet(29352): {scan} scan completed on : files 153, malware hits 0, cleaned hits 0, time 7585s
Nov 05 2024 05:48:53 cp41 maldet(29352): {scan} scan report saved, to view run: maldet --report 241105-0342.29352
Nov 06 2024 03:34:56 cp41 maldet(4760): {update} checking for available updates...
Nov 06 2024 03:34:57 cp41 maldet(4760): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 06 2024 03:34:57 cp41 maldet(4760): {update} hashing install files and checking against server...
Nov 06 2024 03:34:57 cp41 maldet(4760): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 06 2024 03:34:57 cp41 maldet(4760): {update} latest version already installed.
Nov 06 2024 03:34:57 cp41 maldet(4912): {sigup} performing signature update check...
Nov 06 2024 03:34:57 cp41 maldet(4912): {sigup} local signature set is version 20241104598085
Nov 06 2024 03:34:57 cp41 maldet(4912): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 06 2024 03:34:58 cp41 maldet(4912): {sigup} latest signature set already installed
Nov 06 2024 03:34:58 cp41 maldet(5033): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 06 2024 03:34:59 cp41 maldet(5033): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 06 2024 03:34:59 cp41 maldet(5033): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 06 2024 03:34:59 cp41 maldet(5033): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 06 2024 03:34:59 cp41 maldet(5033): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 06 2024 05:09:22 cp41 maldet(5033): {scan} file list completed in 5663s, found 114 files...
Nov 06 2024 05:09:22 cp41 maldet(5033): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 06 2024 05:09:22 cp41 maldet(5033): {scan} scan of (114 files) in progress...
Nov 06 2024 05:09:26 cp41 maldet(5033): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 06 2024 05:09:27 cp41 maldet(5033): {scan} scan completed on : files 114, malware hits 0, cleaned hits 0, time 5669s
Nov 06 2024 05:09:27 cp41 maldet(5033): {scan} scan report saved, to view run: maldet --report 241106-0334.5033
Nov 07 2024 03:48:27 cp41 maldet(19160): {update} checking for available updates...
Nov 07 2024 03:48:28 cp41 maldet(19160): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 07 2024 03:48:28 cp41 maldet(19160): {update} hashing install files and checking against server...
Nov 07 2024 03:48:28 cp41 maldet(19160): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 07 2024 03:48:28 cp41 maldet(19160): {update} latest version already installed.
Nov 07 2024 03:48:28 cp41 maldet(19310): {sigup} performing signature update check...
Nov 07 2024 03:48:28 cp41 maldet(19310): {sigup} local signature set is version 20241104598085
Nov 07 2024 03:48:28 cp41 maldet(19310): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 07 2024 03:48:29 cp41 maldet(19310): {sigup} new signature set 20241107590174 available
Nov 07 2024 03:48:29 cp41 maldet(19310): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 07 2024 03:48:29 cp41 maldet(19310): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 07 2024 03:48:30 cp41 maldet(19310): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Nov 07 2024 03:48:30 cp41 maldet(19310): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 07 2024 03:48:30 cp41 maldet(19310): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 07 2024 03:48:30 cp41 maldet(19310): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Nov 07 2024 03:48:30 cp41 maldet(19310): {sigup} verified md5sum of maldet-sigpack.tgz
Nov 07 2024 03:48:31 cp41 maldet(19310): {sigup} unpacked and installed maldet-sigpack.tgz
Nov 07 2024 03:48:32 cp41 maldet(19310): {sigup} verified md5sum of maldet-clean.tgz
Nov 07 2024 03:48:32 cp41 maldet(19310): {sigup} unpacked and installed maldet-clean.tgz
Nov 07 2024 03:48:32 cp41 maldet(19310): {sigup} signature set update completed
Nov 07 2024 03:48:32 cp41 maldet(19310): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 07 2024 03:48:32 cp41 maldet(19618): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 07 2024 03:48:33 cp41 maldet(19618): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 07 2024 03:48:33 cp41 maldet(19618): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 07 2024 03:48:33 cp41 maldet(19618): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 07 2024 03:48:33 cp41 maldet(19618): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 07 2024 07:11:02 cp41 maldet(19618): {scan} file list completed in 12149s, found 298 files...
Nov 07 2024 07:11:02 cp41 maldet(19618): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 07 2024 07:11:02 cp41 maldet(19618): {scan} scan of (298 files) in progress...
Nov 07 2024 07:11:18 cp41 maldet(19618): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 07 2024 07:11:18 cp41 maldet(19618): {scan} scan completed on : files 298, malware hits 0, cleaned hits 0, time 12166s
Nov 07 2024 07:11:18 cp41 maldet(19618): {scan} scan report saved, to view run: maldet --report 241107-0348.19618
Nov 08 2024 03:24:53 cp41 maldet(17912): {update} checking for available updates...
Nov 08 2024 03:24:53 cp41 maldet(17912): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 08 2024 03:24:53 cp41 maldet(17912): {update} hashing install files and checking against server...
Nov 08 2024 03:24:54 cp41 maldet(17912): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 08 2024 03:24:54 cp41 maldet(17912): {update} latest version already installed.
Nov 08 2024 03:24:57 cp41 maldet(18106): {sigup} performing signature update check...
Nov 08 2024 03:24:57 cp41 maldet(18106): {sigup} local signature set is version 20241107590174
Nov 08 2024 03:24:57 cp41 maldet(18106): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 08 2024 03:24:58 cp41 maldet(18106): {sigup} latest signature set already installed
Nov 08 2024 03:24:58 cp41 maldet(18270): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 08 2024 03:25:01 cp41 maldet(18270): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 08 2024 03:25:01 cp41 maldet(18270): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 08 2024 03:25:01 cp41 maldet(18270): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 08 2024 03:25:01 cp41 maldet(18270): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 08 2024 05:22:34 cp41 maldet(18270): {scan} file list completed in 7053s, found 231 files...
Nov 08 2024 05:22:34 cp41 maldet(18270): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 08 2024 05:22:34 cp41 maldet(18270): {scan} scan of (231 files) in progress...
Nov 08 2024 05:22:48 cp41 maldet(18270): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 08 2024 05:22:48 cp41 maldet(18270): {scan} scan completed on : files 231, malware hits 0, cleaned hits 0, time 7070s
Nov 08 2024 05:22:48 cp41 maldet(18270): {scan} scan report saved, to view run: maldet --report 241108-0324.18270
Nov 09 2024 03:24:25 cp41 maldet(30617): {update} checking for available updates...
Nov 09 2024 03:24:26 cp41 maldet(30617): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 09 2024 03:24:26 cp41 maldet(30617): {update} hashing install files and checking against server...
Nov 09 2024 03:24:26 cp41 maldet(30617): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 09 2024 03:24:26 cp41 maldet(30617): {update} latest version already installed.
Nov 09 2024 03:24:26 cp41 maldet(30780): {sigup} performing signature update check...
Nov 09 2024 03:24:26 cp41 maldet(30780): {sigup} local signature set is version 20241107590174
Nov 09 2024 03:24:27 cp41 maldet(30780): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 09 2024 03:24:27 cp41 maldet(30780): {sigup} latest signature set already installed
Nov 09 2024 03:24:27 cp41 maldet(30908): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 09 2024 03:24:30 cp41 maldet(30908): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 09 2024 03:24:30 cp41 maldet(30908): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 09 2024 03:24:30 cp41 maldet(30908): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 09 2024 03:24:30 cp41 maldet(30908): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 09 2024 05:15:28 cp41 maldet(30908): {scan} file list completed in 6658s, found 153 files...
Nov 09 2024 05:15:28 cp41 maldet(30908): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 09 2024 05:15:28 cp41 maldet(30908): {scan} scan of (153 files) in progress...
Nov 09 2024 05:15:32 cp41 maldet(30908): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 09 2024 05:15:32 cp41 maldet(30908): {scan} scan completed on : files 153, malware hits 0, cleaned hits 0, time 6665s
Nov 09 2024 05:15:32 cp41 maldet(30908): {scan} scan report saved, to view run: maldet --report 241109-0324.30908
Nov 10 2024 03:48:59 cp41 maldet(29273): {update} checking for available updates...
Nov 10 2024 03:49:00 cp41 maldet(29273): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 10 2024 03:49:00 cp41 maldet(29273): {update} hashing install files and checking against server...
Nov 10 2024 03:49:00 cp41 maldet(29273): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 10 2024 03:49:00 cp41 maldet(29273): {update} latest version already installed.
Nov 10 2024 03:49:00 cp41 maldet(29421): {sigup} performing signature update check...
Nov 10 2024 03:49:00 cp41 maldet(29421): {sigup} local signature set is version 20241107590174
Nov 10 2024 03:49:01 cp41 maldet(29421): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 10 2024 03:49:01 cp41 maldet(29421): {sigup} new signature set 202411101345636 available
Nov 10 2024 03:49:01 cp41 maldet(29421): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 10 2024 03:49:01 cp41 maldet(29421): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 10 2024 03:49:02 cp41 maldet(29421): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Nov 10 2024 03:49:02 cp41 maldet(29421): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 10 2024 03:49:02 cp41 maldet(29421): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 10 2024 03:49:02 cp41 maldet(29421): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Nov 10 2024 03:49:02 cp41 maldet(29421): {sigup} verified md5sum of maldet-sigpack.tgz
Nov 10 2024 03:49:03 cp41 maldet(29421): {sigup} unpacked and installed maldet-sigpack.tgz
Nov 10 2024 03:49:03 cp41 maldet(29421): {sigup} verified md5sum of maldet-clean.tgz
Nov 10 2024 03:49:03 cp41 maldet(29421): {sigup} unpacked and installed maldet-clean.tgz
Nov 10 2024 03:49:03 cp41 maldet(29421): {sigup} signature set update completed
Nov 10 2024 03:49:03 cp41 maldet(29421): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 10 2024 03:49:03 cp41 maldet(29737): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 10 2024 03:49:05 cp41 maldet(29737): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 10 2024 03:49:05 cp41 maldet(29737): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 10 2024 03:49:05 cp41 maldet(29737): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 10 2024 03:49:05 cp41 maldet(29737): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 10 2024 05:28:38 cp41 maldet(29737): {scan} file list completed in 5973s, found 284 files...
Nov 10 2024 05:28:38 cp41 maldet(29737): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 10 2024 05:28:38 cp41 maldet(29737): {scan} scan of (284 files) in progress...
Nov 10 2024 05:28:42 cp41 maldet(29737): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 10 2024 05:28:42 cp41 maldet(29737): {scan} scan completed on : files 284, malware hits 0, cleaned hits 0, time 5979s
Nov 10 2024 05:28:42 cp41 maldet(29737): {scan} scan report saved, to view run: maldet --report 241110-0349.29737
Nov 11 2024 03:35:31 cp41 maldet(24393): {update} checking for available updates...
Nov 11 2024 03:35:32 cp41 maldet(24393): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 11 2024 03:35:32 cp41 maldet(24393): {update} hashing install files and checking against server...
Nov 11 2024 03:35:32 cp41 maldet(24393): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 11 2024 03:35:32 cp41 maldet(24393): {update} latest version already installed.
Nov 11 2024 03:35:32 cp41 maldet(24544): {sigup} performing signature update check...
Nov 11 2024 03:35:32 cp41 maldet(24544): {sigup} local signature set is version 202411101345636
Nov 11 2024 03:35:33 cp41 maldet(24544): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 11 2024 03:35:33 cp41 maldet(24544): {sigup} latest signature set already installed
Nov 11 2024 03:35:34 cp41 maldet(24670): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 11 2024 03:35:35 cp41 maldet(24670): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 11 2024 03:35:35 cp41 maldet(24670): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 11 2024 03:35:35 cp41 maldet(24670): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 11 2024 03:35:35 cp41 maldet(24670): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 11 2024 05:03:10 cp41 maldet(24670): {scan} file list completed in 5255s, found 271 files...
Nov 11 2024 05:03:10 cp41 maldet(24670): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 11 2024 05:03:10 cp41 maldet(24670): {scan} scan of (271 files) in progress...
Nov 11 2024 05:03:16 cp41 maldet(24670): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 11 2024 05:03:16 cp41 maldet(24670): {scan} scan completed on : files 271, malware hits 0, cleaned hits 0, time 5262s
Nov 11 2024 05:03:16 cp41 maldet(24670): {scan} scan report saved, to view run: maldet --report 241111-0335.24670
Nov 12 2024 03:27:48 cp41 maldet(3540): {update} checking for available updates...
Nov 12 2024 03:27:48 cp41 maldet(3540): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 12 2024 03:27:48 cp41 maldet(3540): {update} hashing install files and checking against server...
Nov 12 2024 03:27:49 cp41 maldet(3540): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 12 2024 03:27:49 cp41 maldet(3540): {update} latest version already installed.
Nov 12 2024 03:27:49 cp41 maldet(3719): {sigup} performing signature update check...
Nov 12 2024 03:27:49 cp41 maldet(3719): {sigup} local signature set is version 202411101345636
Nov 12 2024 03:27:49 cp41 maldet(3719): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 12 2024 03:27:50 cp41 maldet(3719): {sigup} latest signature set already installed
Nov 12 2024 03:27:50 cp41 maldet(3856): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 12 2024 03:27:52 cp41 maldet(3856): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 12 2024 03:27:52 cp41 maldet(3856): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 12 2024 03:27:52 cp41 maldet(3856): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 12 2024 03:27:52 cp41 maldet(3856): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 12 2024 06:31:10 cp41 maldet(3856): {scan} file list completed in 10998s, found 504 files...
Nov 12 2024 06:31:10 cp41 maldet(3856): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 12 2024 06:31:10 cp41 maldet(3856): {scan} scan of (504 files) in progress...
Nov 12 2024 06:31:23 cp41 maldet(3856): {hit} malware hit {HEX}php.mailer.Mzh.557 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/8d6fe6aee4.php
Nov 12 2024 06:31:23 cp41 maldet(3856): {scan} scan completed on : files 504, malware hits 1, cleaned hits 0, time 11013s
Nov 12 2024 06:31:23 cp41 maldet(3856): {scan} scan report saved, to view run: maldet --report 241112-0327.3856
Nov 12 2024 06:31:23 cp41 maldet(3856): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241112-0327.3856
Nov 13 2024 03:38:44 cp41 maldet(16359): {update} checking for available updates...
Nov 13 2024 03:38:45 cp41 maldet(16359): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 13 2024 03:38:45 cp41 maldet(16359): {update} hashing install files and checking against server...
Nov 13 2024 03:38:46 cp41 maldet(16359): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 13 2024 03:38:46 cp41 maldet(16359): {update} latest version already installed.
Nov 13 2024 03:38:46 cp41 maldet(16510): {sigup} performing signature update check...
Nov 13 2024 03:38:46 cp41 maldet(16510): {sigup} local signature set is version 202411101345636
Nov 13 2024 03:38:46 cp41 maldet(16510): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 13 2024 03:38:47 cp41 maldet(16510): {sigup} new signature set 202411132100752 available
Nov 13 2024 03:38:47 cp41 maldet(16510): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 13 2024 03:38:48 cp41 maldet(16510): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 13 2024 03:38:49 cp41 maldet(16510): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Nov 13 2024 03:38:49 cp41 maldet(16510): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 13 2024 03:38:49 cp41 maldet(16510): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 13 2024 03:38:50 cp41 maldet(16510): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Nov 13 2024 03:38:50 cp41 maldet(16510): {sigup} verified md5sum of maldet-sigpack.tgz
Nov 13 2024 03:38:51 cp41 maldet(16510): {sigup} unpacked and installed maldet-sigpack.tgz
Nov 13 2024 03:38:51 cp41 maldet(16510): {sigup} verified md5sum of maldet-clean.tgz
Nov 13 2024 03:38:51 cp41 maldet(16510): {sigup} unpacked and installed maldet-clean.tgz
Nov 13 2024 03:38:51 cp41 maldet(16510): {sigup} signature set update completed
Nov 13 2024 03:38:51 cp41 maldet(16510): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 13 2024 03:38:51 cp41 maldet(16793): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 13 2024 03:38:52 cp41 maldet(16793): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 13 2024 03:38:52 cp41 maldet(16793): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 13 2024 03:38:52 cp41 maldet(16793): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 13 2024 03:38:52 cp41 maldet(16793): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 13 2024 05:07:07 cp41 maldet(16793): {scan} file list completed in 5295s, found 97 files...
Nov 13 2024 05:07:07 cp41 maldet(16793): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 13 2024 05:07:07 cp41 maldet(16793): {scan} scan of (97 files) in progress...
Nov 13 2024 05:07:15 cp41 maldet(16793): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 13 2024 05:07:15 cp41 maldet(16793): {scan} scan completed on : files 97, malware hits 0, cleaned hits 0, time 5304s
Nov 13 2024 05:07:15 cp41 maldet(16793): {scan} scan report saved, to view run: maldet --report 241113-0338.16793
Nov 14 2024 03:22:00 cp41 maldet(29842): {update} checking for available updates...
Nov 14 2024 03:22:00 cp41 maldet(29842): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 14 2024 03:22:00 cp41 maldet(29842): {update} hashing install files and checking against server...
Nov 14 2024 03:22:01 cp41 maldet(29842): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 14 2024 03:22:01 cp41 maldet(29842): {update} latest version already installed.
Nov 14 2024 03:22:01 cp41 maldet(29985): {sigup} performing signature update check...
Nov 14 2024 03:22:01 cp41 maldet(29985): {sigup} local signature set is version 202411132100752
Nov 14 2024 03:22:01 cp41 maldet(29985): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 14 2024 03:22:02 cp41 maldet(29985): {sigup} latest signature set already installed
Nov 14 2024 03:22:02 cp41 maldet(30129): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 14 2024 03:22:06 cp41 maldet(30129): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 14 2024 03:22:06 cp41 maldet(30129): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 14 2024 03:22:06 cp41 maldet(30129): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 14 2024 03:22:06 cp41 maldet(30129): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 14 2024 09:07:54 cp41 maldet(30129): {scan} file list completed in 20747s, found 8811 files...
Nov 14 2024 09:07:54 cp41 maldet(30129): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 14 2024 09:07:54 cp41 maldet(30129): {scan} scan of (8811 files) in progress...
Nov 14 2024 09:12:10 cp41 maldet(30129): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/briancol/public_html/.well-known/acme-challenge/alsa_control
Nov 14 2024 09:12:10 cp41 maldet(30129): {scan} scan completed on : files 8811, malware hits 1, cleaned hits 0, time 21008s
Nov 14 2024 09:12:10 cp41 maldet(30129): {scan} scan report saved, to view run: maldet --report 241114-0322.30129
Nov 14 2024 09:12:10 cp41 maldet(30129): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241114-0322.30129
Nov 15 2024 03:27:10 cp41 maldet(4113): {update} checking for available updates...
Nov 15 2024 03:27:10 cp41 maldet(4113): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 15 2024 03:27:10 cp41 maldet(4113): {update} hashing install files and checking against server...
Nov 15 2024 03:27:11 cp41 maldet(4113): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 15 2024 03:27:11 cp41 maldet(4113): {update} latest version already installed.
Nov 15 2024 03:27:11 cp41 maldet(4263): {sigup} performing signature update check...
Nov 15 2024 03:27:11 cp41 maldet(4263): {sigup} local signature set is version 202411132100752
Nov 15 2024 03:27:11 cp41 maldet(4263): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 15 2024 03:27:12 cp41 maldet(4263): {sigup} latest signature set already installed
Nov 15 2024 03:27:12 cp41 maldet(4388): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 15 2024 03:27:13 cp41 maldet(4388): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 15 2024 03:27:13 cp41 maldet(4388): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 15 2024 03:27:13 cp41 maldet(4388): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 15 2024 03:27:13 cp41 maldet(4388): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 15 2024 06:30:19 cp41 maldet(4388): {scan} file list completed in 10986s, found 155 files...
Nov 15 2024 06:30:19 cp41 maldet(4388): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 15 2024 06:30:19 cp41 maldet(4388): {scan} scan of (155 files) in progress...
Nov 15 2024 06:30:30 cp41 maldet(4388): {hit} malware hit {HEX}php.generic.malware.447 found for /home/pipedrea/public_html/yt2024/index.php
Nov 15 2024 06:30:31 cp41 maldet(4388): {hit} malware hit {HEX}php.generic.malware.447 found for /home/pipedrea/public_html/wp-includesc93c43/index.php
Nov 15 2024 06:30:31 cp41 maldet(4388): {hit} malware hit {HEX}php.generic.malware.447 found for /home/pipedrea/public_html/wp-contente5904c/index.php
Nov 15 2024 06:30:31 cp41 maldet(4388): {hit} malware hit {HEX}php.generic.malware.447 found for /home/pipedrea/public_html/wp-admin563cef/index.php
Nov 15 2024 06:30:31 cp41 maldet(4388): {hit} malware hit {HEX}php.generic.malware.447 found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-lnXJEh/tmp/index.php
Nov 15 2024 06:30:31 cp41 maldet(4388): {scan} scan completed on : files 155, malware hits 5, cleaned hits 0, time 10999s
Nov 15 2024 06:30:31 cp41 maldet(4388): {scan} scan report saved, to view run: maldet --report 241115-0327.4388
Nov 15 2024 06:30:31 cp41 maldet(4388): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241115-0327.4388
Nov 16 2024 03:39:11 cp41 maldet(19443): {update} checking for available updates...
Nov 16 2024 03:39:12 cp41 maldet(19443): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 16 2024 03:39:12 cp41 maldet(19443): {update} hashing install files and checking against server...
Nov 16 2024 03:39:13 cp41 maldet(19443): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 16 2024 03:39:13 cp41 maldet(19443): {update} latest version already installed.
Nov 16 2024 03:39:14 cp41 maldet(19701): {sigup} performing signature update check...
Nov 16 2024 03:39:14 cp41 maldet(19701): {sigup} local signature set is version 202411132100752
Nov 16 2024 03:39:15 cp41 maldet(19701): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 16 2024 03:39:15 cp41 maldet(19701): {sigup} new signature set 20241116556149 available
Nov 16 2024 03:39:16 cp41 maldet(19701): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 16 2024 03:39:18 cp41 maldet(19701): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 16 2024 03:39:19 cp41 maldet(19701): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Nov 16 2024 03:39:19 cp41 maldet(19701): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 16 2024 03:39:19 cp41 maldet(19701): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 16 2024 03:39:20 cp41 maldet(19701): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Nov 16 2024 03:39:20 cp41 maldet(19701): {sigup} verified md5sum of maldet-sigpack.tgz
Nov 16 2024 03:39:56 cp41 maldet(19701): {sigup} unpacked and installed maldet-sigpack.tgz
Nov 16 2024 03:40:02 cp41 maldet(19701): {sigup} verified md5sum of maldet-clean.tgz
Nov 16 2024 03:40:08 cp41 maldet(19701): {sigup} unpacked and installed maldet-clean.tgz
Nov 16 2024 03:40:08 cp41 maldet(19701): {sigup} signature set update completed
Nov 16 2024 03:40:09 cp41 maldet(19701): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 16 2024 03:40:19 cp41 maldet(20759): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 16 2024 03:40:41 cp41 maldet(20759): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 16 2024 03:40:46 cp41 maldet(20759): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 16 2024 03:40:46 cp41 maldet(20759): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 16 2024 03:40:46 cp41 maldet(20759): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 16 2024 08:08:25 cp41 maldet(20759): {scan} file list completed in 16058s, found 163 files...
Nov 16 2024 08:08:25 cp41 maldet(20759): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 16 2024 08:08:25 cp41 maldet(20759): {scan} scan of (163 files) in progress...
Nov 16 2024 08:08:34 cp41 maldet(20759): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 16 2024 08:08:34 cp41 maldet(20759): {scan} scan completed on : files 163, malware hits 0, cleaned hits 0, time 16095s
Nov 16 2024 08:08:34 cp41 maldet(20759): {scan} scan report saved, to view run: maldet --report 241116-0340.20759
Nov 17 2024 03:33:53 cp41 maldet(14377): {update} checking for available updates...
Nov 17 2024 03:33:53 cp41 maldet(14377): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 17 2024 03:33:53 cp41 maldet(14377): {update} hashing install files and checking against server...
Nov 17 2024 03:33:54 cp41 maldet(14377): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 17 2024 03:33:54 cp41 maldet(14377): {update} latest version already installed.
Nov 17 2024 03:33:54 cp41 maldet(14518): {sigup} performing signature update check...
Nov 17 2024 03:33:54 cp41 maldet(14518): {sigup} local signature set is version 20241116556149
Nov 17 2024 03:33:54 cp41 maldet(14518): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 17 2024 03:33:54 cp41 maldet(14518): {sigup} latest signature set already installed
Nov 17 2024 03:33:55 cp41 maldet(14643): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 17 2024 03:33:56 cp41 maldet(14643): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 17 2024 03:33:56 cp41 maldet(14643): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 17 2024 03:33:56 cp41 maldet(14643): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 17 2024 03:33:56 cp41 maldet(14643): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 17 2024 08:51:28 cp41 maldet(14643): {scan} file list completed in 19051s, found 416 files...
Nov 17 2024 08:51:28 cp41 maldet(14643): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 17 2024 08:51:28 cp41 maldet(14643): {scan} scan of (416 files) in progress...
Nov 17 2024 08:51:42 cp41 maldet(14643): {hit} malware hit {YARA}php_in_image found for /home/pointlak/public_html/wp-admin__8e31ed4/nyx.php
Nov 17 2024 08:51:43 cp41 maldet(14643): {hit} malware hit {HEX}php.mailer.Mzh.557 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/8d6fe6aee4.php
Nov 17 2024 08:51:43 cp41 maldet(14643): {scan} scan completed on : files 416, malware hits 2, cleaned hits 0, time 19068s
Nov 17 2024 08:51:43 cp41 maldet(14643): {scan} scan report saved, to view run: maldet --report 241117-0333.14643
Nov 17 2024 08:51:43 cp41 maldet(14643): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241117-0333.14643
Nov 18 2024 03:33:35 cp41 maldet(28446): {update} checking for available updates...
Nov 18 2024 03:33:36 cp41 maldet(28446): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 18 2024 03:33:36 cp41 maldet(28446): {update} hashing install files and checking against server...
Nov 18 2024 03:33:36 cp41 maldet(28446): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 18 2024 03:33:36 cp41 maldet(28446): {update} latest version already installed.
Nov 18 2024 03:33:36 cp41 maldet(28591): {sigup} performing signature update check...
Nov 18 2024 03:33:36 cp41 maldet(28591): {sigup} local signature set is version 20241116556149
Nov 18 2024 03:33:36 cp41 maldet(28591): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 18 2024 03:33:37 cp41 maldet(28591): {sigup} latest signature set already installed
Nov 18 2024 03:33:37 cp41 maldet(28708): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 18 2024 03:33:38 cp41 maldet(28708): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 18 2024 03:33:38 cp41 maldet(28708): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 18 2024 03:33:38 cp41 maldet(28708): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 18 2024 03:33:38 cp41 maldet(28708): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 18 2024 07:56:38 cp41 maldet(28708): {scan} file list completed in 15780s, found 100269 files...
Nov 18 2024 07:56:38 cp41 maldet(28708): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 18 2024 07:56:38 cp41 maldet(28708): {scan} scan of (100269 files) in progress...
Nov 18 2024 11:27:36 cp41 maldet(28708): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cgi-bin__f48db49/index.php
Nov 18 2024 11:27:36 cp41 maldet(28708): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/Webss__f48db49/index.php
Nov 18 2024 11:27:36 cp41 maldet(28708): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/3Jm2tg__f48db49/index.php
Nov 18 2024 11:27:36 cp41 maldet(28708): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/WEBS__f48db49/index.php
Nov 18 2024 11:27:36 cp41 maldet(28708): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/jp__f48db49/index.php
Nov 18 2024 11:27:36 cp41 maldet(28708): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cache__f48db49/index.php
Nov 18 2024 11:27:36 cp41 maldet(28708): {scan} scan completed on : files 100269, malware hits 6, cleaned hits 0, time 28439s
Nov 18 2024 11:27:36 cp41 maldet(28708): {scan} scan report saved, to view run: maldet --report 241118-0333.28708
Nov 18 2024 11:27:36 cp41 maldet(28708): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241118-0333.28708
Nov 19 2024 03:12:38 cp41 maldet(8465): {update} checking for available updates...
Nov 19 2024 03:12:38 cp41 maldet(8465): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 19 2024 03:12:38 cp41 maldet(8465): {update} hashing install files and checking against server...
Nov 19 2024 03:12:38 cp41 maldet(8465): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 19 2024 03:12:38 cp41 maldet(8465): {update} latest version already installed.
Nov 19 2024 03:12:38 cp41 maldet(8617): {sigup} performing signature update check...
Nov 19 2024 03:12:38 cp41 maldet(8617): {sigup} local signature set is version 20241116556149
Nov 19 2024 03:12:39 cp41 maldet(8617): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 19 2024 03:12:39 cp41 maldet(8617): {sigup} new signature set 202411191312395 available
Nov 19 2024 03:12:39 cp41 maldet(8617): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 19 2024 03:12:40 cp41 maldet(8617): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 19 2024 03:12:40 cp41 maldet(8617): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Nov 19 2024 03:12:40 cp41 maldet(8617): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 19 2024 03:12:40 cp41 maldet(8617): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 19 2024 03:12:41 cp41 maldet(8617): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Nov 19 2024 03:12:41 cp41 maldet(8617): {sigup} verified md5sum of maldet-sigpack.tgz
Nov 19 2024 03:12:42 cp41 maldet(8617): {sigup} unpacked and installed maldet-sigpack.tgz
Nov 19 2024 03:12:42 cp41 maldet(8617): {sigup} verified md5sum of maldet-clean.tgz
Nov 19 2024 03:12:43 cp41 maldet(8617): {sigup} unpacked and installed maldet-clean.tgz
Nov 19 2024 03:12:43 cp41 maldet(8617): {sigup} signature set update completed
Nov 19 2024 03:12:43 cp41 maldet(8617): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 19 2024 03:12:45 cp41 maldet(8877): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 19 2024 03:12:47 cp41 maldet(8877): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 19 2024 03:12:47 cp41 maldet(8877): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 19 2024 03:12:47 cp41 maldet(8877): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 19 2024 03:12:47 cp41 maldet(8877): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 19 2024 08:50:56 cp41 maldet(8877): {scan} file list completed in 20289s, found 273 files...
Nov 19 2024 08:50:56 cp41 maldet(8877): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 19 2024 08:50:56 cp41 maldet(8877): {scan} scan of (273 files) in progress...
Nov 19 2024 08:51:13 cp41 maldet(8877): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cgi-bin__f48db49/index.php
Nov 19 2024 08:51:13 cp41 maldet(8877): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/Webss__f48db49/index.php
Nov 19 2024 08:51:13 cp41 maldet(8877): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/3Jm2tg__f48db49/index.php
Nov 19 2024 08:51:13 cp41 maldet(8877): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/WEBS__f48db49/index.php
Nov 19 2024 08:51:13 cp41 maldet(8877): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/jp__f48db49/index.php
Nov 19 2024 08:51:13 cp41 maldet(8877): {hit} malware hit {HEX}php.generic.malware.447 found for /home/chaplane/public_html/cache__f48db49/index.php
Nov 19 2024 08:51:13 cp41 maldet(8877): {scan} scan completed on : files 273, malware hits 6, cleaned hits 0, time 20308s
Nov 19 2024 08:51:13 cp41 maldet(8877): {scan} scan report saved, to view run: maldet --report 241119-0312.8877
Nov 19 2024 08:51:13 cp41 maldet(8877): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241119-0312.8877
Nov 20 2024 03:33:11 cp41 maldet(28178): {update} checking for available updates...
Nov 20 2024 03:33:12 cp41 maldet(28178): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 20 2024 03:33:12 cp41 maldet(28178): {update} hashing install files and checking against server...
Nov 20 2024 03:33:13 cp41 maldet(28178): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 20 2024 03:33:13 cp41 maldet(28178): {update} latest version already installed.
Nov 20 2024 03:33:14 cp41 maldet(28323): {sigup} performing signature update check...
Nov 20 2024 03:33:14 cp41 maldet(28323): {sigup} local signature set is version 202411191312395
Nov 20 2024 03:33:14 cp41 maldet(28323): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 20 2024 03:33:15 cp41 maldet(28323): {sigup} latest signature set already installed
Nov 20 2024 03:33:16 cp41 maldet(28466): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 20 2024 03:33:19 cp41 maldet(28466): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 20 2024 03:33:19 cp41 maldet(28466): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 20 2024 03:33:19 cp41 maldet(28466): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 20 2024 03:33:19 cp41 maldet(28466): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 20 2024 08:39:19 cp41 maldet(28466): {scan} file list completed in 18360s, found 609 files...
Nov 20 2024 08:39:20 cp41 maldet(28466): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 20 2024 08:39:20 cp41 maldet(28466): {scan} scan of (609 files) in progress...
Nov 20 2024 08:39:35 cp41 maldet(28466): {hit} malware hit {HEX}php.nested.base64.652 found for /home/emthonje/public_html/.well-known/pki-validation/classwithtostring.php
Nov 20 2024 08:39:35 cp41 maldet(28466): {scan} scan completed on : files 609, malware hits 1, cleaned hits 0, time 18378s
Nov 20 2024 08:39:35 cp41 maldet(28466): {scan} scan report saved, to view run: maldet --report 241120-0333.28466
Nov 20 2024 08:39:35 cp41 maldet(28466): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241120-0333.28466
Nov 21 2024 03:34:18 cp41 maldet(30411): {update} checking for available updates...
Nov 21 2024 03:34:18 cp41 maldet(30411): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 21 2024 03:34:18 cp41 maldet(30411): {update} hashing install files and checking against server...
Nov 21 2024 03:34:19 cp41 maldet(30411): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 21 2024 03:34:19 cp41 maldet(30411): {update} latest version already installed.
Nov 21 2024 03:34:20 cp41 maldet(30594): {sigup} performing signature update check...
Nov 21 2024 03:34:20 cp41 maldet(30594): {sigup} local signature set is version 202411191312395
Nov 21 2024 03:34:21 cp41 maldet(30594): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 21 2024 03:34:21 cp41 maldet(30594): {sigup} latest signature set already installed
Nov 21 2024 03:34:23 cp41 maldet(30807): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 21 2024 03:34:27 cp41 maldet(30807): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 21 2024 03:34:27 cp41 maldet(30807): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 21 2024 03:34:27 cp41 maldet(30807): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 21 2024 03:34:27 cp41 maldet(30807): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 21 2024 07:43:30 cp41 maldet(30807): {scan} file list completed in 14943s, found 933 files...
Nov 21 2024 07:43:30 cp41 maldet(30807): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 21 2024 07:43:30 cp41 maldet(30807): {scan} scan of (933 files) in progress...
Nov 21 2024 07:43:49 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/obtrude/jack_monitor_client
Nov 21 2024 07:43:49 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/2265e7b5c7/jack_monitor_client
Nov 21 2024 07:43:49 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/6569b22d01/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/prettiness/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/uevsi/index/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/swp2d/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/22bf506a/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/images/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/assets/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/8032579aef/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/cgi-bin/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/consistent/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/rfcomm
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/fb01c73162/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/intermission/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/98gyv/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/emgz32s/index/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/5dbtr/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/pki-validation/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/.well-known/acme-challenge/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/3cbb7e6f69/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/9330786597/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/billfold/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/alsa_restore
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {CAV}Unix.Malware.Ngioweb-9999424-0 found for /home/raeditsc/public_html/privatetelemagica/rk6jnihr/index/jack_monitor_client
Nov 21 2024 07:43:50 cp41 maldet(30807): {hit} malware hit {HEX}php.generic.malware.447 found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-Nm1oIh/tmp/index.php
Nov 21 2024 07:43:51 cp41 maldet(30807): {scan} scan completed on : files 933, malware hits 31, cleaned hits 0, time 14967s
Nov 21 2024 07:43:51 cp41 maldet(30807): {scan} scan report saved, to view run: maldet --report 241121-0334.30807
Nov 21 2024 07:43:51 cp41 maldet(30807): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241121-0334.30807
Nov 22 2024 03:43:21 cp41 maldet(3032): {update} checking for available updates...
Nov 22 2024 03:43:21 cp41 maldet(3032): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 22 2024 03:43:21 cp41 maldet(3032): {update} hashing install files and checking against server...
Nov 22 2024 03:43:21 cp41 maldet(3032): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 22 2024 03:43:21 cp41 maldet(3032): {update} latest version already installed.
Nov 22 2024 03:43:21 cp41 maldet(3172): {sigup} performing signature update check...
Nov 22 2024 03:43:21 cp41 maldet(3172): {sigup} local signature set is version 202411191312395
Nov 22 2024 03:43:22 cp41 maldet(3172): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 22 2024 03:43:22 cp41 maldet(3172): {sigup} latest signature set already installed
Nov 22 2024 03:43:22 cp41 maldet(3287): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 22 2024 03:43:24 cp41 maldet(3287): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 22 2024 03:43:24 cp41 maldet(3287): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 22 2024 03:43:24 cp41 maldet(3287): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 22 2024 03:43:24 cp41 maldet(3287): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 22 2024 04:54:40 cp41 maldet(3287): {scan} file list completed in 4276s, found 223 files...
Nov 22 2024 04:54:40 cp41 maldet(3287): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 22 2024 04:54:40 cp41 maldet(3287): {scan} scan of (223 files) in progress...
Nov 22 2024 04:54:56 cp41 maldet(3287): {hit} malware hit {HEX}php.base64.inject.182 found for /home/erxgrafx/public_html/.well-known/luuf.php
Nov 22 2024 04:54:56 cp41 maldet(3287): {scan} scan completed on : files 223, malware hits 1, cleaned hits 0, time 4294s
Nov 22 2024 04:54:56 cp41 maldet(3287): {scan} scan report saved, to view run: maldet --report 241122-0343.3287
Nov 22 2024 04:54:56 cp41 maldet(3287): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241122-0343.3287
Nov 23 2024 03:51:34 cp41 maldet(32670): {update} checking for available updates...
Nov 23 2024 03:51:35 cp41 maldet(32670): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 23 2024 03:51:35 cp41 maldet(32670): {update} hashing install files and checking against server...
Nov 23 2024 03:51:37 cp41 maldet(32670): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 23 2024 03:51:38 cp41 maldet(32670): {update} latest version already installed.
Nov 23 2024 03:51:39 cp41 maldet(370): {sigup} performing signature update check...
Nov 23 2024 03:51:40 cp41 maldet(370): {sigup} local signature set is version 202411191312395
Nov 23 2024 03:51:40 cp41 maldet(370): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 23 2024 03:51:41 cp41 maldet(370): {sigup} new signature set 202411222071516 available
Nov 23 2024 03:51:41 cp41 maldet(370): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 23 2024 03:51:41 cp41 maldet(370): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 23 2024 03:51:42 cp41 maldet(370): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Nov 23 2024 03:51:42 cp41 maldet(370): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 23 2024 03:51:42 cp41 maldet(370): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 23 2024 03:51:42 cp41 maldet(370): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Nov 23 2024 03:51:42 cp41 maldet(370): {sigup} verified md5sum of maldet-sigpack.tgz
Nov 23 2024 03:51:45 cp41 maldet(370): {sigup} unpacked and installed maldet-sigpack.tgz
Nov 23 2024 03:51:45 cp41 maldet(370): {sigup} verified md5sum of maldet-clean.tgz
Nov 23 2024 03:51:45 cp41 maldet(370): {sigup} unpacked and installed maldet-clean.tgz
Nov 23 2024 03:51:45 cp41 maldet(370): {sigup} signature set update completed
Nov 23 2024 03:51:45 cp41 maldet(370): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 23 2024 03:51:45 cp41 maldet(656): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 23 2024 03:51:47 cp41 maldet(656): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 23 2024 03:51:47 cp41 maldet(656): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 23 2024 03:51:47 cp41 maldet(656): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 23 2024 03:51:47 cp41 maldet(656): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 23 2024 08:41:13 cp41 maldet(656): {scan} file list completed in 17365s, found 393 files...
Nov 23 2024 08:41:13 cp41 maldet(656): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 23 2024 08:41:13 cp41 maldet(656): {scan} scan of (393 files) in progress...
Nov 23 2024 08:41:45 cp41 maldet(656): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 23 2024 08:41:45 cp41 maldet(656): {scan} scan completed on : files 393, malware hits 0, cleaned hits 0, time 17400s
Nov 23 2024 08:41:45 cp41 maldet(656): {scan} scan report saved, to view run: maldet --report 241123-0351.656
Nov 24 2024 03:51:45 cp41 maldet(22438): {update} checking for available updates...
Nov 24 2024 03:51:45 cp41 maldet(22438): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 24 2024 03:51:45 cp41 maldet(22438): {update} hashing install files and checking against server...
Nov 24 2024 03:51:46 cp41 maldet(22438): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 24 2024 03:51:46 cp41 maldet(22438): {update} latest version already installed.
Nov 24 2024 03:51:46 cp41 maldet(22581): {sigup} performing signature update check...
Nov 24 2024 03:51:46 cp41 maldet(22581): {sigup} local signature set is version 202411222071516
Nov 24 2024 03:51:46 cp41 maldet(22581): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 24 2024 03:51:47 cp41 maldet(22581): {sigup} latest signature set already installed
Nov 24 2024 03:51:47 cp41 maldet(22706): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 24 2024 03:51:50 cp41 maldet(22706): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 24 2024 03:51:50 cp41 maldet(22706): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 24 2024 03:51:50 cp41 maldet(22706): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 24 2024 03:51:50 cp41 maldet(22706): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 24 2024 07:01:53 cp41 maldet(22706): {scan} file list completed in 11403s, found 164 files...
Nov 24 2024 07:01:54 cp41 maldet(22706): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 24 2024 07:01:54 cp41 maldet(22706): {scan} scan of (164 files) in progress...
Nov 24 2024 07:02:06 cp41 maldet(22706): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 24 2024 07:02:06 cp41 maldet(22706): {scan} scan completed on : files 164, malware hits 0, cleaned hits 0, time 11419s
Nov 24 2024 07:02:06 cp41 maldet(22706): {scan} scan report saved, to view run: maldet --report 241124-0351.22706
Nov 25 2024 03:33:44 cp41 maldet(2678): {update} checking for available updates...
Nov 25 2024 03:33:44 cp41 maldet(2678): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 25 2024 03:33:45 cp41 maldet(2678): {update} hashing install files and checking against server...
Nov 25 2024 03:33:45 cp41 maldet(2678): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 25 2024 03:33:45 cp41 maldet(2678): {update} latest version already installed.
Nov 25 2024 03:33:45 cp41 maldet(2826): {sigup} performing signature update check...
Nov 25 2024 03:33:45 cp41 maldet(2826): {sigup} local signature set is version 202411222071516
Nov 25 2024 03:33:45 cp41 maldet(2826): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 25 2024 03:33:45 cp41 maldet(2826): {sigup} new signature set 202411252823427 available
Nov 25 2024 03:33:45 cp41 maldet(2826): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 25 2024 03:33:46 cp41 maldet(2826): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 25 2024 03:33:46 cp41 maldet(2826): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Nov 25 2024 03:33:46 cp41 maldet(2826): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 25 2024 03:33:47 cp41 maldet(2826): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 25 2024 03:33:47 cp41 maldet(2826): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Nov 25 2024 03:33:47 cp41 maldet(2826): {sigup} verified md5sum of maldet-sigpack.tgz
Nov 25 2024 03:33:48 cp41 maldet(2826): {sigup} unpacked and installed maldet-sigpack.tgz
Nov 25 2024 03:33:48 cp41 maldet(2826): {sigup} verified md5sum of maldet-clean.tgz
Nov 25 2024 03:33:48 cp41 maldet(2826): {sigup} unpacked and installed maldet-clean.tgz
Nov 25 2024 03:33:48 cp41 maldet(2826): {sigup} signature set update completed
Nov 25 2024 03:33:48 cp41 maldet(2826): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 25 2024 03:33:48 cp41 maldet(3097): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 25 2024 03:33:49 cp41 maldet(3097): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 25 2024 03:33:49 cp41 maldet(3097): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 25 2024 03:33:49 cp41 maldet(3097): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 25 2024 03:33:49 cp41 maldet(3097): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 25 2024 07:58:15 cp41 maldet(3097): {scan} file list completed in 15866s, found 152 files...
Nov 25 2024 07:58:15 cp41 maldet(3097): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 25 2024 07:58:15 cp41 maldet(3097): {scan} scan of (152 files) in progress...
Nov 25 2024 07:58:20 cp41 maldet(3097): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 25 2024 07:58:20 cp41 maldet(3097): {scan} scan completed on : files 152, malware hits 0, cleaned hits 0, time 15872s
Nov 25 2024 07:58:20 cp41 maldet(3097): {scan} scan report saved, to view run: maldet --report 241125-0333.3097
Nov 26 2024 03:48:06 cp41 maldet(27731): {update} checking for available updates...
Nov 26 2024 03:48:06 cp41 maldet(27731): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 26 2024 03:48:06 cp41 maldet(27731): {update} hashing install files and checking against server...
Nov 26 2024 03:48:07 cp41 maldet(27731): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 26 2024 03:48:07 cp41 maldet(27731): {update} latest version already installed.
Nov 26 2024 03:48:08 cp41 maldet(27887): {sigup} performing signature update check...
Nov 26 2024 03:48:08 cp41 maldet(27887): {sigup} local signature set is version 202411252823427
Nov 26 2024 03:48:08 cp41 maldet(27887): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 26 2024 03:48:09 cp41 maldet(27887): {sigup} latest signature set already installed
Nov 26 2024 03:48:09 cp41 maldet(28010): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 26 2024 03:48:12 cp41 maldet(28010): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 26 2024 03:48:12 cp41 maldet(28010): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 26 2024 03:48:12 cp41 maldet(28010): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 26 2024 03:48:12 cp41 maldet(28010): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 26 2024 06:49:48 cp41 maldet(28010): {scan} file list completed in 10895s, found 305 files...
Nov 26 2024 06:49:48 cp41 maldet(28010): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 26 2024 06:49:48 cp41 maldet(28010): {scan} scan of (305 files) in progress...
Nov 26 2024 06:49:57 cp41 maldet(28010): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 26 2024 06:49:57 cp41 maldet(28010): {scan} scan completed on : files 305, malware hits 0, cleaned hits 0, time 10908s
Nov 26 2024 06:49:57 cp41 maldet(28010): {scan} scan report saved, to view run: maldet --report 241126-0348.28010
Nov 27 2024 03:19:30 cp41 maldet(12604): {update} checking for available updates...
Nov 27 2024 03:19:30 cp41 maldet(12604): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 27 2024 03:19:30 cp41 maldet(12604): {update} hashing install files and checking against server...
Nov 27 2024 03:19:38 cp41 maldet(12604): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 27 2024 03:19:38 cp41 maldet(12604): {update} latest version already installed.
Nov 27 2024 03:19:40 cp41 maldet(12818): {sigup} performing signature update check...
Nov 27 2024 03:19:40 cp41 maldet(12818): {sigup} local signature set is version 202411252823427
Nov 27 2024 03:19:44 cp41 maldet(12818): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 27 2024 03:19:44 cp41 maldet(12818): {sigup} latest signature set already installed
Nov 27 2024 03:19:46 cp41 maldet(12986): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 27 2024 03:19:51 cp41 maldet(12986): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 27 2024 03:19:51 cp41 maldet(12986): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 27 2024 03:19:51 cp41 maldet(12986): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 27 2024 03:19:51 cp41 maldet(12986): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 27 2024 10:58:48 cp41 maldet(12986): {scan} file list completed in 27537s, found 202 files...
Nov 27 2024 10:58:48 cp41 maldet(12986): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 27 2024 10:58:48 cp41 maldet(12986): {scan} scan of (202 files) in progress...
Nov 27 2024 10:58:59 cp41 maldet(12986): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 27 2024 10:58:59 cp41 maldet(12986): {scan} scan completed on : files 202, malware hits 0, cleaned hits 0, time 27553s
Nov 27 2024 10:58:59 cp41 maldet(12986): {scan} scan report saved, to view run: maldet --report 241127-0319.12986
Nov 28 2024 03:24:17 cp41 maldet(15575): {update} checking for available updates...
Nov 28 2024 03:24:23 cp41 maldet(15575): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 28 2024 03:24:23 cp41 maldet(15575): {update} hashing install files and checking against server...
Nov 28 2024 03:24:23 cp41 maldet(15575): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 28 2024 03:24:23 cp41 maldet(15575): {update} latest version already installed.
Nov 28 2024 03:24:23 cp41 maldet(15755): {sigup} performing signature update check...
Nov 28 2024 03:24:23 cp41 maldet(15755): {sigup} local signature set is version 202411252823427
Nov 28 2024 03:24:23 cp41 maldet(15755): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 28 2024 03:24:24 cp41 maldet(15755): {sigup} latest signature set already installed
Nov 28 2024 03:24:25 cp41 maldet(15914): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 28 2024 03:24:32 cp41 maldet(15914): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 28 2024 03:24:32 cp41 maldet(15914): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 28 2024 03:24:32 cp41 maldet(15914): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 28 2024 03:24:32 cp41 maldet(15914): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 28 2024 14:09:40 cp41 maldet(15914): {scan} file list completed in 38708s, found 140 files...
Nov 28 2024 14:09:40 cp41 maldet(15914): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 28 2024 14:09:40 cp41 maldet(15914): {scan} scan of (140 files) in progress...
Nov 28 2024 14:09:47 cp41 maldet(15914): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 28 2024 14:09:47 cp41 maldet(15914): {scan} scan completed on : files 140, malware hits 0, cleaned hits 0, time 38721s
Nov 28 2024 14:09:47 cp41 maldet(15914): {scan} scan report saved, to view run: maldet --report 241128-0324.15914
Nov 29 2024 03:55:57 cp41 maldet(12718): {update} checking for available updates...
Nov 29 2024 03:55:58 cp41 maldet(12718): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 29 2024 03:55:58 cp41 maldet(12718): {update} hashing install files and checking against server...
Nov 29 2024 03:56:04 cp41 maldet(12718): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 29 2024 03:56:04 cp41 maldet(12718): {update} latest version already installed.
Nov 29 2024 03:56:06 cp41 maldet(12954): {sigup} performing signature update check...
Nov 29 2024 03:56:06 cp41 maldet(12954): {sigup} local signature set is version 202411252823427
Nov 29 2024 03:56:09 cp41 maldet(12954): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 29 2024 03:56:09 cp41 maldet(12954): {sigup} new signature set 202411283582038 available
Nov 29 2024 03:56:09 cp41 maldet(12954): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 29 2024 03:56:10 cp41 maldet(12954): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Nov 29 2024 03:56:10 cp41 maldet(12954): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Nov 29 2024 03:56:10 cp41 maldet(12954): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 29 2024 03:56:10 cp41 maldet(12954): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Nov 29 2024 03:56:11 cp41 maldet(12954): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Nov 29 2024 03:56:11 cp41 maldet(12954): {sigup} verified md5sum of maldet-sigpack.tgz
Nov 29 2024 03:56:13 cp41 maldet(12954): {sigup} unpacked and installed maldet-sigpack.tgz
Nov 29 2024 03:56:13 cp41 maldet(12954): {sigup} verified md5sum of maldet-clean.tgz
Nov 29 2024 03:56:14 cp41 maldet(12954): {sigup} unpacked and installed maldet-clean.tgz
Nov 29 2024 03:56:14 cp41 maldet(12954): {sigup} signature set update completed
Nov 29 2024 03:56:14 cp41 maldet(12954): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 29 2024 03:56:15 cp41 maldet(13259): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 29 2024 03:56:16 cp41 maldet(13259): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 29 2024 03:56:16 cp41 maldet(13259): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 29 2024 03:56:16 cp41 maldet(13259): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 29 2024 03:56:16 cp41 maldet(13259): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 29 2024 14:32:42 cp41 maldet(13259): {scan} file list completed in 38184s, found 126 files...
Nov 29 2024 14:32:43 cp41 maldet(13259): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 29 2024 14:32:43 cp41 maldet(13259): {scan} scan of (126 files) in progress...
Nov 29 2024 14:32:49 cp41 maldet(13259): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 29 2024 14:32:49 cp41 maldet(13259): {scan} scan completed on : files 126, malware hits 0, cleaned hits 0, time 38194s
Nov 29 2024 14:32:49 cp41 maldet(13259): {scan} scan report saved, to view run: maldet --report 241129-0356.13259
Nov 30 2024 03:16:02 cp41 maldet(9199): {update} checking for available updates...
Nov 30 2024 03:16:02 cp41 maldet(9199): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Nov 30 2024 03:16:02 cp41 maldet(9199): {update} hashing install files and checking against server...
Nov 30 2024 03:16:03 cp41 maldet(9199): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Nov 30 2024 03:16:03 cp41 maldet(9199): {update} latest version already installed.
Nov 30 2024 03:16:03 cp41 maldet(9370): {sigup} performing signature update check...
Nov 30 2024 03:16:03 cp41 maldet(9370): {sigup} local signature set is version 202411283582038
Nov 30 2024 03:16:03 cp41 maldet(9370): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Nov 30 2024 03:16:04 cp41 maldet(9370): {sigup} latest signature set already installed
Nov 30 2024 03:16:04 cp41 maldet(9490): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Nov 30 2024 03:16:06 cp41 maldet(9490): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Nov 30 2024 03:16:06 cp41 maldet(9490): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Nov 30 2024 03:16:06 cp41 maldet(9490): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Nov 30 2024 03:16:06 cp41 maldet(9490): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Nov 30 2024 11:00:15 cp41 maldet(9490): {scan} file list completed in 27848s, found 106 files...
Nov 30 2024 11:00:15 cp41 maldet(9490): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Nov 30 2024 11:00:15 cp41 maldet(9490): {scan} scan of (106 files) in progress...
Nov 30 2024 11:00:21 cp41 maldet(9490): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Nov 30 2024 11:00:21 cp41 maldet(9490): {scan} scan completed on : files 106, malware hits 0, cleaned hits 0, time 27857s
Nov 30 2024 11:00:21 cp41 maldet(9490): {scan} scan report saved, to view run: maldet --report 241130-0316.9490
Dec 01 2024 03:35:36 cp41 maldet(31311): {update} checking for available updates...
Dec 01 2024 03:35:36 cp41 maldet(31311): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 01 2024 03:35:36 cp41 maldet(31311): {update} hashing install files and checking against server...
Dec 01 2024 03:35:37 cp41 maldet(31311): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 01 2024 03:35:37 cp41 maldet(31311): {update} latest version already installed.
Dec 01 2024 03:35:37 cp41 maldet(31455): {sigup} performing signature update check...
Dec 01 2024 03:35:37 cp41 maldet(31455): {sigup} local signature set is version 202411283582038
Dec 01 2024 03:35:37 cp41 maldet(31455): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 01 2024 03:35:38 cp41 maldet(31455): {sigup} latest signature set already installed
Dec 01 2024 03:35:38 cp41 maldet(31572): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 01 2024 03:35:42 cp41 maldet(31572): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 01 2024 03:35:42 cp41 maldet(31572): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 01 2024 03:35:42 cp41 maldet(31572): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 01 2024 03:35:42 cp41 maldet(31572): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 01 2024 10:48:01 cp41 maldet(31572): {scan} file list completed in 25938s, found 68 files...
Dec 01 2024 10:48:01 cp41 maldet(31572): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 01 2024 10:48:01 cp41 maldet(31572): {scan} scan of (68 files) in progress...
Dec 01 2024 10:48:06 cp41 maldet(31572): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 01 2024 10:48:06 cp41 maldet(31572): {scan} scan completed on : files 68, malware hits 0, cleaned hits 0, time 25948s
Dec 01 2024 10:48:06 cp41 maldet(31572): {scan} scan report saved, to view run: maldet --report 241201-0335.31572
Dec 02 2024 03:21:45 cp41 maldet(5904): {update} checking for available updates...
Dec 02 2024 03:21:50 cp41 maldet(5904): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 02 2024 03:21:51 cp41 maldet(5904): {update} hashing install files and checking against server...
Dec 02 2024 03:21:53 cp41 maldet(5904): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 02 2024 03:21:53 cp41 maldet(5904): {update} latest version already installed.
Dec 02 2024 03:21:57 cp41 maldet(6084): {sigup} performing signature update check...
Dec 02 2024 03:21:57 cp41 maldet(6084): {sigup} local signature set is version 202411283582038
Dec 02 2024 03:21:58 cp41 maldet(6084): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 02 2024 03:21:59 cp41 maldet(6084): {sigup} new signature set 20241201128768 available
Dec 02 2024 03:21:59 cp41 maldet(6084): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 02 2024 03:21:59 cp41 maldet(6084): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 02 2024 03:22:00 cp41 maldet(6084): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Dec 02 2024 03:22:00 cp41 maldet(6084): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 02 2024 03:22:00 cp41 maldet(6084): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 02 2024 03:22:00 cp41 maldet(6084): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Dec 02 2024 03:22:00 cp41 maldet(6084): {sigup} verified md5sum of maldet-sigpack.tgz
Dec 02 2024 03:22:09 cp41 maldet(6084): {sigup} unpacked and installed maldet-sigpack.tgz
Dec 02 2024 03:22:11 cp41 maldet(6084): {sigup} verified md5sum of maldet-clean.tgz
Dec 02 2024 03:22:13 cp41 maldet(6084): {sigup} unpacked and installed maldet-clean.tgz
Dec 02 2024 03:22:13 cp41 maldet(6084): {sigup} signature set update completed
Dec 02 2024 03:22:13 cp41 maldet(6084): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 02 2024 03:22:19 cp41 maldet(6451): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 02 2024 03:22:22 cp41 maldet(6451): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 02 2024 03:22:22 cp41 maldet(6451): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 02 2024 03:22:22 cp41 maldet(6451): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 02 2024 03:22:22 cp41 maldet(6451): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 02 2024 11:33:17 cp41 maldet(6451): {scan} file list completed in 29455s, found 123 files...
Dec 02 2024 11:33:17 cp41 maldet(6451): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 02 2024 11:33:17 cp41 maldet(6451): {scan} scan of (123 files) in progress...
Dec 02 2024 11:33:23 cp41 maldet(6451): {hit} malware hit {HEX}php.base64.inject.182 found for /home/erxgrafx/public_html/.well-known/rafa.php
Dec 02 2024 11:33:23 cp41 maldet(6451): {scan} scan completed on : files 123, malware hits 1, cleaned hits 0, time 29464s
Dec 02 2024 11:33:23 cp41 maldet(6451): {scan} scan report saved, to view run: maldet --report 241202-0322.6451
Dec 02 2024 11:33:23 cp41 maldet(6451): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241202-0322.6451
Dec 03 2024 03:40:30 cp41 maldet(12415): {update} checking for available updates...
Dec 03 2024 03:40:30 cp41 maldet(12415): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 03 2024 03:40:30 cp41 maldet(12415): {update} hashing install files and checking against server...
Dec 03 2024 03:40:31 cp41 maldet(12415): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 03 2024 03:40:31 cp41 maldet(12415): {update} latest version already installed.
Dec 03 2024 03:40:31 cp41 maldet(12568): {sigup} performing signature update check...
Dec 03 2024 03:40:31 cp41 maldet(12568): {sigup} local signature set is version 20241201128768
Dec 03 2024 03:40:31 cp41 maldet(12568): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 03 2024 03:40:32 cp41 maldet(12568): {sigup} latest signature set already installed
Dec 03 2024 03:40:35 cp41 maldet(12686): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 03 2024 03:40:42 cp41 maldet(12686): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 03 2024 03:40:42 cp41 maldet(12686): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 03 2024 03:40:42 cp41 maldet(12686): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 03 2024 03:40:42 cp41 maldet(12686): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 03 2024 10:26:43 cp41 maldet(12686): {scan} file list completed in 24358s, found 127 files...
Dec 03 2024 10:26:43 cp41 maldet(12686): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 03 2024 10:26:43 cp41 maldet(12686): {scan} scan of (127 files) in progress...
Dec 03 2024 10:26:54 cp41 maldet(12686): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 03 2024 10:26:55 cp41 maldet(12686): {scan} scan completed on : files 127, malware hits 0, cleaned hits 0, time 24379s
Dec 03 2024 10:26:55 cp41 maldet(12686): {scan} scan report saved, to view run: maldet --report 241203-0340.12686
Dec 04 2024 03:19:49 cp41 maldet(2585): {update} checking for available updates...
Dec 04 2024 03:19:49 cp41 maldet(2585): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 04 2024 03:19:49 cp41 maldet(2585): {update} hashing install files and checking against server...
Dec 04 2024 03:19:49 cp41 maldet(2585): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 04 2024 03:19:49 cp41 maldet(2585): {update} latest version already installed.
Dec 04 2024 03:19:50 cp41 maldet(2726): {sigup} performing signature update check...
Dec 04 2024 03:19:50 cp41 maldet(2726): {sigup} local signature set is version 20241201128768
Dec 04 2024 03:19:50 cp41 maldet(2726): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 04 2024 03:19:50 cp41 maldet(2726): {sigup} latest signature set already installed
Dec 04 2024 03:19:50 cp41 maldet(2845): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 04 2024 03:19:51 cp41 maldet(2845): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 04 2024 03:19:51 cp41 maldet(2845): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 04 2024 03:19:51 cp41 maldet(2845): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 04 2024 03:19:51 cp41 maldet(2845): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 04 2024 08:58:46 cp41 maldet(2845): {scan} file list completed in 20334s, found 116 files...
Dec 04 2024 08:58:46 cp41 maldet(2845): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 04 2024 08:58:46 cp41 maldet(2845): {scan} scan of (116 files) in progress...
Dec 04 2024 08:58:53 cp41 maldet(2845): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 04 2024 08:58:53 cp41 maldet(2845): {scan} scan completed on : files 116, malware hits 0, cleaned hits 0, time 20343s
Dec 04 2024 08:58:53 cp41 maldet(2845): {scan} scan report saved, to view run: maldet --report 241204-0319.2845
Dec 05 2024 03:33:46 cp41 maldet(14245): {update} checking for available updates...
Dec 05 2024 03:33:46 cp41 maldet(14245): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 05 2024 03:33:46 cp41 maldet(14245): {update} hashing install files and checking against server...
Dec 05 2024 03:33:47 cp41 maldet(14245): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 05 2024 03:33:47 cp41 maldet(14245): {update} latest version already installed.
Dec 05 2024 03:33:48 cp41 maldet(14384): {sigup} performing signature update check...
Dec 05 2024 03:33:48 cp41 maldet(14384): {sigup} local signature set is version 20241201128768
Dec 05 2024 03:33:48 cp41 maldet(14384): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 05 2024 03:33:49 cp41 maldet(14384): {sigup} new signature set 20241204548533 available
Dec 05 2024 03:33:49 cp41 maldet(14384): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 05 2024 03:33:51 cp41 maldet(14384): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 05 2024 03:33:54 cp41 maldet(14384): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Dec 05 2024 03:33:54 cp41 maldet(14384): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 05 2024 03:33:55 cp41 maldet(14384): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 05 2024 03:33:55 cp41 maldet(14384): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Dec 05 2024 03:33:55 cp41 maldet(14384): {sigup} verified md5sum of maldet-sigpack.tgz
Dec 05 2024 03:33:57 cp41 maldet(14384): {sigup} unpacked and installed maldet-sigpack.tgz
Dec 05 2024 03:33:59 cp41 maldet(14384): {sigup} verified md5sum of maldet-clean.tgz
Dec 05 2024 03:33:59 cp41 maldet(14384): {sigup} unpacked and installed maldet-clean.tgz
Dec 05 2024 03:33:59 cp41 maldet(14384): {sigup} signature set update completed
Dec 05 2024 03:33:59 cp41 maldet(14384): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 05 2024 03:34:00 cp41 maldet(14657): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 05 2024 03:34:03 cp41 maldet(14657): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 05 2024 03:34:03 cp41 maldet(14657): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 05 2024 03:34:03 cp41 maldet(14657): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 05 2024 03:34:03 cp41 maldet(14657): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 05 2024 10:00:12 cp41 maldet(14657): {scan} file list completed in 23168s, found 274 files...
Dec 05 2024 10:00:12 cp41 maldet(14657): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 05 2024 10:00:12 cp41 maldet(14657): {scan} scan of (274 files) in progress...
Dec 05 2024 10:00:21 cp41 maldet(14657): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 05 2024 10:00:21 cp41 maldet(14657): {scan} scan completed on : files 274, malware hits 0, cleaned hits 0, time 23181s
Dec 05 2024 10:00:21 cp41 maldet(14657): {scan} scan report saved, to view run: maldet --report 241205-0333.14657
Dec 06 2024 03:30:04 cp41 maldet(24576): {update} checking for available updates...
Dec 06 2024 03:30:08 cp41 maldet(24576): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 06 2024 03:30:08 cp41 maldet(24576): {update} hashing install files and checking against server...
Dec 06 2024 03:30:10 cp41 maldet(24576): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 06 2024 03:30:10 cp41 maldet(24576): {update} latest version already installed.
Dec 06 2024 03:30:14 cp41 maldet(24900): {sigup} performing signature update check...
Dec 06 2024 03:30:14 cp41 maldet(24900): {sigup} local signature set is version 20241204548533
Dec 06 2024 03:30:14 cp41 maldet(24900): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 06 2024 03:30:14 cp41 maldet(24900): {sigup} latest signature set already installed
Dec 06 2024 03:30:17 cp41 maldet(25029): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 06 2024 03:30:28 cp41 maldet(25029): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 06 2024 03:30:28 cp41 maldet(25029): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 06 2024 03:30:28 cp41 maldet(25029): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 06 2024 03:30:28 cp41 maldet(25029): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 06 2024 09:52:41 cp41 maldet(25029): {scan} file list completed in 22932s, found 85 files...
Dec 06 2024 09:52:41 cp41 maldet(25029): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 06 2024 09:52:41 cp41 maldet(25029): {scan} scan of (85 files) in progress...
Dec 06 2024 09:52:44 cp41 maldet(25029): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 06 2024 09:52:44 cp41 maldet(25029): {scan} scan completed on : files 85, malware hits 0, cleaned hits 0, time 22947s
Dec 06 2024 09:52:44 cp41 maldet(25029): {scan} scan report saved, to view run: maldet --report 241206-0330.25029
Dec 07 2024 03:23:32 cp41 maldet(5214): {update} checking for available updates...
Dec 07 2024 03:23:46 cp41 maldet(5214): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 07 2024 03:23:50 cp41 maldet(5214): {update} hashing install files and checking against server...
Dec 07 2024 03:23:52 cp41 maldet(5214): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 07 2024 03:23:53 cp41 maldet(5214): {update} latest version already installed.
Dec 07 2024 03:23:56 cp41 maldet(5466): {sigup} performing signature update check...
Dec 07 2024 03:23:56 cp41 maldet(5466): {sigup} local signature set is version 20241204548533
Dec 07 2024 03:23:58 cp41 maldet(5466): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 07 2024 03:24:00 cp41 maldet(5466): {sigup} new signature set 20241207552742 available
Dec 07 2024 03:24:00 cp41 maldet(5466): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 07 2024 03:24:13 cp41 maldet(5466): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 07 2024 03:24:18 cp41 maldet(5466): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Dec 07 2024 03:24:18 cp41 maldet(5466): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 07 2024 03:24:21 cp41 maldet(5466): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 07 2024 03:24:24 cp41 maldet(5466): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Dec 07 2024 03:24:24 cp41 maldet(5466): {sigup} verified md5sum of maldet-sigpack.tgz
Dec 07 2024 03:25:00 cp41 maldet(5466): {sigup} unpacked and installed maldet-sigpack.tgz
Dec 07 2024 03:25:10 cp41 maldet(5466): {sigup} verified md5sum of maldet-clean.tgz
Dec 07 2024 03:25:20 cp41 maldet(5466): {sigup} unpacked and installed maldet-clean.tgz
Dec 07 2024 03:25:20 cp41 maldet(5466): {sigup} signature set update completed
Dec 07 2024 03:25:20 cp41 maldet(5466): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 07 2024 03:25:22 cp41 maldet(6816): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 07 2024 03:25:24 cp41 maldet(6816): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 07 2024 03:25:24 cp41 maldet(6816): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 07 2024 03:25:24 cp41 maldet(6816): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 07 2024 03:25:24 cp41 maldet(6816): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 07 2024 09:44:26 cp41 maldet(6816): {scan} file list completed in 22742s, found 155 files...
Dec 07 2024 09:44:26 cp41 maldet(6816): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 07 2024 09:44:26 cp41 maldet(6816): {scan} scan of (155 files) in progress...
Dec 07 2024 09:44:37 cp41 maldet(6816): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 07 2024 09:44:38 cp41 maldet(6816): {scan} scan completed on : files 155, malware hits 0, cleaned hits 0, time 22755s
Dec 07 2024 09:44:38 cp41 maldet(6816): {scan} scan report saved, to view run: maldet --report 241207-0325.6816
Dec 08 2024 03:22:19 cp41 maldet(26143): {update} checking for available updates...
Dec 08 2024 03:22:19 cp41 maldet(26143): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 08 2024 03:22:19 cp41 maldet(26143): {update} hashing install files and checking against server...
Dec 08 2024 03:22:20 cp41 maldet(26143): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 08 2024 03:22:20 cp41 maldet(26143): {update} latest version already installed.
Dec 08 2024 03:22:20 cp41 maldet(26284): {sigup} performing signature update check...
Dec 08 2024 03:22:20 cp41 maldet(26284): {sigup} local signature set is version 20241207552742
Dec 08 2024 03:22:21 cp41 maldet(26284): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 08 2024 03:22:21 cp41 maldet(26284): {sigup} latest signature set already installed
Dec 08 2024 03:22:24 cp41 maldet(26401): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 08 2024 03:22:27 cp41 maldet(26401): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 08 2024 03:22:27 cp41 maldet(26401): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 08 2024 03:22:27 cp41 maldet(26401): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 08 2024 03:22:27 cp41 maldet(26401): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 08 2024 09:29:19 cp41 maldet(26401): {scan} file list completed in 22012s, found 134 files...
Dec 08 2024 09:29:19 cp41 maldet(26401): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 08 2024 09:29:19 cp41 maldet(26401): {scan} scan of (134 files) in progress...
Dec 08 2024 09:29:25 cp41 maldet(26401): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 08 2024 09:29:25 cp41 maldet(26401): {scan} scan completed on : files 134, malware hits 0, cleaned hits 0, time 22021s
Dec 08 2024 09:29:25 cp41 maldet(26401): {scan} scan report saved, to view run: maldet --report 241208-0322.26401
Dec 09 2024 03:33:45 cp41 maldet(21601): {update} checking for available updates...
Dec 09 2024 03:33:45 cp41 maldet(21601): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 09 2024 03:33:45 cp41 maldet(21601): {update} hashing install files and checking against server...
Dec 09 2024 03:33:45 cp41 maldet(21601): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 09 2024 03:33:45 cp41 maldet(21601): {update} latest version already installed.
Dec 09 2024 03:33:45 cp41 maldet(21740): {sigup} performing signature update check...
Dec 09 2024 03:33:45 cp41 maldet(21740): {sigup} local signature set is version 20241207552742
Dec 09 2024 03:33:46 cp41 maldet(21740): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 09 2024 03:33:46 cp41 maldet(21740): {sigup} latest signature set already installed
Dec 09 2024 03:33:46 cp41 maldet(21862): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 09 2024 03:33:48 cp41 maldet(21862): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 09 2024 03:33:48 cp41 maldet(21862): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 09 2024 03:33:48 cp41 maldet(21862): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 09 2024 03:33:48 cp41 maldet(21862): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 09 2024 06:36:12 cp41 maldet(21862): {scan} file list completed in 10944s, found 88 files...
Dec 09 2024 06:36:12 cp41 maldet(21862): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 09 2024 06:36:12 cp41 maldet(21862): {scan} scan of (88 files) in progress...
Dec 09 2024 06:36:14 cp41 maldet(21862): {hit} malware hit {HEX}php.base64.inject.182 found for /home/erxgrafx/public_html/.well-known/zwso.php
Dec 09 2024 06:36:14 cp41 maldet(21862): {scan} scan completed on : files 88, malware hits 1, cleaned hits 0, time 10948s
Dec 09 2024 06:36:14 cp41 maldet(21862): {scan} scan report saved, to view run: maldet --report 241209-0333.21862
Dec 09 2024 06:36:14 cp41 maldet(21862): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241209-0333.21862
Dec 10 2024 03:56:25 cp41 maldet(17772): {update} checking for available updates...
Dec 10 2024 03:56:25 cp41 maldet(17772): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 10 2024 03:56:25 cp41 maldet(17772): {update} hashing install files and checking against server...
Dec 10 2024 03:56:26 cp41 maldet(17772): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 10 2024 03:56:26 cp41 maldet(17772): {update} latest version already installed.
Dec 10 2024 03:56:26 cp41 maldet(17946): {sigup} performing signature update check...
Dec 10 2024 03:56:26 cp41 maldet(17946): {sigup} local signature set is version 20241207552742
Dec 10 2024 03:56:26 cp41 maldet(17946): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 10 2024 03:56:27 cp41 maldet(17946): {sigup} new signature set 20241210573652 available
Dec 10 2024 03:56:27 cp41 maldet(17946): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 10 2024 03:56:28 cp41 maldet(17946): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 10 2024 03:56:28 cp41 maldet(17946): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Dec 10 2024 03:56:28 cp41 maldet(17946): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 10 2024 03:56:28 cp41 maldet(17946): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 10 2024 03:56:29 cp41 maldet(17946): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Dec 10 2024 03:56:29 cp41 maldet(17946): {sigup} verified md5sum of maldet-sigpack.tgz
Dec 10 2024 03:56:32 cp41 maldet(17946): {sigup} unpacked and installed maldet-sigpack.tgz
Dec 10 2024 03:56:32 cp41 maldet(17946): {sigup} verified md5sum of maldet-clean.tgz
Dec 10 2024 03:56:38 cp41 maldet(17946): {sigup} unpacked and installed maldet-clean.tgz
Dec 10 2024 03:56:38 cp41 maldet(17946): {sigup} signature set update completed
Dec 10 2024 03:56:38 cp41 maldet(17946): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 10 2024 03:56:43 cp41 maldet(18261): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 10 2024 03:56:50 cp41 maldet(18261): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 10 2024 03:56:50 cp41 maldet(18261): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 10 2024 03:56:50 cp41 maldet(18261): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 10 2024 03:56:50 cp41 maldet(18261): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 10 2024 08:34:21 cp41 maldet(18261): {scan} file list completed in 16649s, found 3457 files...
Dec 10 2024 08:34:21 cp41 maldet(18261): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 10 2024 08:34:21 cp41 maldet(18261): {scan} scan of (3457 files) in progress...
Dec 10 2024 08:41:40 cp41 maldet(18261): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 10 2024 08:41:40 cp41 maldet(18261): {scan} scan completed on : files 3457, malware hits 0, cleaned hits 0, time 17097s
Dec 10 2024 08:41:40 cp41 maldet(18261): {scan} scan report saved, to view run: maldet --report 241210-0356.18261
Dec 11 2024 03:34:59 cp41 maldet(1545): {update} checking for available updates...
Dec 11 2024 03:34:59 cp41 maldet(1545): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 11 2024 03:34:59 cp41 maldet(1545): {update} hashing install files and checking against server...
Dec 11 2024 03:35:00 cp41 maldet(1545): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 11 2024 03:35:00 cp41 maldet(1545): {update} latest version already installed.
Dec 11 2024 03:35:00 cp41 maldet(1700): {sigup} performing signature update check...
Dec 11 2024 03:35:00 cp41 maldet(1700): {sigup} local signature set is version 20241210573652
Dec 11 2024 03:35:01 cp41 maldet(1700): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 11 2024 03:35:01 cp41 maldet(1700): {sigup} latest signature set already installed
Dec 11 2024 03:35:03 cp41 maldet(1907): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 11 2024 03:35:06 cp41 maldet(1907): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 11 2024 03:35:06 cp41 maldet(1907): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 11 2024 03:35:06 cp41 maldet(1907): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 11 2024 03:35:06 cp41 maldet(1907): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 11 2024 06:33:07 cp41 maldet(1907): {scan} file list completed in 10681s, found 3558 files...
Dec 11 2024 06:33:07 cp41 maldet(1907): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 11 2024 06:33:07 cp41 maldet(1907): {scan} scan of (3558 files) in progress...
Dec 11 2024 06:34:29 cp41 maldet(1907): {hit} malware hit {YARA}eval_post found for /tmp/systemd-private-7bd12bdf802c4e1583791cee76249052-ea-php55-php-fpm.service-ObtHJK/tmp/phpnfw9ik
Dec 11 2024 06:34:29 cp41 maldet(1907): {scan} scan completed on : files 3558, malware hits 1, cleaned hits 0, time 10766s
Dec 11 2024 06:34:29 cp41 maldet(1907): {scan} scan report saved, to view run: maldet --report 241211-0335.1907
Dec 11 2024 06:34:29 cp41 maldet(1907): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241211-0335.1907
Dec 12 2024 03:29:34 cp41 maldet(1827): {update} checking for available updates...
Dec 12 2024 03:29:35 cp41 maldet(1827): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 12 2024 03:29:35 cp41 maldet(1827): {update} hashing install files and checking against server...
Dec 12 2024 03:29:38 cp41 maldet(1827): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 12 2024 03:29:38 cp41 maldet(1827): {update} latest version already installed.
Dec 12 2024 03:29:43 cp41 maldet(2010): {sigup} performing signature update check...
Dec 12 2024 03:29:43 cp41 maldet(2010): {sigup} local signature set is version 20241210573652
Dec 12 2024 03:29:45 cp41 maldet(2010): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 12 2024 03:29:46 cp41 maldet(2010): {sigup} latest signature set already installed
Dec 12 2024 03:29:48 cp41 maldet(2135): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 12 2024 03:29:51 cp41 maldet(2135): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 12 2024 03:29:51 cp41 maldet(2135): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 12 2024 03:29:51 cp41 maldet(2135): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 12 2024 03:29:51 cp41 maldet(2135): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 12 2024 05:24:21 cp41 maldet(2135): {scan} file list completed in 6870s, found 143 files...
Dec 12 2024 05:24:21 cp41 maldet(2135): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 12 2024 05:24:21 cp41 maldet(2135): {scan} scan of (143 files) in progress...
Dec 12 2024 05:24:25 cp41 maldet(2135): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 12 2024 05:24:25 cp41 maldet(2135): {scan} scan completed on : files 143, malware hits 0, cleaned hits 0, time 6877s
Dec 12 2024 05:24:25 cp41 maldet(2135): {scan} scan report saved, to view run: maldet --report 241212-0329.2135
Dec 13 2024 03:44:04 cp41 maldet(21024): {update} checking for available updates...
Dec 13 2024 03:44:04 cp41 maldet(21024): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 13 2024 03:44:04 cp41 maldet(21024): {update} hashing install files and checking against server...
Dec 13 2024 03:44:04 cp41 maldet(21024): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 13 2024 03:44:04 cp41 maldet(21024): {update} latest version already installed.
Dec 13 2024 03:44:04 cp41 maldet(21164): {sigup} performing signature update check...
Dec 13 2024 03:44:04 cp41 maldet(21164): {sigup} local signature set is version 20241210573652
Dec 13 2024 03:44:05 cp41 maldet(21164): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 13 2024 03:44:05 cp41 maldet(21164): {sigup} new signature set 202412131329178 available
Dec 13 2024 03:44:05 cp41 maldet(21164): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 13 2024 03:44:05 cp41 maldet(21164): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 13 2024 03:44:06 cp41 maldet(21164): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Dec 13 2024 03:44:06 cp41 maldet(21164): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 13 2024 03:44:06 cp41 maldet(21164): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 13 2024 03:44:06 cp41 maldet(21164): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Dec 13 2024 03:44:06 cp41 maldet(21164): {sigup} verified md5sum of maldet-sigpack.tgz
Dec 13 2024 03:44:11 cp41 maldet(21164): {sigup} unpacked and installed maldet-sigpack.tgz
Dec 13 2024 03:44:12 cp41 maldet(21164): {sigup} verified md5sum of maldet-clean.tgz
Dec 13 2024 03:44:12 cp41 maldet(21164): {sigup} unpacked and installed maldet-clean.tgz
Dec 13 2024 03:44:12 cp41 maldet(21164): {sigup} signature set update completed
Dec 13 2024 03:44:12 cp41 maldet(21164): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 13 2024 03:44:12 cp41 maldet(21462): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 13 2024 03:44:14 cp41 maldet(21462): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 13 2024 03:44:14 cp41 maldet(21462): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 13 2024 03:44:14 cp41 maldet(21462): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 13 2024 03:44:14 cp41 maldet(21462): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 13 2024 06:24:20 cp41 maldet(21462): {scan} file list completed in 9606s, found 190 files...
Dec 13 2024 06:24:20 cp41 maldet(21462): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 13 2024 06:24:20 cp41 maldet(21462): {scan} scan of (190 files) in progress...
Dec 13 2024 06:24:26 cp41 maldet(21462): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 13 2024 06:24:26 cp41 maldet(21462): {scan} scan completed on : files 190, malware hits 0, cleaned hits 0, time 9614s
Dec 13 2024 06:24:26 cp41 maldet(21462): {scan} scan report saved, to view run: maldet --report 241213-0344.21462
Dec 14 2024 03:22:42 cp41 maldet(19555): {update} checking for available updates...
Dec 14 2024 03:22:42 cp41 maldet(19555): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 14 2024 03:22:43 cp41 maldet(19555): {update} hashing install files and checking against server...
Dec 14 2024 03:22:43 cp41 maldet(19555): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 14 2024 03:22:43 cp41 maldet(19555): {update} latest version already installed.
Dec 14 2024 03:22:43 cp41 maldet(19695): {sigup} performing signature update check...
Dec 14 2024 03:22:43 cp41 maldet(19695): {sigup} local signature set is version 202412131329178
Dec 14 2024 03:22:43 cp41 maldet(19695): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 14 2024 03:22:43 cp41 maldet(19695): {sigup} latest signature set already installed
Dec 14 2024 03:22:44 cp41 maldet(19812): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 14 2024 03:22:45 cp41 maldet(19812): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 14 2024 03:22:45 cp41 maldet(19812): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 14 2024 03:22:45 cp41 maldet(19812): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 14 2024 03:22:45 cp41 maldet(19812): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 14 2024 06:58:32 cp41 maldet(19812): {scan} file list completed in 12947s, found 156 files...
Dec 14 2024 06:58:32 cp41 maldet(19812): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 14 2024 06:58:32 cp41 maldet(19812): {scan} scan of (156 files) in progress...
Dec 14 2024 06:58:52 cp41 maldet(19812): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 14 2024 06:58:52 cp41 maldet(19812): {scan} scan completed on : files 156, malware hits 0, cleaned hits 0, time 12968s
Dec 14 2024 06:58:52 cp41 maldet(19812): {scan} scan report saved, to view run: maldet --report 241214-0322.19812
Dec 15 2024 03:43:09 cp41 maldet(28484): {update} checking for available updates...
Dec 15 2024 03:43:09 cp41 maldet(28484): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 15 2024 03:43:09 cp41 maldet(28484): {update} hashing install files and checking against server...
Dec 15 2024 03:43:10 cp41 maldet(28484): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 15 2024 03:43:10 cp41 maldet(28484): {update} latest version already installed.
Dec 15 2024 03:43:10 cp41 maldet(28651): {sigup} performing signature update check...
Dec 15 2024 03:43:10 cp41 maldet(28651): {sigup} local signature set is version 202412131329178
Dec 15 2024 03:43:10 cp41 maldet(28651): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 15 2024 03:43:10 cp41 maldet(28651): {sigup} latest signature set already installed
Dec 15 2024 03:43:10 cp41 maldet(28766): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 15 2024 03:43:11 cp41 maldet(28766): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 15 2024 03:43:11 cp41 maldet(28766): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 15 2024 03:43:11 cp41 maldet(28766): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 15 2024 03:43:11 cp41 maldet(28766): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 15 2024 06:11:17 cp41 maldet(28766): {scan} file list completed in 8886s, found 82 files...
Dec 15 2024 06:11:17 cp41 maldet(28766): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 15 2024 06:11:17 cp41 maldet(28766): {scan} scan of (82 files) in progress...
Dec 15 2024 06:11:21 cp41 maldet(28766): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 15 2024 06:11:21 cp41 maldet(28766): {scan} scan completed on : files 82, malware hits 0, cleaned hits 0, time 8891s
Dec 15 2024 06:11:21 cp41 maldet(28766): {scan} scan report saved, to view run: maldet --report 241215-0343.28766
Dec 16 2024 03:44:06 cp41 maldet(3117): {update} checking for available updates...
Dec 16 2024 03:44:06 cp41 maldet(3117): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 16 2024 03:44:06 cp41 maldet(3117): {update} hashing install files and checking against server...
Dec 16 2024 03:44:07 cp41 maldet(3117): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 16 2024 03:44:07 cp41 maldet(3117): {update} latest version already installed.
Dec 16 2024 03:44:07 cp41 maldet(3267): {sigup} performing signature update check...
Dec 16 2024 03:44:07 cp41 maldet(3267): {sigup} local signature set is version 202412131329178
Dec 16 2024 03:44:09 cp41 maldet(3267): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 16 2024 03:44:10 cp41 maldet(3267): {sigup} new signature set 20241216540968 available
Dec 16 2024 03:44:10 cp41 maldet(3267): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 16 2024 03:44:10 cp41 maldet(3267): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 16 2024 03:44:10 cp41 maldet(3267): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Dec 16 2024 03:44:10 cp41 maldet(3267): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 16 2024 03:44:10 cp41 maldet(3267): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 16 2024 03:44:11 cp41 maldet(3267): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Dec 16 2024 03:44:11 cp41 maldet(3267): {sigup} verified md5sum of maldet-sigpack.tgz
Dec 16 2024 03:44:11 cp41 maldet(3267): {sigup} unpacked and installed maldet-sigpack.tgz
Dec 16 2024 03:44:11 cp41 maldet(3267): {sigup} verified md5sum of maldet-clean.tgz
Dec 16 2024 03:44:11 cp41 maldet(3267): {sigup} unpacked and installed maldet-clean.tgz
Dec 16 2024 03:44:11 cp41 maldet(3267): {sigup} signature set update completed
Dec 16 2024 03:44:11 cp41 maldet(3267): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 16 2024 03:44:12 cp41 maldet(3526): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 16 2024 03:44:13 cp41 maldet(3526): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 16 2024 03:44:13 cp41 maldet(3526): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 16 2024 03:44:13 cp41 maldet(3526): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 16 2024 03:44:13 cp41 maldet(3526): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 16 2024 06:09:15 cp41 maldet(3526): {scan} file list completed in 8702s, found 99 files...
Dec 16 2024 06:09:15 cp41 maldet(3526): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 16 2024 06:09:15 cp41 maldet(3526): {scan} scan of (99 files) in progress...
Dec 16 2024 06:09:17 cp41 maldet(3526): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 16 2024 06:09:17 cp41 maldet(3526): {scan} scan completed on : files 99, malware hits 0, cleaned hits 0, time 8705s
Dec 16 2024 06:09:17 cp41 maldet(3526): {scan} scan report saved, to view run: maldet --report 241216-0344.3526
Dec 17 2024 03:35:35 cp41 maldet(16353): {update} checking for available updates...
Dec 17 2024 03:35:36 cp41 maldet(16353): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 17 2024 03:35:36 cp41 maldet(16353): {update} hashing install files and checking against server...
Dec 17 2024 03:35:37 cp41 maldet(16353): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 17 2024 03:35:37 cp41 maldet(16353): {update} latest version already installed.
Dec 17 2024 03:35:37 cp41 maldet(16500): {sigup} performing signature update check...
Dec 17 2024 03:35:37 cp41 maldet(16500): {sigup} local signature set is version 20241216540968
Dec 17 2024 03:35:37 cp41 maldet(16500): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 17 2024 03:35:38 cp41 maldet(16500): {sigup} latest signature set already installed
Dec 17 2024 03:35:39 cp41 maldet(16623): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 17 2024 03:35:42 cp41 maldet(16623): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 17 2024 03:35:42 cp41 maldet(16623): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 17 2024 03:35:42 cp41 maldet(16623): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 17 2024 03:35:42 cp41 maldet(16623): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 17 2024 06:28:08 cp41 maldet(16623): {scan} file list completed in 10346s, found 126 files...
Dec 17 2024 06:28:08 cp41 maldet(16623): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 17 2024 06:28:08 cp41 maldet(16623): {scan} scan of (126 files) in progress...
Dec 17 2024 06:28:10 cp41 maldet(16623): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 17 2024 06:28:10 cp41 maldet(16623): {scan} scan completed on : files 126, malware hits 0, cleaned hits 0, time 10351s
Dec 17 2024 06:28:10 cp41 maldet(16623): {scan} scan report saved, to view run: maldet --report 241217-0335.16623
Dec 18 2024 03:53:12 cp41 maldet(21329): {update} checking for available updates...
Dec 18 2024 03:53:14 cp41 maldet(21329): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 18 2024 03:53:14 cp41 maldet(21329): {update} hashing install files and checking against server...
Dec 18 2024 03:53:17 cp41 maldet(21329): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 18 2024 03:53:17 cp41 maldet(21329): {update} latest version already installed.
Dec 18 2024 03:53:18 cp41 maldet(21538): {sigup} performing signature update check...
Dec 18 2024 03:53:20 cp41 maldet(21538): {sigup} local signature set is version 20241216540968
Dec 18 2024 03:53:20 cp41 maldet(21538): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 18 2024 03:53:22 cp41 maldet(21538): {sigup} latest signature set already installed
Dec 18 2024 03:53:25 cp41 maldet(21689): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 18 2024 03:53:28 cp41 maldet(21689): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 18 2024 03:53:28 cp41 maldet(21689): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 18 2024 03:53:28 cp41 maldet(21689): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 18 2024 03:53:28 cp41 maldet(21689): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 18 2024 12:15:18 cp41 maldet(21689): {scan} file list completed in 30109s, found 124 files...
Dec 18 2024 12:15:18 cp41 maldet(21689): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 18 2024 12:15:18 cp41 maldet(21689): {scan} scan of (124 files) in progress...
Dec 18 2024 12:15:39 cp41 maldet(21689): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 18 2024 12:15:40 cp41 maldet(21689): {scan} scan completed on : files 124, malware hits 0, cleaned hits 0, time 30134s
Dec 18 2024 12:15:40 cp41 maldet(21689): {scan} scan report saved, to view run: maldet --report 241218-0353.21689
Dec 19 2024 03:27:46 cp41 maldet(1227): {update} checking for available updates...
Dec 19 2024 03:27:47 cp41 maldet(1227): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 19 2024 03:27:47 cp41 maldet(1227): {update} hashing install files and checking against server...
Dec 19 2024 03:27:47 cp41 maldet(1227): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 19 2024 03:27:47 cp41 maldet(1227): {update} latest version already installed.
Dec 19 2024 03:27:47 cp41 maldet(1382): {sigup} performing signature update check...
Dec 19 2024 03:27:48 cp41 maldet(1382): {sigup} local signature set is version 20241216540968
Dec 19 2024 03:27:48 cp41 maldet(1382): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 19 2024 03:27:49 cp41 maldet(1382): {sigup} latest signature set already installed
Dec 19 2024 03:27:49 cp41 maldet(1500): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 19 2024 03:27:51 cp41 maldet(1500): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 19 2024 03:27:51 cp41 maldet(1500): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 19 2024 03:27:51 cp41 maldet(1500): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 19 2024 03:27:51 cp41 maldet(1500): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 19 2024 10:24:48 cp41 maldet(1500): {scan} file list completed in 25017s, found 339 files...
Dec 19 2024 10:24:48 cp41 maldet(1500): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 19 2024 10:24:48 cp41 maldet(1500): {scan} scan of (339 files) in progress...
Dec 19 2024 10:24:57 cp41 maldet(1500): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 19 2024 10:24:57 cp41 maldet(1500): {scan} scan completed on : files 339, malware hits 0, cleaned hits 0, time 25028s
Dec 19 2024 10:24:57 cp41 maldet(1500): {scan} scan report saved, to view run: maldet --report 241219-0327.1500
Dec 20 2024 03:29:41 cp41 maldet(25100): {update} checking for available updates...
Dec 20 2024 03:29:41 cp41 maldet(25100): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 20 2024 03:29:41 cp41 maldet(25100): {update} hashing install files and checking against server...
Dec 20 2024 03:29:41 cp41 maldet(25100): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 20 2024 03:29:41 cp41 maldet(25100): {update} latest version already installed.
Dec 20 2024 03:29:41 cp41 maldet(25243): {sigup} performing signature update check...
Dec 20 2024 03:29:41 cp41 maldet(25243): {sigup} local signature set is version 20241216540968
Dec 20 2024 03:29:42 cp41 maldet(25243): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 20 2024 03:29:42 cp41 maldet(25243): {sigup} new signature set 202412191297071 available
Dec 20 2024 03:29:42 cp41 maldet(25243): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 20 2024 03:29:43 cp41 maldet(25243): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 20 2024 03:29:43 cp41 maldet(25243): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Dec 20 2024 03:29:43 cp41 maldet(25243): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 20 2024 03:29:43 cp41 maldet(25243): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 20 2024 03:29:44 cp41 maldet(25243): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Dec 20 2024 03:29:44 cp41 maldet(25243): {sigup} verified md5sum of maldet-sigpack.tgz
Dec 20 2024 03:29:45 cp41 maldet(25243): {sigup} unpacked and installed maldet-sigpack.tgz
Dec 20 2024 03:29:45 cp41 maldet(25243): {sigup} verified md5sum of maldet-clean.tgz
Dec 20 2024 03:29:45 cp41 maldet(25243): {sigup} unpacked and installed maldet-clean.tgz
Dec 20 2024 03:29:45 cp41 maldet(25243): {sigup} signature set update completed
Dec 20 2024 03:29:45 cp41 maldet(25243): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 20 2024 03:29:45 cp41 maldet(25503): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 20 2024 03:29:47 cp41 maldet(25503): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 20 2024 03:29:47 cp41 maldet(25503): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 20 2024 03:29:47 cp41 maldet(25503): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 20 2024 03:29:47 cp41 maldet(25503): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 20 2024 11:02:15 cp41 maldet(25503): {scan} file list completed in 27146s, found 156 files...
Dec 20 2024 11:02:15 cp41 maldet(25503): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 20 2024 11:02:15 cp41 maldet(25503): {scan} scan of (156 files) in progress...
Dec 20 2024 11:02:20 cp41 maldet(25503): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 20 2024 11:02:20 cp41 maldet(25503): {scan} scan completed on : files 156, malware hits 0, cleaned hits 0, time 27155s
Dec 20 2024 11:02:20 cp41 maldet(25503): {scan} scan report saved, to view run: maldet --report 241220-0329.25503
Dec 21 2024 03:45:19 cp41 maldet(21676): {update} checking for available updates...
Dec 21 2024 03:45:19 cp41 maldet(21676): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 21 2024 03:45:19 cp41 maldet(21676): {update} hashing install files and checking against server...
Dec 21 2024 03:45:20 cp41 maldet(21676): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 21 2024 03:45:20 cp41 maldet(21676): {update} latest version already installed.
Dec 21 2024 03:45:20 cp41 maldet(21818): {sigup} performing signature update check...
Dec 21 2024 03:45:20 cp41 maldet(21818): {sigup} local signature set is version 202412191297071
Dec 21 2024 03:45:20 cp41 maldet(21818): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 21 2024 03:45:21 cp41 maldet(21818): {sigup} latest signature set already installed
Dec 21 2024 03:45:21 cp41 maldet(21935): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 21 2024 03:45:22 cp41 maldet(21935): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 21 2024 03:45:22 cp41 maldet(21935): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 21 2024 03:45:22 cp41 maldet(21935): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 21 2024 03:45:22 cp41 maldet(21935): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 21 2024 07:36:01 cp41 maldet(21935): {scan} file list completed in 13839s, found 93 files...
Dec 21 2024 07:36:01 cp41 maldet(21935): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 21 2024 07:36:01 cp41 maldet(21935): {scan} scan of (93 files) in progress...
Dec 21 2024 07:36:08 cp41 maldet(21935): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 21 2024 07:36:08 cp41 maldet(21935): {scan} scan completed on : files 93, malware hits 0, cleaned hits 0, time 13847s
Dec 21 2024 07:36:08 cp41 maldet(21935): {scan} scan report saved, to view run: maldet --report 241221-0345.21935
Dec 22 2024 03:49:58 cp41 maldet(14734): {update} checking for available updates...
Dec 22 2024 03:49:58 cp41 maldet(14734): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 22 2024 03:49:58 cp41 maldet(14734): {update} hashing install files and checking against server...
Dec 22 2024 03:49:58 cp41 maldet(14734): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 22 2024 03:49:58 cp41 maldet(14734): {update} latest version already installed.
Dec 22 2024 03:49:58 cp41 maldet(14874): {sigup} performing signature update check...
Dec 22 2024 03:49:58 cp41 maldet(14874): {sigup} local signature set is version 202412191297071
Dec 22 2024 03:49:59 cp41 maldet(14874): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 22 2024 03:49:59 cp41 maldet(14874): {sigup} new signature set 20241222594668 available
Dec 22 2024 03:49:59 cp41 maldet(14874): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 22 2024 03:49:59 cp41 maldet(14874): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 22 2024 03:50:00 cp41 maldet(14874): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Dec 22 2024 03:50:00 cp41 maldet(14874): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 22 2024 03:50:00 cp41 maldet(14874): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 22 2024 03:50:00 cp41 maldet(14874): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Dec 22 2024 03:50:01 cp41 maldet(14874): {sigup} verified md5sum of maldet-sigpack.tgz
Dec 22 2024 03:50:02 cp41 maldet(14874): {sigup} unpacked and installed maldet-sigpack.tgz
Dec 22 2024 03:50:02 cp41 maldet(14874): {sigup} verified md5sum of maldet-clean.tgz
Dec 22 2024 03:50:02 cp41 maldet(14874): {sigup} unpacked and installed maldet-clean.tgz
Dec 22 2024 03:50:02 cp41 maldet(14874): {sigup} signature set update completed
Dec 22 2024 03:50:02 cp41 maldet(14874): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 22 2024 03:50:02 cp41 maldet(15244): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 22 2024 03:50:04 cp41 maldet(15244): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 22 2024 03:50:04 cp41 maldet(15244): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 22 2024 03:50:04 cp41 maldet(15244): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 22 2024 03:50:04 cp41 maldet(15244): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 22 2024 06:03:48 cp41 maldet(15244): {scan} file list completed in 8024s, found 78 files...
Dec 22 2024 06:03:48 cp41 maldet(15244): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 22 2024 06:03:48 cp41 maldet(15244): {scan} scan of (78 files) in progress...
Dec 22 2024 06:03:52 cp41 maldet(15244): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 22 2024 06:03:52 cp41 maldet(15244): {scan} scan completed on : files 78, malware hits 0, cleaned hits 0, time 8030s
Dec 22 2024 06:03:52 cp41 maldet(15244): {scan} scan report saved, to view run: maldet --report 241222-0350.15244
Dec 23 2024 03:12:38 cp41 maldet(7475): {update} checking for available updates...
Dec 23 2024 03:12:39 cp41 maldet(7475): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 23 2024 03:12:39 cp41 maldet(7475): {update} hashing install files and checking against server...
Dec 23 2024 03:12:39 cp41 maldet(7475): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 23 2024 03:12:39 cp41 maldet(7475): {update} latest version already installed.
Dec 23 2024 03:12:39 cp41 maldet(7635): {sigup} performing signature update check...
Dec 23 2024 03:12:39 cp41 maldet(7635): {sigup} local signature set is version 20241222594668
Dec 23 2024 03:12:39 cp41 maldet(7635): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 23 2024 03:12:40 cp41 maldet(7635): {sigup} latest signature set already installed
Dec 23 2024 03:12:40 cp41 maldet(7799): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 23 2024 03:12:42 cp41 maldet(7799): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 23 2024 03:12:42 cp41 maldet(7799): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 23 2024 03:12:42 cp41 maldet(7799): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 23 2024 03:12:43 cp41 maldet(7799): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 23 2024 08:51:07 cp41 maldet(7799): {scan} file list completed in 20305s, found 61 files...
Dec 23 2024 08:51:07 cp41 maldet(7799): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 23 2024 08:51:07 cp41 maldet(7799): {scan} scan of (61 files) in progress...
Dec 23 2024 08:51:10 cp41 maldet(7799): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 23 2024 08:51:10 cp41 maldet(7799): {scan} scan completed on : files 61, malware hits 0, cleaned hits 0, time 20310s
Dec 23 2024 08:51:10 cp41 maldet(7799): {scan} scan report saved, to view run: maldet --report 241223-0312.7799
Dec 24 2024 04:01:11 cp41 maldet(21228): {update} checking for available updates...
Dec 24 2024 04:01:12 cp41 maldet(21228): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 24 2024 04:01:12 cp41 maldet(21228): {update} hashing install files and checking against server...
Dec 24 2024 04:01:12 cp41 maldet(21228): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 24 2024 04:01:12 cp41 maldet(21228): {update} latest version already installed.
Dec 24 2024 04:01:12 cp41 maldet(21373): {sigup} performing signature update check...
Dec 24 2024 04:01:12 cp41 maldet(21373): {sigup} local signature set is version 20241222594668
Dec 24 2024 04:01:12 cp41 maldet(21373): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 24 2024 04:01:12 cp41 maldet(21373): {sigup} latest signature set already installed
Dec 24 2024 04:01:12 cp41 maldet(21488): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 24 2024 04:01:14 cp41 maldet(21488): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 24 2024 04:01:14 cp41 maldet(21488): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 24 2024 04:01:14 cp41 maldet(21488): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 24 2024 04:01:14 cp41 maldet(21488): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 24 2024 06:11:19 cp41 maldet(21488): {scan} file list completed in 7805s, found 222 files...
Dec 24 2024 06:11:19 cp41 maldet(21488): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 24 2024 06:11:19 cp41 maldet(21488): {scan} scan of (222 files) in progress...
Dec 24 2024 06:11:35 cp41 maldet(21488): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 24 2024 06:11:35 cp41 maldet(21488): {scan} scan completed on : files 222, malware hits 0, cleaned hits 0, time 7823s
Dec 24 2024 06:11:35 cp41 maldet(21488): {scan} scan report saved, to view run: maldet --report 241224-0401.21488
Dec 25 2024 03:38:12 cp41 maldet(15139): {update} checking for available updates...
Dec 25 2024 03:38:13 cp41 maldet(15139): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 25 2024 03:38:13 cp41 maldet(15139): {update} hashing install files and checking against server...
Dec 25 2024 03:38:13 cp41 maldet(15139): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Dec 25 2024 03:38:13 cp41 maldet(15139): {update} latest version already installed.
Dec 25 2024 03:38:13 cp41 maldet(15296): {sigup} performing signature update check...
Dec 25 2024 03:38:13 cp41 maldet(15296): {sigup} local signature set is version 20241222594668
Dec 25 2024 03:38:14 cp41 maldet(15296): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 25 2024 03:38:14 cp41 maldet(15296): {sigup} new signature set 202412251350335 available
Dec 25 2024 03:38:14 cp41 maldet(15296): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 25 2024 03:38:14 cp41 maldet(15296): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Dec 25 2024 03:38:15 cp41 maldet(15296): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Dec 25 2024 03:38:15 cp41 maldet(15296): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 25 2024 03:38:15 cp41 maldet(15296): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Dec 25 2024 03:38:16 cp41 maldet(15296): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Dec 25 2024 03:38:16 cp41 maldet(15296): {sigup} verified md5sum of maldet-sigpack.tgz
Dec 25 2024 03:38:18 cp41 maldet(15296): {sigup} unpacked and installed maldet-sigpack.tgz
Dec 25 2024 03:38:19 cp41 maldet(15296): {sigup} verified md5sum of maldet-clean.tgz
Dec 25 2024 03:38:19 cp41 maldet(15296): {sigup} unpacked and installed maldet-clean.tgz
Dec 25 2024 03:38:19 cp41 maldet(15296): {sigup} signature set update completed
Dec 25 2024 03:38:20 cp41 maldet(15296): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 25 2024 03:38:21 cp41 maldet(15802): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 25 2024 03:38:24 cp41 maldet(15802): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 25 2024 03:38:24 cp41 maldet(15802): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 25 2024 03:38:25 cp41 maldet(15802): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 25 2024 03:38:25 cp41 maldet(15802): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 25 2024 10:39:39 cp41 maldet(15802): {scan} file list completed in 25274s, found 214 files...
Dec 25 2024 10:39:40 cp41 maldet(15802): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 25 2024 10:39:40 cp41 maldet(15802): {scan} scan of (214 files) in progress...
Dec 25 2024 10:40:21 cp41 maldet(15802): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Dec 25 2024 10:40:21 cp41 maldet(15802): {scan} scan completed on : files 214, malware hits 0, cleaned hits 0, time 25320s
Dec 25 2024 10:40:21 cp41 maldet(15802): {scan} scan report saved, to view run: maldet --report 241225-0338.15802
Dec 26 2024 03:22:49 cp41 maldet(32229): {update} checking for available updates...
Dec 26 2024 03:22:53 cp41 maldet(32229): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Dec 26 2024 03:22:54 cp41 maldet(32229): {update} hashing install files and checking against server...
Dec 26 2024 03:22:56 cp41 maldet(32229): {update} could not download https://cdn.rfxn.com/downloads/maldet.current.hash, please try again later.
Dec 26 2024 03:22:58 cp41 maldet(32229): {update} could not download upstream hash file (https://cdn.rfxn.com/downloads/maldet.current.hash), please try again later.
Dec 26 2024 03:23:10 cp41 maldet(32725): {sigup} performing signature update check...
Dec 26 2024 03:23:13 cp41 maldet(32725): {sigup} local signature set is version 202412251350335
Dec 26 2024 03:23:23 cp41 maldet(32725): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Dec 26 2024 03:23:26 cp41 maldet(32725): {sigup} latest signature set already installed
Dec 26 2024 03:23:39 cp41 maldet(580): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Dec 26 2024 03:24:28 cp41 maldet(580): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Dec 26 2024 03:24:32 cp41 maldet(580): {scan} building file list for of new/modified files from last 1 days, this might take awhile...
Dec 26 2024 03:24:33 cp41 maldet(580): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Dec 26 2024 03:24:34 cp41 maldet(580): {scan} executed eval /bin/nice -n 19 /bin/find "/home/aaronleh/public_html/" "/home/acppubso/public_html/" "/home/acushnet/public_html/" "/home/agriesti/public_html/" "/home/applpldol/public_html/" "/home/architec/public_html/" "/home/arribave/public_html/" "/home/artemisi/public_html/" "/home/asquare1/public_html/" "/home/audittre/public_html/" "/home/authorsd/public_html/" "/home/bencassa/public_html/" "/home/bluedogm/public_html/" "/home/bnnconsu/public_html/" "/home/breadped/public_html/" "/home/brennabu/public_html/" "/home/brfisher/public_html/" "/home/briancol/public_html/" "/home/brianhsc/public_html/" "/home/bryansch/public_html/" "/home/calmesta/public_html/" "/home/capital3/public_html/" "/home/caringpr/public_html/" "/home/casadees/public_html/" "/home/cbuhrcom/public_html/" "/home/chalkboa/public_html/" "/home/chaplane/public_html/" "/home/chrisjga/public_html/" "/home/clolderg/public_html/" "/home/cobeirac/public_html/" "/home/colorad7/public_html/" "/home/contiuou/public_html/" "/home/cornerla/public_html/" "/home/cribbage/public_html/" "/home/customdemo1/public_html/" "/home/cvsmithc/public_html/" "/home/darkhors/public_html/" "/home/deluxe/public_html/" "/home/dreileen/public_html/" "/home/duringer/public_html/" "/home/emthonje/public_html/" "/home/erxgrafx/public_html/" "/home/ethantom/public_html/" "/home/evilrobo/public_html/" "/home/evpinfoc/public_html/" "/home/federico/public_html/" "/home/focusede/public_html/" "/home/focusont/public_html/" "/home/frankbla/public_html/" "/home/gavinsco/public_html/" "/home/grantree/public_html/" "/home/grimoire/public_html/" "/home/gusbaran/public_html/" "/home/healthyg/public_html/" "/home/heddroom/public_html/" "/home/henderso/public_html/" "/home/highdese/public_html/" "/home/homerepa/public_html/" "/home/howlandu/public_html/" "/home/imaginin/public_html/" "/home/impactme/public_html/" "/home/insectsi/public_html/" "/home/janjconc/public_html/" "/home/joelconn/public_html/" "/home/johnrepp/public_html/" "/home/keeperss/public_html/" "/home/krisbryl/public_html/" "/home/ksmanual/public_html/" "/home/larrygra/public_html/" "/home/lindsayg/public_html/" "/home/livingaw/public_html/" "/home/lpldol/public_html/" "/home/macfixer/public_html/" "/home/macjaunt/public_html/" "/home/marvello/public_html/" "/home/mathadds/public_html/" "/home/mcdesign/public_html/" "/home/mcmrailv/public_html/" "/home/michaelh/public_html/" "/home/military/public_html/" "/home/miraclem/public_html/" "/home/mixandbl/public_html/" "/home/musicroo/public_html/" "/home/mydental/public_html/" "/home/neverend/public_html/" "/home/nolandwh/public_html/" "/home/nycellis/public_html/" "/home/oceanpow/public_html/" "/home/olshsdco/public_html/" "/home/patdeluxe/public_html/" "/home/philosof/public_html/" "/home/pintoboo/public_html/" "/home/pipedrea/public_html/" "/home/pointlak/public_html/" "/home/project4/public_html/" "/home/puccinif/public_html/" "/home/raeditsc/public_html/" "/home/ratmotoc/public_html/" "/home/redsummitmedia/public_html/" "/home/reflexch/public_html/" "/home/retroact/public_html/" "/home/rharchit/public_html/" "/home/richardm/public_html/" "/home/riffingo/public_html/" "/home/rjgassoc/public_html/" "/home/rockymo1/public_html/" "/home/sandersm/public_html/" "/home/sandjack/public_html/" "/home/saturnst/public_html/" "/home/scottysw/public_html/" "/home/screenin/public_html/" "/home/servicep/public_html/" "/home/sethbook/public_html/" "/home/shelleyg/public_html/" "/home/shoplace/public_html/" "/home/smashled/public_html/" "/home/snipesca/public_html/" "/home/socherpr/public_html/" "/home/soflafcp/public_html/" "/home/sonsofdo/public_html/" "/home/spagyric/public_html/" "/home/sportsco/public_html/" "/home/sseltzer/public_html/" "/home/studior1/public_html/" "/home/superio1/public_html/" "/home/tbhbaorg/public_html/" "/home/tbintern/public_html/" "/home/teamyike/public_html/" "/home/thaivedi/public_html/" "/home/theeastf/public_html/" "/home/thefoodd/public_html/" "/home/thewelld/public_html/" "/home/titanicn/public_html/" "/home/trespeti/public_html/" "/home/txgraphi/public_html/" "/home/wbrucecr/public_html/" "/home/weareroy/public_html/" "/home/wfcrease/public_html/" "/home/yourdoma/public_html/" "/home/zdesignc/public_html/" "/var/www/" "/usr/local/apache/htdocs/" /tmp /var/tmp /dev/shm /var/fcgi_ipc -maxdepth 15 -regextype posix-egrep -type f \( -mtime -1 -o -ctime -1 \) -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0
Dec 26 2024 12:44:16 cp41 maldet(580): {scan} file list completed in 33581s, found 143 files...
Dec 26 2024 12:44:16 cp41 maldet(580): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Dec 26 2024 12:44:16 cp41 maldet(580): {scan} scan of (143 files) in progress...
Dec 26 2024 12:44:23 cp41 maldet(580): {hit} malware hit {HEX}php.base64.inject.182 found for /home/philosof/public_html/stevebein.com/rafu.php
Dec 26 2024 12:44:23 cp41 maldet(580): {hit} malware hit {HEX}php.base64.inject.182 found for /home/philosof/public_html/.well-known/pki-validation/rafu.php
Dec 26 2024 12:44:23 cp41 maldet(580): {scan} scan completed on : files 143, malware hits 2, cleaned hits 0, time 33644s
Dec 26 2024 12:44:23 cp41 maldet(580): {scan} scan report saved, to view run: maldet --report 241226-0323.580
Dec 26 2024 12:44:23 cp41 maldet(580): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 241226-0323.580
SEA-GHOST - SHELL CODING BY SEA-GHOST