| Directory : /home/cxs/ |
|
|
| Current File : /home/cxs/scan_2023-06-05.txt |
----------- SCAN REPORT -----------
TimeStamp: Mon, 5 Jun 2023 14:06:07 +0000
(/usr/sbin/cxs --allusers --background --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 100000 --noforce --html --options mMOLfSGchexdnwZDRru --noprobability --qoptions Mvh --quarantine /home/cxs/quarantine --report /home/cxs/scan_2023-06-05.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --nounofficial --virusscan --vmrssmax 2000000 --waitscan 0)
(48) bethesda, Scanning /home/bethesda:
'/home/bethesda/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/bethesda]
----------- SCAN SUMMARY -----------
Resource: /home/bethesda
Scanned directories: 2085
Scanned files: 14140
Ignored items: 122
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 761.78 MB
Scan peak memory: 391836 kB
Scan time/item: 0.008 sec
Scan time: 123.068 sec
(47) bezaleel, Scanning /home/bezaleel:
'/home/bezaleel/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/bezaleel]
'/home/bezaleel/.npm/_cacache/content-v2/sha1/2b/32'
# World writeable directory
'/home/bezaleel/public_html/public/images/careers/ProfilePictures/dfbc545d1ccfd8ef845d.png'
# Suspicious image file (hidden script file)
----------- SCAN SUMMARY -----------
Resource: /home/bezaleel
Scanned directories: 4956
Scanned files: 36703
Ignored items: 116
Suspicious matches: 3
Viruses found: 0
Fingerprint matches: 0
Data scanned: 3363.35 MB
Scan peak memory: 391836 kB
Scan time/item: 0.004 sec
Scan time: 162.749 sec
(46) braceletsbyheart, Scanning /home/braceletsbyheart:
'/home/braceletsbyheart/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/braceletsbyheart]
----------- SCAN SUMMARY -----------
Resource: /home/braceletsbyheart
Scanned directories: 137
Scanned files: 585
Ignored items: 16
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 22.20 MB
Scan peak memory: 391836 kB
Scan time/item: 0.010 sec
Scan time: 7.541 sec
(45) bunsoy, Scanning /home/bunsoy:
'/home/bunsoy/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/bunsoy]
'/home/bunsoy/.cache/node-gyp/10.24.1/include/node/uv.h'
# Suspicious file type [application/x-c]
'/home/bunsoy/.cache/node-gyp/10.24.1/include/node/v8.h'
# Suspicious file type [application/x-c]
'/home/bunsoy/.npm/_cacache/content-v2/sha512/06/f1'
# World writeable directory
'/home/bunsoy/.npm/_cacache/content-v2/sha512/49/a2/7742ae255fd4b2776c44a3dbb7a8fc62fce07ee493bf9e024a2bded70e96b50b9f3b1fd11660ee8a0fcf7de430234a29d6bdd1ca46b08e5d5502e5fbc63a'
# (compressed file: package/node.abi108.glibc.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
# (compressed file: package/node.abi108.musl.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
# (compressed file: package/node.napi.glibc.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
# (compressed file: package/node.napi.musl.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
'/home/bunsoy/.npm/_cacache/content-v2/sha512/5e/b0/b4273b2a412bcec8cdedd3814c2ceeb3e600ae84f13a938157b8b2b9c5fe7665b76f7057b5c819a8ee67827b0f41f06d9fd13f62bbdb7791f4d845844e80'
# (compressed file: package/node.abi108.node [depth: 1]) MS Windows Binary/Executable [application/x-winexec]
# (compressed file: package/node.napi.node [depth: 1]) MS Windows Binary/Executable [application/x-winexec]
'/home/bunsoy/.npm/_cacache/content-v2/sha512/86/5c/712dd4663f2ab5e900aeb54b4ff139ba44359cc9a2ec46cb1a1d139ab609e43b176578c4e07ad7fd26c76770bf2f2e1ec5572fd137d8b75d1e5d9dbf5c44'
# (compressed file: package/node.abi108.glibc.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
# (compressed file: package/node.abi108.musl.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
# (compressed file: package/node.napi.glibc.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
# (compressed file: package/node.napi.musl.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
'/home/bunsoy/.npm/_cacache/content-v2/sha512/d1/87/2f592bfb64e1a5f4e77a639889dd79cfc30f0eed62dca58303c17f8f000fee5cb0edcb0f783c9bfd18b415fe79e9ddc5a50e1328c8a64840baf1df7b16a2'
# (compressed file: package/src/extract.cpp [depth: 1]) Suspicious file type [application/x-c]
'/home/bunsoy/.npm/_cacache/content-v2/sha512/f7/8c/b93c9ad23aa50d7052a63a5ef3df5f457a508b004d2bcff8cf0964be52d74c66fa5ae23ad077e7093d008ba7615eb35c805bf614423fc38ba6154f773723'
# (compressed file: package/node.abi108.glibc.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
# (compressed file: package/node.abi108.musl.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
# (compressed file: package/node.napi.glibc.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
# (compressed file: package/node.napi.musl.node [depth: 1]) Linux Binary/Executable [application/x-sharedlib]
'/home/bunsoy/node_modules/@msgpackr-extract/msgpackr-extract-linux-x64/node.abi108.glibc.node'
# Linux Binary/Executable [application/x-sharedlib]
'/home/bunsoy/node_modules/@msgpackr-extract/msgpackr-extract-linux-x64/node.abi108.musl.node'
# Linux Binary/Executable [application/x-sharedlib]
'/home/bunsoy/node_modules/@msgpackr-extract/msgpackr-extract-linux-x64/node.napi.glibc.node'
# Linux Binary/Executable [application/x-sharedlib]
'/home/bunsoy/node_modules/@msgpackr-extract/msgpackr-extract-linux-x64/node.napi.musl.node'
# Linux Binary/Executable [application/x-sharedlib]
'/home/bunsoy/node_modules/msgpackr-extract/src/extract.cpp'
# Suspicious file type [application/x-c]
'/home/bunsoy/public_html/node_modules/@msgpackr-extract/msgpackr-extract-linux-x64/node.abi108.glibc.node'
# Linux Binary/Executable [application/x-sharedlib]
'/home/bunsoy/public_html/node_modules/@msgpackr-extract/msgpackr-extract-linux-x64/node.abi108.musl.node'
# Linux Binary/Executable [application/x-sharedlib]
'/home/bunsoy/public_html/node_modules/@msgpackr-extract/msgpackr-extract-linux-x64/node.napi.glibc.node'
# Linux Binary/Executable [application/x-sharedlib]
'/home/bunsoy/public_html/node_modules/@msgpackr-extract/msgpackr-extract-linux-x64/node.napi.musl.node'
# Linux Binary/Executable [application/x-sharedlib]
'/home/bunsoy/public_html/node_modules/msgpackr-extract/src/extract.cpp'
# Suspicious file type [application/x-c]
'/home/bunsoy/public_html/node_modules/node/bin/node'
# Linux Binary/Executable [application/x-executable]
----------- SCAN SUMMARY -----------
Resource: /home/bunsoy
Scanned directories: 2926
Scanned files: 17908
Ignored items: 90
Suspicious matches: 30
Viruses found: 0
Fingerprint matches: 0
Data scanned: 716.84 MB
Scan peak memory: 393292 kB
Scan time/item: 0.002 sec
Scan time: 46.583 sec
(44) bunsoytrade, Scanning /home/bunsoytrade:
'/home/bunsoytrade/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/bunsoytrade]
'/home/bunsoytrade/public_html/beta/themes/cache/languages/user/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/bunsoytrade/index.php.1685974311_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1973]]
'/home/bunsoytrade/public_html/wp-content/plugins/contact-form-7/wp-contact-form-7.php'
# Script version check [OLD] [Contact Form 7 v5.5.3 < v5.7]
'/home/bunsoytrade/public_html/wp-content/plugins/google-listings-and-ads/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]
'/home/bunsoytrade/public_html/wp-content/plugins/nextend-facebook-connect/nextend-facebook-connect.php'
# Script version check [OLD] [Nextend Social Login v3.1.3 < v3.1.7]
'/home/bunsoytrade/public_html/wp-content/plugins/nextend-facebook-connect/template-parts/embedded-login/embedded-login.php'
# (quarantined to /home/cxs/quarantine/cxsuser/bunsoytrade/embedded-login.php.1685974494_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1991]]
'/home/bunsoytrade/public_html/wp-content/plugins/stops-core-theme-and-plugin-updates/main.php'
# Script version check [OLD] [Easy Updates Manager v9.0.12 < v9.0.14]
'/home/bunsoytrade/public_html/wp-content/plugins/w3-total-cache/CdnEngine_Ftp.php'
# Regular expression match = [\n(?!\s*(//|\#|\*)).*\.ssh/]
'/home/bunsoytrade/public_html/wp-content/plugins/w3-total-cache/w3-total-cache.php'
# Script version check [OLD] [W3 Total Cache v2.2.1 < v2.2.9]
'/home/bunsoytrade/public_html/wp-content/plugins/woocommerce/woocommerce.php'
# Script version check [OLD] [WooCommerce v6.0.0 < v7.1.1]
'/home/bunsoytrade/public_html/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c'
# Suspicious file type [application/x-c]
'/home/bunsoytrade/public_html/wp-content/plugins/woocommerce-gateway-stripe/woocommerce-gateway-stripe.php'
# Script version check [OLD] [WooCommerce Stripe Gateway v6.0.0 < v7.0.1]
'/home/bunsoytrade/public_html/wp-content/plugins/woocommerce-services/woocommerce-services.php'
# Script version check [OLD] [WooCommerce Shipping & Tax v1.25.20 < v2.1.0]
'/home/bunsoytrade/public_html/wp-content/plugins/wp-file-manager/lib/codemirror/mode/clike/index.html'
# Suspicious file type [application/x-c]
'/home/bunsoytrade/public_html/wp-content/plugins/yith-woocommerce-wishlist/init.php'
# Script version check [OLD] [YITH WooCommerce Wishlist v3.4.0 < v3.15.0]
----------- SCAN SUMMARY -----------
Resource: /home/bunsoytrade
Scanned directories: 5864
Scanned files: 32646
Ignored items: 617
Suspicious matches: 15
Viruses found: 0
Fingerprint matches: 2
Data scanned: 860.61 MB
Scan peak memory: 394772 kB
Scan time/item: 0.012 sec
Scan time: 477.940 sec
(43) careaid, Scanning /home/careaid:
'/home/careaid/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/careaid]
----------- SCAN SUMMARY -----------
Resource: /home/careaid
Scanned directories: 64
Scanned files: 166
Ignored items: 11
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 3.86 MB
Scan peak memory: 394772 kB
Scan time/item: 0.003 sec
Scan time: 0.772 sec
(42) ckgroceries, Scanning /home/ckgroceries:
'/home/ckgroceries/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/ckgroceries]
'/home/ckgroceries/public_html/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/ckgroceries/public_html/vendor/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]
----------- SCAN SUMMARY -----------
Resource: /home/ckgroceries
Scanned directories: 2131
Scanned files: 14646
Ignored items: 65
Suspicious matches: 3
Viruses found: 0
Fingerprint matches: 0
Data scanned: 169.57 MB
Scan peak memory: 394772 kB
Scan time/item: 0.008 sec
Scan time: 134.158 sec
(41) cmc, Scanning /home/cmc:
'/home/cmc/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/cmc]
'/home/cmc/.npm/_cacache/content-v2/sha512/1e/43/4fdcaefd3e6ab19317e0357fede6bb1f58b34c73cf4a54a0e6d97a23bb4314dd36c6652736ad62d97df8048ad213b0c70fa642ad66600905cc4c5ef51114'
# (compressed file: package/lib/Sysinfo/fastlist.exe [depth: 1]) MS Windows Binary/Executable [application/x-winexec]
'/home/cmc/.npm/_cacache/content-v2/sha512/a9/ab/b47335120747f34a504e42dd1ba3e236bfa47ec6241d8fbf1ed4147f4237e5e4e1d627fbab5e2f3e8a5c357877bee6149e0c8d70af0553803a76c2cb78a0'
# (compressed file: package/fastlist.exe [depth: 1]) MS Windows Binary/Executable [application/x-winexec]
'/home/cmc/.pm2/pub.sock'
# Socket
'/home/cmc/.pm2/rpc.sock'
# Socket
'/home/cmc/public_html/cmc/node_modules/pm2/lib/Sysinfo/fastlist.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/cmc/public_html/cmc/node_modules/ps-list/fastlist.exe'
# MS Windows Binary/Executable [application/x-winexec]
----------- SCAN SUMMARY -----------
Resource: /home/cmc
Scanned directories: 4419
Scanned files: 32679
Ignored items: 106
Suspicious matches: 7
Viruses found: 0
Fingerprint matches: 0
Data scanned: 4238.71 MB
Scan peak memory: 397004 kB
Scan time/item: 0.003 sec
Scan time: 108.797 sec
(40) cmcmmsapp, Scanning /home/cmcmmsapp:
'/home/cmcmmsapp/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/cmcmmsapp]
'/home/cmcmmsapp/mail/new'
# Skipped - too many resources: 651606 ( > filemax=100000)
----------- SCAN SUMMARY -----------
Resource: /home/cmcmmsapp
Scanned directories: 71
Scanned files: 360
Ignored items: 9
Suspicious matches: 2
Viruses found: 0
Fingerprint matches: 0
Data scanned: 169.29 MB
Scan peak memory: 494068 kB
Scan time/item: 0.016 sec
Scan time: 6.917 sec
(39) connectpay, Scanning /home/connectpay:
'/home/connectpay/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/connectpay]
----------- SCAN SUMMARY -----------
Resource: /home/connectpay
Scanned directories: 64
Scanned files: 231
Ignored items: 11
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 4.87 MB
Scan peak memory: 494068 kB
Scan time/item: 0.003 sec
Scan time: 0.956 sec
(38) devine, Scanning /home/devine:
'/home/devine/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/devine]
'/home/devine/public_html/vendor/swiftmailer/swiftmailer/tests/_samples/charsets/utf-8/locale.php'
# (quarantined to /home/cxs/quarantine/cxsuser/devine/locale.php.1685975118_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1973]]
'/home/devine/public_html/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/devine/public_html/vendor/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]
----------- SCAN SUMMARY -----------
Resource: /home/devine
Scanned directories: 2254
Scanned files: 17342
Ignored items: 93
Suspicious matches: 4
Viruses found: 0
Fingerprint matches: 1
Data scanned: 200.22 MB
Scan peak memory: 495044 kB
Scan time/item: 0.005 sec
Scan time: 99.485 sec
(37) dudubar, Scanning /home/dudubar:
'/home/dudubar/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/dudubar]
----------- SCAN SUMMARY -----------
Resource: /home/dudubar
Scanned directories: 87
Scanned files: 325
Ignored items: 7
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 26.20 MB
Scan peak memory: 495044 kB
Scan time/item: 0.017 sec
Scan time: 6.858 sec
(36) emergoldconcepts, Scanning /home/emergoldconcepts:
'/home/emergoldconcepts/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/emergoldconcepts]
----------- SCAN SUMMARY -----------
Resource: /home/emergoldconcepts
Scanned directories: 162
Scanned files: 492
Ignored items: 21
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 241.74 MB
Scan peak memory: 495044 kB
Scan time/item: 0.008 sec
Scan time: 5.208 sec
(35) fansqyyl, Scanning /home/fansqyyl:
'/home/fansqyyl/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/fansqyyl]
----------- SCAN SUMMARY -----------
Resource: /home/fansqyyl
Scanned directories: 2188
Scanned files: 11594
Ignored items: 70
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 179.38 MB
Scan peak memory: 500556 kB
Scan time/item: 0.003 sec
Scan time: 37.290 sec
(34) globalmigration, Scanning /home/globalmigration:
'/home/globalmigration/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/globalmigration]
'/home/globalmigration/tmp/analog/cache'
# Regular expression match = [\b(system|exec|passthru|shell_exec)\s*\(\s*\$_(GET|POST|GLOBALS|SERVER|REQUEST|SESSION|ENV|COOKIE)\[]
----------- SCAN SUMMARY -----------
Resource: /home/globalmigration
Scanned directories: 2085
Scanned files: 12292
Ignored items: 87
Suspicious matches: 2
Viruses found: 0
Fingerprint matches: 0
Data scanned: 377.64 MB
Scan peak memory: 500556 kB
Scan time/item: 0.003 sec
Scan time: 37.251 sec
(33) goldorchtravels, Scanning /home/goldorchtravels:
'/home/goldorchtravels/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/goldorchtravels]
'/home/goldorchtravels/.npm/_cacache/content-v2/sha512/cc/a7'
# World writeable directory
----------- SCAN SUMMARY -----------
Resource: /home/goldorchtravels
Scanned directories: 2032
Scanned files: 13238
Ignored items: 75
Suspicious matches: 2
Viruses found: 0
Fingerprint matches: 0
Data scanned: 224.53 MB
Scan peak memory: 500556 kB
Scan time/item: 0.002 sec
Scan time: 27.556 sec
(32) goodlifecoop, Scanning /home/goodlifecoop:
'/home/goodlifecoop/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/goodlifecoop]
'/home/goodlifecoop/.npm/_cacache/content-v2/sha512/69/14/e5f16e9d999e12da1b62d5d5f85ef929cbfc88304d47e6930ad0710ea70d47df78f82007ddcd270fa0f2d86877a1d682f86e269b1b0c6ec8294e33c61455'
# (compressed file: package/lib/Sysinfo/fastlist.exe [depth: 1]) MS Windows Binary/Executable [application/x-winexec]
'/home/goodlifecoop/.npm/_cacache/content-v2/sha512/a9/ab/b47335120747f34a504e42dd1ba3e236bfa47ec6241d8fbf1ed4147f4237e5e4e1d627fbab5e2f3e8a5c357877bee6149e0c8d70af0553803a76c2cb78a0'
# (compressed file: package/fastlist.exe [depth: 1]) MS Windows Binary/Executable [application/x-winexec]
'/home/goodlifecoop/public_html/goodlifecoop/node_modules/bcrypt/lib/binding/bcrypt_lib.node'
# MS Windows Binary/Executable [application/x-winexec]
'/home/goodlifecoop/public_html/goodlifecoop/node_modules/bcrypt/src/bcrypt.cc'
# Suspicious file type [application/x-c]
'/home/goodlifecoop/public_html/goodlifecoop/node_modules/bcrypt/src/blowfish.cc'
# Suspicious file type [application/x-c]
'/home/goodlifecoop/public_html/goodlifecoop/node_modules/pm2/lib/Sysinfo/fastlist.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/goodlifecoop/public_html/goodlifecoop/node_modules/ps-list/fastlist.exe'
# MS Windows Binary/Executable [application/x-winexec]
----------- SCAN SUMMARY -----------
Resource: /home/goodlifecoop
Scanned directories: 4528
Scanned files: 27534
Ignored items: 78
Suspicious matches: 8
Viruses found: 0
Fingerprint matches: 0
Data scanned: 634.54 MB
Scan peak memory: 500556 kB
Scan time/item: 0.002 sec
Scan time: 51.853 sec
(31) holaks, Scanning /home/holaks:
'/home/holaks/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/holaks]
----------- SCAN SUMMARY -----------
Resource: /home/holaks
Scanned directories: 2047
Scanned files: 13063
Ignored items: 112
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 755.74 MB
Scan peak memory: 507240 kB
Scan time/item: 0.002 sec
Scan time: 33.838 sec
(30) jandtfoods, Scanning /home/jandtfoods:
'/home/jandtfoods/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/jandtfoods]
'/home/jandtfoods/etc/jandtfoods.co.uk/@pwcache/ioersrimidsbkguu.c'
# Suspicious file type [application/x-c]
----------- SCAN SUMMARY -----------
Resource: /home/jandtfoods
Scanned directories: 3462
Scanned files: 37570
Ignored items: 137
Suspicious matches: 2
Viruses found: 0
Fingerprint matches: 0
Data scanned: 880.91 MB
Scan peak memory: 507240 kB
Scan time/item: 0.005 sec
Scan time: 209.218 sec
(29) jasman, Scanning /home/jasman:
'/home/jasman/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/jasman]
----------- SCAN SUMMARY -----------
Resource: /home/jasman
Scanned directories: 3077
Scanned files: 20832
Ignored items: 99
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 456.23 MB
Scan peak memory: 507240 kB
Scan time/item: 0.005 sec
Scan time: 107.673 sec
(28) jegoor, Scanning /home/jegoor:
'/home/jegoor/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/jegoor]
----------- SCAN SUMMARY -----------
Resource: /home/jegoor
Scanned directories: 619
Scanned files: 6038
Ignored items: 28
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 108.71 MB
Scan peak memory: 507240 kB
Scan time/item: 0.007 sec
Scan time: 46.396 sec
(27) jegoor101, Scanning /home/jegoor101:
'/home/jegoor101/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/jegoor101]
----------- SCAN SUMMARY -----------
Resource: /home/jegoor101
Scanned directories: 192
Scanned files: 1286
Ignored items: 15
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 36.87 MB
Scan peak memory: 507240 kB
Scan time/item: 0.010 sec
Scan time: 15.491 sec
(26) kenandco, Scanning /home/kenandco:
'/home/kenandco/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/kenandco]
----------- SCAN SUMMARY -----------
Resource: /home/kenandco
Scanned directories: 65
Scanned files: 250
Ignored items: 6
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 6.71 MB
Scan peak memory: 507240 kB
Scan time/item: 0.004 sec
Scan time: 1.349 sec
(25) kwikkargo, Scanning /home/kwikkargo:
'/home/kwikkargo/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/kwikkargo]
----------- SCAN SUMMARY -----------
Resource: /home/kwikkargo
Scanned directories: 2719
Scanned files: 13362
Ignored items: 73
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 243.36 MB
Scan peak memory: 507240 kB
Scan time/item: 0.002 sec
Scan time: 28.525 sec
(24) lolak, Scanning /home/lolak:
'/home/lolak/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/lolak]
'/home/lolak/.trash/home/admin/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/lolak/.trash/home/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/lolak/public_html/admin/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/lolak/public_html/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
----------- SCAN SUMMARY -----------
Resource: /home/lolak
Scanned directories: 3414
Scanned files: 32388
Ignored items: 678
Suspicious matches: 5
Viruses found: 0
Fingerprint matches: 0
Data scanned: 3903.78 MB
Scan peak memory: 507240 kB
Scan time/item: 0.005 sec
Scan time: 185.666 sec
(23) mmsapp, Scanning /home/mmsapp:
'/home/mmsapp/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/mmsapp]
'/home/mmsapp/mail/mmsapp.org/cron_updates/.Trash/tmp'
# Skipped - too many resources: 262146 ( > filemax=100000)
'/home/mmsapp/mail/new'
# Skipped - too many resources: 553489 ( > filemax=100000)
'/home/mmsapp/public_ftp/incoming'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/.well-known/pki-validation/plugins/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/mmsapp/index.php.1685976033_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1973]]
'/home/mmsapp/public_html/rccgtmp/application'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/artwork'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/dist'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/dist/skin'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/dist/skin/blue.monday'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/dist/skin/blue.monday/css'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/dist/skin/blue.monday/image'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/dist/skin/blue.monday/mustache'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/dist/skin/pink.flag'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/dist/skin/pink.flag/css'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/dist/skin/pink.flag/image'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/dist/skin/pink.flag/mustache'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/examples'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/examples/blue.monday'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/examples/other'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/examples/pink.flag'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/lib/circle-player'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/lib/circle-player/skin'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/actionscript'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/actionscript/happyworm'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/actionscript/happyworm/jPlayer'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/javascript'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/skin'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/skin/blue.monday'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/skin/blue.monday/image'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/skin/blue.monday/mustache'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/skin/blue.monday/scss'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/skin/pink.flag'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/skin/pink.flag/image'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/skin/pink.flag/mustache'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets/jPlayer/src/skin/pink.flag/scss'
# World writeable directory
'/home/mmsapp/public_html/rccgtmp/assets_f/banners/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/mmsapp/index.php.1685976343_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1973]]
'/home/mmsapp/public_html/rccgtmp/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/mmsapp/public_html/rccgvhl/application'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/artwork'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/dist'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/dist/skin'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/dist/skin/blue.monday'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/dist/skin/blue.monday/css'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/dist/skin/blue.monday/image'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/dist/skin/blue.monday/mustache'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/dist/skin/pink.flag'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/dist/skin/pink.flag/css'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/dist/skin/pink.flag/image'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/dist/skin/pink.flag/mustache'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/examples'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/examples/blue.monday'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/examples/other'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/examples/pink.flag'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/lib/circle-player'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/lib/circle-player/skin'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/actionscript'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/actionscript/happyworm'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/actionscript/happyworm/jPlayer'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/javascript'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/skin'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/skin/blue.monday'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/skin/blue.monday/image'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/skin/blue.monday/mustache'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/skin/blue.monday/scss'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/skin/pink.flag'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/skin/pink.flag/image'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/skin/pink.flag/mustache'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/assets/jPlayer/src/skin/pink.flag/scss'
# World writeable directory
'/home/mmsapp/public_html/rccgvhl/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/mmsapp/public_html/rccgvhldemo/vendor/composer/acme-challenge/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/mmsapp/index.php.1685976994_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1973]]
'/home/mmsapp/public_html/rccgvhldemo/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/mmsapp/var/cpanel/styled/current_style'
# Symlink to [/usr/local/cpanel/base/frontend/paper_lantern/styled/glass]
----------- SCAN SUMMARY -----------
Resource: /home/mmsapp
Scanned directories: 32536
Scanned files: 318720
Ignored items: 1121
Suspicious matches: 75
Viruses found: 0
Fingerprint matches: 3
Data scanned: 23364.37 MB
Scan peak memory: 507240 kB
Scan time/item: 0.003 sec
Scan time: 1189.555 sec
(22) nigerianstudents, Scanning /home/nigerianstudents:
'/home/nigerianstudents/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/nigerianstudents]
# Scan Timeout (30 secs) while processing:
'/home/nigerianstudents/.trash/maniva-meetup.zip'
'/home/nigerianstudents/.trash/nigerianstudentsunionuk.2/wordpress/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.1.3 < v5.0.2]
'/home/nigerianstudents/.trash/nigerianstudentsunionuk.2/wp-content/plugins/contact-form-7/wp-contact-form-7.php'
# Script version check [OLD] [Contact Form 7 v5.4 < v5.7]
'/home/nigerianstudents/.trash/nigerianstudentsunionuk.2/wp-content/plugins/elementor/elementor.php'
# Script version check [OLD] [Elementor v3.1.4 < v3.9.0]
'/home/nigerianstudents/.trash/nigerianstudentsunionuk.2/wp-content/plugins/events-manager/events-manager.php'
# Script version check [OLD] [Events Manager v5.9.11.3 < v6.1.5]
'/home/nigerianstudents/.trash/nigerianstudentsunionuk.2/wp-content/plugins/google-analytics-for-wordpress/googleanalytics.php'
# Script version check [OLD] [Google Analytics for WordPress by MonsterInsights v7.16.2 < v8.11.0]
'/home/nigerianstudents/.trash/nigerianstudentsunionuk.2/wp-content/plugins/woocommerce/woocommerce.php'
# Script version check [OLD] [WooCommerce v5.5.1 < v7.1.1]
'/home/nigerianstudents/.trash/nigerianstudentsunionuk.2/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c'
# Suspicious file type [application/x-c]
'/home/nigerianstudents/.trash/nigerianstudentsunionuk.2/wp-content/plugins/wordpress-importer/wordpress-importer.php'
# Script version check [OLD] [WordPress Importer v0.7 < v0.8]
'/home/nigerianstudents/.trash/nigerianstudentsunionuk.2/wp-content/plugins/wp-clone-by-wp-academy/wpclone.php'
# Script version check [OLD] [WP Clone v2.3.1 < v2.3.7]
'/home/nigerianstudents/.trash/nigerianstudentsunionuk.2/wp-content/plugins/wp-reset/wp-reset.php'
# Script version check [OLD] [WP Reset v1.86 < v1.96]
'/home/nigerianstudents/.trash/nigerianstudentsunionuk.2/wp-includes/version.php'
# Script version check [OLD] [Wordpress v5.8 < v6.1.1]
'/home/nigerianstudents/.trash/nsuuk/wp-content/plugins/contact-form-7/wp-contact-form-7.php'
# Script version check [OLD] [Contact Form 7 v5.4 < v5.7]
'/home/nigerianstudents/.trash/nsuuk/wp-content/plugins/elementor/elementor.php'
# Script version check [OLD] [Elementor v3.1.4 < v3.9.0]
'/home/nigerianstudents/.trash/nsuuk/wp-content/plugins/events-manager/events-manager.php'
# Script version check [OLD] [Events Manager v5.9.11.3 < v6.1.5]
'/home/nigerianstudents/.trash/nsuuk/wp-content/plugins/google-analytics-for-wordpress/googleanalytics.php'
# Script version check [OLD] [Google Analytics for WordPress by MonsterInsights v7.16.2 < v8.11.0]
'/home/nigerianstudents/.trash/nsuuk/wp-content/plugins/woocommerce/woocommerce.php'
# Script version check [OLD] [WooCommerce v5.5.1 < v7.1.1]
'/home/nigerianstudents/.trash/nsuuk/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c'
# Suspicious file type [application/x-c]
'/home/nigerianstudents/.trash/nsuuk/wp-content/plugins/wordpress-importer/wordpress-importer.php'
# Script version check [OLD] [WordPress Importer v0.7 < v0.8]
'/home/nigerianstudents/.trash/nsuuk/wp-content/plugins/wp-clone-by-wp-academy/wpclone.php'
# Script version check [OLD] [WP Clone v2.3.1 < v2.3.7]
'/home/nigerianstudents/.trash/nsuuk/wp-content/plugins/wp-reset/wp-reset.php'
# Script version check [OLD] [WP Reset v1.86 < v1.96]
'/home/nigerianstudents/.trash/nsuuk/wp-includes/version.php'
# Script version check [OLD] [Wordpress v5.8 < v6.1.1]
'/home/nigerianstudents/.trash/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c'
# Suspicious file type [application/x-c]
'/home/nigerianstudents/.trash/wordpress/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.1.3 < v5.0.2]
'/home/nigerianstudents/.trash/wordpress.1/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.1.3 < v5.0.2]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.1.7 < v5.0.2]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/cmb2/init.php'
# Script version check [OLD] [CMB2 v2.7.0 < v2.10.1]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/contact-form-7/wp-contact-form-7.php'
# Script version check [OLD] [Contact Form 7 v5.3.2 < v5.7]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/elementor/elementor.php'
# Script version check [OLD] [Elementor v3.1.4 < v3.9.0]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/jetpack/jetpack.php'
# Script version check [OLD] [Jetpack by WordPress.com v9.2.3 < v11.6]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/mailchimp-for-wp/mailchimp-for-wp.php'
# Script version check [OLD] [MC4WP: Mailchimp for WordPress v4.8.3 < v4.8.12]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/meta-box/meta-box.php'
# Script version check [OLD] [Meta Box v5.3.5 < v5.6.14]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/one-click-demo-import/one-click-demo-import.php'
# Script version check [OLD] [One Click Demo Import v2.6.1 < v3.1.2]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/optinmonster/optin-monster-wp-api.php'
# Script version check [OLD] [OptinMonster v2.0.3 < v2.11.1]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/really-simple-captcha/really-simple-captcha.php'
# Script version check [OLD] [Really Simple CAPTCHA v2.0.2 < v2.1]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/redux-framework/redux-framework.php'
# Script version check [OLD] [Redux v4.1.24 < v4.3.21]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/woocommerce/woocommerce.php'
# Script version check [OLD] [WooCommerce v4.8.1 < v7.1.1]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c'
# Suspicious file type [application/x-c]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/wp-reset/wp-reset.php'
# Script version check [OLD] [WP Reset v1.82 < v1.96]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/wpforms-lite/wpforms.php'
# Script version check [OLD] [WPForms Lite v1.6.4 < v1.7.8]
'/home/nigerianstudents/public_html/mkoabiolacentre/wp-content/plugins/yith-woocommerce-quick-view/init.php'
# Script version check [OLD] [YITH WooCommerce Quick View v1.4.7 < v1.21.1]
'/home/nigerianstudents/public_html/nigerianfestivaluk.org/.tmb'
# World writeable directory
'/home/nigerianstudents/public_html/nigerianfestivaluk.org/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c'
# Suspicious file type [application/x-c]
'/home/nigerianstudents/public_html/nigerianfestivaluk.org/wp-content/plugins/wp-file-manager/lib/codemirror/mode/clike/index.html'
# Suspicious file type [application/x-c]
'/home/nigerianstudents/public_html/nigerianstudentsunionuk/wordpress/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.1.3 < v5.0.2]
'/home/nigerianstudents/public_html/nigerianstudentsunionuk/wp-content/plugins/contact-form-7/wp-contact-form-7.php'
# Script version check [OLD] [Contact Form 7 v5.4 < v5.7]
'/home/nigerianstudents/public_html/nigerianstudentsunionuk/wp-content/plugins/elementor/elementor.php'
# Script version check [OLD] [Elementor v3.1.4 < v3.9.0]
'/home/nigerianstudents/public_html/nigerianstudentsunionuk/wp-content/plugins/events-manager/events-manager.php'
# Script version check [OLD] [Events Manager v5.9.11.3 < v6.1.5]
'/home/nigerianstudents/public_html/nigerianstudentsunionuk/wp-content/plugins/google-analytics-for-wordpress/googleanalytics.php'
# Script version check [OLD] [Google Analytics for WordPress by MonsterInsights v7.16.2 < v8.11.0]
'/home/nigerianstudents/public_html/nigerianstudentsunionuk/wp-content/plugins/woocommerce/woocommerce.php'
# Script version check [OLD] [WooCommerce v5.5.1 < v7.1.1]
'/home/nigerianstudents/public_html/nigerianstudentsunionuk/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c'
# Suspicious file type [application/x-c]
'/home/nigerianstudents/public_html/nigerianstudentsunionuk/wp-content/plugins/wordpress-importer/wordpress-importer.php'
# Script version check [OLD] [WordPress Importer v0.7 < v0.8]
'/home/nigerianstudents/public_html/nigerianstudentsunionuk/wp-content/plugins/wp-clone-by-wp-academy/wpclone.php'
# Script version check [OLD] [WP Clone v2.3.1 < v2.3.7]
'/home/nigerianstudents/public_html/nigerianstudentsunionuk/wp-content/plugins/wp-reset/wp-reset.php'
# Script version check [OLD] [WP Reset v1.86 < v1.96]
'/home/nigerianstudents/public_html/nigerianstudentsunionuk/wp-includes/version.php'
# Script version check [OLD] [Wordpress v5.8 < v6.1.1]
'/home/nigerianstudents/public_html/nyido/wordpress/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.1.8 < v5.0.2]
'/home/nigerianstudents/public_html/wp-admin/images/arrow-lefts.png'
# Suspicious image file (hidden script file)
'/home/nigerianstudents/public_html/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.2.1 < v5.0.2]
'/home/nigerianstudents/public_html/wp-content/plugins/contact-form-7/wp-contact-form-7.php'
# Script version check [OLD] [Contact Form 7 v5.5.3 < v5.7]
'/home/nigerianstudents/public_html/wp-content/plugins/elementor/elementor.php'
# Script version check [OLD] [Elementor v3.4.8 < v3.9.0]
'/home/nigerianstudents/public_html/wp-content/plugins/elementskit-lite/elementskit-lite.php'
# Script version check [OLD] [ElementsKit Lite v2.5.0 < v2.8.0]
'/home/nigerianstudents/public_html/wp-content/plugins/kirki/kirki.php'
# Script version check [OLD] [Kirki Customizer Framework v3.1.9 < v4.0.24]
'/home/nigerianstudents/public_html/wp-content/plugins/unyson/unyson.php'
# Script version check [OLD] [Unyson v2.7.24 < v2.7.28]
'/home/nigerianstudents/public_html/wp-content/plugins/woocommerce/woocommerce.php'
# Script version check [OLD] [WooCommerce v5.9.0 < v7.1.1]
'/home/nigerianstudents/public_html/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c'
# Suspicious file type [application/x-c]
'/home/nigerianstudents/public_html/wp-includes/version.php'
# Script version check [OLD] [Wordpress v5.8.7 < v6.1.1]
'/home/nigerianstudents/public_html/wp-includes/images/smilies/icon_devil.gif'
# Suspicious image file (hidden script file)
'/home/nigerianstudents/var/cpanel/styled/current_style'
# Symlink to [/usr/local/cpanel/base/frontend/paper_lantern/styled/basic]
----------- SCAN SUMMARY -----------
Resource: /home/nigerianstudents
Scanned directories: 23132
Scanned files: 161333
Ignored items: 693
Suspicious matches: 68
Viruses found: 0
Fingerprint matches: 0
Data scanned: 6995.79 MB
Scan peak memory: 507240 kB
Scan time/item: 0.009 sec
Scan time: 1611.237 sec
(21) pass11plus, Scanning /home/pass11plus:
'/home/pass11plus/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/pass11plus]
'/home/pass11plus/public_html/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/pass11plus/public_html/vendor/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]
----------- SCAN SUMMARY -----------
Resource: /home/pass11plus
Scanned directories: 1680
Scanned files: 9089
Ignored items: 70
Suspicious matches: 3
Viruses found: 0
Fingerprint matches: 0
Data scanned: 261.90 MB
Scan peak memory: 507240 kB
Scan time/item: 0.011 sec
Scan time: 116.572 sec
(20) pollingunits, Scanning /home/pollingunits:
'/home/pollingunits/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/pollingunits]
'/home/pollingunits/public_html/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/pollingunits/public_html/vendor/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]
'/home/pollingunits/public_html/wildcard.pollingunitsreportsng.com/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/pollingunits/public_html/wildcard.pollingunitsreportsng.com/vendor/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]
----------- SCAN SUMMARY -----------
Resource: /home/pollingunits
Scanned directories: 2840
Scanned files: 18036
Ignored items: 123
Suspicious matches: 5
Viruses found: 0
Fingerprint matches: 0
Data scanned: 216.03 MB
Scan peak memory: 507240 kB
Scan time/item: 0.008 sec
Scan time: 175.189 sec
(19) profadmanager, Scanning /home/profadmanager:
'/home/profadmanager/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/profadmanager]
'/home/profadmanager/public_ftp/incoming'
# World writeable directory
'/home/profadmanager/public_html/_wildcard_/whp/main/main.php'
# (quarantined to /home/cxs/quarantine/cxsuser/profadmanager/main.php.1685979128_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2021]]
'/home/profadmanager/public_html/_wildcard_/whp/main/main1.php'
# (quarantined to /home/cxs/quarantine/cxsuser/profadmanager/main1.php.1685979128_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2021]]
'/home/profadmanager/public_html/care/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/profadmanager/public_html/css/themes/locale/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/profadmanager/index.php.1685979207_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1973]]
----------- SCAN SUMMARY -----------
Resource: /home/profadmanager
Scanned directories: 7999
Scanned files: 49073
Ignored items: 269
Suspicious matches: 6
Viruses found: 0
Fingerprint matches: 3
Data scanned: 1548.00 MB
Scan peak memory: 520632 kB
Scan time/item: 0.005 sec
Scan time: 271.699 sec
(18) raycargo, Scanning /home/raycargo:
'/home/raycargo/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/raycargo]
'/home/raycargo/public_html/_wildcard_/sp/main/main.php'
# (quarantined to /home/cxs/quarantine/cxsuser/raycargo/main.php.1685979364_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2021]]
'/home/raycargo/public_html/_wildcard_/sp/main/main1.php'
# (quarantined to /home/cxs/quarantine/cxsuser/raycargo/main1.php.1685979364_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2021]]
----------- SCAN SUMMARY -----------
Resource: /home/raycargo
Scanned directories: 2043
Scanned files: 14582
Ignored items: 71
Suspicious matches: 3
Viruses found: 0
Fingerprint matches: 2
Data scanned: 393.20 MB
Scan peak memory: 520632 kB
Scan time/item: 0.005 sec
Scan time: 88.830 sec
(17) rccgemr2, Scanning /home/rccgemr2:
'/home/rccgemr2/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/rccgemr2]
'/home/rccgemr2/.npm/_cacache/content-v2/sha512/03/52/2fe2837e21e97a10fbfbeff1dd75712b2f66be819e2e05e654cbe6bc3b7e421584d786003c3202c2581b70a4665d0af4ef43d77e6d0c57fd00b7e860cfa5'
# (compressed file: package/src/binding.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/create_string.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/custom_function_bridge.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/custom_importer_bridge.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/contrib/plugin.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/docs/api-context-example.md [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/docs/api-doc.md [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/docs/api-function-example.md [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/docs/api-importer-example.md [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/docs/api-value-example.md [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/docs/custom-functions-internal.md [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/ast_fwd_decl.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/ast.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/backtrace.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/base64vlq.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/bind.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/c99func.c [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/cencode.c [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/check_nesting.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/color_maps.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/constants.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/context.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/cssize.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/emitter.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/environment.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/error_handling.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/eval.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/expand.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/extend.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/file.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/functions.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/inspect.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/json.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/lexer.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/listize.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/memory/SharedPtr.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/node.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/operators.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/output.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/parser.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/plugins.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/position.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/prelexer.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/remove_placeholders.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/sass_context.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/sass_functions.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/sass_util.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/sass_values.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/sass.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/sass2scss.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/source_map.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/subset_map.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/to_c.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/to_value.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/units.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/utf8_string.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/util.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/src/values.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/test/test_node.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/test/test_paths.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/test/test_selector_difference.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/test/test_specificity.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/test/test_subset_map.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/test/test_superselector.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/libsass/test/test_unification.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/sass_context_wrapper.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/sass_types/boolean.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/sass_types/color.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/sass_types/error.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/sass_types/factory.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/sass_types/list.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/sass_types/map.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/sass_types/null.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/sass_types/number.cpp [depth: 1]) Suspicious file type [application/x-c]
# (compressed file: package/src/sass_types/string.cpp [depth: 1]) Suspicious file type [application/x-c]
'/home/rccgemr2/.npm/_cacache/content-v2/sha512/14/21/2143fe2b135cd8bfdad85c9c3f9ac46ab279a58dee631cfea1b9678167bd388d44f2d36739019c96ba3a4c4756b1ea6570f4dc8931fb8ad8230359521f80'
# (compressed file: fixtures/the-chumbler [depth: 3]) Symlink to [/a/b/c/d/the-chumbler]
# (compressed file: fixtures/a/b/c/y [depth: 3]) Symlink to [../../x]
'/tmp/cxs_AN0t7ULo0Thqdqk2diwEt9XU.tar'
# (compressed file: 200LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL [depth: 1]) Symlink to [200ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc]
# Clamd Error for [SCAN /tmp/cxs_wfhyxJ8PaXAJM92V2K]: /tmp/cxs_wfhyxJ8PaXAJM92V2K: File path check failure: No such file or directory. ERROR
'/home/rccgemr2/.npm/_cacache/content-v2/sha512/5d/b5/631ccb2cb34822354929fed57fdde10065ef22d5f6532f398f2aa8c4d51188016393885e43d35e1fe91fa0e77640ab420addc3eb25716fa84f1e42384561'
# (compressed file: package/fallbacks/linux/xsel [depth: 1]) Linux Binary/Executable [application/x-executable]
# (compressed file: package/fallbacks/windows/clipboard_i686.exe [depth: 1]) MS Windows Binary/Executable [application/x-winexec]
# (compressed file: package/fallbacks/windows/clipboard_x86_64.exe [depth: 1]) MS Windows Binary/Executable [application/x-winexec]
'/home/rccgemr2/.npm/node-sass/4.12.0/linux-x64-64_binding.node'
# Linux Binary/Executable [application/x-sharedlib]
'/home/rccgemr2/public_html/rccg2backend/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
----------- SCAN SUMMARY -----------
Resource: /home/rccgemr2
Scanned directories: 8196
Scanned files: 35962
Ignored items: 288
Suspicious matches: 84
Viruses found: 0
Fingerprint matches: 0
Data scanned: 736.87 MB
Scan peak memory: 525332 kB
Scan time/item: 0.006 sec
Scan time: 286.595 sec
(16) rccgtmp, Scanning /home/rccgtmp:
'/home/rccgtmp/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/rccgtmp]
'/home/rccgtmp/public_ftp/incoming'
# World writeable directory
----------- SCAN SUMMARY -----------
Resource: /home/rccgtmp
Scanned directories: 2918
Scanned files: 25633
Ignored items: 126
Suspicious matches: 2
Viruses found: 0
Fingerprint matches: 0
Data scanned: 809.42 MB
Scan peak memory: 525332 kB
Scan time/item: 0.003 sec
Scan time: 92.346 sec
(15) rccguknational, Scanning /home/rccguknational:
'/home/rccguknational/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/rccguknational]
'/home/rccguknational/public_html/.tmb'
# World writeable directory
'/home/rccguknational/public_html/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c'
# Suspicious file type [application/x-c]
'/home/rccguknational/public_html/wp-content/plugins/wp-file-manager/lib/codemirror/mode/clike/index.html'
# Suspicious file type [application/x-c]
'/home/rccguknational/public_html/wp-content/uploads/js_composer'
# World writeable directory
----------- SCAN SUMMARY -----------
Resource: /home/rccguknational
Scanned directories: 3038
Scanned files: 35617
Ignored items: 93
Suspicious matches: 5
Viruses found: 0
Fingerprint matches: 0
Data scanned: 2205.98 MB
Scan peak memory: 525332 kB
Scan time/item: 0.009 sec
Scan time: 334.098 sec
(14) rgmglobal, Scanning /home/rgmglobal:
'/home/rgmglobal/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/rgmglobal]
----------- SCAN SUMMARY -----------
Resource: /home/rgmglobal
Scanned directories: 2139
Scanned files: 13281
Ignored items: 116
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 253.04 MB
Scan peak memory: 525332 kB
Scan time/item: 0.003 sec
Scan time: 49.355 sec
(13) shepherd, Scanning /home/shepherd:
'/home/shepherd/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/shepherd]
'/home/shepherd/.npm/_cacache/content-v2/sha512/9d/ec'
# World writeable directory
----------- SCAN SUMMARY -----------
Resource: /home/shepherd
Scanned directories: 1895
Scanned files: 11218
Ignored items: 58
Suspicious matches: 2
Viruses found: 0
Fingerprint matches: 0
Data scanned: 183.89 MB
Scan peak memory: 525332 kB
Scan time/item: 0.002 sec
Scan time: 23.095 sec
(12) speedmove, Scanning /home/speedmove:
'/home/speedmove/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/speedmove]
'/home/speedmove/mail/new'
# Skipped - too many resources: 143798 ( > filemax=100000)
'/home/speedmove/public_html/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/speedmove/public_html/vendor/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]
----------- SCAN SUMMARY -----------
Resource: /home/speedmove
Scanned directories: 2440
Scanned files: 16251
Ignored items: 74
Suspicious matches: 4
Viruses found: 0
Fingerprint matches: 0
Data scanned: 509.23 MB
Scan peak memory: 525332 kB
Scan time/item: 0.008 sec
Scan time: 142.184 sec
(11) speednin, Scanning /home/speednin:
'/home/speednin/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/speednin]
----------- SCAN SUMMARY -----------
Resource: /home/speednin
Scanned directories: 241
Scanned files: 552
Ignored items: 11
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 31.76 MB
Scan peak memory: 525332 kB
Scan time/item: 0.008 sec
Scan time: 6.315 sec
(10) starpos, Scanning /home/starpos:
'/home/starpos/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/starpos]
----------- SCAN SUMMARY -----------
Resource: /home/starpos
Scanned directories: 1821
Scanned files: 11364
Ignored items: 75
Suspicious matches: 1
Viruses found: 0
Fingerprint matches: 0
Data scanned: 153.62 MB
Scan peak memory: 525332 kB
Scan time/item: 0.002 sec
Scan time: 28.331 sec
(9) thestemcell, Scanning /home/thestemcell:
'/home/thestemcell/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/thestemcell]
'/home/thestemcell/.trash/admin/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/thestemcell/.trash/admin/testing/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/thestemcell/.trash/stem-cell/admin/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/thestemcell/.trash/stem-cell/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/thestemcell/.trash/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/thestemcell/public_html/admin/lickinfingers/third_party/mpdf/mpdfi/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/thestemcell/index.php.1685980686_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1973]]
'/home/thestemcell/public_html/admin/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/thestemcell/public_html/assets/lib2/plugins/iCheck/line/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/thestemcell/index.php.1685980698_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1973]]
'/home/thestemcell/public_html/lickinfingers/third_party/mpdf/graph_cache/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/thestemcell/index.php.1685980713_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1973]]
'/home/thestemcell/public_html/lickinfingers/views/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/thestemcell/index.php.1685980719_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1973]]
'/home/thestemcell/public_html/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
----------- SCAN SUMMARY -----------
Resource: /home/thestemcell
Scanned directories: 5157
Scanned files: 49157
Ignored items: 84
Suspicious matches: 12
Viruses found: 0
Fingerprint matches: 4
Data scanned: 4952.19 MB
Scan peak memory: 525332 kB
Scan time/item: 0.007 sec
Scan time: 380.102 sec
(8) tmpmmsapp, Scanning /home/tmpmmsapp:
'/home/tmpmmsapp/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/tmpmmsapp]
'/home/tmpmmsapp/mail/cur'
# Skipped - too many resources: 632200 ( > filemax=100000)
'/home/tmpmmsapp/mail/new'
# Skipped - too many resources: 1649203 ( > filemax=100000)
'/home/tmpmmsapp/public_html/application'
# World writeable directory
'/home/tmpmmsapp/public_html/s/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/tmpmmsapp/public_html/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
----------- SCAN SUMMARY -----------
Resource: /home/tmpmmsapp
Scanned directories: 14996
Scanned files: 145097
Ignored items: 494
Suspicious matches: 6
Viruses found: 0
Fingerprint matches: 0
Data scanned: 12693.10 MB
Scan peak memory: 676088 kB
Scan time/item: 0.007 sec
Scan time: 1139.451 sec
(7) tophygiene, Scanning /home/tophygiene:
'/home/tophygiene/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/tophygiene]
'/home/tophygiene/mail/tophygiene.co.uk/info/new/1587979837.M92892P10500.mailserver.bezaleelsolutions.com,S=694819,W=704374'
# (quarantined to /home/cxs/quarantine/cxsuser/tophygiene/1587979837.M92892P10500.mailserver.bezaleelsolutions.com,S=694819,W=704374.1685981877_1) ClamAV detected virus = [Win.Packed.Agenttesla-7732321-0]
'/home/tophygiene/public_ftp/incoming'
# World writeable directory
'/home/tophygiene/public_html/.tmb'
# World writeable directory
'/home/tophygiene/public_html/wp-admin/ALFA_DATA/alfasymlink/root'
# Symlink to [/]
'/home/tophygiene/public_html/wp-admin/ALFA_DATA/cgialfa/alfasymlink/alfaperl.txt'
# Symlink to [/]
'/home/tophygiene/public_html/wp-content/id.php'
# Decode regex match = [decode regex: 1]
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
'/home/tophygiene/public_html/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.1.6 < v5.0.2]
'/home/tophygiene/public_html/wp-content/plugins/classic-editor/classic-editor.php'
# Script version check [OLD] [Classic Editor v1.5 < v1.6.2]
'/home/tophygiene/public_html/wp-content/plugins/contact-form-7/wp-contact-form-7.php'
# Script version check [OLD] [Contact Form 7 v5.2.1 < v5.7]
'/home/tophygiene/public_html/wp-content/plugins/cookie-law-info/cookie-law-info.php'
# Script version check [OLD] [GDPR Cookie Consent v1.8.9 < v3.0.7]
'/home/tophygiene/public_html/wp-content/plugins/custom-css-js/custom-css-js.php'
# Script version check [OLD] [Simple Custom CSS and JS v3.32.3 < v3.41]
'/home/tophygiene/public_html/wp-content/plugins/instagram-feed/instagram-feed.php'
# Script version check [OLD] [Smash Balloon Instagram Feed v2.4.5 < v6.1]
'/home/tophygiene/public_html/wp-content/plugins/woo-gutenberg-products-block/woocommerce-gutenberg-products-block.php'
# Script version check [OLD] [WooCommerce Blocks v3.1.0 < v9.1.0]
'/home/tophygiene/public_html/wp-content/plugins/woocommerce/woocommerce.php'
# Script version check [OLD] [WooCommerce v3.6.3 < v7.1.1]
'/home/tophygiene/public_html/wp-content/plugins/wordpress-importer/wordpress-importer.php'
# Script version check [OLD] [WordPress Importer v0.7 < v0.8]
'/home/tophygiene/public_html/wp-content/plugins/wordpress-seo/wp-seo.php'
# Script version check [OLD] [Yoast SEO v14.7 < v19.12]
'/home/tophygiene/public_html/wp-content/plugins/wp-file-manager/lib/codemirror/mode/clike/index.html'
# Suspicious file type [application/x-c]
'/home/tophygiene/public_html/wp-content/uploads/revslider/templates/story-block-4/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/tophygiene/index.php.1685982073_1) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1973]]
'/home/tophygiene/public_html/wp-includes/version.php'
# Script version check [OLD] [Wordpress v5.4.12 < v6.1.1]
----------- SCAN SUMMARY -----------
Resource: /home/tophygiene
Scanned directories: 2973
Scanned files: 20705
Ignored items: 868
Suspicious matches: 21
Viruses found: 1
Fingerprint matches: 1
Data scanned: 778.78 MB
Scan peak memory: 676088 kB
Scan time/item: 0.010 sec
Scan time: 238.911 sec
(6) totalfreight, Scanning /home/totalfreight:
'/home/totalfreight/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/totalfreight]
'/home/totalfreight/.trash/pos.1/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
----------- SCAN SUMMARY -----------
Resource: /home/totalfreight
Scanned directories: 4745
Scanned files: 27302
Ignored items: 179
Suspicious matches: 2
Viruses found: 0
Fingerprint matches: 0
Data scanned: 647.13 MB
Scan peak memory: 676088 kB
Scan time/item: 0.009 sec
Scan time: 298.570 sec
(5) trinityempire, Scanning /home/trinityempire:
'/home/trinityempire/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/trinityempire]
'/home/trinityempire/.npm/_cacache/content-v2/sha512/ae/9d'
# World writeable directory
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/Logs/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/Bots/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/Bots/Anti/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/Bots/Anti/out/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/Bots/Anti/out/Crawler/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/Bots/Anti/out/Crawler/raw/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/Bots/Anti/out/Crawler/raw/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/index.php.1685982434_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P1896]]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/Bots/Anti/out/Crawler/src/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/Bots/Anti/out/Crawler/src/Fixtures/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/Bots/Anti/out/Crawler/src/Fixtures/SpamReferrers.php'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/Bots/bot/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/Bots/bot/CrawlerDetect/Fixtures/SpamReferrers.php'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/ses/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/ses/process/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/ses/process/verify_session_card.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_card.php.1685982439_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/ses/process/verify_session_login.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_login.php.1685982439_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/ses/process/verify_session_pass.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_pass.php.1685982439_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/login/ses/process/verify_session_personal.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_personal.php.1685982439_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/ENT CU[MRWEEBEE]/settings/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/Logs/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/Bots/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/Bots/Anti/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/Bots/Anti/out/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/Bots/Anti/out/Crawler/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/Bots/Anti/out/Crawler/raw/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/Bots/Anti/out/Crawler/raw/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/index.php.1685982447_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P1896]]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/Bots/Anti/out/Crawler/src/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/Bots/Anti/out/Crawler/src/Fixtures/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/Bots/Anti/out/Crawler/src/Fixtures/SpamReferrers.php'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/Bots/bot/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/Bots/bot/CrawlerDetect/Fixtures/SpamReferrers.php'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/session_card.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/session_card.php.1685982451_1) Known exploit = [Fingerprint Match (fp)] [PHP Phishing Exploit [P2022]]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/session_emma.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/session_emma.php.1685982451_1) Known exploit = [Fingerprint Match (fp)] [PHP Phishing Exploit [P2022]]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/session_index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/session_index.php.1685982451_1) Known exploit = [Fingerprint Match (fp)] [PHP Phishing Exploit [P2022]]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/session_login.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/session_login.php.1685982451_1) Known exploit = [Fingerprint Match (fp)] [PHP Phishing Exploit [P2022]]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/session_personal.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/session_personal.php.1685982451_1) Known exploit = [Fingerprint Match (fp)] [PHP Phishing Exploit [P2022]]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/process/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/process/verify_session_card.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_card.php.1685982452_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/process/verify_session_emma.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_emma.php.1685982452_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/process/verify_session_index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_index.php.1685982452_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/process/verify_session_login.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_login.php.1685982452_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/servr/auth/process/verify_session_personal.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_personal.php.1685982452_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/SUNCOAST CREDIT UNION/settings/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/Logs/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/Bots/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/Bots/Anti/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/Bots/Anti/out/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/Bots/Anti/out/Crawler/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/Bots/Anti/out/Crawler/raw/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/Bots/Anti/out/Crawler/raw/index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/index.php.1685982459_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P1896]]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/Bots/Anti/out/Crawler/src/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/Bots/Anti/out/Crawler/src/Fixtures/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/Bots/Anti/out/Crawler/src/Fixtures/SpamReferrers.php'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/Bots/bot/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/Bots/bot/CrawlerDetect/Fixtures/SpamReferrers.php'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/session_card.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/session_card.php.1685982464_1) Known exploit = [Fingerprint Match (fp)] [PHP Phishing Exploit [P2022]]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/session_emma.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/session_emma.php.1685982464_1) Known exploit = [Fingerprint Match (fp)] [PHP Phishing Exploit [P2022]]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/session_index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/session_index.php.1685982464_1) Known exploit = [Fingerprint Match (fp)] [PHP Phishing Exploit [P2022]]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/session_login.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/session_login.php.1685982464_1) Known exploit = [Fingerprint Match (fp)] [PHP Phishing Exploit [P2022]]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/session_personal.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/session_personal.php.1685982464_1) Known exploit = [Fingerprint Match (fp)] [PHP Phishing Exploit [P2022]]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/process/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/process/verify_session_card.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_card.php.1685982465_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/process/verify_session_emma.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_emma.php.1685982465_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/process/verify_session_index.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_index.php.1685982465_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/process/verify_session_login.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_login.php.1685982465_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/SUNCOAST-CU/servr/auth/process/verify_session_personal.php'
# (quarantined to /home/cxs/quarantine/cxsuser/trinityempire/verify_session_personal.php.1685982465_1) Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2095]]
'/home/trinityempire/.trash/SUNCOAST-CU/settings/.htaccess'
# Regular expression match = [\b0day]
'/home/trinityempire/var/cpanel/styled/current_style'
# Symlink to [/usr/local/cpanel/base/frontend/paper_lantern/styled/basic]
----------- SCAN SUMMARY -----------
Resource: /home/trinityempire
Scanned directories: 2181
Scanned files: 13933
Ignored items: 151
Suspicious matches: 78
Viruses found: 0
Fingerprint matches: 27
Data scanned: 252.68 MB
Scan peak memory: 676088 kB
Scan time/item: 0.005 sec
Scan time: 81.993 sec
(4) trunafoods, Scanning /home/trunafoods:
'/home/trunafoods/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/trunafoods]
'/home/trunafoods/.trash/admin/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/trunafoods/.trash/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/trunafoods/.trash/testing/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/trunafoods/public_html/admin/conf.php'
# Symlink to [/home/trunafoods/public_html/admin/conf.php]
'/home/trunafoods/public_html/admin/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/trunafoods/public_html/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
----------- SCAN SUMMARY -----------
Resource: /home/trunafoods
Scanned directories: 3945
Scanned files: 43119
Ignored items: 77
Suspicious matches: 7
Viruses found: 0
Fingerprint matches: 0
Data scanned: 4560.11 MB
Scan peak memory: 678044 kB
Scan time/item: 0.005 sec
Scan time: 254.655 sec
(3) tutormanager, Scanning /home/tutormanager:
'/home/tutormanager/access-logs'
# Symlink to [/usr/local/apache/domlogs/tutormanager]
'/home/tutormanager/.trash/PhpStorm-8.0.1.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/tutormanager/.trash/_create_tutor.php.zip'
# (compressed file: PhpStorm-8.0.1.exe [depth: 1]) MS Windows Binary/Executable [application/x-winexec]
'/home/tutormanager/public_ftp/incoming'
# World writeable directory
'/home/tutormanager/public_html/bezaleeltutors/app/Http/Controllers/generalcontroller.php'
# Universal decode regex match = [universal decoder]
'/home/tutormanager/public_html/bezaleeltutors/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/tutormanager/public_html/bezaleeltutors/vendor/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]
'/home/tutormanager/public_html/demo/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/tutormanager/public_html/lms/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]
'/home/tutormanager/public_html/lms/vendor/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]
'/home/tutormanager/public_html/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/tutormanager/public_html/tms_upd_forAndroid/system/core/CodeIgniter.php'
# Script version check [OLD] [CodeIgniter v2.2.0 < v4.4.0]
'/home/tutormanager/var/cpanel/styled/current_style'
# Symlink to [/usr/local/cpanel/base/frontend/paper_lantern/styled/glass]
----------- SCAN SUMMARY -----------
Resource: /home/tutormanager
Scanned directories: 3611
Scanned files: 20140
Ignored items: 156
Suspicious matches: 13
Viruses found: 0
Fingerprint matches: 0
Data scanned: 825.96 MB
Scan peak memory: 678044 kB
Scan time/item: 0.012 sec
Scan time: 276.310 sec
(2) unikfoods, Scanning /home/unikfoods:
'/home/unikfoods/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/unikfoods]
'/home/unikfoods/public_html/node_modules/forwarded'
# World writeable directory
----------- SCAN SUMMARY -----------
Resource: /home/unikfoods
Scanned directories: 1430
Scanned files: 10099
Ignored items: 64
Suspicious matches: 2
Viruses found: 0
Fingerprint matches: 0
Data scanned: 641.41 MB
Scan peak memory: 678044 kB
Scan time/item: 0.003 sec
Scan time: 31.880 sec
(1) wellnessbites, Scanning /home/wellnessbites:
'/home/wellnessbites/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/wellnessbites]
'/home/wellnessbites/public_html/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.2.1 < v5.0.2]
'/home/wellnessbites/public_html/wp-content/plugins/elementor/elementor.php'
# Script version check [OLD] [Elementor v3.5.4 < v3.9.0]
----------- SCAN SUMMARY -----------
Resource: /home/wellnessbites
Scanned directories: 931
Scanned files: 5576
Ignored items: 42
Suspicious matches: 3
Viruses found: 0
Fingerprint matches: 0
Data scanned: 157.87 MB
Scan peak memory: 678044 kB
Scan time/item: 0.014 sec
Scan time: 88.032 sec
Anons79 File Manager Version 1.0, Coded By Anons79
Email: [email protected]
Anons79 Mini Shell