HEX
Server: Apache/2.4.65 (Unix) OpenSSL/1.1.1k
System: Linux srv820.techno-vate.net 4.18.0-553.109.1.el8_10.x86_64 #1 SMP Mon Mar 2 09:33:18 EST 2026 x86_64
User: bheot (1024)
PHP: 8.1.30
Disabled: NONE
$ pwd: /usr/local/maldetect.bk855593/
Upload Files
File: //usr/local/maldetect.bk855593/event_log
Mar 08 2026 03:37:58 srv820 maldet(855848): {sigup} performing signature update check...
Mar 08 2026 03:37:58 srv820 maldet(855848): {sigup} local signature set is version 20250225482944
Mar 08 2026 03:37:58 srv820 maldet(855848): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 08 2026 03:37:58 srv820 maldet(855848): {sigup} new signature set 202603071550177 available
Mar 08 2026 03:37:58 srv820 maldet(855848): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 08 2026 03:37:58 srv820 maldet(855848): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 08 2026 03:37:58 srv820 maldet(855848): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 08 2026 03:37:58 srv820 maldet(855848): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 08 2026 03:38:49 srv820 maldet(855848): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 08 2026 03:39:27 srv820 maldet(855848): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 08 2026 03:39:27 srv820 maldet(855848): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 08 2026 03:39:27 srv820 maldet(855848): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 08 2026 03:39:27 srv820 maldet(855848): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
Mar 08 2026 03:39:27 srv820 maldet(855848): {sigup} signature set update completed
Mar 08 2026 03:39:27 srv820 maldet(855848): {sigup} 17660 signatures (14823 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 08 2026 03:39:27 srv820 maldet(849406): {update} completed update v1.6.6 3a1792 => v1.6.6 359d25, running signature updates...
Mar 08 2026 03:39:27 srv820 maldet(861402): {sigup} performing signature update check...
Mar 08 2026 03:39:27 srv820 maldet(861402): {sigup} local signature set is version 202603071550177
Mar 08 2026 03:39:53 srv820 maldet(861402): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 08 2026 03:39:53 srv820 maldet(861402): {sigup} latest signature set already installed
Mar 08 2026 03:39:53 srv820 maldet(849406): {update} update and config import completed
Mar 08 2026 03:39:53 srv820 maldet(863078): {sigup} performing signature update check...
Mar 08 2026 03:39:53 srv820 maldet(863078): {sigup} local signature set is version 202603071550177
Mar 08 2026 03:39:53 srv820 maldet(863078): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 08 2026 03:39:53 srv820 maldet(863078): {sigup} latest signature set already installed
Mar 08 2026 03:39:53 srv820 maldet(863181): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 08 2026 03:39:54 srv820 maldet(863181): {scan} signatures loaded: 17660 (14823 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 08 2026 03:39:54 srv820 maldet(863181): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 08 2026 03:39:54 srv820 maldet(863181): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 08 2026 03:39:54 srv820 maldet(863181): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 08 2026 03:40:14 srv820 maldet(863181): {scan} file list completed in 20s, found 517 files...
Mar 08 2026 03:40:14 srv820 maldet(863181): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Mar 08 2026 03:40:14 srv820 maldet(863181): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (517 files) in progress...
Mar 08 2026 03:41:04 srv820 maldet(863181): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 517, malware hits 0, cleaned hits 0, time 71s
Mar 08 2026 03:41:04 srv820 maldet(863181): {scan} scan report saved, to view run: maldet --report 260308-0339.863181
Mar 09 2026 04:03:06 srv820 maldet(1865868): {update} checking for available updates...
Mar 09 2026 04:03:06 srv820 maldet(1865868): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 09 2026 04:03:06 srv820 maldet(1865868): {update} hashing install files and checking against server...
Mar 09 2026 04:03:06 srv820 maldet(1865868): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 09 2026 04:03:06 srv820 maldet(1865868): {update} latest version already installed.
Mar 09 2026 04:03:07 srv820 maldet(1866007): {sigup} performing signature update check...
Mar 09 2026 04:03:07 srv820 maldet(1866007): {sigup} local signature set is version 202603071550177
Mar 09 2026 04:03:07 srv820 maldet(1866007): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 09 2026 04:03:07 srv820 maldet(1866007): {sigup} latest signature set already installed
Mar 09 2026 04:03:07 srv820 maldet(1866117): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 09 2026 04:03:07 srv820 maldet(1866117): {scan} signatures loaded: 17660 (14823 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 09 2026 04:03:07 srv820 maldet(1866117): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 09 2026 04:03:07 srv820 maldet(1866117): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 09 2026 04:03:07 srv820 maldet(1866117): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 09 2026 04:03:10 srv820 maldet(1866117): {scan} file list completed in 3s, found 566 files...
Mar 09 2026 04:03:10 srv820 maldet(1866117): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Mar 09 2026 04:03:10 srv820 maldet(1866117): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (566 files) in progress...
Mar 09 2026 04:04:04 srv820 maldet(1866117): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 566, malware hits 0, cleaned hits 0, time 57s
Mar 09 2026 04:04:04 srv820 maldet(1866117): {scan} scan report saved, to view run: maldet --report 260309-0403.1866117
Mar 10 2026 03:53:15 srv820 maldet(2478037): {update} checking for available updates...
Mar 10 2026 03:53:15 srv820 maldet(2478037): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 10 2026 03:53:16 srv820 maldet(2478037): {update} hashing install files and checking against server...
Mar 10 2026 03:53:16 srv820 maldet(2478037): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 10 2026 03:53:16 srv820 maldet(2478037): {update} latest version already installed.
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} performing signature update check...
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} local signature set is version 202603071550177
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} new signature set 202603103603122 available
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 10 2026 03:53:16 srv820 maldet(2478172): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 10 2026 03:53:17 srv820 maldet(2478172): {sigup} verified md5sum of maldet-clean.tgz
Mar 10 2026 03:53:17 srv820 maldet(2478172): {sigup} unpacked and installed maldet-clean.tgz
Mar 10 2026 03:53:17 srv820 maldet(2478172): {sigup} signature set update completed
Mar 10 2026 03:53:17 srv820 maldet(2478172): {sigup} 17660 signatures (14823 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 10 2026 03:53:17 srv820 maldet(2478428): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 10 2026 03:53:17 srv820 maldet(2478428): {scan} signatures loaded: 17660 (14823 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 10 2026 03:53:17 srv820 maldet(2478428): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 10 2026 03:53:17 srv820 maldet(2478428): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 10 2026 03:53:17 srv820 maldet(2478428): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 10 2026 03:53:20 srv820 maldet(2478428): {scan} file list completed in 3s, found 2265 files...
Mar 10 2026 03:53:20 srv820 maldet(2478428): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Mar 10 2026 03:53:20 srv820 maldet(2478428): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (2265 files) in progress...
Mar 10 2026 03:55:05 srv820 maldet(2478428): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 2265, malware hits 0, cleaned hits 0, time 108s
Mar 10 2026 03:55:05 srv820 maldet(2478428): {scan} scan report saved, to view run: maldet --report 260310-0353.2478428
Mar 10 2026 13:32:09 srv820 maldet(441527): {sigup} performing signature update check...
Mar 10 2026 13:32:09 srv820 maldet(441527): {sigup} local signature set is version 202603103603122
Mar 10 2026 13:32:10 srv820 maldet(441527): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 10 2026 13:32:10 srv820 maldet(441527): {sigup} latest signature set already installed
Mar 10 2026 13:32:16 srv820 maldet(441921): {scan} signatures loaded: 17660 (14823 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 10 2026 13:32:16 srv820 maldet(441921): {scan} building file list for /home/mines, this might take awhile...
Mar 10 2026 13:32:16 srv820 maldet(441921): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 10 2026 13:32:16 srv820 maldet(441921): {scan} executed /usr/bin/nice -n 19 /usr/bin/ionice -c2 -n 6 /usr/bin/find /home/mines /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 10 2026 13:32:18 srv820 maldet(441921): {scan} file list completed in 2s, found 177369 files...
Mar 10 2026 13:32:18 srv820 maldet(441921): {scan} found clamav binary at /usr/bin/clamscan, using clamav scanner engine...
Mar 10 2026 13:32:18 srv820 maldet(441921): {scan} scan of /home/mines (177369 files) in progress...
Mar 10 2026 14:19:25 srv820 maldet(441921): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Mar 10 2026 14:19:25 srv820 maldet(441921): {scan} scan completed on /home/mines: files 177369, malware hits 0, cleaned hits 0, time 2830s
Mar 10 2026 14:19:25 srv820 maldet(441921): {scan} scan report saved, to view run: maldet --report 260310-1332.441921
Mar 10 2026 14:22:50 srv820 maldet(890): {mon} could not find monitor mode dependency 'ed' in PATH, please apt/yum/dnf install ed and try again.
Mar 10 2026 19:48:49 srv820 maldet(937): {mon} could not find monitor mode dependency 'ed' in PATH, please apt/yum/dnf install ed and try again.
Mar 10 2026 21:01:17 srv820 maldet(887): {mon} could not find monitor mode dependency 'ed' in PATH, please apt/yum/dnf install ed and try again.
Mar 11 2026 03:44:45 srv820 maldet(1383149): {update} checking for available updates...
Mar 11 2026 03:44:46 srv820 maldet(1383149): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 11 2026 03:44:46 srv820 maldet(1383149): {update} hashing install files and checking against server...
Mar 11 2026 03:44:46 srv820 maldet(1383149): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 11 2026 03:44:46 srv820 maldet(1383149): {update} latest version already installed.
Mar 11 2026 03:44:46 srv820 maldet(1383290): {sigup} performing signature update check...
Mar 11 2026 03:44:46 srv820 maldet(1383290): {sigup} local signature set is version 202603103603122
Mar 11 2026 03:44:46 srv820 maldet(1383290): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 11 2026 03:44:46 srv820 maldet(1383290): {sigup} latest signature set already installed
Mar 11 2026 03:44:46 srv820 maldet(1383399): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 11 2026 03:44:46 srv820 maldet(1383399): {scan} signatures loaded: 17660 (14823 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 11 2026 03:44:46 srv820 maldet(1383399): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 11 2026 03:44:46 srv820 maldet(1383399): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 11 2026 03:44:46 srv820 maldet(1383399): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 11 2026 03:44:49 srv820 maldet(1383399): {scan} file list completed in 3s, found 9848 files...
Mar 11 2026 03:44:49 srv820 maldet(1383399): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Mar 11 2026 03:44:49 srv820 maldet(1383399): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (9848 files) in progress...
Mar 11 2026 03:49:58 srv820 maldet(1383399): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 9848, malware hits 0, cleaned hits 0, time 312s
Mar 11 2026 03:49:58 srv820 maldet(1383399): {scan} scan report saved, to view run: maldet --report 260311-0344.1383399
Mar 11 2026 07:21:55 srv820 maldet(890): {mon} could not find monitor mode dependency 'ed' in PATH, please apt/yum/dnf install ed and try again.
Mar 11 2026 07:38:58 srv820 maldet(916): {mon} could not find monitor mode dependency 'ed' in PATH, please apt/yum/dnf install ed and try again.
Mar 12 2026 03:36:22 srv820 maldet(3573444): {update} checking for available updates...
Mar 12 2026 03:36:42 srv820 maldet(3573444): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 12 2026 03:36:42 srv820 maldet(3573444): {update} hashing install files and checking against server...
Mar 12 2026 03:37:02 srv820 maldet(3573444): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 12 2026 03:37:02 srv820 maldet(3573444): {update} version check shows latest but hash check failed, forcing update...
Mar 12 2026 03:37:02 srv820 maldet(3573444): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz
Mar 12 2026 03:37:36 srv820 maldet(3573444): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5
Mar 12 2026 03:37:36 srv820 maldet(3573444): {update} verified md5sum of maldetect-current.tar.gz
Mar 12 2026 03:37:36 srv820 maldet(3573444): {update} completed update v1.6.6 3a1792 => verror code: 522 359d25, running signature updates...
Mar 12 2026 03:37:36 srv820 maldet(3576872): {sigup} performing signature update check...
Mar 12 2026 03:37:36 srv820 maldet(3576872): {sigup} local signature set is version 202603103603122
Mar 12 2026 03:38:13 srv820 maldet(3576872): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 12 2026 03:38:14 srv820 maldet(3576872): {sigup} latest signature set already installed
Mar 12 2026 03:38:14 srv820 maldet(3573444): {update} update and config import completed
Mar 12 2026 03:38:14 srv820 maldet(3578762): {sigup} performing signature update check...
Mar 12 2026 03:38:14 srv820 maldet(3578762): {sigup} local signature set is version 202603103603122
Mar 12 2026 03:39:00 srv820 maldet(3578762): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 12 2026 03:39:00 srv820 maldet(3578762): {sigup} new signature set error code: 525 available
Mar 12 2026 03:39:00 srv820 maldet(3578762): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 12 2026 03:39:27 srv820 maldet(3578762): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 12 2026 03:39:54 srv820 maldet(3578762): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 12 2026 03:39:54 srv820 maldet(3578762): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 12 2026 03:40:25 srv820 maldet(3578762): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 12 2026 03:40:51 srv820 maldet(3578762): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 12 2026 03:40:51 srv820 maldet(3578762): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 12 2026 03:40:51 srv820 maldet(3578762): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 12 2026 03:40:51 srv820 maldet(3578762): {sigup} verified md5sum of maldet-clean.tgz
Mar 12 2026 03:40:51 srv820 maldet(3578762): {sigup} unpacked and installed maldet-clean.tgz
Mar 12 2026 03:40:51 srv820 maldet(3578762): {sigup} signature set update completed
Mar 12 2026 03:40:51 srv820 maldet(3578762): {sigup} 17660 signatures (14823 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 12 2026 03:40:51 srv820 maldet(3586708): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 12 2026 03:40:52 srv820 maldet(3586708): {scan} signatures loaded: 17660 (14823 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 12 2026 03:40:52 srv820 maldet(3586708): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 12 2026 03:40:52 srv820 maldet(3586708): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 12 2026 03:40:52 srv820 maldet(3586708): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 12 2026 03:40:55 srv820 maldet(3586708): {scan} file list completed in 3s, found 1401 files...
Mar 12 2026 03:40:55 srv820 maldet(3586708): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Mar 12 2026 03:40:55 srv820 maldet(3586708): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (1401 files) in progress...
Mar 12 2026 03:42:26 srv820 maldet(3586708): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 1401, malware hits 0, cleaned hits 0, time 95s
Mar 12 2026 03:42:26 srv820 maldet(3586708): {scan} scan report saved, to view run: maldet --report 260312-0340.3586708
Mar 13 2026 03:53:08 srv820 maldet(4172724): {update} checking for available updates...
Mar 13 2026 03:53:08 srv820 maldet(4172724): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 13 2026 03:53:08 srv820 maldet(4172724): {update} hashing install files and checking against server...
Mar 13 2026 03:53:08 srv820 maldet(4172724): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 13 2026 03:53:08 srv820 maldet(4172724): {update} latest version already installed.
Mar 13 2026 03:53:08 srv820 maldet(4172863): {sigup} performing signature update check...
Mar 13 2026 03:53:08 srv820 maldet(4172863): {sigup} local signature set is version 202603103603122
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} new signature set 202603132091366 available
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} verified md5sum of maldet-clean.tgz
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} unpacked and installed maldet-clean.tgz
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} signature set update completed
Mar 13 2026 03:53:09 srv820 maldet(4172863): {sigup} 17661 signatures (14824 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 13 2026 03:53:10 srv820 maldet(4173136): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 13 2026 03:53:10 srv820 maldet(4173136): {scan} signatures loaded: 17661 (14824 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 13 2026 03:53:10 srv820 maldet(4173136): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 13 2026 03:53:10 srv820 maldet(4173136): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 13 2026 03:53:10 srv820 maldet(4173136): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 13 2026 03:53:13 srv820 maldet(4173136): {scan} file list completed in 3s, found 6765 files...
Mar 13 2026 03:53:13 srv820 maldet(4173136): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Mar 13 2026 03:53:13 srv820 maldet(4173136): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (6765 files) in progress...
Mar 13 2026 03:57:22 srv820 maldet(4173136): {hit} malware hit {YARA}php_in_image found for /home/bheot/public_html/wp-includes/sitemaps/ldxjwbk/e1tvpgz/fvncwug/u4mnumogt.php
Mar 13 2026 03:57:22 srv820 maldet(4173136): {hit} malware hit {YARA}php_in_image found for /home/bheot/public_html/wp-includes/sitemaps/ldxjwbk/e1tvpgz/fvncwug/380bx2lf4.php
Mar 13 2026 03:57:22 srv820 maldet(4173136): {hit} malware hit {HEX}php.nested.base64.663 found for /home/bheot/public_html/wp-includes/wHSYhnIx7Pg.php
Mar 13 2026 03:57:22 srv820 maldet(4173136): {hit} malware hit {HEX}php.nested.base64.663 found for /home/bheot/public_html/wp-includes/q3BjaMXNZop.php
Mar 13 2026 03:57:22 srv820 maldet(4173136): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 6765, malware hits 4, cleaned hits 0, time 252s
Mar 13 2026 03:57:22 srv820 maldet(4173136): {scan} scan report saved, to view run: maldet --report 260313-0353.4173136
Mar 13 2026 03:57:22 srv820 maldet(4173136): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260313-0353.4173136
Mar 14 2026 03:21:10 srv820 maldet(2125795): {update} checking for available updates...
Mar 14 2026 03:21:10 srv820 maldet(2125795): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 14 2026 03:21:10 srv820 maldet(2125795): {update} hashing install files and checking against server...
Mar 14 2026 03:21:10 srv820 maldet(2125795): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 14 2026 03:21:10 srv820 maldet(2125795): {update} latest version already installed.
Mar 14 2026 03:21:10 srv820 maldet(2125941): {sigup} performing signature update check...
Mar 14 2026 03:21:10 srv820 maldet(2125941): {sigup} local signature set is version 202603132091366
Mar 14 2026 03:21:10 srv820 maldet(2125941): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 14 2026 03:21:10 srv820 maldet(2125941): {sigup} latest signature set already installed
Mar 14 2026 03:21:11 srv820 maldet(2126047): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 14 2026 03:21:11 srv820 maldet(2126047): {scan} signatures loaded: 17661 (14824 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 14 2026 03:21:11 srv820 maldet(2126047): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 14 2026 03:21:11 srv820 maldet(2126047): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 14 2026 03:21:11 srv820 maldet(2126047): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 14 2026 03:21:14 srv820 maldet(2126047): {scan} file list completed in 3s, found 1211 files...
Mar 14 2026 03:21:14 srv820 maldet(2126047): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Mar 14 2026 03:21:14 srv820 maldet(2126047): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (1211 files) in progress...
Mar 14 2026 03:22:40 srv820 maldet(2126047): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 1211, malware hits 0, cleaned hits 0, time 89s
Mar 14 2026 03:22:40 srv820 maldet(2126047): {scan} scan report saved, to view run: maldet --report 260314-0321.2126047
Mar 15 2026 03:28:14 srv820 maldet(4066494): {update} checking for available updates...
Mar 15 2026 03:28:33 srv820 maldet(4066494): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 15 2026 03:28:33 srv820 maldet(4066494): {update} hashing install files and checking against server...
Mar 15 2026 03:29:21 srv820 maldet(4066494): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 15 2026 03:29:21 srv820 maldet(4066494): {update} version check shows latest but hash check failed, forcing update...
Mar 15 2026 03:29:21 srv820 maldet(4066494): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz
Mar 15 2026 03:30:07 srv820 maldet(4066494): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5
Mar 15 2026 03:30:07 srv820 maldet(4066494): {update} unable to verify md5sum of maldetect-current.tar.gz, update failed!
Mar 15 2026 03:30:07 srv820 maldet(4074625): {sigup} performing signature update check...
Mar 15 2026 03:30:07 srv820 maldet(4074625): {sigup} local signature set is version 202603132091366
Mar 15 2026 03:30:07 srv820 maldet(4074625): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 15 2026 03:30:07 srv820 maldet(4074625): {sigup} latest signature set already installed
Mar 15 2026 03:30:08 srv820 maldet(4074744): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 15 2026 03:30:08 srv820 maldet(4074744): {scan} signatures loaded: 17661 (14824 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 15 2026 03:30:08 srv820 maldet(4074744): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 15 2026 03:30:08 srv820 maldet(4074744): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 15 2026 03:30:08 srv820 maldet(4074744): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 15 2026 03:30:12 srv820 maldet(4074744): {scan} file list completed in 4s, found 24588 files...
Mar 15 2026 03:30:12 srv820 maldet(4074744): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Mar 15 2026 03:30:12 srv820 maldet(4074744): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (24588 files) in progress...
Mar 15 2026 03:44:29 srv820 maldet(4074744): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 24588, malware hits 0, cleaned hits 0, time 860s
Mar 15 2026 03:44:29 srv820 maldet(4074744): {scan} scan report saved, to view run: maldet --report 260315-0330.4074744
Mar 16 2026 03:52:56 srv820 maldet(2284699): {update} checking for available updates...
Mar 16 2026 03:52:56 srv820 maldet(2284699): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 16 2026 03:52:56 srv820 maldet(2284699): {update} hashing install files and checking against server...
Mar 16 2026 03:52:57 srv820 maldet(2284699): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 16 2026 03:52:57 srv820 maldet(2284699): {update} latest version already installed.
Mar 16 2026 03:52:57 srv820 maldet(2284839): {sigup} performing signature update check...
Mar 16 2026 03:52:57 srv820 maldet(2284839): {sigup} local signature set is version 202603132091366
Mar 16 2026 03:52:57 srv820 maldet(2284839): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 16 2026 03:52:57 srv820 maldet(2284839): {sigup} new signature set 2026031579540 available
Mar 16 2026 03:52:57 srv820 maldet(2284839): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 16 2026 03:52:57 srv820 maldet(2284839): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 16 2026 03:52:57 srv820 maldet(2284839): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 16 2026 03:52:57 srv820 maldet(2284839): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 16 2026 03:52:57 srv820 maldet(2284839): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 16 2026 03:52:57 srv820 maldet(2284839): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 16 2026 03:52:57 srv820 maldet(2284839): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 16 2026 03:52:58 srv820 maldet(2284839): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 16 2026 03:52:58 srv820 maldet(2284839): {sigup} verified md5sum of maldet-clean.tgz
Mar 16 2026 03:52:58 srv820 maldet(2284839): {sigup} unpacked and installed maldet-clean.tgz
Mar 16 2026 03:52:58 srv820 maldet(2284839): {sigup} signature set update completed
Mar 16 2026 03:52:58 srv820 maldet(2284839): {sigup} 42289 signatures (39994 MD5 | 2290 HEX | 5 YARA | 0 USER)
Mar 16 2026 03:52:58 srv820 maldet(2285134): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 16 2026 03:52:59 srv820 maldet(2285134): {scan} signatures loaded: 42289 (39994 MD5 | 2290 HEX | 5 YARA | 0 USER)
Mar 16 2026 03:52:59 srv820 maldet(2285134): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 16 2026 03:52:59 srv820 maldet(2285134): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 16 2026 03:52:59 srv820 maldet(2285134): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 16 2026 03:53:02 srv820 maldet(2285134): {scan} file list completed in 3s, found 927 files...
Mar 16 2026 03:53:02 srv820 maldet(2285134): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Mar 16 2026 03:53:02 srv820 maldet(2285134): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (927 files) in progress...
Mar 16 2026 03:53:02 srv820 maldet(2285134): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details!
Mar 16 2026 03:53:02 srv820 maldet(2285134): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 927, malware hits 0, cleaned hits 0, time 4s
Mar 16 2026 03:53:02 srv820 maldet(2285134): {scan} scan report saved, to view run: maldet --report 260316-0352.2285134
@ Telegram