Linux ip-172-26-2-223 5.4.0-1018-aws #18-Ubuntu SMP Wed Jun 24 01:15:00 UTC 2020 x86_64
Apache
: 172.26.2.223 | : 3.144.147.211
Cant Read [ /etc/named.conf ]
8.1.13
www
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
BLACK DEFEND!
README
+ Create Folder
+ Create File
/
usr /
local /
maldetect.bk837687 /
[ HOME SHELL ]
Name
Size
Permission
Action
clean
[ DIR ]
drwxr-xr-x
cron
[ DIR ]
drwxr-xr-x
internals
[ DIR ]
drwxr-xr-x
logs
[ DIR ]
drwxr-xr-x
pub
[ DIR ]
drwxr-xr-x
quarantine
[ DIR ]
drwxr-x---
service
[ DIR ]
drwxr-xr-x
sess
[ DIR ]
drwxr-x---
sigs
[ DIR ]
drwxr-xr-x
sigs.old
[ DIR ]
drwxr-xr-x
tmp
[ DIR ]
drwxr-xr-x
CHANGELOG
47.91
KB
-rw-r--r--
COPYING.GPL
17.67
KB
-rw-r--r--
README
23.87
KB
-rw-r--r--
VERSION
6
B
-rw-r--r--
VERSION.hash
64
B
-rw-r--r--
conf.maldet
15.16
KB
-rw-r--r--
conf.maldet.cron
155
B
-rw-r--r--
event_log
61.42
KB
-rw-r--r--
hookscan.sh
702
B
-rwxr-xr-x
ignore_file_ext
0
B
-rw-r--r--
ignore_inotify
201
B
-rw-r--r--
ignore_paths
44
B
-rw-r--r--
ignore_sigs
0
B
-rw-r--r--
maldet
7.47
KB
-rwxr-xr-x
maldet.1.gz
3.94
KB
-rw-r--r--
modsec.sh
702
B
-rwxr-xr-x
monitor_paths
0
B
-rw-r--r--
uninstall.sh
1.54
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : event_log
Apr 18 2025 06:32:03 ip-172-26-2-223 maldet(837992): {sigup} performing signature update check... Apr 18 2025 06:32:03 ip-172-26-2-223 maldet(837992): {sigup} local signature set is version 20250225482944 Apr 18 2025 06:32:31 ip-172-26-2-223 maldet(837992): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 18 2025 06:32:31 ip-172-26-2-223 maldet(837992): {sigup} new signature set 202504163218957 available Apr 18 2025 06:32:31 ip-172-26-2-223 maldet(837992): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 18 2025 06:34:21 ip-172-26-2-223 maldet(837992): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 18 2025 06:36:10 ip-172-26-2-223 maldet(837992): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 18 2025 06:36:11 ip-172-26-2-223 maldet(837992): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 18 2025 06:37:01 ip-172-26-2-223 maldet(837992): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 18 2025 06:37:01 ip-172-26-2-223 maldet(837992): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 18 2025 06:37:01 ip-172-26-2-223 maldet(837992): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 18 2025 06:37:01 ip-172-26-2-223 maldet(837992): {sigup} verified md5sum of maldet-clean.tgz Apr 18 2025 06:37:01 ip-172-26-2-223 maldet(837992): {sigup} unpacked and installed maldet-clean.tgz Apr 18 2025 06:37:01 ip-172-26-2-223 maldet(837339): {update} completed update v1.6.6 3a1792 => v1.6.6 359d25, running signature updates... Apr 18 2025 06:37:01 ip-172-26-2-223 maldet(838921): {sigup} performing signature update check... Apr 18 2025 06:37:01 ip-172-26-2-223 maldet(838921): {sigup} local signature set is version 20250225482944 Apr 18 2025 06:37:58 ip-172-26-2-223 maldet(838921): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 18 2025 06:37:58 ip-172-26-2-223 maldet(838921): {sigup} new signature set 202504163218957 available Apr 18 2025 06:37:58 ip-172-26-2-223 maldet(838921): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 18 2025 06:38:38 ip-172-26-2-223 maldet(838921): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 18 2025 06:38:38 ip-172-26-2-223 maldet(838921): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 18 2025 06:38:38 ip-172-26-2-223 maldet(838921): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 18 2025 06:40:28 ip-172-26-2-223 maldet(838921): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 18 2025 06:42:17 ip-172-26-2-223 maldet(838921): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 18 2025 06:42:17 ip-172-26-2-223 maldet(838921): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 18 2025 06:42:17 ip-172-26-2-223 maldet(838921): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com Apr 18 2025 06:42:17 ip-172-26-2-223 maldet(837339): {update} update and config import completed Apr 18 2025 06:42:17 ip-172-26-2-223 maldet(839196): {sigup} performing signature update check... Apr 18 2025 06:42:17 ip-172-26-2-223 maldet(839196): {sigup} local signature set is version 20250225482944 Apr 18 2025 06:42:53 ip-172-26-2-223 maldet(839196): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 18 2025 06:42:53 ip-172-26-2-223 maldet(839196): {sigup} new signature set 202504163218957 available Apr 18 2025 06:42:53 ip-172-26-2-223 maldet(839196): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 18 2025 06:44:50 ip-172-26-2-223 maldet(839196): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 18 2025 06:45:29 ip-172-26-2-223 maldet(839196): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 18 2025 06:45:29 ip-172-26-2-223 maldet(839196): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 18 2025 06:47:19 ip-172-26-2-223 maldet(839196): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 18 2025 06:48:04 ip-172-26-2-223 maldet(839196): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 18 2025 06:48:05 ip-172-26-2-223 maldet(839196): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 18 2025 06:48:05 ip-172-26-2-223 maldet(839196): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com Apr 18 2025 06:48:05 ip-172-26-2-223 maldet(839472): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 18 2025 06:48:05 ip-172-26-2-223 maldet(839472): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 18 2025 06:48:05 ip-172-26-2-223 maldet(839472): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 18 2025 06:48:05 ip-172-26-2-223 maldet(839472): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 18 2025 06:48:05 ip-172-26-2-223 maldet(839472): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 18 2025 06:48:06 ip-172-26-2-223 maldet(839472): {scan} file list completed in 1s, found 6542 files... Apr 18 2025 06:48:06 ip-172-26-2-223 maldet(839472): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 18 2025 06:48:06 ip-172-26-2-223 maldet(839472): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (6542 files) in progress... Apr 18 2025 06:49:01 ip-172-26-2-223 maldet(839472): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 6542, malware hits 0, cleaned hits 0, time 56s Apr 18 2025 06:49:01 ip-172-26-2-223 maldet(839472): {scan} scan report saved, to view run: maldet --report 250418-0648.839472 Apr 19 2025 06:29:02 ip-172-26-2-223 maldet(878261): {update} checking for available updates... Apr 19 2025 06:30:29 ip-172-26-2-223 maldet(878261): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 19 2025 06:30:29 ip-172-26-2-223 maldet(878261): {update} hashing install files and checking against server... Apr 19 2025 06:31:08 ip-172-26-2-223 maldet(878261): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 19 2025 06:31:08 ip-172-26-2-223 maldet(878261): {update} version check shows latest but hash check failed, forcing update... Apr 19 2025 06:31:08 ip-172-26-2-223 maldet(878261): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz Apr 19 2025 06:31:47 ip-172-26-2-223 maldet(878261): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5 Apr 19 2025 06:31:47 ip-172-26-2-223 maldet(878261): {update} unable to verify md5sum of maldetect-current.tar.gz, update failed! Apr 19 2025 06:31:47 ip-172-26-2-223 maldet(878469): {sigup} performing signature update check... Apr 19 2025 06:31:48 ip-172-26-2-223 maldet(878469): {sigup} local signature set is version 20250225482944 Apr 19 2025 06:32:27 ip-172-26-2-223 maldet(878469): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 19 2025 06:32:27 ip-172-26-2-223 maldet(878469): {sigup} new signature set error code: 522 available Apr 19 2025 06:32:27 ip-172-26-2-223 maldet(878469): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 19 2025 06:33:06 ip-172-26-2-223 maldet(878469): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 19 2025 06:33:45 ip-172-26-2-223 maldet(878469): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 19 2025 06:33:45 ip-172-26-2-223 maldet(878469): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 19 2025 06:33:45 ip-172-26-2-223 maldet(878469): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 19 2025 06:35:34 ip-172-26-2-223 maldet(878469): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 19 2025 06:35:34 ip-172-26-2-223 maldet(878469): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 19 2025 06:35:34 ip-172-26-2-223 maldet(878469): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com Apr 19 2025 06:35:35 ip-172-26-2-223 maldet(878716): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 19 2025 06:35:35 ip-172-26-2-223 maldet(878716): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 19 2025 06:35:35 ip-172-26-2-223 maldet(878716): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 19 2025 06:35:35 ip-172-26-2-223 maldet(878716): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 19 2025 06:35:35 ip-172-26-2-223 maldet(878716): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 19 2025 06:35:36 ip-172-26-2-223 maldet(878716): {scan} file list completed in 1s, found 4060 files... Apr 19 2025 06:35:36 ip-172-26-2-223 maldet(878716): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 19 2025 06:35:36 ip-172-26-2-223 maldet(878716): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (4060 files) in progress... Apr 19 2025 06:36:24 ip-172-26-2-223 maldet(878716): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 4060, malware hits 0, cleaned hits 0, time 49s Apr 19 2025 06:36:24 ip-172-26-2-223 maldet(878716): {scan} scan report saved, to view run: maldet --report 250419-0635.878716 Apr 20 2025 06:29:13 ip-172-26-2-223 maldet(916514): {update} checking for available updates... Apr 20 2025 06:29:52 ip-172-26-2-223 maldet(916514): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 20 2025 06:29:52 ip-172-26-2-223 maldet(916514): {update} hashing install files and checking against server... Apr 20 2025 06:30:40 ip-172-26-2-223 maldet(916514): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 20 2025 06:30:40 ip-172-26-2-223 maldet(916514): {update} latest version already installed. Apr 20 2025 06:30:40 ip-172-26-2-223 maldet(916684): {sigup} performing signature update check... Apr 20 2025 06:30:40 ip-172-26-2-223 maldet(916684): {sigup} local signature set is version 20250225482944 Apr 20 2025 06:32:30 ip-172-26-2-223 maldet(916684): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 20 2025 06:32:30 ip-172-26-2-223 maldet(916684): {sigup} new signature set error code: 522 available Apr 20 2025 06:32:30 ip-172-26-2-223 maldet(916684): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 20 2025 06:34:20 ip-172-26-2-223 maldet(916684): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 20 2025 06:34:59 ip-172-26-2-223 maldet(916684): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 20 2025 06:34:59 ip-172-26-2-223 maldet(916684): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 20 2025 06:35:38 ip-172-26-2-223 maldet(916684): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 20 2025 06:38:38 ip-172-26-2-223 maldet(916684): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 20 2025 06:38:39 ip-172-26-2-223 maldet(916684): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 20 2025 06:38:39 ip-172-26-2-223 maldet(916684): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com Apr 20 2025 06:38:39 ip-172-26-2-223 maldet(916984): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 20 2025 06:38:40 ip-172-26-2-223 maldet(916984): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 20 2025 06:38:40 ip-172-26-2-223 maldet(916984): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 20 2025 06:38:40 ip-172-26-2-223 maldet(916984): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 20 2025 06:38:40 ip-172-26-2-223 maldet(916984): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 20 2025 06:38:47 ip-172-26-2-223 maldet(916984): {scan} file list completed in 7s, found 1429 files... Apr 20 2025 06:38:47 ip-172-26-2-223 maldet(916984): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 20 2025 06:38:47 ip-172-26-2-223 maldet(916984): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (1429 files) in progress... Apr 20 2025 06:39:40 ip-172-26-2-223 maldet(916984): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 1429, malware hits 0, cleaned hits 0, time 61s Apr 20 2025 06:39:40 ip-172-26-2-223 maldet(916984): {scan} scan report saved, to view run: maldet --report 250420-0638.916984 Apr 21 2025 06:30:14 ip-172-26-2-223 maldet(963749): {update} checking for available updates... Apr 21 2025 06:30:15 ip-172-26-2-223 maldet(963749): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 21 2025 06:30:15 ip-172-26-2-223 maldet(963749): {update} hashing install files and checking against server... Apr 21 2025 06:30:54 ip-172-26-2-223 maldet(963749): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 21 2025 06:30:54 ip-172-26-2-223 maldet(963749): {update} version check shows latest but hash check failed, forcing update... Apr 21 2025 06:30:54 ip-172-26-2-223 maldet(963749): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz Apr 21 2025 06:31:34 ip-172-26-2-223 maldet(963749): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5 Apr 21 2025 06:31:34 ip-172-26-2-223 maldet(963749): {update} unable to verify md5sum of maldetect-current.tar.gz, update failed! Apr 21 2025 06:31:35 ip-172-26-2-223 maldet(963983): {sigup} performing signature update check... Apr 21 2025 06:31:35 ip-172-26-2-223 maldet(963983): {sigup} local signature set is version 20250225482944 Apr 21 2025 06:32:14 ip-172-26-2-223 maldet(963983): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 21 2025 06:32:14 ip-172-26-2-223 maldet(963983): {sigup} new signature set error code: 522 available Apr 21 2025 06:32:14 ip-172-26-2-223 maldet(963983): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 21 2025 06:32:15 ip-172-26-2-223 maldet(963983): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 21 2025 06:33:13 ip-172-26-2-223 maldet(963983): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 21 2025 06:33:13 ip-172-26-2-223 maldet(963983): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 21 2025 06:33:43 ip-172-26-2-223 maldet(963983): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 21 2025 06:34:03 ip-172-26-2-223 maldet(963983): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 21 2025 06:34:03 ip-172-26-2-223 maldet(963983): {sigup} verified md5sum of maldet-sigpack.tgz Apr 21 2025 06:34:04 ip-172-26-2-223 maldet(963983): {sigup} unpacked and installed maldet-sigpack.tgz Apr 21 2025 06:34:04 ip-172-26-2-223 maldet(963983): {sigup} verified md5sum of maldet-clean.tgz Apr 21 2025 06:34:04 ip-172-26-2-223 maldet(963983): {sigup} unpacked and installed maldet-clean.tgz Apr 21 2025 06:34:04 ip-172-26-2-223 maldet(963983): {sigup} signature set update completed Apr 21 2025 06:34:05 ip-172-26-2-223 maldet(963983): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 21 2025 06:34:06 ip-172-26-2-223 maldet(964384): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 21 2025 06:34:07 ip-172-26-2-223 maldet(964384): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 21 2025 06:34:07 ip-172-26-2-223 maldet(964384): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 21 2025 06:34:08 ip-172-26-2-223 maldet(964384): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 21 2025 06:34:08 ip-172-26-2-223 maldet(964384): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 21 2025 06:34:17 ip-172-26-2-223 maldet(964384): {scan} file list completed in 8s, found 977 files... Apr 21 2025 06:34:17 ip-172-26-2-223 maldet(964384): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 21 2025 06:34:17 ip-172-26-2-223 maldet(964384): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (977 files) in progress... Apr 21 2025 06:35:40 ip-172-26-2-223 maldet(964384): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 977, malware hits 0, cleaned hits 0, time 94s Apr 21 2025 06:35:40 ip-172-26-2-223 maldet(964384): {scan} scan report saved, to view run: maldet --report 250421-0634.964384 Apr 22 2025 06:41:16 ip-172-26-2-223 maldet(1012332): {update} checking for available updates... Apr 22 2025 06:43:21 ip-172-26-2-223 maldet(1012332): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 22 2025 06:43:21 ip-172-26-2-223 maldet(1012332): {update} hashing install files and checking against server... Apr 22 2025 06:44:06 ip-172-26-2-223 maldet(1012332): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 22 2025 06:44:06 ip-172-26-2-223 maldet(1012332): {update} latest version already installed. Apr 22 2025 06:44:07 ip-172-26-2-223 maldet(1012497): {sigup} performing signature update check... Apr 22 2025 06:44:07 ip-172-26-2-223 maldet(1012497): {sigup} local signature set is version 20250419480331 Apr 22 2025 06:44:32 ip-172-26-2-223 maldet(1012497): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 22 2025 06:44:32 ip-172-26-2-223 maldet(1012497): {sigup} new signature set 202504221155028 available Apr 22 2025 06:44:32 ip-172-26-2-223 maldet(1012497): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 22 2025 06:46:22 ip-172-26-2-223 maldet(1012497): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 22 2025 06:47:04 ip-172-26-2-223 maldet(1012497): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 22 2025 06:47:04 ip-172-26-2-223 maldet(1012497): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 22 2025 06:47:59 ip-172-26-2-223 maldet(1012497): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 22 2025 06:48:51 ip-172-26-2-223 maldet(1012497): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 22 2025 06:48:51 ip-172-26-2-223 maldet(1012497): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 22 2025 06:48:51 ip-172-26-2-223 maldet(1012497): {sigup} verified md5sum of maldet-clean.tgz Apr 22 2025 06:48:51 ip-172-26-2-223 maldet(1012497): {sigup} unpacked and installed maldet-clean.tgz Apr 22 2025 06:48:52 ip-172-26-2-223 maldet(1012825): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 22 2025 06:48:53 ip-172-26-2-223 maldet(1012825): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 22 2025 06:48:53 ip-172-26-2-223 maldet(1012825): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 22 2025 06:48:53 ip-172-26-2-223 maldet(1012825): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 22 2025 06:48:53 ip-172-26-2-223 maldet(1012825): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 22 2025 06:49:01 ip-172-26-2-223 maldet(1012825): {scan} file list completed in 8s, found 1967 files... Apr 22 2025 06:49:01 ip-172-26-2-223 maldet(1012825): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 22 2025 06:49:01 ip-172-26-2-223 maldet(1012825): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (1967 files) in progress... Apr 22 2025 06:51:04 ip-172-26-2-223 maldet(1012825): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details! Apr 22 2025 06:51:05 ip-172-26-2-223 maldet(1012825): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 1967, malware hits 0, cleaned hits 0, time 132s Apr 22 2025 06:51:05 ip-172-26-2-223 maldet(1012825): {scan} scan report saved, to view run: maldet --report 250422-0648.1012825 Apr 23 2025 06:28:33 ip-172-26-2-223 maldet(1086622): {update} checking for available updates... Apr 23 2025 06:30:13 ip-172-26-2-223 maldet(1086622): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 23 2025 06:30:13 ip-172-26-2-223 maldet(1086622): {update} hashing install files and checking against server... Apr 23 2025 06:31:44 ip-172-26-2-223 maldet(1086622): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 23 2025 06:31:44 ip-172-26-2-223 maldet(1086622): {update} latest version already installed. Apr 23 2025 06:31:44 ip-172-26-2-223 maldet(1087051): {sigup} performing signature update check... Apr 23 2025 06:31:44 ip-172-26-2-223 maldet(1087051): {sigup} local signature set is version 20250419480331 Apr 23 2025 06:32:23 ip-172-26-2-223 maldet(1087051): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 23 2025 06:32:24 ip-172-26-2-223 maldet(1087051): {sigup} new signature set error code: 522 available Apr 23 2025 06:32:24 ip-172-26-2-223 maldet(1087051): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 23 2025 06:33:03 ip-172-26-2-223 maldet(1087051): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 23 2025 06:35:12 ip-172-26-2-223 maldet(1087051): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 23 2025 06:35:12 ip-172-26-2-223 maldet(1087051): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 23 2025 06:37:02 ip-172-26-2-223 maldet(1087051): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 23 2025 06:37:49 ip-172-26-2-223 maldet(1087051): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 23 2025 06:37:49 ip-172-26-2-223 maldet(1087051): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 23 2025 06:37:49 ip-172-26-2-223 maldet(1087051): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com Apr 23 2025 06:37:49 ip-172-26-2-223 maldet(1087609): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 23 2025 06:37:50 ip-172-26-2-223 maldet(1087609): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 23 2025 06:37:50 ip-172-26-2-223 maldet(1087609): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 23 2025 06:37:50 ip-172-26-2-223 maldet(1087609): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 23 2025 06:37:50 ip-172-26-2-223 maldet(1087609): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 23 2025 06:37:55 ip-172-26-2-223 maldet(1087609): {scan} file list completed in 5s, found 7817 files... Apr 23 2025 06:37:55 ip-172-26-2-223 maldet(1087609): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 23 2025 06:37:55 ip-172-26-2-223 maldet(1087609): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (7817 files) in progress... Apr 23 2025 06:41:33 ip-172-26-2-223 maldet(1087609): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 7817, malware hits 0, cleaned hits 0, time 224s Apr 23 2025 06:41:33 ip-172-26-2-223 maldet(1087609): {scan} scan report saved, to view run: maldet --report 250423-0637.1087609 Apr 24 2025 06:29:30 ip-172-26-2-223 maldet(1145535): {update} checking for available updates... Apr 24 2025 06:31:20 ip-172-26-2-223 maldet(1145535): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 24 2025 06:31:20 ip-172-26-2-223 maldet(1145535): {update} hashing install files and checking against server... Apr 24 2025 06:31:48 ip-172-26-2-223 maldet(1145535): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 24 2025 06:31:48 ip-172-26-2-223 maldet(1145535): {update} latest version already installed. Apr 24 2025 06:31:48 ip-172-26-2-223 maldet(1145713): {sigup} performing signature update check... Apr 24 2025 06:31:48 ip-172-26-2-223 maldet(1145713): {sigup} local signature set is version 20250419480331 Apr 24 2025 06:32:28 ip-172-26-2-223 maldet(1145713): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 24 2025 06:32:28 ip-172-26-2-223 maldet(1145713): {sigup} new signature set error code: 522 available Apr 24 2025 06:32:28 ip-172-26-2-223 maldet(1145713): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 24 2025 06:33:07 ip-172-26-2-223 maldet(1145713): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 24 2025 06:33:46 ip-172-26-2-223 maldet(1145713): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 24 2025 06:33:46 ip-172-26-2-223 maldet(1145713): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 24 2025 06:34:25 ip-172-26-2-223 maldet(1145713): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 24 2025 06:35:15 ip-172-26-2-223 maldet(1145713): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 24 2025 06:35:15 ip-172-26-2-223 maldet(1145713): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 24 2025 06:35:15 ip-172-26-2-223 maldet(1145713): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com Apr 24 2025 06:35:16 ip-172-26-2-223 maldet(1145957): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 24 2025 06:35:17 ip-172-26-2-223 maldet(1145957): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 24 2025 06:35:17 ip-172-26-2-223 maldet(1145957): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 24 2025 06:35:17 ip-172-26-2-223 maldet(1145957): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 24 2025 06:35:18 ip-172-26-2-223 maldet(1145957): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 24 2025 06:35:24 ip-172-26-2-223 maldet(1145957): {scan} file list completed in 7s, found 11274 files... Apr 24 2025 06:35:24 ip-172-26-2-223 maldet(1145957): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 24 2025 06:35:24 ip-172-26-2-223 maldet(1145957): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (11274 files) in progress... Apr 24 2025 06:41:25 ip-172-26-2-223 maldet(1145957): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 11274, malware hits 0, cleaned hits 0, time 368s Apr 24 2025 06:41:25 ip-172-26-2-223 maldet(1145957): {scan} scan report saved, to view run: maldet --report 250424-0635.1145957 Apr 25 2025 06:28:32 ip-172-26-2-223 maldet(1202903): {update} checking for available updates... Apr 25 2025 06:29:11 ip-172-26-2-223 maldet(1202903): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 25 2025 06:29:11 ip-172-26-2-223 maldet(1202903): {update} hashing install files and checking against server... Apr 25 2025 06:31:00 ip-172-26-2-223 maldet(1202903): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 25 2025 06:31:00 ip-172-26-2-223 maldet(1202903): {update} version check shows latest but hash check failed, forcing update... Apr 25 2025 06:31:00 ip-172-26-2-223 maldet(1202903): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz Apr 25 2025 06:32:50 ip-172-26-2-223 maldet(1202903): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5 Apr 25 2025 06:32:50 ip-172-26-2-223 maldet(1202903): {update} unable to verify md5sum of maldetect-current.tar.gz, update failed! Apr 25 2025 06:32:50 ip-172-26-2-223 maldet(1203176): {sigup} performing signature update check... Apr 25 2025 06:32:50 ip-172-26-2-223 maldet(1203176): {sigup} local signature set is version 20250419480331 Apr 25 2025 06:33:29 ip-172-26-2-223 maldet(1203176): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 25 2025 06:33:29 ip-172-26-2-223 maldet(1203176): {sigup} new signature set error code: 522 available Apr 25 2025 06:33:29 ip-172-26-2-223 maldet(1203176): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 25 2025 06:36:30 ip-172-26-2-223 maldet(1203176): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 25 2025 06:38:19 ip-172-26-2-223 maldet(1203176): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 25 2025 06:38:19 ip-172-26-2-223 maldet(1203176): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 25 2025 06:38:19 ip-172-26-2-223 maldet(1203176): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 25 2025 06:38:46 ip-172-26-2-223 maldet(1203176): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 25 2025 06:38:46 ip-172-26-2-223 maldet(1203176): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 25 2025 06:38:46 ip-172-26-2-223 maldet(1203176): {sigup} verified md5sum of maldet-clean.tgz Apr 25 2025 06:38:46 ip-172-26-2-223 maldet(1203176): {sigup} unpacked and installed maldet-clean.tgz Apr 25 2025 06:38:46 ip-172-26-2-223 maldet(1203536): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 25 2025 06:38:46 ip-172-26-2-223 maldet(1203536): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 25 2025 06:38:46 ip-172-26-2-223 maldet(1203536): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 25 2025 06:38:46 ip-172-26-2-223 maldet(1203536): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 25 2025 06:38:46 ip-172-26-2-223 maldet(1203536): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 25 2025 06:38:50 ip-172-26-2-223 maldet(1203536): {scan} file list completed in 4s, found 9698 files... Apr 25 2025 06:38:50 ip-172-26-2-223 maldet(1203536): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 25 2025 06:38:50 ip-172-26-2-223 maldet(1203536): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (9698 files) in progress... Apr 25 2025 06:43:42 ip-172-26-2-223 maldet(1203536): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 9698, malware hits 0, cleaned hits 0, time 296s Apr 25 2025 06:43:42 ip-172-26-2-223 maldet(1203536): {scan} scan report saved, to view run: maldet --report 250425-0638.1203536 Apr 26 2025 06:28:40 ip-172-26-2-223 maldet(1255901): {update} checking for available updates... Apr 26 2025 06:29:20 ip-172-26-2-223 maldet(1255901): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 26 2025 06:29:20 ip-172-26-2-223 maldet(1255901): {update} hashing install files and checking against server... Apr 26 2025 06:31:10 ip-172-26-2-223 maldet(1255901): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 26 2025 06:31:10 ip-172-26-2-223 maldet(1255901): {update} version check shows latest but hash check failed, forcing update... Apr 26 2025 06:31:10 ip-172-26-2-223 maldet(1255901): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz Apr 26 2025 06:31:38 ip-172-26-2-223 maldet(1255901): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5 Apr 26 2025 06:31:38 ip-172-26-2-223 maldet(1255901): {update} verified md5sum of maldetect-current.tar.gz Apr 26 2025 06:31:38 ip-172-26-2-223 maldet(1255901): {update} completed update v1.6.6 3a1792 => verror code: 522 359d25, running signature updates... Apr 26 2025 06:31:38 ip-172-26-2-223 maldet(1256157): {sigup} performing signature update check... Apr 26 2025 06:31:38 ip-172-26-2-223 maldet(1256157): {sigup} local signature set is version 20250419480331 Apr 26 2025 06:33:28 ip-172-26-2-223 maldet(1256157): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 26 2025 06:33:28 ip-172-26-2-223 maldet(1256157): {sigup} new signature set error code: 522 available Apr 26 2025 06:33:28 ip-172-26-2-223 maldet(1256157): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 26 2025 06:34:07 ip-172-26-2-223 maldet(1256157): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 26 2025 06:35:57 ip-172-26-2-223 maldet(1256157): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 26 2025 06:35:57 ip-172-26-2-223 maldet(1256157): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 26 2025 06:37:46 ip-172-26-2-223 maldet(1256157): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 26 2025 06:39:36 ip-172-26-2-223 maldet(1256157): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 26 2025 06:39:36 ip-172-26-2-223 maldet(1256157): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 26 2025 06:39:36 ip-172-26-2-223 maldet(1256157): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com Apr 26 2025 06:39:36 ip-172-26-2-223 maldet(1255901): {update} update and config import completed Apr 26 2025 06:39:36 ip-172-26-2-223 maldet(1256557): {sigup} performing signature update check... Apr 26 2025 06:39:36 ip-172-26-2-223 maldet(1256557): {sigup} local signature set is version 20250419480331 Apr 26 2025 06:40:15 ip-172-26-2-223 maldet(1256557): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 26 2025 06:40:15 ip-172-26-2-223 maldet(1256557): {sigup} new signature set error code: 522 available Apr 26 2025 06:40:15 ip-172-26-2-223 maldet(1256557): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 26 2025 06:41:13 ip-172-26-2-223 maldet(1256557): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 26 2025 06:43:03 ip-172-26-2-223 maldet(1256557): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 26 2025 06:43:03 ip-172-26-2-223 maldet(1256557): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 26 2025 06:45:09 ip-172-26-2-223 maldet(1256557): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 26 2025 06:45:09 ip-172-26-2-223 maldet(1256557): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 26 2025 06:45:09 ip-172-26-2-223 maldet(1256557): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 26 2025 06:45:09 ip-172-26-2-223 maldet(1256557): {sigup} verified md5sum of maldet-clean.tgz Apr 26 2025 06:45:09 ip-172-26-2-223 maldet(1256557): {sigup} unpacked and installed maldet-clean.tgz Apr 26 2025 06:45:09 ip-172-26-2-223 maldet(1256888): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 26 2025 06:45:10 ip-172-26-2-223 maldet(1256888): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 26 2025 06:45:10 ip-172-26-2-223 maldet(1256888): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 26 2025 06:45:10 ip-172-26-2-223 maldet(1256888): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 26 2025 06:45:10 ip-172-26-2-223 maldet(1256888): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 26 2025 06:45:16 ip-172-26-2-223 maldet(1256888): {scan} file list completed in 6s, found 18734 files... Apr 26 2025 06:45:16 ip-172-26-2-223 maldet(1256888): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 26 2025 06:45:16 ip-172-26-2-223 maldet(1256888): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (18734 files) in progress... Apr 26 2025 06:52:04 ip-172-26-2-223 maldet(1256888): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 18734, malware hits 0, cleaned hits 0, time 414s Apr 26 2025 06:52:04 ip-172-26-2-223 maldet(1256888): {scan} scan report saved, to view run: maldet --report 250426-0645.1256888 Apr 27 2025 06:28:40 ip-172-26-2-223 maldet(1303988): {update} checking for available updates... Apr 27 2025 06:30:41 ip-172-26-2-223 maldet(1303988): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 27 2025 06:30:41 ip-172-26-2-223 maldet(1303988): {update} hashing install files and checking against server... Apr 27 2025 06:31:33 ip-172-26-2-223 maldet(1303988): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 27 2025 06:31:33 ip-172-26-2-223 maldet(1303988): {update} latest version already installed. Apr 27 2025 06:31:34 ip-172-26-2-223 maldet(1304167): {sigup} performing signature update check... Apr 27 2025 06:31:34 ip-172-26-2-223 maldet(1304167): {sigup} local signature set is version 20250419480331 Apr 27 2025 06:32:12 ip-172-26-2-223 maldet(1304167): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 27 2025 06:32:13 ip-172-26-2-223 maldet(1304167): {sigup} new signature set error code: 522 available Apr 27 2025 06:32:13 ip-172-26-2-223 maldet(1304167): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 27 2025 06:34:02 ip-172-26-2-223 maldet(1304167): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 27 2025 06:35:52 ip-172-26-2-223 maldet(1304167): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 27 2025 06:35:52 ip-172-26-2-223 maldet(1304167): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 27 2025 06:37:42 ip-172-26-2-223 maldet(1304167): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 27 2025 06:38:21 ip-172-26-2-223 maldet(1304167): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 27 2025 06:38:21 ip-172-26-2-223 maldet(1304167): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 27 2025 06:38:21 ip-172-26-2-223 maldet(1304167): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com Apr 27 2025 06:38:21 ip-172-26-2-223 maldet(1304459): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 27 2025 06:38:22 ip-172-26-2-223 maldet(1304459): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 27 2025 06:38:22 ip-172-26-2-223 maldet(1304459): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 27 2025 06:38:22 ip-172-26-2-223 maldet(1304459): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 27 2025 06:38:22 ip-172-26-2-223 maldet(1304459): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 27 2025 06:38:26 ip-172-26-2-223 maldet(1304459): {scan} file list completed in 4s, found 9328 files... Apr 27 2025 06:38:26 ip-172-26-2-223 maldet(1304459): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 27 2025 06:38:26 ip-172-26-2-223 maldet(1304459): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (9328 files) in progress... Apr 27 2025 06:42:25 ip-172-26-2-223 maldet(1304459): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 9328, malware hits 0, cleaned hits 0, time 244s Apr 27 2025 06:42:26 ip-172-26-2-223 maldet(1304459): {scan} scan report saved, to view run: maldet --report 250427-0638.1304459 Apr 28 2025 06:28:28 ip-172-26-2-223 maldet(1354814): {update} checking for available updates... Apr 28 2025 06:30:17 ip-172-26-2-223 maldet(1354814): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 28 2025 06:30:17 ip-172-26-2-223 maldet(1354814): {update} hashing install files and checking against server... Apr 28 2025 06:32:07 ip-172-26-2-223 maldet(1354814): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 28 2025 06:32:07 ip-172-26-2-223 maldet(1354814): {update} version check shows latest but hash check failed, forcing update... Apr 28 2025 06:32:07 ip-172-26-2-223 maldet(1354814): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz Apr 28 2025 06:32:46 ip-172-26-2-223 maldet(1354814): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5 Apr 28 2025 06:32:46 ip-172-26-2-223 maldet(1354814): {update} unable to verify md5sum of maldetect-current.tar.gz, update failed! Apr 28 2025 06:32:46 ip-172-26-2-223 maldet(1355222): {sigup} performing signature update check... Apr 28 2025 06:32:46 ip-172-26-2-223 maldet(1355222): {sigup} local signature set is version 20250419480331 Apr 28 2025 06:35:47 ip-172-26-2-223 maldet(1355222): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 28 2025 06:35:47 ip-172-26-2-223 maldet(1355222): {sigup} new signature set error code: 522 available Apr 28 2025 06:35:47 ip-172-26-2-223 maldet(1355222): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 28 2025 06:37:36 ip-172-26-2-223 maldet(1355222): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 28 2025 06:39:26 ip-172-26-2-223 maldet(1355222): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 28 2025 06:39:26 ip-172-26-2-223 maldet(1355222): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 28 2025 06:40:56 ip-172-26-2-223 maldet(1355222): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 28 2025 06:42:05 ip-172-26-2-223 maldet(1355222): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 28 2025 06:42:05 ip-172-26-2-223 maldet(1355222): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 28 2025 06:42:05 ip-172-26-2-223 maldet(1355222): {sigup} verified md5sum of maldet-clean.tgz Apr 28 2025 06:42:05 ip-172-26-2-223 maldet(1355222): {sigup} unpacked and installed maldet-clean.tgz Apr 28 2025 06:42:06 ip-172-26-2-223 maldet(1356802): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 28 2025 06:42:07 ip-172-26-2-223 maldet(1356802): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 28 2025 06:42:07 ip-172-26-2-223 maldet(1356802): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 28 2025 06:42:07 ip-172-26-2-223 maldet(1356802): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 28 2025 06:42:08 ip-172-26-2-223 maldet(1356802): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 28 2025 06:42:22 ip-172-26-2-223 maldet(1356802): {scan} file list completed in 14s, found 12710 files... Apr 28 2025 06:42:22 ip-172-26-2-223 maldet(1356802): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 28 2025 06:42:22 ip-172-26-2-223 maldet(1356802): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (12710 files) in progress... Apr 28 2025 06:48:06 ip-172-26-2-223 maldet(1356802): {scan} clamscan returned an error, check /usr/local/maldetect/logs/clamscan_log for details! Apr 28 2025 06:48:06 ip-172-26-2-223 maldet(1356802): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 12710, malware hits 0, cleaned hits 0, time 360s Apr 28 2025 06:48:06 ip-172-26-2-223 maldet(1356802): {scan} scan report saved, to view run: maldet --report 250428-0642.1356802 Apr 29 2025 06:30:01 ip-172-26-2-223 maldet(1405908): {update} checking for available updates... Apr 29 2025 06:30:21 ip-172-26-2-223 maldet(1405908): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 29 2025 06:30:21 ip-172-26-2-223 maldet(1405908): {update} hashing install files and checking against server... Apr 29 2025 06:32:10 ip-172-26-2-223 maldet(1405908): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 29 2025 06:32:10 ip-172-26-2-223 maldet(1405908): {update} version check shows latest but hash check failed, forcing update... Apr 29 2025 06:32:11 ip-172-26-2-223 maldet(1405908): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz Apr 29 2025 06:35:11 ip-172-26-2-223 maldet(1405908): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5 Apr 29 2025 06:35:11 ip-172-26-2-223 maldet(1405908): {update} unable to verify md5sum of maldetect-current.tar.gz, update failed! Apr 29 2025 06:35:11 ip-172-26-2-223 maldet(1406895): {sigup} performing signature update check... Apr 29 2025 06:35:11 ip-172-26-2-223 maldet(1406895): {sigup} local signature set is version 20250419480331 Apr 29 2025 06:37:01 ip-172-26-2-223 maldet(1406895): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 29 2025 06:37:01 ip-172-26-2-223 maldet(1406895): {sigup} new signature set error code: 522 available Apr 29 2025 06:37:01 ip-172-26-2-223 maldet(1406895): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 29 2025 06:37:40 ip-172-26-2-223 maldet(1406895): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 29 2025 06:38:19 ip-172-26-2-223 maldet(1406895): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 29 2025 06:38:19 ip-172-26-2-223 maldet(1406895): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 29 2025 06:39:49 ip-172-26-2-223 maldet(1406895): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 29 2025 06:42:49 ip-172-26-2-223 maldet(1406895): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 29 2025 06:42:49 ip-172-26-2-223 maldet(1406895): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com Apr 29 2025 06:42:49 ip-172-26-2-223 maldet(1406895): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com Apr 29 2025 06:42:50 ip-172-26-2-223 maldet(1407295): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 29 2025 06:42:50 ip-172-26-2-223 maldet(1407295): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 29 2025 06:42:51 ip-172-26-2-223 maldet(1407295): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 29 2025 06:42:51 ip-172-26-2-223 maldet(1407295): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 29 2025 06:42:51 ip-172-26-2-223 maldet(1407295): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 29 2025 06:42:56 ip-172-26-2-223 maldet(1407295): {scan} file list completed in 5s, found 9346 files... Apr 29 2025 06:42:56 ip-172-26-2-223 maldet(1407295): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 29 2025 06:42:56 ip-172-26-2-223 maldet(1407295): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (9346 files) in progress... Apr 29 2025 06:47:08 ip-172-26-2-223 maldet(1407295): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 9346, malware hits 0, cleaned hits 0, time 258s Apr 29 2025 06:47:08 ip-172-26-2-223 maldet(1407295): {scan} scan report saved, to view run: maldet --report 250429-0642.1407295 Apr 30 2025 02:11:15 ip-172-26-2-223 maldet(650): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/ Apr 30 2025 06:38:10 ip-172-26-2-223 maldet(21626): {update} checking for available updates... Apr 30 2025 06:39:08 ip-172-26-2-223 maldet(21626): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver Apr 30 2025 06:39:08 ip-172-26-2-223 maldet(21626): {update} hashing install files and checking against server... Apr 30 2025 06:42:09 ip-172-26-2-223 maldet(21626): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash Apr 30 2025 06:42:09 ip-172-26-2-223 maldet(21626): {update} version check shows latest but hash check failed, forcing update... Apr 30 2025 06:42:09 ip-172-26-2-223 maldet(21626): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz Apr 30 2025 06:45:09 ip-172-26-2-223 maldet(21626): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5 Apr 30 2025 06:45:09 ip-172-26-2-223 maldet(21626): {update} unable to verify md5sum of maldetect-current.tar.gz, update failed! Apr 30 2025 06:45:09 ip-172-26-2-223 maldet(22015): {sigup} performing signature update check... Apr 30 2025 06:45:09 ip-172-26-2-223 maldet(22015): {sigup} local signature set is version 20250419480331 Apr 30 2025 06:45:36 ip-172-26-2-223 maldet(22015): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver Apr 30 2025 06:45:37 ip-172-26-2-223 maldet(22015): {sigup} new signature set 202504282520736 available Apr 30 2025 06:45:37 ip-172-26-2-223 maldet(22015): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 30 2025 06:46:28 ip-172-26-2-223 maldet(22015): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz Apr 30 2025 06:48:30 ip-172-26-2-223 maldet(22015): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 Apr 30 2025 06:48:30 ip-172-26-2-223 maldet(22015): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 30 2025 06:48:52 ip-172-26-2-223 maldet(22015): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz Apr 30 2025 06:49:14 ip-172-26-2-223 maldet(22015): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 Apr 30 2025 06:49:14 ip-172-26-2-223 maldet(22015): {sigup} verified md5sum of maldet-sigpack.tgz Apr 30 2025 06:49:14 ip-172-26-2-223 maldet(22015): {sigup} unpacked and installed maldet-sigpack.tgz Apr 30 2025 06:49:14 ip-172-26-2-223 maldet(22015): {sigup} verified md5sum of maldet-clean.tgz Apr 30 2025 06:49:14 ip-172-26-2-223 maldet(22015): {sigup} unpacked and installed maldet-clean.tgz Apr 30 2025 06:49:14 ip-172-26-2-223 maldet(22015): {sigup} signature set update completed Apr 30 2025 06:49:15 ip-172-26-2-223 maldet(22015): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 30 2025 06:49:15 ip-172-26-2-223 maldet(22274): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress Apr 30 2025 06:49:15 ip-172-26-2-223 maldet(22274): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) Apr 30 2025 06:49:16 ip-172-26-2-223 maldet(22274): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... Apr 30 2025 06:49:16 ip-172-26-2-223 maldet(22274): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 Apr 30 2025 06:49:16 ip-172-26-2-223 maldet(22274): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 Apr 30 2025 06:49:16 ip-172-26-2-223 maldet(22274): {scan} file list completed in 0s, found 3803 files... Apr 30 2025 06:49:16 ip-172-26-2-223 maldet(22274): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... Apr 30 2025 06:49:16 ip-172-26-2-223 maldet(22274): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (3803 files) in progress... Apr 30 2025 06:51:50 ip-172-26-2-223 maldet(22274): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 3803, malware hits 0, cleaned hits 0, time 155s Apr 30 2025 06:51:50 ip-172-26-2-223 maldet(22274): {scan} scan report saved, to view run: maldet --report 250430-0649.22274 May 01 2025 06:29:44 ip-172-26-2-223 maldet(88508): {update} checking for available updates... May 01 2025 06:31:14 ip-172-26-2-223 maldet(88508): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver May 01 2025 06:31:15 ip-172-26-2-223 maldet(88508): {update} hashing install files and checking against server... May 01 2025 06:31:54 ip-172-26-2-223 maldet(88508): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash May 01 2025 06:31:54 ip-172-26-2-223 maldet(88508): {update} version check shows latest but hash check failed, forcing update... May 01 2025 06:31:54 ip-172-26-2-223 maldet(88508): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz May 01 2025 06:34:54 ip-172-26-2-223 maldet(88508): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5 May 01 2025 06:34:54 ip-172-26-2-223 maldet(88508): {update} unable to verify md5sum of maldetect-current.tar.gz, update failed! May 01 2025 06:34:54 ip-172-26-2-223 maldet(89086): {sigup} performing signature update check... May 01 2025 06:34:54 ip-172-26-2-223 maldet(89086): {sigup} local signature set is version 202504282520736 May 01 2025 06:35:33 ip-172-26-2-223 maldet(89086): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver May 01 2025 06:35:33 ip-172-26-2-223 maldet(89086): {sigup} new signature set error code: 522 available May 01 2025 06:35:33 ip-172-26-2-223 maldet(89086): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz May 01 2025 06:38:34 ip-172-26-2-223 maldet(89086): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz May 01 2025 06:41:34 ip-172-26-2-223 maldet(89086): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5 May 01 2025 06:41:34 ip-172-26-2-223 maldet(89086): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz May 01 2025 06:43:24 ip-172-26-2-223 maldet(89086): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz May 01 2025 06:44:03 ip-172-26-2-223 maldet(89086): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5 May 01 2025 06:44:03 ip-172-26-2-223 maldet(89086): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com May 01 2025 06:44:03 ip-172-26-2-223 maldet(89086): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com May 01 2025 06:44:04 ip-172-26-2-223 maldet(90126): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress May 01 2025 06:44:05 ip-172-26-2-223 maldet(90126): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER) May 01 2025 06:44:05 ip-172-26-2-223 maldet(90126): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile... May 01 2025 06:44:05 ip-172-26-2-223 maldet(90126): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6 May 01 2025 06:44:05 ip-172-26-2-223 maldet(90126): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c -not -perm 000 -not -uid 0 -not -gid 0 May 01 2025 06:44:06 ip-172-26-2-223 maldet(90126): {scan} file list completed in 1s, found 6622 files... May 01 2025 06:44:06 ip-172-26-2-223 maldet(90126): {scan} found clamav binary at /bin/clamdscan, using clamav scanner engine... May 01 2025 06:44:06 ip-172-26-2-223 maldet(90126): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (6622 files) in progress... May 01 2025 06:48:46 ip-172-26-2-223 maldet(90126): {hit} malware hit {CAV}Unix.Exploit.Pkexecexploit-10034078-0 found for /dev/shm/pwnkit May 01 2025 06:48:46 ip-172-26-2-223 maldet(90126): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 6622, malware hits 1, cleaned hits 0, time 282s May 01 2025 06:48:46 ip-172-26-2-223 maldet(90126): {scan} scan report saved, to view run: maldet --report 250501-0644.90126 May 01 2025 06:48:46 ip-172-26-2-223 maldet(90126): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250501-0644.90126
Close
