----------- SCAN REPORT ----------- TimeStamp: Fri, 25 Aug 2023 05:57:21 -0400 (/usr/sbin/cxs --background --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 50000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --noprobability --qoptions Mv --report /home/itrewzwv/scanreport-itrewzwv-Aug_25_2023_05h57m.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user itrewzwv --virusscan --vmrssmax 2000000 --xtra /etc/cxs/cxs.xtra.manual) Scanning /home/itrewzwv: '/home/itrewzwv/access-logs' # Symlink to [/etc/apache2/logs/domlogs/itrewzwv] '/home/itrewzwv/.cpanel/live-engine-connector-N4DmRjEGvV.sock' # Socket '/home/itrewzwv/.nc_plugin/hidden' # World writeable directory '/home/itrewzwv/ismtechnologiesdxb.com/wp-content/plugins/woocommerce/includes/admin/class-wc-admin-menus.php' # Universal decode regex match = [universal decoder] '/home/itrewzwv/ismtechnologiesdxb.com/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/itrewzwv/logs/ismtechnologiesdxb.itrentalsdubai.com-Aug-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.598.UNOFFICIAL] '/home/itrewzwv/logs/itrentalsdubai.com-Aug-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.598.UNOFFICIAL] '/home/itrewzwv/logs/itrentalsdubai.com-ssl_log-Aug-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.598.UNOFFICIAL] '/home/itrewzwv/mail/itrentalsdubai.com/info/new/1687313759.M527243P2492700.server196.web-hosting.com,S=880206,W=891769' # ClamAV detected virus = [Email.Phishing.VOF1-6314019-0] '/home/itrewzwv/public_html/wp-content/plugins/1w3-total-cache/CdnEngine_Ftp.php' # Regular expression match = [\n(?!\s*(//|\#|\*)).*\.ssh/] '/home/itrewzwv/public_html/wp-content/plugins/w3-total-cache/CdnEngine_Ftp.php' # Regular expression match = [\n(?!\s*(//|\#|\*)).*\.ssh/] '/home/itrewzwv/tmp/awstats/ssl/awstats072023.ismtechnologiesdxb.itrentalsdubai.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.598.UNOFFICIAL] '/home/itrewzwv/tmp/awstats/ssl/awstats072023.itrentalsdubai.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.598.UNOFFICIAL] '/home/itrewzwv/tmp/awstats/ssl/awstats082023.ismtechnologiesdxb.itrentalsdubai.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.598.UNOFFICIAL] '/home/itrewzwv/tmp/awstats/ssl/awstats082023.itrentalsdubai.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.598.UNOFFICIAL] '/home/itrewzwv/var/cpanel/styled/current_style' # Symlink to [/usr/local/cpanel/base/frontend/paper_lantern/styled/basic] ----------- SCAN SUMMARY ----------- Scanned directories: 5962 Scanned files: 27741 Ignored items: 140 Suspicious matches: 16 Viruses found: 8 Fingerprint matches: 0 Data scanned: 3121.76 MB Scan peak memory: 277068 kB Scan time/item: 0.036 sec Scan time: 1207.488 sec