芝麻web文件管理V1.00

编辑当前文件:/home/lekhnath/scanreport-lekhnath-Nov_06_2023_04h16m.txt
----------- SCAN REPORT ----------- TimeStamp: Mon, 6 Nov 2023 04:16:47 -0500 (/usr/sbin/cxs --background --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 50000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --noprobability --qoptions Mv --report /home/lekhnath/scanreport-lekhnath-Nov_06_2023_04h16m.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user lekhnath --virusscan --vmrssmax 2000000 --xtra /etc/cxs/cxs.xtra.manual) Scanning /home/lekhnath: '/home/lekhnath/access-logs' # Symlink to [/etc/apache2/logs/domlogs/lekhnath] '/home/lekhnath/text.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/.cpanel/live-engine-connector-afCZat25zm.sock' # Socket '/home/lekhnath/.nc_plugin/hidden' # World writeable directory # Scan Timeout (30 secs) while processing: '/home/lekhnath/.wp-cli/cache/core/wordpress-6.3.2-nl_NL.zip' '/home/lekhnath/cityof7lakes.com/wp-content/_cache/wp-rocket/www.cityof7lakes.com' # Suspicious directory '/home/lekhnath/cityof7lakes.com/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/cityof7lakes.com/wp-content/plugins/wp-statistics/includes/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] # Scan Timeout (30 secs) while processing: '/home/lekhnath/cityof7lakes.com/wp-content/uploads/2017/10/WordApp.zip' # Scan Timeout (30 secs) while processing: '/home/lekhnath/cityof7lakes.com/wp-content/uploads/2021/01/jannah.zip' '/home/lekhnath/cityof7lakes.com.np/8dSDzb/admin.php' # (decoded file [advanced decoder: 14 (depth: 1)]) ClamAV detected virus = [YARA.nc_webshell_19421a673038f83b7a6884f7b4086434.UNOFFICIAL] '/home/lekhnath/cityof7lakes.com.np/8dSDzb/ftoPVLGeRQE.php' # (decoded file [advanced decoder: 14 (depth: 1)]) ClamAV detected virus = [YARA.nc_webshell_19421a673038f83b7a6884f7b4086434.UNOFFICIAL] '/home/lekhnath/cityof7lakes.com.np/cgi-bin/OaPX1x.php' # (decoded file [advanced decoder: 14 (depth: 1)]) ClamAV detected virus = [YARA.nc_webshell_19421a673038f83b7a6884f7b4086434.UNOFFICIAL] '/home/lekhnath/cityof7lakes.com.np/cgi-bin/wrapper.php' # (decoded file [advanced decoder: 14 (depth: 1)]) ClamAV detected virus = [YARA.nc_webshell_19421a673038f83b7a6884f7b4086434.UNOFFICIAL] '/home/lekhnath/cityof7lakes.com.np/compat/Boy6Ae.php' # (decoded file [advanced decoder: 14 (depth: 1)]) ClamAV detected virus = [YARA.nc_webshell_19421a673038f83b7a6884f7b4086434.UNOFFICIAL] '/home/lekhnath/cityof7lakes.com.np/compat/index.php' # (decoded file [advanced decoder: 14 (depth: 1)]) ClamAV detected virus = [YARA.nc_webshell_19421a673038f83b7a6884f7b4086434.UNOFFICIAL] '/home/lekhnath/cityof7lakes.com.np/errors/JtgNFb.php' # (decoded file [advanced decoder: 14 (depth: 1)]) ClamAV detected virus = [YARA.nc_webshell_19421a673038f83b7a6884f7b4086434.UNOFFICIAL] '/home/lekhnath/cityof7lakes.com.np/errors/mar.php' # (decoded file [advanced decoder: 14 (depth: 1)]) ClamAV detected virus = [YARA.nc_webshell_19421a673038f83b7a6884f7b4086434.UNOFFICIAL] '/home/lekhnath/cityof7lakes.com.np/jtoTeR/lTaiO4PKE1i.php' # (decoded file [advanced decoder: 14 (depth: 1)]) ClamAV detected virus = [YARA.nc_webshell_19421a673038f83b7a6884f7b4086434.UNOFFICIAL] '/home/lekhnath/hoteldaybreak.com/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/hoteldaybreak.com/wp-includes/images/HkzYek.gif' # Suspicious image file (hidden script file) '/home/lekhnath/hoteldaybreak.com/wp-includes/images/IYdR6a.png' # Suspicious image file (hidden script file) '/home/lekhnath/hotelyoungsstupa.com/old/wp-includes/version.php' # Script version check [OLD] [Wordpress v5.7.8 < v5.9.3] '/home/lekhnath/hotelyoungsstupa.com/wp-content/plugins/classic-editor/classic-editor.php' # Script version check [OLD] [Classic Editor v1.6 < v1.6.2] '/home/lekhnath/hotelyoungsstupa.com/wp-content/plugins/contact-form-7/wp-contact-form-7.php' # Script version check [OLD] [Contact Form 7 v4.9.1 < v5.5.6] '/home/lekhnath/hotelyoungsstupa.com/wp-content/plugins/loginizer/loginizer.php' # Script version check [OLD] [Loginizer v1.6.6 < v1.7.0] '/home/lekhnath/hotelyoungsstupa.com/wp-content/plugins/wp-google-map-plugin/wp-google-map-plugin.php' # Script version check [OLD] [WP Google Map Plugin v4.0.1 < v4.2.5] '/home/lekhnath/jetsecuritysuppliers.com/wp-admin/network/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] '/home/lekhnath/jetsecuritysuppliers.com/wp-content/plugins/contact-form-7/wp-contact-form-7.php' # Script version check [OLD] [Contact Form 7 v5.4 < v5.5.6] '/home/lekhnath/jetsecuritysuppliers.com/wp-content/plugins/woocommerce/woocommerce.php' # Script version check [OLD] [WooCommerce v5.2.5 < v6.3.1] '/home/lekhnath/jetsecuritysuppliers.com/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] # Scan Timeout (30 secs) while processing: '/home/lekhnath/jetsecuritysuppliers.com/wp-content/themes/jet pro guards/plugins/js_composer.zip' '/home/lekhnath/jetsecuritysuppliers.com/wp-includes/version.php' # Script version check [OLD] [Wordpress v5.7.10 < v5.9.3] '/home/lekhnath/jetsecuritysuppliers.com/wp-includes/images/cKE8ZI.gif' # Suspicious image file (hidden script file) '/home/lekhnath/jiwanpariyar.com.np/backup-3.18.2018_08-03-49_jiwanpco/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] # Scan Timeout (30 secs) while processing: '/home/lekhnath/lekhnathcity.com/qrcdr.zip' '/home/lekhnath/lekhnathcity.com/old/vendor/aws/aws-crt-php/ext/awscrt.c' # Suspicious file type [application/x-c] '/home/lekhnath/lekhnathcity.com/old/vendor/aws/aws-crt-php/ext/crc.c' # Suspicious file type [application/x-c] '/home/lekhnath/lekhnathcity.com/old/vendor/aws/aws-crt-php/ext/credentials.c' # Suspicious file type [application/x-c] '/home/lekhnath/lekhnathcity.com/old/vendor/aws/aws-crt-php/ext/crt.c' # Suspicious file type [application/x-c] '/home/lekhnath/lekhnathcity.com/old/vendor/aws/aws-crt-php/ext/event_loop.c' # Suspicious file type [application/x-c] '/home/lekhnath/lekhnathcity.com/old/vendor/aws/aws-crt-php/ext/http.c' # Suspicious file type [application/x-c] '/home/lekhnath/lekhnathcity.com/old/vendor/aws/aws-crt-php/ext/logging.c' # Suspicious file type [application/x-c] '/home/lekhnath/lekhnathcity.com/old/vendor/aws/aws-crt-php/ext/php_util.c' # Suspicious file type [application/x-c] '/home/lekhnath/lekhnathcity.com/old/vendor/aws/aws-crt-php/ext/signing.c' # Suspicious file type [application/x-c] '/home/lekhnath/lekhnathcity.com/old/vendor/aws/aws-crt-php/ext/stream.c' # Suspicious file type [application/x-c] '/home/lekhnath/lekhnathcity.com/old/vendor/symfony/console/Resources/bin/hiddeninput.exe' # MS Windows Binary/Executable [application/x-winexec] '/home/lekhnath/lekhnathcity.com/qrcdr/fonts/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] '/home/lekhnath/lekhnathsuddhakhanepani.com.np/wp-content/plugins/password-protected/password-protected.php' # Script version check [OLD] [Password Protected v2.3 < v2.5] '/home/lekhnath/lekhnathsuddhakhanepani.com.np/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/lekhnathsuddhakhanepani.com.np/wp-content/plugins1/coming-soon-by-supsystic/img/ajax-loader.gif' # Suspicious image file (hidden script file) '/home/lekhnath/lekhnathsuddhakhanepani.com.np/wp-includes/images/dlpw0P.gif' # Suspicious image file (hidden script file) '/home/lekhnath/logs/cityof7lakes.cityof7lakes.com-Nov-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/logs/cityof7lakes.com-Nov-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/logs/jetsecuritysuppliers.cityof7lakes.com-Nov-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/logs/lekhnathcity.cityof7lakes.com-Nov-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/nepalspritual.com/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/nepalspritual.com/wp-content/uploads' # World writeable directory '/home/lekhnath/nepalspritual.com/wp-content/uploads/2023' # World writeable directory '/home/lekhnath/nepalspritual.com/wp-content/uploads/2023/11' # World writeable directory '/home/lekhnath/nepalspritual.com/wp-content/uploads/elementor' # World writeable directory '/home/lekhnath/nepalspritual.com/wp-content/uploads/elementor/css' # World writeable directory '/home/lekhnath/nepalspritual.com/wp-content/uploads/trx_addons' # World writeable directory '/home/lekhnath/nepalspritual.com/wp-content/uploads/trx_addons/cache' # World writeable directory '/home/lekhnath/nepalspritual.com/wp-content/uploads/trx_addons/cache/gita' # World writeable directory '/home/lekhnath/nepalspritual.com/wp-content/uploads/wc-logs' # World writeable directory '/home/lekhnath/nepalspritual.com/wp-content/uploads/woocommerce_uploads' # World writeable directory '/home/lekhnath/nepalspritual.com/wp-content/uploads/wpcf7_uploads' # World writeable directory '/home/lekhnath/newlighthss.edu.np/.well-known/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] '/home/lekhnath/newlighthss.edu.np/wp-content/uploads' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-content/uploads/2023' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-content/uploads/2023/05' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-content/uploads/2023/06' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-content/uploads/2023/07' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-content/uploads/2023/08' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-content/uploads/2023/09' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-content/uploads/2023/10' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-content/uploads/2023/11' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-content/uploads/green-popups' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-content/uploads/green-popups/temp' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-content/uploads/green-popups/uploads' # World writeable directory '/home/lekhnath/newlighthss.edu.np/wp-includes/images/Nxd5S8.gif' # Suspicious image file (hidden script file) '/home/lekhnath/public_html/wp-admin/network/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] '/home/lekhnath/public_html/wp-content/_cache/wp-rocket/www.cityof7lakes.com' # Suspicious directory '/home/lekhnath/public_html/wp-content/plugins/5secsnow155/index.php' # Suspicious image file (hidden script file) '/home/lekhnath/public_html/wp-content/plugins/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/public_html/wp-content/plugins/plugins/wp-statistics/includes/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/public_html/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/public_html/wp-content/plugins/wp-statistics/includes/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] # Scan Timeout (30 secs) while processing: '/home/lekhnath/public_html/wp-content/themes/Cityof7akes10.26 (2).zip' # Scan Timeout (30 secs) while processing: '/home/lekhnath/public_html/wp-content/updraft/backup_2022-03-19-1813_Cityof7lakescomPride_of_Lekh_6da726f40e7c-uploads6.zip' # Scan Timeout (30 secs) while processing: '/home/lekhnath/public_html/wp-content/uploads/2021/01/jannah.zip' '/home/lekhnath/public_html/wp-includes/images/Naxs4Y.jpg' # Suspicious image file (hidden script file) '/home/lekhnath/quarantine_clamavconnector/logs_cityof7lakes.com-Nov-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_deepakpariyar.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_hoteldaybreak.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_hoteldaybreak.cityof7lakes.com-ssl_log-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_jetsecuritysuppliers.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_jiwanp.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_jiwanpariyar.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_lekhnathcity.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_lekhnathsuddhakhanepani.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_lekhnathsuddhakhanepani.cityof7lakes.com-ssl_log-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_nepalspritual.com.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_nepalspritual.com.cityof7lakes.com-ssl_log-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_rajanpariyar.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_rajanpariyar.cityof7lakes.com-ssl_log-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_rupalake.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_rupaview.com.np.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_rupaview.com.np.cityof7lakes.com-ssl_log-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_seedfoundation.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/logs_stupaeducation.cityof7lakes.com-Oct-2023.gz' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/public_html_wp-content_cache_wp-rocket_cityof7lakes.com_lekhnath-city_plan-quick-visit_index-https.html' # ClamAV detected virus = [YARA.telnet_cgi.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/public_html_wp-content_cache_wp-rocket_cityof7lakes.com_lekhnath-city_plan-quick-visit_index-https.html_gzip' # ClamAV detected virus = [YARA.telnet_cgi.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/stupaeducation.edu.np_wp-content_cache_wp-rocket_stupaeducation.edu.np_course-list-table-2_index.html' # ClamAV detected virus = [YARA.telnet_cgi.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/stupaeducation.edu.np_wp-content_cache_wp-rocket_stupaeducation.edu.np_course-list-table-2_index.html_gzip' # ClamAV detected virus = [YARA.telnet_cgi.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats052023.stupaeducation.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats052023.tic.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats062023.stupaeducation.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats062023.tic.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.cityof7lakes.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.deepakpariyar.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.hoteldaybreak.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.jiwanp.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.jiwanpariyar.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.lekhnathcity.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.lekhnathsuddhakhanepani.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.rupalake.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.seedfoundation.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.shishuwasaccos.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.stupaeducation.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats072023.tic.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats082023.cityof7lakes.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats082023.deepakpariyar.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats082023.jetsecuritysuppliers.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats082023.jiwanp.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats082023.jiwanpariyar.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats082023.lekhnathcity.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats082023.rupalake.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats082023.seedfoundation.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats082023.shishuwasaccos.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats082023.stupaeducation.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats082023.tic.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats092023.cityof7lakes.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats092023.deepakpariyar.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats092023.jetsecuritysuppliers.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats092023.jiwanp.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats092023.jiwanpariyar.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats092023.lekhnathcity.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats092023.rupalake.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats092023.seedfoundation.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats092023.shishuwasaccos.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats092023.stupaeducation.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats092023.tic.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats102023.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats102023.jetsecuritysuppliers.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats102023.lekhnathcity.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats102023.rupalake.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats102023.seedfoundation.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_awstats102023.stupaeducation.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats062023.newlighthss.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats072023.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats072023.hoteldaybreak.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats072023.lekhnathsuddhakhanepani.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats072023.rajanpariyar.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats072023.rupaview.com.np.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats082023.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats082023.hoteldaybreak.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats082023.lekhnathsuddhakhanepani.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats082023.rajanpariyar.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats082023.rupaview.com.np.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats092023.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats092023.hoteldaybreak.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats092023.lekhnathsuddhakhanepani.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats092023.rajanpariyar.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats092023.rupaview.com.np.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats102023.hoteldaybreak.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats102023.lekhnathsuddhakhanepani.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats102023.rajanpariyar.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/quarantine_clamavconnector/tmp_awstats_ssl_awstats102023.rupaview.com.np.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] # Scan Timeout (30 secs) while processing: '/home/lekhnath/rajanpariyar.com.np/wp-includes/wordpress-5.4.zip' '/home/lekhnath/rajanpariyar.com.np/wp-includes/images/wnButu.png' # Suspicious image file (hidden script file) '/home/lekhnath/rupalake.org.np/wp-admin/js/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] '/home/lekhnath/rupalake.org.np/wp-content/plugins/wordpress-seo/wp-seo.php' # Script version check [OLD] [Yoast SEO v15.5 < v18.3] '/home/lekhnath/rupalake.org.np/wp-content/plugins/wp-statistics/includes/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/rupalake.org.np/wp-includes/images/veWyGv.png' # Suspicious image file (hidden script file) '/home/lekhnath/rupalake.org.np/wp-includes/sitemaps/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] '/home/lekhnath/rupaview.com.np/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/rupaview.com.np/wp-includes/blocks/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] '/home/lekhnath/rupaview.com.np/wp-includes/images/q26xHA.gif' # Suspicious image file (hidden script file) '/home/lekhnath/rupaview.com.np/wp-includes/theme-compat/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] '/home/lekhnath/seedfoundation.org.np/wp-content/plugins/old/user-role-editor-pro/images/user-role-editor-icon.png' # Suspicious image file (hidden script file) '/home/lekhnath/seedfoundation.org.np/wp-content/plugins/old/wysija-newsletters/data/bookmarks/small/03/google.png' # Suspicious image file (hidden script file) '/home/lekhnath/seedfoundation.org.np/wp-includes/images/oCQte1.jpg' # Suspicious image file (hidden script file) '/home/lekhnath/shishuwasaccos.com.np/wp-includes/images/OUdJGT.jpg' # Suspicious image file (hidden script file) # Scan Timeout (30 secs) while processing: '/home/lekhnath/stupaeducation.edu.np/wordpress-6.2 (1).zip' # Scan Timeout (30 secs) while processing: '/home/lekhnath/stupaeducation.edu.np/cgi-bin/backup-3.18.2018_08-53-30_stupaeducationed/homedir/.trash/wordpress-4.8.1.zip' # Scan Timeout (30 secs) while processing: '/home/lekhnath/stupaeducation.edu.np/cgi-bin/backup-3.18.2018_08-53-30_stupaeducationed/homedir/.trash/wordpress.zip' '/home/lekhnath/stupaeducation.edu.np/public_html/wp-content/_cache/wp-rocket/www.cityof7lakes.com' # Suspicious directory '/home/lekhnath/stupaeducation.edu.np/public_html/wp-content/plugins/wp-statistics/includes/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/stupaeducation.edu.np/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/stupaeducation.edu.np/wp-includes/Text/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] '/home/lekhnath/stupaeducation.edu.np/wp-includes/images/6NWc3S.gif' # Suspicious image file (hidden script file) '/home/lekhnath/stupaeducation.edu.np/wp-includes/js/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] '/home/lekhnath/tic.edu.np/wp-content/plugins/wp-statistics/includes/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] # Scan Timeout (30 secs) while processing: '/home/lekhnath/tic.edu.np/wp-content/themes/Triveni.zip' '/home/lekhnath/tic.edu.np/wp-includes/network.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1425]] '/home/lekhnath/tic.edu.np/wp-includes/images/iKUUm2.jpg' # Suspicious image file (hidden script file) '/home/lekhnath/tmp/awstats/awstats112023.cityof7lakes.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] '/home/lekhnath/tmp/awstats/awstats112023.cityof7lakes.com.txt' # ClamAV detected virus = [{HEX}php.malware.magento.585.UNOFFICIAL] # Scan Timeout (30 secs) while processing: '/home/lekhnath/youngsstupa.com/wp-content/themes/Hotel Youngs Stupa.zip' # Scan Timeout (30 secs) while processing: '/home/lekhnath/youngsstupa.com/wp-content/themes/hotelmaster1/include/plugin/plugins/gdlr-hostel.zip' # Scan Timeout (30 secs) while processing: '/home/lekhnath/youngsstupa.com/wp-content/themes/hotelmaster1/include/plugin/plugins/gdlr-hotel.zip' ----------- SCAN SUMMARY ----------- Scanned directories: 61369 Scanned files: 528065 Ignored items: 795 Suspicious matches: 199 Viruses found: 104 Fingerprint matches: 12 Data scanned: 32163.72 MB Scan peak memory: 314392 kB Scan time/item: 0.039 sec Scan time: 23061.915 sec