JFIFXX    $.' ",#(7),01444'9=82<.342  2!!22222222222222222222222222222222222222222222222222"4 ,PG"Z_4˷kjزZ,F+_z,© zh6٨icfu#ډb_N?wQ5-~I8TK<5oIv-k_U_~bMdӜUHh?]EwQk{_}qFW7HTՑYF?_'ϔ_Ջt=||I 6έ"D/[k9Y8ds|\Ҿp6Ҵ].6znopM[mei$[soᘨ˸ nɜG-ĨUycP3.DBli;hjx7Z^NhN3u{:jx힞#M&jL P@_ P&o89@Sz6t7#Oߋ s}YfTlmrZ)'Nk۞pw\Tȯ?8`Oi{wﭹW[r Q4F׊3m&L=h3z~#\l :F,j@ ʱwQT8"kJO6֚l}R>ډK]y&p}b;N1mr$|7>e@BTM*-iHgD) Em|ؘbҗaҾt4oG*oCNrPQ@z,|?W[0:n,jWiEW$~/hp\?{(0+Y8rΟ+>S-SVN;}s?. w9˟<Mq4Wv'{)01mBVW[8/< %wT^5b)iM pgN&ݝVO~qu9 !J27$O-! :%H ـyΠM=t{!S oK8txA& j0 vF Y|y ~6@c1vOpIg4lODL Rcj_uX63?nkWyf;^*B @~a`Eu+6L.ü>}y}_O6͐:YrGXkGl^w~㒶syIu! W XN7BVO!X2wvGRfT#t/?%8^WaTGcLMI(J1~8?aT ]ASE(*E} 2#I/׍qz^t̔bYz4xt){ OH+(EA&NXTo"XC')}Jzp ~5}^+6wcQ|LpdH}(.|kc4^"Z?ȕ a<L!039C EuCFEwç ;n?*oB8bʝ'#RqfM}7]s2tcS{\icTx;\7KPʇ Z O-~c>"?PEO8@8GQgaՎ󁶠䧘_%#r>1zaebqcPѵn#L =׀t L7`VA{C:ge@w1 Xp3c3ġpM"'-@n4fGB3DJ8[JoߐgK)ƛ$ 83+ 6ʻ SkI*KZlT _`?KQKdB`s}>`*>,*@JdoF*弝O}ks]yߘc1GV<=776qPTtXԀ!9*44Tހ3XΛex46YD  BdemDa\_l,G/֌7Y](xTt^%GE4}bTڹ;Y)BQu>J/J ⮶.XԄjݳ+Ed r5_D1 o Bx΢#<W8R6@gM. drD>(otU@x=~v2 ӣdoBd3eO6㣷ݜ66YQz`S{\P~z m5{J/L1xO\ZFu>ck#&:`$ai>2ΔloF[hlEܺΠk:)` $[69kOw\|8}ބ:񶐕IA1/=2[,!.}gN#ub ~݊}34qdELc$"[qU硬g^%B zrpJru%v\h1Yne`ǥ:gpQM~^Xi `S:V29.PV?Bk AEvw%_9CQwKekPؠ\;Io d{ ߞoc1eP\ `E=@KIRYK2NPlLɀ)&eB+ь( JTx_?EZ }@ 6U뙢طzdWIn` D噥[uV"G&Ú2g}&m?ċ"Om# {ON"SXNeysQ@FnVgdX~nj]J58up~.`r\O,ư0oS _Ml4kv\JSdxSW<AeIX$Iw:Sy›R9Q[,5;@]%u@ *rolbI  +%m:͇ZVủθau,RW33 dJeTYE.Mϧ-oj3+yy^cVO9NV\nd1 !͕_)av;թMlWR1)ElP;yوÏu 3k5Pr6<⒲l!˞*u־n!l:UNW %Chx8vL'X@*)̮ˍ D-M+JUkvK+x8cY?Ԡ~3mo|u@[XeYC\Kpx8oCC&N~3-H MXsu<`~"WL$8ξ3a)|:@m\^`@ҷ)5p+6p%i)P Mngc#0AruzRL+xSS?ʮ}()#tmˇ!0}}y$6Lt;$ʳ{^6{v6ķܰgVcnn ~zx«,2u?cE+ȘH؎%Za)X>uWTzNyosFQƤ$*&LLXL)1" LeOɟ9=:tZcŽY?ӭVwv~,Yrۗ|yGaFC.+ v1fήJ]STBn5sW}y$~z'c 8  ,! pVNSNNqy8z˱A4*'2n<s^ǧ˭PJޮɏUGLJ*#i}K%,)[z21z ?Nin1?TIR#m-1lA`fT5+ܐcq՝ʐ,3f2Uեmab#ŠdQy>\)SLYw#.ʑf ,"+w~N'cO3FN<)j&,- љ֊_zSTǦw>?nU仆Ve0$CdrP m׈eXmVu L.bֹ [Դaզ*\y8Է:Ez\0KqC b̘cөQ=0YsNS.3.Oo:#v7[#߫ 5܎LEr49nCOWlG^0k%;YߝZǓ:S#|}y,/kLd TA(AI$+I3;Y*Z}|ӧOdv..#:nf>>ȶITX 8y"dR|)0=n46ⲑ+ra ~]R̲c?6(q;5% |uj~z8R=XIV=|{vGj\gcqz؋%Mߍ1y#@f^^>N#x#۹6Y~?dfPO{P4Vu1E1J *|%JN`eWuzk M6q t[ gGvWIGu_ft5j"Y:Tɐ*; e54q$C2d} _SL#mYpO.C;cHi#֩%+) ӍƲVSYźg |tj38r|V1#;.SQA[S#`n+$$I P\[@s(EDzP])8G#0B[ىXIIq<9~[Z멜Z⊔IWU&A>P~#dp]9 "cP Md?٥Ifتuk/F9c*9Ǎ:ØFzn*@|Iށ9N3{'['ͬҲ4#}!V Fu,,mTIkv C7vB6kT91*l '~ƞFlU'M ][ΩũJ_{iIn$L jOdxkza۪#EClx˘oVɞljr)/,߬hL#^Lф,íMƁe̩NBLiLq}(q6IçJ$WE$:=#(KBzђ xlx?>Պ+>W,Ly!_DŌlQ![ SJ1ƐY}b,+Loxɓ)=yoh@꥟/Iѭ=Py9 ۍYӘe+pJnϱ?V\SO%(t =?MR[Șd/ nlB7j !;ӥ/[-A>dNsLj ,ɪv=1c.SQO3UƀܽE̻9GϷD7(}Ävӌ\y_0[w <΍>a_[0+LF.޺f>oNTq;y\bՃyjH<|q-eɏ_?_9+PHp$[uxK wMwNی'$Y2=qKBP~Yul:[<F12O5=d]Ysw:ϮEj,_QXz`H1,#II dwrP˂@ZJVy$\y{}^~[:NߌUOdؾe${p>G3cĖlʌ ת[`ϱ-WdgIig2 }s ؤ(%#sS@~3XnRG~\jc3vӍLM[JBTs3}jNʖW;7ç?=XF=-=qߚ#='c7ڑWI(O+=:uxqe2zi+kuGR0&eniT^J~\jyp'dtGsO39* b#Ɋ p[BwsT>d4ۧsnvnU_~,vƜJ1s QIz)(lv8MU=;56Gs#KMP=LvyGd}VwWBF'à ?MHUg2 !p7Qjڴ=ju JnA suMeƆҔ!)'8Ϣٔޝ(Vpצ֖d=ICJǠ{qkԭ߸i@Ku|p=..*+xz[Aqġ#s2aƊRR)*HRsi~a &fMP-KL@ZXy'x{}Zm+:)) IJ-iu ܒH'L(7yGӜq j 6ߌg1go,kرtY?W,pefOQS!K۟cҒA|սj>=⬒˧L[ ߿2JaB~Ru:Q] 0H~]7ƼI(}cq 'ήETq?fabӥvr )o-Q_'ᴎoK;Vo%~OK *bf:-ťIR`B5!RB@ï u ̯e\_U_ gES3QTaxU<~c?*#]MW,[8Oax]1bC|踤Plw5V%){t<d50iXSUm:Z┵i"1^B-PhJ&)O*DcWvM)}Pܗ-q\mmζZ-l@}aE6F@&Sg@ݚM ȹ 4#p\HdYDoH"\..RBHz_/5˘6KhJRPmƶim3,#ccoqa)*PtRmk7xDE\Y閣_X<~)c[[BP6YqS0%_;Àv~| VS؇ 'O0F0\U-d@7SJ*z3nyPOm~P3|Yʉr#CSN@ ƮRN)r"C:: #qbY. 6[2K2uǦHYRQMV G$Q+.>nNHq^ qmMVD+-#*U̒ p욳u:IBmPV@Or[b= 1UE_NmyKbNOU}the`|6֮P>\2PVIDiPO;9rmAHGWS]J*_G+kP2KaZH'KxWMZ%OYDRc+o?qGhmdSoh\D|:WUAQc yTq~^H/#pCZTI1ӏT4"ČZ}`w#*,ʹ 0i課Om*da^gJ݅{le9uF#Tֲ̲ٞC"qߍ ոޑo#XZTp@ o8(jdxw],f`~|,s^f1t|m򸄭/ctr5s79Q4H1꠲BB@l9@C+wpxu£Yc9?`@#omHs2)=2.ljg9$YS%*LRY7Z,*=䷘$armoϰUW.|rufIGwtZwo~5 YյhO+=8fF)W7L9lM̘·Y֘YLf큹pRF99.A "wz=E\Z'a 2Ǚ#;'}G*l^"q+2FQ hjkŦ${ޮ-T٭cf|3#~RJt$b(R(rdx >U b&9,>%E\ Άe$'q't*אެb-|dSBOO$R+H)܎K1m`;J2Y~9Og8=vqD`K[F)k[1m޼cn]skz$@)!I x՝"v9=ZA=`Ɠi :E)`7vI}dYI_ o:obo 3Q&D&2= Ά;>hy.*ⅥSӬ+q&j|UƧ}J0WW< ۋS)jQRjƯrN)Gű4Ѷ(S)Ǣ8iW52No˓ ۍ%5brOnL;n\G=^UdI8$&h'+(cȁ߫klS^cƗjԌEꭔgFȒ@}O*;evWVYJ\]X'5ղkFb 6Ro՜mi Ni>J?lPmU}>_Z&KKqrIDՉ~q3fL:Se>E-G{L6pe,8QIhaXaUA'ʂs+טIjP-y8ۈZ?J$WP Rs]|l(ԓsƊio(S0Y 8T97.WiLc~dxcE|2!XKƘਫ਼$((6~|d9u+qd^389Y6L.I?iIq9)O/뚅OXXVZF[یgQLK1RҖr@v#XlFНyS87kF!AsM^rkpjPDyS$Nqnxҍ!Uf!ehi2m`YI9r6 TFC}/y^Η5d'9A-J>{_l+`A['յϛ#w:݅%X}&PStQ"-\縵/$ƗhXb*yBS;Wջ_mcvt?2}1;qSdd~u:2k52R~z+|HE!)Ǟl7`0<,2*Hl-x^'_TVgZA'j ^2ΪN7t?w x1fIzC-ȖK^q;-WDvT78Z hK(P:Q- 8nZ܃e貾<1YT<,"6{/ ?͟|1:#gW>$dJdB=jf[%rE^il:BxSּ1հ,=*7 fcG#q eh?27,!7x6nLC4x},GeǝtC.vS F43zz\;QYC,6~;RYS/6|25vTimlv& nRh^ejRLGf? ۉҬܦƩ|Ȱ>3!viʯ>vオX3e_1zKȗ\qHS,EW[㺨uch⍸O}a>q6n6N6qN ! 1AQaq0@"2BRb#Pr3C`Scst$4D%Td ?Na3mCwxAmqmm$4n淿t'C"wzU=D\R+wp+YT&պ@ƃ3ޯ?AﶂaŘ@-Q=9Dռѻ@MVP܅G5fY6# ?0UQ,IX(6ڵ[DIMNލc&υj\XR|,4 jThAe^db#$]wOӪ1y%LYm뭛CUƃߜ}Cy1XνmF8jI]HۺиE@Ii;r8ӭVFՇ| &?3|xBMuSGe=Ӕ#BE5GY!z_eqр/W>|-Ci߇t1ޯќdR3ug=0 5[?#͏qcfH{ ?u=??ǯ}ZzhmΔBFTWPxs}G93 )gGR<>r h$'nchPBjJҧH -N1N?~}-q!=_2hcMlvY%UE@|vM2.Y[|y"EïKZF,ɯ?,q?vM 80jx";9vk+ ֧ ȺU?%vcVmA6Qg^MA}3nl QRNl8kkn'(M7m9وq%ޟ*h$Zk"$9: ?U8Sl,,|ɒxH(ѷGn/Q4PG%Ա8N! &7;eKM749R/%lc>x;>C:th?aKXbheᜋ^$Iհ hr7%F$EFdt5+(M6tÜUU|zW=aTsTgdqPQb'm1{|YXNb P~F^F:k6"j! Ir`1&-$Bevk:y#ywI0x=D4tUPZHڠ底taP6b>xaQ# WeFŮNjpJ* mQN*I-*ȩFg3 5Vʊɮa5FO@{NX?H]31Ri_uѕ 0 F~:60p͈SqX#a5>`o&+<2D: ڝ$nP*)N|yEjF5ټeihyZ >kbHavh-#!Po=@k̆IEN@}Ll?jO߭ʞQ|A07xwt!xfI2?Z<ץTcUj]陎Ltl }5ϓ$,Omˊ;@OjEj(ا,LXLOЦ90O .anA7j4 W_ٓzWjcBy՗+EM)dNg6y1_xp$Lv:9"zpʙ$^JԼ*ϭo=xLj6Ju82AH3$ٕ@=Vv]'qEz;I˼)=ɯx /W(Vp$ mu񶤑OqˎTr㠚xsrGCbypG1ߠw e8$⿄/M{*}W]˷.CK\ުx/$WPwr |i&}{X >$-l?-zglΆ(FhvS*b߲ڡn,|)mrH[a3ר[13o_U3TC$(=)0kgP u^=4 WYCҸ:vQרXàtkm,t*^,}D* "(I9R>``[~Q]#afi6l86:,ssN6j"A4IuQ6E,GnHzSHOuk5$I4ؤQ9@CwpBGv[]uOv0I4\yQѸ~>Z8Taqޣ;za/SI:ܫ_|>=Z8:SUIJ"IY8%b8H:QO6;7ISJҌAά3>cE+&jf$eC+z;V rʺmyeaQf&6ND.:NTvm<- uǝ\MvZYNNT-A>jr!SnO 13Ns%3D@`ܟ 1^c< aɽ̲Xë#w|ycW=9I*H8p^(4՗karOcWtO\ƍR8'KIQ?5>[}yUײ -h=% qThG2)"ו3]!kB*pFDlA,eEiHfPs5H:Փ~H0DتDIhF3c2E9H5zԑʚiX=:mxghd(v׊9iSOd@0ڽ:p5h-t&Xqӕ,ie|7A2O%PEhtjY1wЃ!  ࢽMy7\a@ţJ 4ȻF@o̒?4wx)]P~u57X 9^ܩU;Iꭆ 5 eK27({|Y׎ V\"Z1 Z}(Ǝ"1S_vE30>p; ΝD%xW?W?vo^Vidr[/&>~`9Why;R ;;ɮT?r$g1KACcKl:'3 cﳯ*"t8~l)m+U,z`(>yJ?h>]vЍG*{`;y]IT ;cNUfo¾h/$|NS1S"HVT4uhǜ]v;5͠x'C\SBplh}N ABx%ޭl/Twʽ]D=Kžr㻠l4SO?=k M: cCa#ha)ѐxcsgPiG{+xQI= zԫ+ 8"kñj=|c yCF/*9жh{ ?4o kmQNx;Y4膚aw?6>e]Qr:g,i"ԩA*M7qB?ӕFhV25r[7 Y }LR}*sg+xr2U=*'WSZDW]WǞ<叓{$9Ou4y90-1'*D`c^o?(9uݐ'PI& fJݮ:wSjfP1F:X H9dԯ˝[_54 }*;@ܨ ðynT?ןd#4rGͨH1|-#MrS3G3).᧏3vz֑r$G"`j 1tx0<ƆWh6y6,œGagAyb)hDß_mü gG;evݝnQ C-*oyaMI><]obD":GA-\%LT8c)+y76oQ#*{(F⽕y=rW\p۩cA^e6KʐcVf5$'->ՉN"F"UQ@fGb~#&M=8טJNu9D[̤so~ G9TtW^g5y$bY'سǴ=U-2 #MCt(i lj@Q 5̣i*OsxKf}\M{EV{υƇ);HIfeLȣr2>WIȂ6ik 5YOxȺ>Yf5'|H+98pjn.OyjY~iw'l;s2Y:'lgꥴ)o#'SaaKZ m}`169n"xI *+ }FP"l45'ZgE8?[X7(.Q-*ތL@̲v.5[=t\+CNܛ,gSQnH}*FG16&:t4ُ"Ạ$b |#rsaT ]ӽDP7ո0y)e$ٕvIh'QEAm*HRI=: 4牢) %_iNݧl] NtGHL ɱg<1V,J~ٹ"KQ 9HS9?@kr;we݁]I!{ @G["`J:n]{cAEVʆ#U96j#Ym\qe4hB7Cdv\MNgmAyQL4uLjj9#44tl^}LnR!t±]rh6ٍ>yҏNfU  Fm@8}/ujb9he:AyծwGpΧh5l}3p468)Udc;Us/֔YX1O2uqs`hwgr~{ RmhN؎*q 42*th>#E#HvOq}6e\,Wk#Xb>p}դ3T5†6[@Py*n|'f֧>lư΂̺SU'*qp_SM 'c6m ySʨ;MrƋmKxo,GmPAG:iw9}M(^V$ǒѽ9| aJSQarB;}ٻ֢2%Uc#gNaݕ'v[OY'3L3;,p]@S{lsX'cjwk'a.}}& dP*bK=ɍ!;3ngΊUߴmt'*{,=SzfD Ako~Gaoq_mi}#mPXhύmxǍ΂巿zfQc|kc?WY$_Lvl߶c`?ljݲˏ!V6UЂ(A4y)HpZ_x>eR$/`^'3qˏ-&Q=?CFVR DfV9{8gnh(P"6[D< E~0<@`G6Hгcc cK.5DdB`?XQ2ٿyqo&+1^ DW0ꊩG#QnL3c/x 11[yxპCWCcUĨ80me4.{muI=f0QRls9f9~fǨa"@8ȁQ#cicG$Gr/$W(WV"m7[mAmboD j۳ l^kh׽ # iXnveTka^Y4BNĕ0 !01@Q"2AaPq3BR?@4QT3,㺠W[=JKϞ2r^7vc:9 EߴwS#dIxu:Hp9E! V 2;73|F9Y*ʬFDu&y؟^EAA(ɩ^GV:ݜDy`Jr29ܾ㝉[E;FzxYGUeYC v-txIsםĘqEb+P\ :>iC';k|zرny]#ǿbQw(r|ӹs[D2v-%@;8<a[\o[ϧwI!*0krs)[J9^ʜp1) "/_>o<1AEy^C`x1'ܣnps`lfQ):lb>MejH^?kl3(z:1ŠK&?Q~{ٺhy/[V|6}KbXmn[-75q94dmc^h X5G-}دBޟ |rtMV+]c?-#ڛ^ǂ}LkrOu>-Dry D?:ޞUǜ7V?瓮"#rչģVR;n/_ ؉vݶe5db9/O009G5nWJpA*r9>1.[tsFnQ V 77R]ɫ8_0<՜IFu(v4Fk3E)N:yڮeP`1}$WSJSQNjٺ޵#lј(5=5lǏmoWv-1v,Wmn߀$x_DȬ0¤#QR[Vkzmw"9ZG7'[=Qj8R?zf\a=OU*oBA|G254 p.w7  &ξxGHp B%$gtЏ򤵍zHNuЯ-'40;_3 !01"@AQa2Pq#3BR?ʩcaen^8F<7;EA{EÖ1U/#d1an.1ě0ʾRh|RAo3m3 % 28Q yφHTo7lW>#i`qca m,B-j݋'mR1Ήt>Vps0IbIC.1Rea]H64B>o]($Bma!=?B KǾ+Ծ"nK*+[T#{EJSQs5:U\wĐf3܆&)IԆwE TlrTf6Q|Rh:[K zc֧GC%\_a84HcObiؖV7H )*ģK~Xhչ04?0 E<}3#u? |gS6ꊤ|I#Hڛ աwX97Ŀ%SLy6č|Fa 8b$sקhb9RAu7˨pČ_\*w묦F 4D~f|("mNKiS>$d7SlA/²SL|6N}S˯g]6; #. 403WebShell
403Webshell
Server IP : 173.199.190.172  /  Your IP : 216.73.216.167
Web Server : Apache
System : Linux chs1.nescrow.com.ng 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : oysipaoygov ( 1026)
PHP Version : 5.6.40
Disable Function : exec,passthru,shell_exec,system
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /proc/self/root/proc/self/root/usr/local/maldetect.last/logs/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /proc/self/root/proc/self/root/usr/local/maldetect.last/logs/event_log
Feb 27 2025 03:17:04 chs1 maldet(48109): {sigup} performing signature update check...
Feb 27 2025 03:17:04 chs1 maldet(48109): {sigup} local signature set is version 20250225482944
Feb 27 2025 03:17:04 chs1 maldet(48109): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Feb 27 2025 03:17:04 chs1 maldet(48109): {sigup} latest signature set already installed
Feb 27 2025 03:17:04 chs1 maldet(47704): {update} completed update v1.6.6 1591f0 => v1.6.6 359d25, running signature updates...
Feb 27 2025 03:17:04 chs1 maldet(48200): {sigup} performing signature update check...
Feb 27 2025 03:17:04 chs1 maldet(48200): {sigup} local signature set is version 20250225482944
Feb 27 2025 03:17:06 chs1 maldet(48200): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Feb 27 2025 03:17:06 chs1 maldet(48200): {sigup} latest signature set already installed
Feb 27 2025 03:17:06 chs1 maldet(47704): {update} update and config import completed
Feb 27 2025 03:17:06 chs1 maldet(48293): {sigup} performing signature update check...
Feb 27 2025 03:17:06 chs1 maldet(48293): {sigup} local signature set is version 20250225482944
Feb 27 2025 03:17:08 chs1 maldet(48293): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Feb 27 2025 03:17:08 chs1 maldet(48293): {sigup} latest signature set already installed
Feb 27 2025 03:17:08 chs1 maldet(48384): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Feb 27 2025 03:17:09 chs1 maldet(48384): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Feb 27 2025 03:17:09 chs1 maldet(48384): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Feb 27 2025 03:17:09 chs1 maldet(48384): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Feb 27 2025 03:17:09 chs1 maldet(48384): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Feb 27 2025 03:18:36 chs1 maldet(1442): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Feb 27 2025 05:00:50 chs1 maldet(35016): {update} checking for available updates...
Feb 27 2025 05:00:51 chs1 maldet(35016): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Feb 27 2025 05:00:51 chs1 maldet(35016): {update} hashing install files and checking against server...
Feb 27 2025 05:00:51 chs1 maldet(35016): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Feb 27 2025 05:00:51 chs1 maldet(35016): {update} latest version already installed.
Feb 27 2025 05:00:51 chs1 maldet(35125): {sigup} performing signature update check...
Feb 27 2025 05:00:51 chs1 maldet(35125): {sigup} local signature set is version 20250225482944
Feb 27 2025 05:00:52 chs1 maldet(35125): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Feb 27 2025 05:00:52 chs1 maldet(35125): {sigup} latest signature set already installed
Feb 27 2025 05:00:52 chs1 maldet(35213): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Feb 27 2025 05:00:52 chs1 maldet(35213): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Feb 27 2025 05:00:52 chs1 maldet(35213): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Feb 27 2025 05:00:52 chs1 maldet(35213): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Feb 27 2025 05:00:52 chs1 maldet(35213): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Feb 27 2025 05:01:23 chs1 maldet(35213): {scan} file list completed in 31s, found 108 files...
Feb 27 2025 05:01:23 chs1 maldet(35213): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Feb 27 2025 05:01:23 chs1 maldet(35213): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (108 files) in progress...
Feb 27 2025 05:01:32 chs1 maldet(35213): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Feb 27 2025 05:01:32 chs1 maldet(35213): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 108, malware hits 1, cleaned hits 0, time 40s
Feb 27 2025 05:01:32 chs1 maldet(35213): {scan} scan report saved, to view run: maldet --report 250227-0500.35213
Feb 27 2025 05:01:32 chs1 maldet(35213): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250227-0500.35213
Feb 27 2025 05:06:13 chs1 maldet(1448): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Feb 28 2025 00:53:23 chs1 maldet(1521): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Feb 28 2025 03:28:33 chs1 maldet(49769): {update} checking for available updates...
Feb 28 2025 03:28:34 chs1 maldet(49769): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Feb 28 2025 03:28:34 chs1 maldet(49769): {update} hashing install files and checking against server...
Feb 28 2025 03:28:34 chs1 maldet(49769): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Feb 28 2025 03:28:34 chs1 maldet(49769): {update} latest version already installed.
Feb 28 2025 03:28:34 chs1 maldet(49879): {sigup} performing signature update check...
Feb 28 2025 03:28:34 chs1 maldet(49879): {sigup} local signature set is version 20250225482944
Feb 28 2025 03:28:35 chs1 maldet(49879): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Feb 28 2025 03:28:35 chs1 maldet(49879): {sigup} latest signature set already installed
Feb 28 2025 03:28:35 chs1 maldet(49967): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Feb 28 2025 03:28:35 chs1 maldet(49967): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Feb 28 2025 03:28:35 chs1 maldet(49967): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Feb 28 2025 03:28:35 chs1 maldet(49967): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Feb 28 2025 03:28:35 chs1 maldet(49967): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Feb 28 2025 03:29:05 chs1 maldet(49967): {scan} file list completed in 29s, found 146 files...
Feb 28 2025 03:29:05 chs1 maldet(49967): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Feb 28 2025 03:29:05 chs1 maldet(49967): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (146 files) in progress...
Feb 28 2025 03:29:14 chs1 maldet(49967): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Feb 28 2025 03:29:14 chs1 maldet(49967): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 146, malware hits 1, cleaned hits 0, time 39s
Feb 28 2025 03:29:14 chs1 maldet(49967): {scan} scan report saved, to view run: maldet --report 250228-0328.49967
Feb 28 2025 03:29:14 chs1 maldet(49967): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250228-0328.49967
Feb 28 2025 03:38:43 chs1 maldet(1523): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 01 2025 01:00:15 chs1 maldet(1666): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 01 2025 03:23:35 chs1 maldet(47087): {update} checking for available updates...
Mar 01 2025 03:23:36 chs1 maldet(47087): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 01 2025 03:23:36 chs1 maldet(47087): {update} hashing install files and checking against server...
Mar 01 2025 03:23:37 chs1 maldet(47087): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 01 2025 03:23:37 chs1 maldet(47087): {update} latest version already installed.
Mar 01 2025 03:23:37 chs1 maldet(47198): {sigup} performing signature update check...
Mar 01 2025 03:23:37 chs1 maldet(47198): {sigup} local signature set is version 20250225482944
Mar 01 2025 03:23:38 chs1 maldet(47198): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 01 2025 03:23:38 chs1 maldet(47198): {sigup} new signature set 202502281171132 available
Mar 01 2025 03:23:38 chs1 maldet(47198): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 01 2025 03:23:38 chs1 maldet(47198): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 01 2025 03:23:38 chs1 maldet(47198): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 01 2025 03:23:38 chs1 maldet(47198): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 01 2025 03:23:39 chs1 maldet(47198): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 01 2025 03:23:39 chs1 maldet(47198): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 01 2025 03:23:39 chs1 maldet(47198): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 01 2025 03:23:39 chs1 maldet(47198): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 01 2025 03:23:39 chs1 maldet(47198): {sigup} verified md5sum of maldet-clean.tgz
Mar 01 2025 03:23:39 chs1 maldet(47198): {sigup} unpacked and installed maldet-clean.tgz
Mar 01 2025 03:23:39 chs1 maldet(47198): {sigup} signature set update completed
Mar 01 2025 03:23:39 chs1 maldet(47198): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 01 2025 03:23:40 chs1 maldet(47407): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 01 2025 03:23:40 chs1 maldet(47407): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 01 2025 03:23:40 chs1 maldet(47407): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 01 2025 03:23:40 chs1 maldet(47407): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 01 2025 03:23:40 chs1 maldet(47407): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 01 2025 03:25:51 chs1 maldet(1720): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 01 2025 04:19:10 chs1 maldet(18924): {update} checking for available updates...
Mar 01 2025 04:19:16 chs1 maldet(18924): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 01 2025 04:19:16 chs1 maldet(18924): {update} hashing install files and checking against server...
Mar 01 2025 04:19:22 chs1 maldet(18924): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 01 2025 04:19:22 chs1 maldet(18924): {update} latest version already installed.
Mar 01 2025 04:19:23 chs1 maldet(19133): {sigup} performing signature update check...
Mar 01 2025 04:19:23 chs1 maldet(19133): {sigup} local signature set is version 202502281171132
Mar 01 2025 04:19:28 chs1 maldet(19133): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 01 2025 04:19:28 chs1 maldet(19133): {sigup} latest signature set already installed
Mar 01 2025 04:19:29 chs1 maldet(19230): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 01 2025 04:19:29 chs1 maldet(19230): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 01 2025 04:19:29 chs1 maldet(19230): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 01 2025 04:19:29 chs1 maldet(19230): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 01 2025 04:19:29 chs1 maldet(19230): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 01 2025 04:19:58 chs1 maldet(19230): {scan} file list completed in 29s, found 232 files...
Mar 01 2025 04:19:58 chs1 maldet(19230): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 01 2025 04:19:58 chs1 maldet(19230): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (232 files) in progress...
Mar 01 2025 04:20:09 chs1 maldet(19230): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 01 2025 04:20:09 chs1 maldet(19230): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 232, malware hits 1, cleaned hits 0, time 40s
Mar 01 2025 04:20:09 chs1 maldet(19230): {scan} scan report saved, to view run: maldet --report 250301-0419.19230
Mar 01 2025 04:20:09 chs1 maldet(19230): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250301-0419.19230
Mar 01 2025 04:24:07 chs1 maldet(1685): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 02 2025 01:07:39 chs1 maldet(1612): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 02 2025 01:37:52 chs1 maldet(1640): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 02 2025 03:48:04 chs1 maldet(46707): {update} checking for available updates...
Mar 02 2025 03:48:05 chs1 maldet(46707): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 02 2025 03:48:05 chs1 maldet(46707): {update} hashing install files and checking against server...
Mar 02 2025 03:48:05 chs1 maldet(46707): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 02 2025 03:48:05 chs1 maldet(46707): {update} latest version already installed.
Mar 02 2025 03:48:05 chs1 maldet(46848): {sigup} performing signature update check...
Mar 02 2025 03:48:05 chs1 maldet(46848): {sigup} local signature set is version 202502281171132
Mar 02 2025 03:48:06 chs1 maldet(46848): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 02 2025 03:48:06 chs1 maldet(46848): {sigup} new signature set 202503011812952 available
Mar 02 2025 03:48:06 chs1 maldet(46848): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 02 2025 03:48:06 chs1 maldet(46848): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 02 2025 03:48:07 chs1 maldet(46848): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 02 2025 03:48:07 chs1 maldet(46848): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 02 2025 03:48:07 chs1 maldet(46848): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 02 2025 03:48:07 chs1 maldet(46848): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 02 2025 03:48:07 chs1 maldet(46848): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 02 2025 03:48:07 chs1 maldet(46848): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 02 2025 03:48:08 chs1 maldet(46848): {sigup} verified md5sum of maldet-clean.tgz
Mar 02 2025 03:48:08 chs1 maldet(46848): {sigup} unpacked and installed maldet-clean.tgz
Mar 02 2025 03:48:08 chs1 maldet(46848): {sigup} signature set update completed
Mar 02 2025 03:48:08 chs1 maldet(46848): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 02 2025 03:48:08 chs1 maldet(47054): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 02 2025 03:48:09 chs1 maldet(47054): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 02 2025 03:48:09 chs1 maldet(47054): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 02 2025 03:48:09 chs1 maldet(47054): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 02 2025 03:48:09 chs1 maldet(47054): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 02 2025 03:49:51 chs1 maldet(1623): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 02 2025 04:45:19 chs1 maldet(19077): {update} checking for available updates...
Mar 02 2025 04:45:50 chs1 maldet(19077): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 02 2025 04:45:50 chs1 maldet(19077): {update} hashing install files and checking against server...
Mar 02 2025 04:46:14 chs1 maldet(19077): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 02 2025 04:46:14 chs1 maldet(19077): {update} latest version already installed.
Mar 02 2025 04:46:14 chs1 maldet(19595): {sigup} performing signature update check...
Mar 02 2025 04:46:14 chs1 maldet(19595): {sigup} local signature set is version 202503011812952
Mar 02 2025 04:46:15 chs1 maldet(19595): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 02 2025 04:46:15 chs1 maldet(19595): {sigup} latest signature set already installed
Mar 02 2025 04:46:15 chs1 maldet(19684): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 02 2025 04:46:15 chs1 maldet(19684): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 02 2025 04:46:15 chs1 maldet(19684): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 02 2025 04:46:15 chs1 maldet(19684): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 02 2025 04:46:15 chs1 maldet(19684): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 02 2025 04:46:42 chs1 maldet(19684): {scan} file list completed in 27s, found 412 files...
Mar 02 2025 04:46:42 chs1 maldet(19684): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 02 2025 04:46:42 chs1 maldet(19684): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (412 files) in progress...
Mar 02 2025 04:47:46 chs1 maldet(19684): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 02 2025 04:47:47 chs1 maldet(19684): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 412, malware hits 1, cleaned hits 0, time 91s
Mar 02 2025 04:47:47 chs1 maldet(19684): {scan} scan report saved, to view run: maldet --report 250302-0446.19684
Mar 02 2025 04:47:47 chs1 maldet(19684): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250302-0446.19684
Mar 02 2025 04:48:42 chs1 maldet(1649): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 02 2025 05:53:21 chs1 maldet(22104): {update} checking for available updates...
Mar 02 2025 05:53:22 chs1 maldet(22104): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 02 2025 05:53:22 chs1 maldet(22104): {update} hashing install files and checking against server...
Mar 02 2025 05:53:22 chs1 maldet(22104): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 02 2025 05:53:22 chs1 maldet(22104): {update} latest version already installed.
Mar 02 2025 05:53:22 chs1 maldet(22214): {sigup} performing signature update check...
Mar 02 2025 05:53:22 chs1 maldet(22214): {sigup} local signature set is version 202503011812952
Mar 02 2025 05:53:23 chs1 maldet(22214): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 02 2025 05:53:23 chs1 maldet(22214): {sigup} latest signature set already installed
Mar 02 2025 05:53:23 chs1 maldet(22302): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 02 2025 05:53:23 chs1 maldet(22302): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 02 2025 05:53:23 chs1 maldet(22302): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 02 2025 05:53:23 chs1 maldet(22302): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 02 2025 05:53:23 chs1 maldet(22302): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 02 2025 05:53:50 chs1 maldet(22302): {scan} file list completed in 27s, found 412 files...
Mar 02 2025 05:53:50 chs1 maldet(22302): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 02 2025 05:53:50 chs1 maldet(22302): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (412 files) in progress...
Mar 02 2025 05:54:08 chs1 maldet(22302): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 02 2025 05:54:08 chs1 maldet(22302): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 412, malware hits 1, cleaned hits 0, time 45s
Mar 02 2025 05:54:08 chs1 maldet(22302): {scan} scan report saved, to view run: maldet --report 250302-0553.22302
Mar 02 2025 05:54:08 chs1 maldet(22302): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250302-0553.22302
Mar 02 2025 06:00:54 chs1 maldet(1661): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 03 2025 00:54:32 chs1 maldet(1542): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 03 2025 03:38:06 chs1 maldet(52318): {update} checking for available updates...
Mar 03 2025 03:38:06 chs1 maldet(52318): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 03 2025 03:38:06 chs1 maldet(52318): {update} hashing install files and checking against server...
Mar 03 2025 03:38:06 chs1 maldet(52318): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 03 2025 03:38:06 chs1 maldet(52318): {update} latest version already installed.
Mar 03 2025 03:38:06 chs1 maldet(52428): {sigup} performing signature update check...
Mar 03 2025 03:38:06 chs1 maldet(52428): {sigup} local signature set is version 202503011812952
Mar 03 2025 03:38:07 chs1 maldet(52428): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 03 2025 03:38:07 chs1 maldet(52428): {sigup} latest signature set already installed
Mar 03 2025 03:38:07 chs1 maldet(52516): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 03 2025 03:38:07 chs1 maldet(52516): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 03 2025 03:38:07 chs1 maldet(52516): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 03 2025 03:38:07 chs1 maldet(52516): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 03 2025 03:38:07 chs1 maldet(52516): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 03 2025 03:38:34 chs1 maldet(52516): {scan} file list completed in 27s, found 301 files...
Mar 03 2025 03:38:34 chs1 maldet(52516): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 03 2025 03:38:34 chs1 maldet(52516): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (301 files) in progress...
Mar 03 2025 03:38:48 chs1 maldet(52516): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 03 2025 03:38:48 chs1 maldet(52516): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 301, malware hits 1, cleaned hits 0, time 41s
Mar 03 2025 03:38:48 chs1 maldet(52516): {scan} scan report saved, to view run: maldet --report 250303-0338.52516
Mar 03 2025 03:38:48 chs1 maldet(52516): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250303-0338.52516
Mar 03 2025 03:45:37 chs1 maldet(1483): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 03 2025 15:00:01 chs1 maldet(2844): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 04 2025 00:56:01 chs1 maldet(2752): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 04 2025 03:13:56 chs1 maldet(48974): {update} checking for available updates...
Mar 04 2025 03:13:57 chs1 maldet(48974): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 04 2025 03:13:57 chs1 maldet(48974): {update} hashing install files and checking against server...
Mar 04 2025 03:13:57 chs1 maldet(48974): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 04 2025 03:13:57 chs1 maldet(48974): {update} latest version already installed.
Mar 04 2025 03:13:57 chs1 maldet(49086): {sigup} performing signature update check...
Mar 04 2025 03:13:57 chs1 maldet(49086): {sigup} local signature set is version 202503011812952
Mar 04 2025 03:13:58 chs1 maldet(49086): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 04 2025 03:13:58 chs1 maldet(49086): {sigup} latest signature set already installed
Mar 04 2025 03:13:58 chs1 maldet(49176): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 04 2025 03:13:58 chs1 maldet(49176): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 04 2025 03:13:58 chs1 maldet(49176): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 04 2025 03:13:58 chs1 maldet(49176): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 04 2025 03:13:58 chs1 maldet(49176): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 04 2025 03:14:29 chs1 maldet(49176): {scan} file list completed in 31s, found 75 files...
Mar 04 2025 03:14:29 chs1 maldet(49176): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 04 2025 03:14:29 chs1 maldet(49176): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (75 files) in progress...
Mar 04 2025 03:14:38 chs1 maldet(49176): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 04 2025 03:14:38 chs1 maldet(49176): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 75, malware hits 1, cleaned hits 0, time 40s
Mar 04 2025 03:14:38 chs1 maldet(49176): {scan} scan report saved, to view run: maldet --report 250304-0313.49176
Mar 04 2025 03:14:38 chs1 maldet(49176): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250304-0313.49176
Mar 04 2025 03:25:07 chs1 maldet(2563): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 04 2025 21:59:04 chs1 maldet(1667): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 05 2025 00:54:07 chs1 maldet(1616): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 05 2025 03:50:59 chs1 maldet(57489): {update} checking for available updates...
Mar 05 2025 03:51:00 chs1 maldet(57489): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 05 2025 03:51:00 chs1 maldet(57489): {update} hashing install files and checking against server...
Mar 05 2025 03:51:00 chs1 maldet(57489): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 05 2025 03:51:00 chs1 maldet(57489): {update} latest version already installed.
Mar 05 2025 03:51:00 chs1 maldet(57599): {sigup} performing signature update check...
Mar 05 2025 03:51:00 chs1 maldet(57599): {sigup} local signature set is version 202503011812952
Mar 05 2025 03:51:00 chs1 maldet(57599): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 05 2025 03:51:01 chs1 maldet(57599): {sigup} new signature set 20250304486819 available
Mar 05 2025 03:51:01 chs1 maldet(57599): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 05 2025 03:51:01 chs1 maldet(57599): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 05 2025 03:51:02 chs1 maldet(57599): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 05 2025 03:51:02 chs1 maldet(57599): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 05 2025 03:51:04 chs1 maldet(57599): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 05 2025 03:51:04 chs1 maldet(57599): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 05 2025 03:51:05 chs1 maldet(57599): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 05 2025 03:51:05 chs1 maldet(57599): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 05 2025 03:51:05 chs1 maldet(57599): {sigup} verified md5sum of maldet-clean.tgz
Mar 05 2025 03:51:05 chs1 maldet(57599): {sigup} unpacked and installed maldet-clean.tgz
Mar 05 2025 03:51:05 chs1 maldet(57599): {sigup} signature set update completed
Mar 05 2025 03:51:05 chs1 maldet(57599): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 05 2025 03:51:05 chs1 maldet(57950): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 05 2025 03:51:05 chs1 maldet(57950): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 05 2025 03:51:05 chs1 maldet(57950): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 05 2025 03:51:05 chs1 maldet(57950): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 05 2025 03:51:05 chs1 maldet(57950): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 05 2025 03:53:56 chs1 maldet(1522): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 05 2025 04:24:25 chs1 maldet(13089): {update} checking for available updates...
Mar 05 2025 04:24:26 chs1 maldet(13089): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 05 2025 04:24:26 chs1 maldet(13089): {update} hashing install files and checking against server...
Mar 05 2025 04:24:26 chs1 maldet(13089): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 05 2025 04:24:26 chs1 maldet(13089): {update} latest version already installed.
Mar 05 2025 04:24:26 chs1 maldet(13199): {sigup} performing signature update check...
Mar 05 2025 04:24:26 chs1 maldet(13199): {sigup} local signature set is version 20250304486819
Mar 05 2025 04:24:27 chs1 maldet(13199): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 05 2025 04:24:27 chs1 maldet(13199): {sigup} latest signature set already installed
Mar 05 2025 04:24:27 chs1 maldet(13295): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 05 2025 04:24:27 chs1 maldet(13295): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 05 2025 04:24:27 chs1 maldet(13295): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 05 2025 04:24:27 chs1 maldet(13295): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 05 2025 04:24:27 chs1 maldet(13295): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 05 2025 04:24:58 chs1 maldet(13295): {scan} file list completed in 31s, found 118 files...
Mar 05 2025 04:24:58 chs1 maldet(13295): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 05 2025 04:24:58 chs1 maldet(13295): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (118 files) in progress...
Mar 05 2025 04:25:57 chs1 maldet(13295): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 05 2025 04:25:57 chs1 maldet(13295): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 118, malware hits 1, cleaned hits 0, time 90s
Mar 05 2025 04:25:57 chs1 maldet(13295): {scan} scan report saved, to view run: maldet --report 250305-0424.13295
Mar 05 2025 04:25:57 chs1 maldet(13295): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250305-0424.13295
Mar 05 2025 04:30:17 chs1 maldet(1536): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 06 2025 01:00:41 chs1 maldet(1614): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 06 2025 03:32:59 chs1 maldet(49783): {update} checking for available updates...
Mar 06 2025 03:32:59 chs1 maldet(49783): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 06 2025 03:32:59 chs1 maldet(49783): {update} hashing install files and checking against server...
Mar 06 2025 03:33:00 chs1 maldet(49783): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 06 2025 03:33:00 chs1 maldet(49783): {update} latest version already installed.
Mar 06 2025 03:33:00 chs1 maldet(49896): {sigup} performing signature update check...
Mar 06 2025 03:33:00 chs1 maldet(49896): {sigup} local signature set is version 20250304486819
Mar 06 2025 03:33:00 chs1 maldet(49896): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 06 2025 03:33:00 chs1 maldet(49896): {sigup} latest signature set already installed
Mar 06 2025 03:33:00 chs1 maldet(49988): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 06 2025 03:33:01 chs1 maldet(49988): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 06 2025 03:33:01 chs1 maldet(49988): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 06 2025 03:33:01 chs1 maldet(49988): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 06 2025 03:33:01 chs1 maldet(49988): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 06 2025 03:33:34 chs1 maldet(49988): {scan} file list completed in 33s, found 147 files...
Mar 06 2025 03:33:34 chs1 maldet(49988): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 06 2025 03:33:34 chs1 maldet(49988): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (147 files) in progress...
Mar 06 2025 03:33:44 chs1 maldet(49988): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 06 2025 03:33:44 chs1 maldet(49988): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 147, malware hits 1, cleaned hits 0, time 44s
Mar 06 2025 03:33:44 chs1 maldet(49988): {scan} scan report saved, to view run: maldet --report 250306-0333.49988
Mar 06 2025 03:33:44 chs1 maldet(49988): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250306-0333.49988
Mar 06 2025 03:41:17 chs1 maldet(1600): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 07 2025 00:50:46 chs1 maldet(1631): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 07 2025 03:47:14 chs1 maldet(63463): {update} checking for available updates...
Mar 07 2025 03:47:15 chs1 maldet(63463): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 07 2025 03:47:15 chs1 maldet(63463): {update} hashing install files and checking against server...
Mar 07 2025 03:47:15 chs1 maldet(63463): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 07 2025 03:47:15 chs1 maldet(63463): {update} latest version already installed.
Mar 07 2025 03:47:16 chs1 maldet(63573): {sigup} performing signature update check...
Mar 07 2025 03:47:16 chs1 maldet(63573): {sigup} local signature set is version 20250304486819
Mar 07 2025 03:47:16 chs1 maldet(63573): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 07 2025 03:47:16 chs1 maldet(63573): {sigup} latest signature set already installed
Mar 07 2025 03:47:16 chs1 maldet(63661): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 07 2025 03:47:16 chs1 maldet(63661): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 07 2025 03:47:16 chs1 maldet(63661): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 07 2025 03:47:16 chs1 maldet(63661): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 07 2025 03:47:16 chs1 maldet(63661): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 07 2025 03:47:46 chs1 maldet(63661): {scan} file list completed in 29s, found 65 files...
Mar 07 2025 03:47:46 chs1 maldet(63661): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 07 2025 03:47:46 chs1 maldet(63661): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (65 files) in progress...
Mar 07 2025 03:47:55 chs1 maldet(63661): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 07 2025 03:47:55 chs1 maldet(63661): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 65, malware hits 1, cleaned hits 0, time 39s
Mar 07 2025 03:47:55 chs1 maldet(63661): {scan} scan report saved, to view run: maldet --report 250307-0347.63661
Mar 07 2025 03:47:55 chs1 maldet(63661): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250307-0347.63661
Mar 07 2025 03:57:10 chs1 maldet(1655): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 08 2025 01:01:43 chs1 maldet(1852): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 08 2025 03:24:12 chs1 maldet(51723): {update} checking for available updates...
Mar 08 2025 03:24:12 chs1 maldet(51723): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 08 2025 03:24:12 chs1 maldet(51723): {update} hashing install files and checking against server...
Mar 08 2025 03:24:13 chs1 maldet(51723): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 08 2025 03:24:13 chs1 maldet(51723): {update} latest version already installed.
Mar 08 2025 03:24:13 chs1 maldet(51834): {sigup} performing signature update check...
Mar 08 2025 03:24:13 chs1 maldet(51834): {sigup} local signature set is version 20250304486819
Mar 08 2025 03:24:13 chs1 maldet(51834): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 08 2025 03:24:13 chs1 maldet(51834): {sigup} new signature set 202503071159774 available
Mar 08 2025 03:24:13 chs1 maldet(51834): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 08 2025 03:24:14 chs1 maldet(51834): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 08 2025 03:24:14 chs1 maldet(51834): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 08 2025 03:24:14 chs1 maldet(51834): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 08 2025 03:24:15 chs1 maldet(51834): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 08 2025 03:24:15 chs1 maldet(51834): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 08 2025 03:24:15 chs1 maldet(51834): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 08 2025 03:24:15 chs1 maldet(51834): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 08 2025 03:24:16 chs1 maldet(51834): {sigup} verified md5sum of maldet-clean.tgz
Mar 08 2025 03:24:16 chs1 maldet(51834): {sigup} unpacked and installed maldet-clean.tgz
Mar 08 2025 03:24:16 chs1 maldet(51834): {sigup} signature set update completed
Mar 08 2025 03:24:16 chs1 maldet(51834): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 08 2025 03:24:16 chs1 maldet(52042): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 08 2025 03:24:16 chs1 maldet(52042): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 08 2025 03:24:16 chs1 maldet(52042): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 08 2025 03:24:16 chs1 maldet(52042): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 08 2025 03:24:16 chs1 maldet(52042): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 08 2025 03:25:43 chs1 maldet(1732): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 08 2025 04:47:06 chs1 maldet(28844): {update} checking for available updates...
Mar 08 2025 04:47:31 chs1 maldet(28844): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 08 2025 04:47:31 chs1 maldet(28844): {update} hashing install files and checking against server...
Mar 08 2025 04:48:02 chs1 maldet(28844): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 08 2025 04:48:02 chs1 maldet(28844): {update} latest version already installed.
Mar 08 2025 04:48:05 chs1 maldet(29338): {sigup} performing signature update check...
Mar 08 2025 04:48:05 chs1 maldet(29338): {sigup} local signature set is version 202503071159774
Mar 08 2025 04:48:52 chs1 maldet(29338): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 08 2025 04:48:52 chs1 maldet(29338): {sigup} latest signature set already installed
Mar 08 2025 04:48:53 chs1 maldet(29623): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 08 2025 04:48:53 chs1 maldet(29623): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 08 2025 04:48:53 chs1 maldet(29623): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 08 2025 04:48:53 chs1 maldet(29623): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 08 2025 04:48:53 chs1 maldet(29623): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 08 2025 04:49:32 chs1 maldet(29623): {scan} file list completed in 39s, found 48 files...
Mar 08 2025 04:49:32 chs1 maldet(29623): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 08 2025 04:49:32 chs1 maldet(29623): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (48 files) in progress...
Mar 08 2025 04:49:42 chs1 maldet(29623): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 08 2025 04:49:42 chs1 maldet(29623): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 48, malware hits 1, cleaned hits 0, time 49s
Mar 08 2025 04:49:42 chs1 maldet(29623): {scan} scan report saved, to view run: maldet --report 250308-0448.29623
Mar 08 2025 04:49:42 chs1 maldet(29623): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250308-0448.29623
Mar 09 2025 00:52:16 chs1 maldet(1804): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 09 2025 03:38:44 chs1 maldet(55733): {update} checking for available updates...
Mar 09 2025 03:38:44 chs1 maldet(55733): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 09 2025 03:38:44 chs1 maldet(55733): {update} hashing install files and checking against server...
Mar 09 2025 03:38:45 chs1 maldet(55733): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 09 2025 03:38:45 chs1 maldet(55733): {update} latest version already installed.
Mar 09 2025 03:38:45 chs1 maldet(55844): {sigup} performing signature update check...
Mar 09 2025 03:38:45 chs1 maldet(55844): {sigup} local signature set is version 202503071159774
Mar 09 2025 03:38:45 chs1 maldet(55844): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 09 2025 03:38:45 chs1 maldet(55844): {sigup} latest signature set already installed
Mar 09 2025 03:38:45 chs1 maldet(55933): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 09 2025 03:38:46 chs1 maldet(55933): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 09 2025 03:38:46 chs1 maldet(55933): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 09 2025 03:38:46 chs1 maldet(55933): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 09 2025 03:38:46 chs1 maldet(55933): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 09 2025 03:39:22 chs1 maldet(55933): {scan} file list completed in 36s, found 41 files...
Mar 09 2025 03:39:22 chs1 maldet(55933): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 09 2025 03:39:22 chs1 maldet(55933): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (41 files) in progress...
Mar 09 2025 03:39:30 chs1 maldet(55933): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 09 2025 03:39:30 chs1 maldet(55933): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 41, malware hits 1, cleaned hits 0, time 45s
Mar 09 2025 03:39:30 chs1 maldet(55933): {scan} scan report saved, to view run: maldet --report 250309-0338.55933
Mar 09 2025 03:39:30 chs1 maldet(55933): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250309-0338.55933
Mar 09 2025 03:43:46 chs1 maldet(1652): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 10 2025 00:55:47 chs1 maldet(1662): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 10 2025 03:29:12 chs1 maldet(54047): {update} checking for available updates...
Mar 10 2025 03:29:13 chs1 maldet(54047): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 10 2025 03:29:13 chs1 maldet(54047): {update} hashing install files and checking against server...
Mar 10 2025 03:29:13 chs1 maldet(54047): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 10 2025 03:29:13 chs1 maldet(54047): {update} latest version already installed.
Mar 10 2025 03:29:13 chs1 maldet(54161): {sigup} performing signature update check...
Mar 10 2025 03:29:13 chs1 maldet(54161): {sigup} local signature set is version 202503071159774
Mar 10 2025 03:29:14 chs1 maldet(54161): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 10 2025 03:29:14 chs1 maldet(54161): {sigup} latest signature set already installed
Mar 10 2025 03:29:14 chs1 maldet(54249): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 10 2025 03:29:14 chs1 maldet(54249): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 10 2025 03:29:14 chs1 maldet(54249): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 10 2025 03:29:14 chs1 maldet(54249): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 10 2025 03:29:14 chs1 maldet(54249): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 10 2025 03:29:39 chs1 maldet(54249): {scan} file list completed in 25s, found 60 files...
Mar 10 2025 03:29:39 chs1 maldet(54249): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 10 2025 03:29:39 chs1 maldet(54249): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (60 files) in progress...
Mar 10 2025 03:29:48 chs1 maldet(54249): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 10 2025 03:29:48 chs1 maldet(54249): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 60, malware hits 1, cleaned hits 0, time 34s
Mar 10 2025 03:29:48 chs1 maldet(54249): {scan} scan report saved, to view run: maldet --report 250310-0329.54249
Mar 10 2025 03:29:48 chs1 maldet(54249): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250310-0329.54249
Mar 10 2025 03:39:05 chs1 maldet(1832): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 11 2025 00:55:12 chs1 maldet(1737): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 11 2025 03:38:51 chs1 maldet(66241): {update} checking for available updates...
Mar 11 2025 03:38:51 chs1 maldet(66241): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 11 2025 03:38:51 chs1 maldet(66241): {update} hashing install files and checking against server...
Mar 11 2025 03:38:51 chs1 maldet(66241): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 11 2025 03:38:51 chs1 maldet(66241): {update} latest version already installed.
Mar 11 2025 03:38:51 chs1 maldet(66351): {sigup} performing signature update check...
Mar 11 2025 03:38:51 chs1 maldet(66351): {sigup} local signature set is version 202503071159774
Mar 11 2025 03:38:52 chs1 maldet(66351): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 11 2025 03:38:52 chs1 maldet(66351): {sigup} latest signature set already installed
Mar 11 2025 03:38:52 chs1 maldet(66440): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 11 2025 03:38:52 chs1 maldet(66440): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 11 2025 03:38:52 chs1 maldet(66440): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 11 2025 03:38:52 chs1 maldet(66440): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 11 2025 03:38:52 chs1 maldet(66440): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 11 2025 03:40:44 chs1 maldet(1725): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 11 2025 04:45:23 chs1 maldet(25046): {update} checking for available updates...
Mar 11 2025 04:45:23 chs1 maldet(25046): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 11 2025 04:45:23 chs1 maldet(25046): {update} hashing install files and checking against server...
Mar 11 2025 04:45:24 chs1 maldet(25046): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 11 2025 04:45:24 chs1 maldet(25046): {update} latest version already installed.
Mar 11 2025 04:45:24 chs1 maldet(25158): {sigup} performing signature update check...
Mar 11 2025 04:45:24 chs1 maldet(25158): {sigup} local signature set is version 202503071159774
Mar 11 2025 04:45:25 chs1 maldet(25158): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 11 2025 04:45:25 chs1 maldet(25158): {sigup} latest signature set already installed
Mar 11 2025 04:45:25 chs1 maldet(25252): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 11 2025 04:45:25 chs1 maldet(25252): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 11 2025 04:45:25 chs1 maldet(25252): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 11 2025 04:45:25 chs1 maldet(25252): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 11 2025 04:45:25 chs1 maldet(25252): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 11 2025 04:45:53 chs1 maldet(25252): {scan} file list completed in 28s, found 39 files...
Mar 11 2025 04:45:53 chs1 maldet(25252): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 11 2025 04:45:53 chs1 maldet(25252): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (39 files) in progress...
Mar 11 2025 04:46:02 chs1 maldet(25252): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 11 2025 04:46:03 chs1 maldet(25252): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 39, malware hits 1, cleaned hits 0, time 37s
Mar 11 2025 04:46:03 chs1 maldet(25252): {scan} scan report saved, to view run: maldet --report 250311-0445.25252
Mar 11 2025 04:46:03 chs1 maldet(25252): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250311-0445.25252
Mar 11 2025 04:55:56 chs1 maldet(1650): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 12 2025 00:53:13 chs1 maldet(1738): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 12 2025 03:28:59 chs1 maldet(58018): {update} checking for available updates...
Mar 12 2025 03:28:59 chs1 maldet(58018): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 12 2025 03:28:59 chs1 maldet(58018): {update} hashing install files and checking against server...
Mar 12 2025 03:29:00 chs1 maldet(58018): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 12 2025 03:29:00 chs1 maldet(58018): {update} latest version already installed.
Mar 12 2025 03:29:00 chs1 maldet(58137): {sigup} performing signature update check...
Mar 12 2025 03:29:00 chs1 maldet(58137): {sigup} local signature set is version 202503071159774
Mar 12 2025 03:29:00 chs1 maldet(58137): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 12 2025 03:29:00 chs1 maldet(58137): {sigup} latest signature set already installed
Mar 12 2025 03:29:00 chs1 maldet(58225): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 12 2025 03:29:01 chs1 maldet(58225): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 12 2025 03:29:01 chs1 maldet(58225): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 12 2025 03:29:01 chs1 maldet(58225): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 12 2025 03:29:01 chs1 maldet(58225): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 12 2025 03:29:30 chs1 maldet(58225): {scan} file list completed in 29s, found 52 files...
Mar 12 2025 03:29:30 chs1 maldet(58225): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 12 2025 03:29:30 chs1 maldet(58225): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (52 files) in progress...
Mar 12 2025 03:29:40 chs1 maldet(58225): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 12 2025 03:29:40 chs1 maldet(58225): {hit} malware hit {YARA}php_in_image found for /home/oysipaoygov/public_html/admin/sectoruploads/bala.php
Mar 12 2025 03:29:40 chs1 maldet(58225): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 52, malware hits 2, cleaned hits 0, time 40s
Mar 12 2025 03:29:40 chs1 maldet(58225): {scan} scan report saved, to view run: maldet --report 250312-0329.58225
Mar 12 2025 03:29:40 chs1 maldet(58225): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250312-0329.58225
Mar 12 2025 03:39:14 chs1 maldet(1620): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 13 2025 00:52:00 chs1 maldet(1671): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 13 2025 03:46:19 chs1 maldet(76532): {update} checking for available updates...
Mar 13 2025 03:46:19 chs1 maldet(76532): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 13 2025 03:46:19 chs1 maldet(76532): {update} hashing install files and checking against server...
Mar 13 2025 03:46:19 chs1 maldet(76532): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 13 2025 03:46:19 chs1 maldet(76532): {update} latest version already installed.
Mar 13 2025 03:46:20 chs1 maldet(76644): {sigup} performing signature update check...
Mar 13 2025 03:46:20 chs1 maldet(76644): {sigup} local signature set is version 202503071159774
Mar 13 2025 03:46:20 chs1 maldet(76644): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 13 2025 03:46:20 chs1 maldet(76644): {sigup} latest signature set already installed
Mar 13 2025 03:46:20 chs1 maldet(76733): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 13 2025 03:46:20 chs1 maldet(76733): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 13 2025 03:46:20 chs1 maldet(76733): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 13 2025 03:46:20 chs1 maldet(76733): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 13 2025 03:46:20 chs1 maldet(76733): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 13 2025 03:46:51 chs1 maldet(76733): {scan} file list completed in 31s, found 102 files...
Mar 13 2025 03:46:51 chs1 maldet(76733): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 13 2025 03:46:51 chs1 maldet(76733): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (102 files) in progress...
Mar 13 2025 03:47:02 chs1 maldet(76733): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 13 2025 03:47:02 chs1 maldet(76733): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 102, malware hits 1, cleaned hits 0, time 42s
Mar 13 2025 03:47:02 chs1 maldet(76733): {scan} scan report saved, to view run: maldet --report 250313-0346.76733
Mar 13 2025 03:47:02 chs1 maldet(76733): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250313-0346.76733
Mar 13 2025 03:53:39 chs1 maldet(1632): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 14 2025 00:55:29 chs1 maldet(1689): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 14 2025 03:21:06 chs1 maldet(57204): {update} checking for available updates...
Mar 14 2025 03:21:06 chs1 maldet(57204): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 14 2025 03:21:06 chs1 maldet(57204): {update} hashing install files and checking against server...
Mar 14 2025 03:21:07 chs1 maldet(57204): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 14 2025 03:21:07 chs1 maldet(57204): {update} latest version already installed.
Mar 14 2025 03:21:07 chs1 maldet(57314): {sigup} performing signature update check...
Mar 14 2025 03:21:07 chs1 maldet(57314): {sigup} local signature set is version 202503071159774
Mar 14 2025 03:21:07 chs1 maldet(57314): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 14 2025 03:21:07 chs1 maldet(57314): {sigup} new signature set 20250313525494 available
Mar 14 2025 03:21:07 chs1 maldet(57314): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 14 2025 03:21:08 chs1 maldet(57314): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 14 2025 03:21:08 chs1 maldet(57314): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 14 2025 03:21:08 chs1 maldet(57314): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 14 2025 03:21:09 chs1 maldet(57314): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 14 2025 03:21:09 chs1 maldet(57314): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 14 2025 03:21:09 chs1 maldet(57314): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 14 2025 03:21:09 chs1 maldet(57314): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 14 2025 03:21:09 chs1 maldet(57314): {sigup} verified md5sum of maldet-clean.tgz
Mar 14 2025 03:21:09 chs1 maldet(57314): {sigup} unpacked and installed maldet-clean.tgz
Mar 14 2025 03:21:09 chs1 maldet(57314): {sigup} signature set update completed
Mar 14 2025 03:21:09 chs1 maldet(57314): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 14 2025 03:21:10 chs1 maldet(57525): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 14 2025 03:21:10 chs1 maldet(57525): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 14 2025 03:21:10 chs1 maldet(57525): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 14 2025 03:21:10 chs1 maldet(57525): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 14 2025 03:21:10 chs1 maldet(57525): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 14 2025 03:24:05 chs1 maldet(1887): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 14 2025 04:12:18 chs1 maldet(19311): {update} checking for available updates...
Mar 14 2025 04:12:18 chs1 maldet(19311): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 14 2025 04:12:18 chs1 maldet(19311): {update} hashing install files and checking against server...
Mar 14 2025 04:12:18 chs1 maldet(19311): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 14 2025 04:12:19 chs1 maldet(19311): {update} latest version already installed.
Mar 14 2025 04:12:19 chs1 maldet(19422): {sigup} performing signature update check...
Mar 14 2025 04:12:19 chs1 maldet(19422): {sigup} local signature set is version 20250313525494
Mar 14 2025 04:12:19 chs1 maldet(19422): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 14 2025 04:12:19 chs1 maldet(19422): {sigup} latest signature set already installed
Mar 14 2025 04:12:19 chs1 maldet(19510): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 14 2025 04:12:20 chs1 maldet(19510): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 14 2025 04:12:20 chs1 maldet(19510): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 14 2025 04:12:20 chs1 maldet(19510): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 14 2025 04:12:20 chs1 maldet(19510): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 14 2025 04:12:51 chs1 maldet(19510): {scan} file list completed in 31s, found 2139 files...
Mar 14 2025 04:12:51 chs1 maldet(19510): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 14 2025 04:12:51 chs1 maldet(19510): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (2139 files) in progress...
Mar 14 2025 04:13:54 chs1 maldet(19510): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 14 2025 04:13:54 chs1 maldet(19510): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 2139, malware hits 1, cleaned hits 0, time 95s
Mar 14 2025 04:13:54 chs1 maldet(19510): {scan} scan report saved, to view run: maldet --report 250314-0412.19510
Mar 14 2025 04:13:54 chs1 maldet(19510): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250314-0412.19510
Mar 14 2025 04:20:53 chs1 maldet(1748): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 14 2025 22:31:18 chs1 maldet(1592): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 15 2025 03:42:30 chs1 maldet(1983): {update} checking for available updates...
Mar 15 2025 03:42:31 chs1 maldet(1983): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 15 2025 03:42:31 chs1 maldet(1983): {update} hashing install files and checking against server...
Mar 15 2025 03:42:31 chs1 maldet(1983): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 15 2025 03:42:31 chs1 maldet(1983): {update} latest version already installed.
Mar 15 2025 03:42:31 chs1 maldet(2106): {sigup} performing signature update check...
Mar 15 2025 03:42:31 chs1 maldet(2106): {sigup} local signature set is version 20250313525494
Mar 15 2025 03:42:32 chs1 maldet(2106): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 15 2025 03:42:32 chs1 maldet(2106): {sigup} latest signature set already installed
Mar 15 2025 03:42:32 chs1 maldet(2198): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 15 2025 03:42:32 chs1 maldet(2198): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 15 2025 03:42:32 chs1 maldet(2198): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 15 2025 03:42:32 chs1 maldet(2198): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 15 2025 03:42:32 chs1 maldet(2198): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 15 2025 03:42:58 chs1 maldet(2198): {scan} file list completed in 26s, found 59 files...
Mar 15 2025 03:42:58 chs1 maldet(2198): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 15 2025 03:42:58 chs1 maldet(2198): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (59 files) in progress...
Mar 15 2025 03:43:09 chs1 maldet(2198): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 15 2025 03:43:09 chs1 maldet(2198): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 59, malware hits 1, cleaned hits 0, time 37s
Mar 15 2025 03:43:09 chs1 maldet(2198): {scan} scan report saved, to view run: maldet --report 250315-0342.2198
Mar 15 2025 03:43:09 chs1 maldet(2198): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250315-0342.2198
Mar 15 2025 03:45:33 chs1 maldet(1431): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 16 2025 00:54:06 chs1 maldet(1882): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 16 2025 03:13:32 chs1 maldet(62664): {update} checking for available updates...
Mar 16 2025 03:13:32 chs1 maldet(62664): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 16 2025 03:13:32 chs1 maldet(62664): {update} hashing install files and checking against server...
Mar 16 2025 03:13:33 chs1 maldet(62664): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 16 2025 03:13:33 chs1 maldet(62664): {update} latest version already installed.
Mar 16 2025 03:13:33 chs1 maldet(62773): {sigup} performing signature update check...
Mar 16 2025 03:13:33 chs1 maldet(62773): {sigup} local signature set is version 20250313525494
Mar 16 2025 03:13:33 chs1 maldet(62773): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 16 2025 03:13:33 chs1 maldet(62773): {sigup} latest signature set already installed
Mar 16 2025 03:13:33 chs1 maldet(62864): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 16 2025 03:13:34 chs1 maldet(62864): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 16 2025 03:13:34 chs1 maldet(62864): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 16 2025 03:13:34 chs1 maldet(62864): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 16 2025 03:13:34 chs1 maldet(62864): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 16 2025 03:14:04 chs1 maldet(62864): {scan} file list completed in 30s, found 23 files...
Mar 16 2025 03:14:04 chs1 maldet(62864): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 16 2025 03:14:04 chs1 maldet(62864): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (23 files) in progress...
Mar 16 2025 03:14:13 chs1 maldet(62864): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 16 2025 03:14:13 chs1 maldet(62864): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 23, malware hits 1, cleaned hits 0, time 40s
Mar 16 2025 03:14:13 chs1 maldet(62864): {scan} scan report saved, to view run: maldet --report 250316-0313.62864
Mar 16 2025 03:14:13 chs1 maldet(62864): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250316-0313.62864
Mar 16 2025 03:22:00 chs1 maldet(1658): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 16 2025 04:30:31 chs1 maldet(1704): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 16 2025 06:23:09 chs1 maldet(1673): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 17 2025 00:53:24 chs1 maldet(1458): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 17 2025 03:51:08 chs1 maldet(64237): {update} checking for available updates...
Mar 17 2025 03:51:08 chs1 maldet(64237): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 17 2025 03:51:08 chs1 maldet(64237): {update} hashing install files and checking against server...
Mar 17 2025 03:51:08 chs1 maldet(64237): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 17 2025 03:51:08 chs1 maldet(64237): {update} latest version already installed.
Mar 17 2025 03:51:08 chs1 maldet(64348): {sigup} performing signature update check...
Mar 17 2025 03:51:09 chs1 maldet(64348): {sigup} local signature set is version 20250313525494
Mar 17 2025 03:51:09 chs1 maldet(64348): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 17 2025 03:51:09 chs1 maldet(64348): {sigup} new signature set 20250316483998 available
Mar 17 2025 03:51:09 chs1 maldet(64348): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 17 2025 03:51:09 chs1 maldet(64348): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 17 2025 03:51:10 chs1 maldet(64348): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 17 2025 03:51:10 chs1 maldet(64348): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 17 2025 03:51:10 chs1 maldet(64348): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 17 2025 03:51:11 chs1 maldet(64348): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 17 2025 03:51:11 chs1 maldet(64348): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 17 2025 03:51:11 chs1 maldet(64348): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 17 2025 03:51:11 chs1 maldet(64348): {sigup} verified md5sum of maldet-clean.tgz
Mar 17 2025 03:51:11 chs1 maldet(64348): {sigup} unpacked and installed maldet-clean.tgz
Mar 17 2025 03:51:11 chs1 maldet(64348): {sigup} signature set update completed
Mar 17 2025 03:51:11 chs1 maldet(64348): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 17 2025 03:51:11 chs1 maldet(64555): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 17 2025 03:51:11 chs1 maldet(64555): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 17 2025 03:51:11 chs1 maldet(64555): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 17 2025 03:51:11 chs1 maldet(64555): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 17 2025 03:51:11 chs1 maldet(64555): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 17 2025 03:52:44 chs1 maldet(1475): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 17 2025 04:32:29 chs1 maldet(15670): {update} checking for available updates...
Mar 17 2025 04:32:56 chs1 maldet(15670): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 17 2025 04:32:56 chs1 maldet(15670): {update} hashing install files and checking against server...
Mar 17 2025 04:33:21 chs1 maldet(15670): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 17 2025 04:33:21 chs1 maldet(15670): {update} latest version already installed.
Mar 17 2025 04:33:21 chs1 maldet(16055): {sigup} performing signature update check...
Mar 17 2025 04:33:21 chs1 maldet(16055): {sigup} local signature set is version 20250316483998
Mar 17 2025 04:33:45 chs1 maldet(16055): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 17 2025 04:33:45 chs1 maldet(16055): {sigup} latest signature set already installed
Mar 17 2025 04:33:45 chs1 maldet(16182): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 17 2025 04:33:45 chs1 maldet(16182): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 17 2025 04:33:45 chs1 maldet(16182): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 17 2025 04:33:45 chs1 maldet(16182): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 17 2025 04:33:45 chs1 maldet(16182): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 17 2025 04:34:22 chs1 maldet(16182): {scan} file list completed in 37s, found 58 files...
Mar 17 2025 04:34:22 chs1 maldet(16182): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 17 2025 04:34:22 chs1 maldet(16182): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (58 files) in progress...
Mar 17 2025 04:34:32 chs1 maldet(16182): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 17 2025 04:34:32 chs1 maldet(16182): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 58, malware hits 1, cleaned hits 0, time 47s
Mar 17 2025 04:34:32 chs1 maldet(16182): {scan} scan report saved, to view run: maldet --report 250317-0433.16182
Mar 17 2025 04:34:32 chs1 maldet(16182): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250317-0433.16182
Mar 17 2025 04:39:49 chs1 maldet(1570): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 17 2025 04:43:02 chs1 maldet(1586): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 17 2025 12:03:41 chs1 maldet(1513): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 17 2025 14:11:41 chs1 maldet(1495): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 17 2025 14:14:11 chs1 maldet(1530): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 18 2025 00:53:57 chs1 maldet(1939): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 18 2025 03:14:06 chs1 maldet(57557): {update} checking for available updates...
Mar 18 2025 03:14:06 chs1 maldet(57557): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 18 2025 03:14:06 chs1 maldet(57557): {update} hashing install files and checking against server...
Mar 18 2025 03:14:07 chs1 maldet(57557): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 18 2025 03:14:07 chs1 maldet(57557): {update} latest version already installed.
Mar 18 2025 03:14:07 chs1 maldet(57674): {sigup} performing signature update check...
Mar 18 2025 03:14:07 chs1 maldet(57674): {sigup} local signature set is version 20250316483998
Mar 18 2025 03:14:08 chs1 maldet(57674): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 18 2025 03:14:08 chs1 maldet(57674): {sigup} latest signature set already installed
Mar 18 2025 03:14:08 chs1 maldet(57764): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 18 2025 03:14:08 chs1 maldet(57764): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 18 2025 03:14:08 chs1 maldet(57764): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 18 2025 03:14:08 chs1 maldet(57764): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 18 2025 03:14:08 chs1 maldet(57764): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 18 2025 03:14:40 chs1 maldet(57764): {scan} file list completed in 32s, found 86 files...
Mar 18 2025 03:14:40 chs1 maldet(57764): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 18 2025 03:14:40 chs1 maldet(57764): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (86 files) in progress...
Mar 18 2025 03:14:49 chs1 maldet(57764): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 18 2025 03:14:49 chs1 maldet(57764): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 86, malware hits 1, cleaned hits 0, time 41s
Mar 18 2025 03:14:49 chs1 maldet(57764): {scan} scan report saved, to view run: maldet --report 250318-0314.57764
Mar 18 2025 03:14:49 chs1 maldet(57764): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250318-0314.57764
Mar 18 2025 03:24:43 chs1 maldet(1934): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 19 2025 00:53:47 chs1 maldet(1830): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 19 2025 03:41:55 chs1 maldet(64461): {update} checking for available updates...
Mar 19 2025 03:41:55 chs1 maldet(64461): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 19 2025 03:41:55 chs1 maldet(64461): {update} hashing install files and checking against server...
Mar 19 2025 03:41:56 chs1 maldet(64461): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 19 2025 03:41:56 chs1 maldet(64461): {update} latest version already installed.
Mar 19 2025 03:41:56 chs1 maldet(64576): {sigup} performing signature update check...
Mar 19 2025 03:41:56 chs1 maldet(64576): {sigup} local signature set is version 20250316483998
Mar 19 2025 03:41:56 chs1 maldet(64576): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 19 2025 03:41:56 chs1 maldet(64576): {sigup} latest signature set already installed
Mar 19 2025 03:41:56 chs1 maldet(64664): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 19 2025 03:41:57 chs1 maldet(64664): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 19 2025 03:41:57 chs1 maldet(64664): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 19 2025 03:41:57 chs1 maldet(64664): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 19 2025 03:41:57 chs1 maldet(64664): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 19 2025 03:42:26 chs1 maldet(64664): {scan} file list completed in 29s, found 108 files...
Mar 19 2025 03:42:26 chs1 maldet(64664): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 19 2025 03:42:26 chs1 maldet(64664): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (108 files) in progress...
Mar 19 2025 03:42:37 chs1 maldet(64664): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 19 2025 03:42:37 chs1 maldet(64664): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 108, malware hits 1, cleaned hits 0, time 41s
Mar 19 2025 03:42:37 chs1 maldet(64664): {scan} scan report saved, to view run: maldet --report 250319-0341.64664
Mar 19 2025 03:42:37 chs1 maldet(64664): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250319-0341.64664
Mar 19 2025 03:51:36 chs1 maldet(1933): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 20 2025 00:51:37 chs1 maldet(1818): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 20 2025 03:17:34 chs1 maldet(60554): {update} checking for available updates...
Mar 20 2025 03:17:34 chs1 maldet(60554): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 20 2025 03:17:34 chs1 maldet(60554): {update} hashing install files and checking against server...
Mar 20 2025 03:17:35 chs1 maldet(60554): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 20 2025 03:17:35 chs1 maldet(60554): {update} latest version already installed.
Mar 20 2025 03:17:35 chs1 maldet(60670): {sigup} performing signature update check...
Mar 20 2025 03:17:35 chs1 maldet(60670): {sigup} local signature set is version 20250316483998
Mar 20 2025 03:17:36 chs1 maldet(60670): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 20 2025 03:17:36 chs1 maldet(60670): {sigup} new signature set 20250319514026 available
Mar 20 2025 03:17:36 chs1 maldet(60670): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 20 2025 03:17:36 chs1 maldet(60670): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 20 2025 03:17:37 chs1 maldet(60670): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 20 2025 03:17:37 chs1 maldet(60670): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 20 2025 03:17:37 chs1 maldet(60670): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 20 2025 03:17:37 chs1 maldet(60670): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 20 2025 03:17:37 chs1 maldet(60670): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 20 2025 03:17:38 chs1 maldet(60670): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 20 2025 03:17:38 chs1 maldet(60670): {sigup} verified md5sum of maldet-clean.tgz
Mar 20 2025 03:17:38 chs1 maldet(60670): {sigup} unpacked and installed maldet-clean.tgz
Mar 20 2025 03:17:38 chs1 maldet(60670): {sigup} signature set update completed
Mar 20 2025 03:17:38 chs1 maldet(60670): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 20 2025 03:17:38 chs1 maldet(60890): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 20 2025 03:17:38 chs1 maldet(60890): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 20 2025 03:17:38 chs1 maldet(60890): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 20 2025 03:17:38 chs1 maldet(60890): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 20 2025 03:17:38 chs1 maldet(60890): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 20 2025 03:19:44 chs1 maldet(1690): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 20 2025 04:28:39 chs1 maldet(33220): {update} checking for available updates...
Mar 20 2025 04:28:58 chs1 maldet(33220): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 20 2025 04:28:58 chs1 maldet(33220): {update} hashing install files and checking against server...
Mar 20 2025 04:29:25 chs1 maldet(33220): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 20 2025 04:29:25 chs1 maldet(33220): {update} latest version already installed.
Mar 20 2025 04:29:25 chs1 maldet(33672): {sigup} performing signature update check...
Mar 20 2025 04:29:25 chs1 maldet(33672): {sigup} local signature set is version 20250319514026
Mar 20 2025 04:29:25 chs1 maldet(33672): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 20 2025 04:29:25 chs1 maldet(33672): {sigup} latest signature set already installed
Mar 20 2025 04:29:26 chs1 maldet(33766): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 20 2025 04:29:26 chs1 maldet(33766): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 20 2025 04:29:26 chs1 maldet(33766): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 20 2025 04:29:26 chs1 maldet(33766): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 20 2025 04:29:26 chs1 maldet(33766): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 20 2025 04:30:02 chs1 maldet(33766): {scan} file list completed in 35s, found 835 files...
Mar 20 2025 04:30:02 chs1 maldet(33766): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 20 2025 04:30:02 chs1 maldet(33766): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (835 files) in progress...
Mar 20 2025 04:30:39 chs1 maldet(33766): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 20 2025 04:30:39 chs1 maldet(33766): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 835, malware hits 1, cleaned hits 0, time 73s
Mar 20 2025 04:30:39 chs1 maldet(33766): {scan} scan report saved, to view run: maldet --report 250320-0429.33766
Mar 20 2025 04:30:39 chs1 maldet(33766): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250320-0429.33766
Mar 20 2025 04:36:12 chs1 maldet(1647): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 20 2025 04:37:54 chs1 maldet(1634): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 21 2025 00:57:52 chs1 maldet(1618): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 21 2025 03:15:53 chs1 maldet(56900): {update} checking for available updates...
Mar 21 2025 03:15:53 chs1 maldet(56900): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 21 2025 03:15:54 chs1 maldet(56900): {update} hashing install files and checking against server...
Mar 21 2025 03:15:54 chs1 maldet(56900): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 21 2025 03:15:54 chs1 maldet(56900): {update} latest version already installed.
Mar 21 2025 03:15:54 chs1 maldet(57019): {sigup} performing signature update check...
Mar 21 2025 03:15:54 chs1 maldet(57019): {sigup} local signature set is version 20250319514026
Mar 21 2025 03:15:55 chs1 maldet(57019): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 21 2025 03:15:55 chs1 maldet(57019): {sigup} latest signature set already installed
Mar 21 2025 03:15:55 chs1 maldet(57108): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 21 2025 03:15:55 chs1 maldet(57108): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 21 2025 03:15:55 chs1 maldet(57108): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 21 2025 03:15:55 chs1 maldet(57108): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 21 2025 03:15:55 chs1 maldet(57108): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 21 2025 03:16:27 chs1 maldet(57108): {scan} file list completed in 32s, found 78 files...
Mar 21 2025 03:16:27 chs1 maldet(57108): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 21 2025 03:16:27 chs1 maldet(57108): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (78 files) in progress...
Mar 21 2025 03:16:38 chs1 maldet(57108): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 21 2025 03:16:38 chs1 maldet(57108): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 78, malware hits 1, cleaned hits 0, time 43s
Mar 21 2025 03:16:38 chs1 maldet(57108): {scan} scan report saved, to view run: maldet --report 250321-0315.57108
Mar 21 2025 03:16:38 chs1 maldet(57108): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250321-0315.57108
Mar 21 2025 03:20:51 chs1 maldet(1568): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 21 2025 15:05:08 chs1 maldet(1700): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 22 2025 00:52:41 chs1 maldet(1281): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 22 2025 03:20:18 chs1 maldet(45817): {update} checking for available updates...
Mar 22 2025 03:20:19 chs1 maldet(45817): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 22 2025 03:20:19 chs1 maldet(45817): {update} hashing install files and checking against server...
Mar 22 2025 03:20:19 chs1 maldet(45817): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 22 2025 03:20:19 chs1 maldet(45817): {update} latest version already installed.
Mar 22 2025 03:20:19 chs1 maldet(45926): {sigup} performing signature update check...
Mar 22 2025 03:20:19 chs1 maldet(45926): {sigup} local signature set is version 20250319514026
Mar 22 2025 03:20:19 chs1 maldet(45926): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 22 2025 03:20:19 chs1 maldet(45926): {sigup} latest signature set already installed
Mar 22 2025 03:20:20 chs1 maldet(46014): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 22 2025 03:20:20 chs1 maldet(46014): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 22 2025 03:20:20 chs1 maldet(46014): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 22 2025 03:20:20 chs1 maldet(46014): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 22 2025 03:20:20 chs1 maldet(46014): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 22 2025 03:20:48 chs1 maldet(46014): {scan} file list completed in 27s, found 75 files...
Mar 22 2025 03:20:48 chs1 maldet(46014): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 22 2025 03:20:48 chs1 maldet(46014): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (75 files) in progress...
Mar 22 2025 03:20:56 chs1 maldet(46014): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 22 2025 03:20:56 chs1 maldet(46014): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 75, malware hits 1, cleaned hits 0, time 36s
Mar 22 2025 03:20:56 chs1 maldet(46014): {scan} scan report saved, to view run: maldet --report 250322-0320.46014
Mar 22 2025 03:20:56 chs1 maldet(46014): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250322-0320.46014
Mar 23 2025 00:50:27 chs1 maldet(1855): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 23 2025 03:33:54 chs1 maldet(57225): {update} checking for available updates...
Mar 23 2025 03:33:55 chs1 maldet(57225): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 23 2025 03:33:55 chs1 maldet(57225): {update} hashing install files and checking against server...
Mar 23 2025 03:33:55 chs1 maldet(57225): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 23 2025 03:33:55 chs1 maldet(57225): {update} latest version already installed.
Mar 23 2025 03:33:56 chs1 maldet(57345): {sigup} performing signature update check...
Mar 23 2025 03:33:56 chs1 maldet(57345): {sigup} local signature set is version 20250319514026
Mar 23 2025 03:33:56 chs1 maldet(57345): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 23 2025 03:33:56 chs1 maldet(57345): {sigup} new signature set 202503221188379 available
Mar 23 2025 03:33:56 chs1 maldet(57345): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 23 2025 03:33:57 chs1 maldet(57345): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 23 2025 03:33:57 chs1 maldet(57345): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 23 2025 03:33:57 chs1 maldet(57345): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 23 2025 03:33:58 chs1 maldet(57345): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 23 2025 03:33:58 chs1 maldet(57345): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 23 2025 03:33:58 chs1 maldet(57345): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 23 2025 03:33:58 chs1 maldet(57345): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 23 2025 03:33:58 chs1 maldet(57345): {sigup} verified md5sum of maldet-clean.tgz
Mar 23 2025 03:33:59 chs1 maldet(57345): {sigup} unpacked and installed maldet-clean.tgz
Mar 23 2025 03:33:59 chs1 maldet(57345): {sigup} signature set update completed
Mar 23 2025 03:33:59 chs1 maldet(57345): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 23 2025 03:33:59 chs1 maldet(57564): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 23 2025 03:34:00 chs1 maldet(57564): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 23 2025 03:34:00 chs1 maldet(57564): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 23 2025 03:34:01 chs1 maldet(57564): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 23 2025 03:34:01 chs1 maldet(57564): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 23 2025 03:35:48 chs1 maldet(1953): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 23 2025 04:40:08 chs1 maldet(23329): {update} checking for available updates...
Mar 23 2025 04:40:31 chs1 maldet(23329): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 23 2025 04:40:31 chs1 maldet(23329): {update} hashing install files and checking against server...
Mar 23 2025 04:41:01 chs1 maldet(23329): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 23 2025 04:41:01 chs1 maldet(23329): {update} latest version already installed.
Mar 23 2025 04:41:02 chs1 maldet(23645): {sigup} performing signature update check...
Mar 23 2025 04:41:02 chs1 maldet(23645): {sigup} local signature set is version 202503221188379
Mar 23 2025 04:41:24 chs1 maldet(23645): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 23 2025 04:41:24 chs1 maldet(23645): {sigup} latest signature set already installed
Mar 23 2025 04:41:24 chs1 maldet(23825): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 23 2025 04:41:25 chs1 maldet(23825): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 23 2025 04:41:25 chs1 maldet(23825): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 23 2025 04:41:25 chs1 maldet(23825): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 23 2025 04:41:25 chs1 maldet(23825): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 23 2025 04:43:05 chs1 maldet(1963): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 23 2025 05:31:34 chs1 maldet(18660): {update} checking for available updates...
Mar 23 2025 05:31:34 chs1 maldet(18660): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 23 2025 05:31:34 chs1 maldet(18660): {update} hashing install files and checking against server...
Mar 23 2025 05:31:35 chs1 maldet(18660): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 23 2025 05:31:35 chs1 maldet(18660): {update} latest version already installed.
Mar 23 2025 05:31:35 chs1 maldet(18769): {sigup} performing signature update check...
Mar 23 2025 05:31:35 chs1 maldet(18769): {sigup} local signature set is version 202503221188379
Mar 23 2025 05:31:35 chs1 maldet(18769): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 23 2025 05:31:35 chs1 maldet(18769): {sigup} latest signature set already installed
Mar 23 2025 05:31:35 chs1 maldet(18866): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 23 2025 05:31:36 chs1 maldet(18866): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 23 2025 05:31:36 chs1 maldet(18866): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 23 2025 05:31:36 chs1 maldet(18866): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 23 2025 05:31:36 chs1 maldet(18866): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 23 2025 05:32:07 chs1 maldet(18866): {scan} file list completed in 31s, found 43 files...
Mar 23 2025 05:32:07 chs1 maldet(18866): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 23 2025 05:32:07 chs1 maldet(18866): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (43 files) in progress...
Mar 23 2025 05:32:16 chs1 maldet(18866): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 23 2025 05:32:16 chs1 maldet(18866): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 43, malware hits 1, cleaned hits 0, time 41s
Mar 23 2025 05:32:16 chs1 maldet(18866): {scan} scan report saved, to view run: maldet --report 250323-0531.18866
Mar 23 2025 05:32:16 chs1 maldet(18866): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250323-0531.18866
Mar 24 2025 00:59:22 chs1 maldet(1594): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 24 2025 03:11:15 chs1 maldet(46645): {update} checking for available updates...
Mar 24 2025 03:11:15 chs1 maldet(46645): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 24 2025 03:11:15 chs1 maldet(46645): {update} hashing install files and checking against server...
Mar 24 2025 03:11:16 chs1 maldet(46645): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 24 2025 03:11:16 chs1 maldet(46645): {update} latest version already installed.
Mar 24 2025 03:11:16 chs1 maldet(46755): {sigup} performing signature update check...
Mar 24 2025 03:11:16 chs1 maldet(46755): {sigup} local signature set is version 202503221188379
Mar 24 2025 03:11:16 chs1 maldet(46755): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 24 2025 03:11:16 chs1 maldet(46755): {sigup} latest signature set already installed
Mar 24 2025 03:11:16 chs1 maldet(46843): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 24 2025 03:11:17 chs1 maldet(46843): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 24 2025 03:11:17 chs1 maldet(46843): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 24 2025 03:11:17 chs1 maldet(46843): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 24 2025 03:11:17 chs1 maldet(46843): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 24 2025 03:11:43 chs1 maldet(46843): {scan} file list completed in 26s, found 215 files...
Mar 24 2025 03:11:43 chs1 maldet(46843): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 24 2025 03:11:43 chs1 maldet(46843): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (215 files) in progress...
Mar 24 2025 03:11:56 chs1 maldet(46843): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 24 2025 03:11:56 chs1 maldet(46843): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 215, malware hits 1, cleaned hits 0, time 40s
Mar 24 2025 03:11:56 chs1 maldet(46843): {scan} scan report saved, to view run: maldet --report 250324-0311.46843
Mar 24 2025 03:11:56 chs1 maldet(46843): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250324-0311.46843
Mar 24 2025 03:20:00 chs1 maldet(1604): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 25 2025 00:51:23 chs1 maldet(1577): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 25 2025 03:26:36 chs1 maldet(53931): {update} checking for available updates...
Mar 25 2025 03:26:37 chs1 maldet(53931): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 25 2025 03:26:37 chs1 maldet(53931): {update} hashing install files and checking against server...
Mar 25 2025 03:26:37 chs1 maldet(53931): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 25 2025 03:26:37 chs1 maldet(53931): {update} latest version already installed.
Mar 25 2025 03:26:37 chs1 maldet(54042): {sigup} performing signature update check...
Mar 25 2025 03:26:37 chs1 maldet(54042): {sigup} local signature set is version 202503221188379
Mar 25 2025 03:26:38 chs1 maldet(54042): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 25 2025 03:26:38 chs1 maldet(54042): {sigup} latest signature set already installed
Mar 25 2025 03:26:38 chs1 maldet(54133): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 25 2025 03:26:38 chs1 maldet(54133): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 25 2025 03:26:38 chs1 maldet(54133): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 25 2025 03:26:38 chs1 maldet(54133): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 25 2025 03:26:38 chs1 maldet(54133): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 25 2025 03:27:11 chs1 maldet(54133): {scan} file list completed in 33s, found 49 files...
Mar 25 2025 03:27:11 chs1 maldet(54133): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 25 2025 03:27:11 chs1 maldet(54133): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (49 files) in progress...
Mar 25 2025 03:27:21 chs1 maldet(54133): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 25 2025 03:27:21 chs1 maldet(54133): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 49, malware hits 1, cleaned hits 0, time 43s
Mar 25 2025 03:27:21 chs1 maldet(54133): {scan} scan report saved, to view run: maldet --report 250325-0326.54133
Mar 25 2025 03:27:21 chs1 maldet(54133): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250325-0326.54133
Mar 25 2025 06:37:27 chs1 maldet(1729): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 26 2025 00:53:05 chs1 maldet(1528): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 26 2025 03:51:21 chs1 maldet(53342): {update} checking for available updates...
Mar 26 2025 03:51:22 chs1 maldet(53342): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 26 2025 03:51:22 chs1 maldet(53342): {update} hashing install files and checking against server...
Mar 26 2025 03:51:22 chs1 maldet(53342): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 26 2025 03:51:22 chs1 maldet(53342): {update} latest version already installed.
Mar 26 2025 03:51:22 chs1 maldet(53451): {sigup} performing signature update check...
Mar 26 2025 03:51:22 chs1 maldet(53451): {sigup} local signature set is version 202503221188379
Mar 26 2025 03:51:23 chs1 maldet(53451): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 26 2025 03:51:23 chs1 maldet(53451): {sigup} new signature set 202503251862979 available
Mar 26 2025 03:51:23 chs1 maldet(53451): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 26 2025 03:51:23 chs1 maldet(53451): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 26 2025 03:51:23 chs1 maldet(53451): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 26 2025 03:51:23 chs1 maldet(53451): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 26 2025 03:51:24 chs1 maldet(53451): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 26 2025 03:51:24 chs1 maldet(53451): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 26 2025 03:51:24 chs1 maldet(53451): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 26 2025 03:51:24 chs1 maldet(53451): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 26 2025 03:51:24 chs1 maldet(53451): {sigup} verified md5sum of maldet-clean.tgz
Mar 26 2025 03:51:24 chs1 maldet(53451): {sigup} unpacked and installed maldet-clean.tgz
Mar 26 2025 03:51:24 chs1 maldet(53451): {sigup} signature set update completed
Mar 26 2025 03:51:24 chs1 maldet(53451): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 26 2025 03:51:24 chs1 maldet(53656): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 26 2025 03:51:25 chs1 maldet(53656): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 26 2025 03:51:25 chs1 maldet(53656): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 26 2025 03:51:25 chs1 maldet(53656): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 26 2025 03:51:25 chs1 maldet(53656): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 26 2025 03:53:45 chs1 maldet(1466): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 26 2025 04:52:55 chs1 maldet(19314): {update} checking for available updates...
Mar 26 2025 04:53:26 chs1 maldet(19314): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 26 2025 04:53:26 chs1 maldet(19314): {update} hashing install files and checking against server...
Mar 26 2025 04:54:12 chs1 maldet(19314): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 26 2025 04:54:12 chs1 maldet(19314): {update} latest version already installed.
Mar 26 2025 04:54:12 chs1 maldet(20384): {sigup} performing signature update check...
Mar 26 2025 04:54:12 chs1 maldet(20384): {sigup} local signature set is version 202503251862979
Mar 26 2025 04:54:37 chs1 maldet(20384): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 26 2025 04:54:37 chs1 maldet(20384): {sigup} latest signature set already installed
Mar 26 2025 04:54:37 chs1 maldet(20506): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 26 2025 04:54:38 chs1 maldet(20506): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 26 2025 04:54:38 chs1 maldet(20506): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 26 2025 04:54:38 chs1 maldet(20506): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 26 2025 04:54:38 chs1 maldet(20506): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 26 2025 04:55:08 chs1 maldet(20506): {scan} file list completed in 30s, found 2868 files...
Mar 26 2025 04:55:08 chs1 maldet(20506): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 26 2025 04:55:08 chs1 maldet(20506): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (2868 files) in progress...
Mar 26 2025 04:58:33 chs1 maldet(20506): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 26 2025 04:58:34 chs1 maldet(20506): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 2868, malware hits 1, cleaned hits 0, time 236s
Mar 26 2025 04:58:34 chs1 maldet(20506): {scan} scan report saved, to view run: maldet --report 250326-0454.20506
Mar 26 2025 04:58:34 chs1 maldet(20506): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250326-0454.20506
Mar 26 2025 19:47:56 chs1 maldet(1756): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 27 2025 00:56:03 chs1 maldet(1499): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 27 2025 03:31:00 chs1 maldet(47200): {update} checking for available updates...
Mar 27 2025 03:31:00 chs1 maldet(47200): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 27 2025 03:31:00 chs1 maldet(47200): {update} hashing install files and checking against server...
Mar 27 2025 03:31:01 chs1 maldet(47200): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 27 2025 03:31:01 chs1 maldet(47200): {update} latest version already installed.
Mar 27 2025 03:31:01 chs1 maldet(47322): {sigup} performing signature update check...
Mar 27 2025 03:31:01 chs1 maldet(47322): {sigup} local signature set is version 202503251862979
Mar 27 2025 03:31:02 chs1 maldet(47322): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 27 2025 03:31:02 chs1 maldet(47322): {sigup} latest signature set already installed
Mar 27 2025 03:31:02 chs1 maldet(47467): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 27 2025 03:31:03 chs1 maldet(47467): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 27 2025 03:31:03 chs1 maldet(47467): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 27 2025 03:31:03 chs1 maldet(47467): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 27 2025 03:31:03 chs1 maldet(47467): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 27 2025 03:31:27 chs1 maldet(47467): {scan} file list completed in 24s, found 78 files...
Mar 27 2025 03:31:27 chs1 maldet(47467): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 27 2025 03:31:27 chs1 maldet(47467): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (78 files) in progress...
Mar 27 2025 03:31:37 chs1 maldet(47467): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 27 2025 03:31:37 chs1 maldet(47467): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 78, malware hits 1, cleaned hits 0, time 35s
Mar 27 2025 03:31:37 chs1 maldet(47467): {scan} scan report saved, to view run: maldet --report 250327-0331.47467
Mar 27 2025 03:31:37 chs1 maldet(47467): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250327-0331.47467
Mar 28 2025 00:59:20 chs1 maldet(1864): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 28 2025 03:52:31 chs1 maldet(52304): {update} checking for available updates...
Mar 28 2025 03:52:31 chs1 maldet(52304): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 28 2025 03:52:31 chs1 maldet(52304): {update} hashing install files and checking against server...
Mar 28 2025 03:52:31 chs1 maldet(52304): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 28 2025 03:52:31 chs1 maldet(52304): {update} latest version already installed.
Mar 28 2025 03:52:32 chs1 maldet(52413): {sigup} performing signature update check...
Mar 28 2025 03:52:32 chs1 maldet(52413): {sigup} local signature set is version 202503251862979
Mar 28 2025 03:52:32 chs1 maldet(52413): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 28 2025 03:52:32 chs1 maldet(52413): {sigup} latest signature set already installed
Mar 28 2025 03:52:32 chs1 maldet(52501): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 28 2025 03:52:32 chs1 maldet(52501): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 28 2025 03:52:32 chs1 maldet(52501): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 28 2025 03:52:32 chs1 maldet(52501): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 28 2025 03:52:32 chs1 maldet(52501): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 28 2025 03:53:04 chs1 maldet(52501): {scan} file list completed in 32s, found 70 files...
Mar 28 2025 03:53:04 chs1 maldet(52501): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 28 2025 03:53:04 chs1 maldet(52501): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (70 files) in progress...
Mar 28 2025 03:53:14 chs1 maldet(52501): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 28 2025 03:53:14 chs1 maldet(52501): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 70, malware hits 1, cleaned hits 0, time 42s
Mar 28 2025 03:53:14 chs1 maldet(52501): {scan} scan report saved, to view run: maldet --report 250328-0352.52501
Mar 28 2025 03:53:14 chs1 maldet(52501): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250328-0352.52501
Mar 29 2025 00:52:40 chs1 maldet(2005): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 29 2025 03:19:20 chs1 maldet(44872): {update} checking for available updates...
Mar 29 2025 03:19:20 chs1 maldet(44872): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 29 2025 03:19:21 chs1 maldet(44872): {update} hashing install files and checking against server...
Mar 29 2025 03:19:21 chs1 maldet(44872): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 29 2025 03:19:21 chs1 maldet(44872): {update} latest version already installed.
Mar 29 2025 03:19:21 chs1 maldet(44981): {sigup} performing signature update check...
Mar 29 2025 03:19:21 chs1 maldet(44981): {sigup} local signature set is version 202503251862979
Mar 29 2025 03:19:21 chs1 maldet(44981): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 29 2025 03:19:21 chs1 maldet(44981): {sigup} new signature set 202503282537907 available
Mar 29 2025 03:19:21 chs1 maldet(44981): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 29 2025 03:19:22 chs1 maldet(44981): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Mar 29 2025 03:19:22 chs1 maldet(44981): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Mar 29 2025 03:19:22 chs1 maldet(44981): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 29 2025 03:19:23 chs1 maldet(44981): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Mar 29 2025 03:19:23 chs1 maldet(44981): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Mar 29 2025 03:19:23 chs1 maldet(44981): {sigup} verified md5sum of maldet-sigpack.tgz
Mar 29 2025 03:19:23 chs1 maldet(44981): {sigup} unpacked and installed maldet-sigpack.tgz
Mar 29 2025 03:19:23 chs1 maldet(44981): {sigup} verified md5sum of maldet-clean.tgz
Mar 29 2025 03:19:23 chs1 maldet(44981): {sigup} unpacked and installed maldet-clean.tgz
Mar 29 2025 03:19:23 chs1 maldet(44981): {sigup} signature set update completed
Mar 29 2025 03:19:24 chs1 maldet(44981): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 29 2025 03:19:24 chs1 maldet(45195): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 29 2025 03:19:25 chs1 maldet(45195): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 29 2025 03:19:25 chs1 maldet(45195): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 29 2025 03:19:25 chs1 maldet(45195): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 29 2025 03:19:25 chs1 maldet(45195): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 29 2025 03:23:00 chs1 maldet(1831): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 29 2025 04:24:51 chs1 maldet(21765): {update} checking for available updates...
Mar 29 2025 04:25:01 chs1 maldet(21765): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 29 2025 04:25:01 chs1 maldet(21765): {update} hashing install files and checking against server...
Mar 29 2025 04:25:12 chs1 maldet(21765): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 29 2025 04:25:12 chs1 maldet(21765): {update} latest version already installed.
Mar 29 2025 04:25:12 chs1 maldet(22270): {sigup} performing signature update check...
Mar 29 2025 04:25:12 chs1 maldet(22270): {sigup} local signature set is version 202503282537907
Mar 29 2025 04:25:22 chs1 maldet(22270): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 29 2025 04:25:22 chs1 maldet(22270): {sigup} latest signature set already installed
Mar 29 2025 04:25:22 chs1 maldet(22397): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 29 2025 04:25:22 chs1 maldet(22397): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 29 2025 04:25:22 chs1 maldet(22397): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 29 2025 04:25:22 chs1 maldet(22397): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 29 2025 04:25:22 chs1 maldet(22397): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 29 2025 04:25:52 chs1 maldet(22397): {scan} file list completed in 30s, found 36 files...
Mar 29 2025 04:25:52 chs1 maldet(22397): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 29 2025 04:25:52 chs1 maldet(22397): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (36 files) in progress...
Mar 29 2025 04:26:00 chs1 maldet(22397): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 29 2025 04:26:01 chs1 maldet(22397): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 36, malware hits 1, cleaned hits 0, time 38s
Mar 29 2025 04:26:01 chs1 maldet(22397): {scan} scan report saved, to view run: maldet --report 250329-0425.22397
Mar 29 2025 04:26:01 chs1 maldet(22397): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250329-0425.22397
Mar 30 2025 00:53:36 chs1 maldet(1190): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 30 2025 03:54:04 chs1 maldet(51291): {update} checking for available updates...
Mar 30 2025 03:54:05 chs1 maldet(51291): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 30 2025 03:54:05 chs1 maldet(51291): {update} hashing install files and checking against server...
Mar 30 2025 03:54:05 chs1 maldet(51291): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 30 2025 03:54:05 chs1 maldet(51291): {update} latest version already installed.
Mar 30 2025 03:54:05 chs1 maldet(51410): {sigup} performing signature update check...
Mar 30 2025 03:54:05 chs1 maldet(51410): {sigup} local signature set is version 202503282537907
Mar 30 2025 03:54:05 chs1 maldet(51410): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 30 2025 03:54:05 chs1 maldet(51410): {sigup} latest signature set already installed
Mar 30 2025 03:54:06 chs1 maldet(51498): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 30 2025 03:54:06 chs1 maldet(51498): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 30 2025 03:54:06 chs1 maldet(51498): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 30 2025 03:54:06 chs1 maldet(51498): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 30 2025 03:54:06 chs1 maldet(51498): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 30 2025 03:54:28 chs1 maldet(51498): {scan} file list completed in 22s, found 43 files...
Mar 30 2025 03:54:28 chs1 maldet(51498): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 30 2025 03:54:28 chs1 maldet(51498): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (43 files) in progress...
Mar 30 2025 03:54:38 chs1 maldet(51498): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 30 2025 03:54:38 chs1 maldet(51498): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 43, malware hits 1, cleaned hits 0, time 32s
Mar 30 2025 03:54:38 chs1 maldet(51498): {scan} scan report saved, to view run: maldet --report 250330-0354.51498
Mar 30 2025 03:54:38 chs1 maldet(51498): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250330-0354.51498
Mar 30 2025 04:01:15 chs1 maldet(1305): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 30 2025 18:34:39 chs1 maldet(1002): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 30 2025 18:37:44 chs1 maldet(1009): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 30 2025 18:41:45 chs1 maldet(1068): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Mar 31 2025 03:49:37 chs1 maldet(33702): {update} checking for available updates...
Mar 31 2025 03:49:37 chs1 maldet(33702): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Mar 31 2025 03:49:37 chs1 maldet(33702): {update} hashing install files and checking against server...
Mar 31 2025 03:49:38 chs1 maldet(33702): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Mar 31 2025 03:49:38 chs1 maldet(33702): {update} latest version already installed.
Mar 31 2025 03:49:38 chs1 maldet(33811): {sigup} performing signature update check...
Mar 31 2025 03:49:38 chs1 maldet(33811): {sigup} local signature set is version 202503282537907
Mar 31 2025 03:49:38 chs1 maldet(33811): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Mar 31 2025 03:49:38 chs1 maldet(33811): {sigup} latest signature set already installed
Mar 31 2025 03:49:38 chs1 maldet(33903): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Mar 31 2025 03:49:39 chs1 maldet(33903): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Mar 31 2025 03:49:39 chs1 maldet(33903): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Mar 31 2025 03:49:39 chs1 maldet(33903): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Mar 31 2025 03:49:39 chs1 maldet(33903): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Mar 31 2025 03:50:07 chs1 maldet(33903): {scan} file list completed in 27s, found 57 files...
Mar 31 2025 03:50:07 chs1 maldet(33903): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Mar 31 2025 03:50:07 chs1 maldet(33903): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (57 files) in progress...
Mar 31 2025 03:50:15 chs1 maldet(33903): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Mar 31 2025 03:50:15 chs1 maldet(33903): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 57, malware hits 1, cleaned hits 0, time 37s
Mar 31 2025 03:50:15 chs1 maldet(33903): {scan} scan report saved, to view run: maldet --report 250331-0349.33903
Mar 31 2025 03:50:15 chs1 maldet(33903): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250331-0349.33903
Mar 31 2025 04:04:52 chs1 maldet(927): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 01 2025 00:51:05 chs1 maldet(1113): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 01 2025 03:28:56 chs1 maldet(46886): {update} checking for available updates...
Apr 01 2025 03:28:57 chs1 maldet(46886): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 01 2025 03:28:57 chs1 maldet(46886): {update} hashing install files and checking against server...
Apr 01 2025 03:28:57 chs1 maldet(46886): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 01 2025 03:28:57 chs1 maldet(46886): {update} latest version already installed.
Apr 01 2025 03:28:57 chs1 maldet(46995): {sigup} performing signature update check...
Apr 01 2025 03:28:57 chs1 maldet(46995): {sigup} local signature set is version 202503282537907
Apr 01 2025 03:28:58 chs1 maldet(46995): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 01 2025 03:28:58 chs1 maldet(46995): {sigup} new signature set 202503313275323 available
Apr 01 2025 03:28:58 chs1 maldet(46995): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 01 2025 03:28:58 chs1 maldet(46995): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 01 2025 03:28:59 chs1 maldet(46995): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 01 2025 03:28:59 chs1 maldet(46995): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 01 2025 03:28:59 chs1 maldet(46995): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 01 2025 03:28:59 chs1 maldet(46995): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 01 2025 03:28:59 chs1 maldet(46995): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 01 2025 03:28:59 chs1 maldet(46995): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 01 2025 03:28:59 chs1 maldet(46995): {sigup} verified md5sum of maldet-clean.tgz
Apr 01 2025 03:29:00 chs1 maldet(46995): {sigup} unpacked and installed maldet-clean.tgz
Apr 01 2025 03:29:00 chs1 maldet(46995): {sigup} signature set update completed
Apr 01 2025 03:29:00 chs1 maldet(46995): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 01 2025 03:29:00 chs1 maldet(47207): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 01 2025 03:29:00 chs1 maldet(47207): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 01 2025 03:29:00 chs1 maldet(47207): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 01 2025 03:29:00 chs1 maldet(47207): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 01 2025 03:29:00 chs1 maldet(47207): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 01 2025 03:31:00 chs1 maldet(47207): {scan} file list completed in 120s, found 63 files...
Apr 01 2025 03:31:00 chs1 maldet(47207): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 01 2025 03:31:00 chs1 maldet(47207): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (63 files) in progress...
Apr 01 2025 03:31:38 chs1 maldet(47207): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 01 2025 03:31:38 chs1 maldet(47207): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 63, malware hits 1, cleaned hits 0, time 158s
Apr 01 2025 03:31:38 chs1 maldet(47207): {scan} scan report saved, to view run: maldet --report 250401-0329.47207
Apr 01 2025 03:31:38 chs1 maldet(47207): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250401-0329.47207
Apr 01 2025 03:41:20 chs1 maldet(955): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 02 2025 01:01:01 chs1 maldet(914): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 02 2025 03:29:28 chs1 maldet(45055): {update} checking for available updates...
Apr 02 2025 03:29:29 chs1 maldet(45055): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 02 2025 03:29:29 chs1 maldet(45055): {update} hashing install files and checking against server...
Apr 02 2025 03:29:29 chs1 maldet(45055): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 02 2025 03:29:29 chs1 maldet(45055): {update} latest version already installed.
Apr 02 2025 03:29:29 chs1 maldet(45164): {sigup} performing signature update check...
Apr 02 2025 03:29:29 chs1 maldet(45164): {sigup} local signature set is version 202503313275323
Apr 02 2025 03:29:29 chs1 maldet(45164): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 02 2025 03:29:30 chs1 maldet(45164): {sigup} new signature set 202504013916532 available
Apr 02 2025 03:29:30 chs1 maldet(45164): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 02 2025 03:29:30 chs1 maldet(45164): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 02 2025 03:29:30 chs1 maldet(45164): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 02 2025 03:29:30 chs1 maldet(45164): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 02 2025 03:29:31 chs1 maldet(45164): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 02 2025 03:29:31 chs1 maldet(45164): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 02 2025 03:29:31 chs1 maldet(45164): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 02 2025 03:29:31 chs1 maldet(45164): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 02 2025 03:29:31 chs1 maldet(45164): {sigup} verified md5sum of maldet-clean.tgz
Apr 02 2025 03:29:31 chs1 maldet(45164): {sigup} unpacked and installed maldet-clean.tgz
Apr 02 2025 03:29:31 chs1 maldet(45164): {sigup} signature set update completed
Apr 02 2025 03:29:31 chs1 maldet(45164): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 02 2025 03:29:31 chs1 maldet(45368): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 02 2025 03:29:32 chs1 maldet(45368): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 02 2025 03:29:32 chs1 maldet(45368): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 02 2025 03:29:32 chs1 maldet(45368): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 02 2025 03:29:32 chs1 maldet(45368): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 02 2025 03:32:16 chs1 maldet(45368): {scan} file list completed in 164s, found 47 files...
Apr 02 2025 03:32:16 chs1 maldet(45368): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 02 2025 03:32:16 chs1 maldet(45368): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (47 files) in progress...
Apr 02 2025 03:32:26 chs1 maldet(45368): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 02 2025 03:32:26 chs1 maldet(45368): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 47, malware hits 1, cleaned hits 0, time 175s
Apr 02 2025 03:32:26 chs1 maldet(45368): {scan} scan report saved, to view run: maldet --report 250402-0329.45368
Apr 02 2025 03:32:26 chs1 maldet(45368): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250402-0329.45368
Apr 03 2025 00:54:24 chs1 maldet(939): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 03 2025 03:36:54 chs1 maldet(45782): {update} checking for available updates...
Apr 03 2025 03:36:55 chs1 maldet(45782): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 03 2025 03:36:55 chs1 maldet(45782): {update} hashing install files and checking against server...
Apr 03 2025 03:36:55 chs1 maldet(45782): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 03 2025 03:36:55 chs1 maldet(45782): {update} latest version already installed.
Apr 03 2025 03:36:55 chs1 maldet(45891): {sigup} performing signature update check...
Apr 03 2025 03:36:55 chs1 maldet(45891): {sigup} local signature set is version 202504013916532
Apr 03 2025 03:36:55 chs1 maldet(45891): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 03 2025 03:36:56 chs1 maldet(45891): {sigup} latest signature set already installed
Apr 03 2025 03:36:56 chs1 maldet(45979): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 03 2025 03:36:56 chs1 maldet(45979): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 03 2025 03:36:56 chs1 maldet(45979): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 03 2025 03:36:56 chs1 maldet(45979): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 03 2025 03:36:56 chs1 maldet(45979): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 03 2025 03:37:25 chs1 maldet(45979): {scan} file list completed in 28s, found 91 files...
Apr 03 2025 03:37:25 chs1 maldet(45979): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 03 2025 03:37:25 chs1 maldet(45979): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (91 files) in progress...
Apr 03 2025 03:37:34 chs1 maldet(45979): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 03 2025 03:37:34 chs1 maldet(45979): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 91, malware hits 1, cleaned hits 0, time 38s
Apr 03 2025 03:37:34 chs1 maldet(45979): {scan} scan report saved, to view run: maldet --report 250403-0336.45979
Apr 03 2025 03:37:34 chs1 maldet(45979): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250403-0336.45979
Apr 03 2025 19:49:09 chs1 maldet(911): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 03 2025 22:43:26 chs1 maldet(987): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 04 2025 03:32:00 chs1 maldet(83985): {update} checking for available updates...
Apr 04 2025 03:32:00 chs1 maldet(83985): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 04 2025 03:32:01 chs1 maldet(83985): {update} hashing install files and checking against server...
Apr 04 2025 03:32:01 chs1 maldet(83985): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 04 2025 03:32:01 chs1 maldet(83985): {update} latest version already installed.
Apr 04 2025 03:32:01 chs1 maldet(84108): {sigup} performing signature update check...
Apr 04 2025 03:32:01 chs1 maldet(84108): {sigup} local signature set is version 202504013916532
Apr 04 2025 03:32:02 chs1 maldet(84108): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 04 2025 03:32:02 chs1 maldet(84108): {sigup} latest signature set already installed
Apr 04 2025 03:32:03 chs1 maldet(84275): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 04 2025 03:32:03 chs1 maldet(84275): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 04 2025 03:32:03 chs1 maldet(84275): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 04 2025 03:32:03 chs1 maldet(84275): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 04 2025 03:32:03 chs1 maldet(84275): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 04 2025 03:32:33 chs1 maldet(84275): {scan} file list completed in 30s, found 104 files...
Apr 04 2025 03:32:33 chs1 maldet(84275): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 04 2025 03:32:33 chs1 maldet(84275): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (104 files) in progress...
Apr 04 2025 03:32:43 chs1 maldet(84275): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 04 2025 03:32:43 chs1 maldet(84275): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 104, malware hits 1, cleaned hits 0, time 40s
Apr 04 2025 03:32:43 chs1 maldet(84275): {scan} scan report saved, to view run: maldet --report 250404-0332.84275
Apr 04 2025 03:32:43 chs1 maldet(84275): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250404-0332.84275
Apr 04 2025 03:52:47 chs1 maldet(924): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 05 2025 00:57:37 chs1 maldet(947): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 05 2025 03:13:00 chs1 maldet(40550): {update} checking for available updates...
Apr 05 2025 03:13:00 chs1 maldet(40550): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 05 2025 03:13:00 chs1 maldet(40550): {update} hashing install files and checking against server...
Apr 05 2025 03:13:01 chs1 maldet(40550): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 05 2025 03:13:01 chs1 maldet(40550): {update} latest version already installed.
Apr 05 2025 03:13:01 chs1 maldet(40659): {sigup} performing signature update check...
Apr 05 2025 03:13:01 chs1 maldet(40659): {sigup} local signature set is version 202504013916532
Apr 05 2025 03:13:02 chs1 maldet(40659): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 05 2025 03:13:02 chs1 maldet(40659): {sigup} new signature set 20250404517655 available
Apr 05 2025 03:13:02 chs1 maldet(40659): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 05 2025 03:13:03 chs1 maldet(40659): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 05 2025 03:13:04 chs1 maldet(40659): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 05 2025 03:13:04 chs1 maldet(40659): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 05 2025 03:13:04 chs1 maldet(40659): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 05 2025 03:13:04 chs1 maldet(40659): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 05 2025 03:13:04 chs1 maldet(40659): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 05 2025 03:13:04 chs1 maldet(40659): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 05 2025 03:13:04 chs1 maldet(40659): {sigup} verified md5sum of maldet-clean.tgz
Apr 05 2025 03:13:04 chs1 maldet(40659): {sigup} unpacked and installed maldet-clean.tgz
Apr 05 2025 03:13:05 chs1 maldet(40659): {sigup} signature set update completed
Apr 05 2025 03:13:05 chs1 maldet(40659): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 05 2025 03:13:05 chs1 maldet(40951): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 05 2025 03:13:05 chs1 maldet(40951): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 05 2025 03:13:05 chs1 maldet(40951): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 05 2025 03:13:05 chs1 maldet(40951): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 05 2025 03:13:05 chs1 maldet(40951): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 05 2025 03:13:53 chs1 maldet(923): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 05 2025 04:36:42 chs1 maldet(26077): {update} checking for available updates...
Apr 05 2025 04:37:05 chs1 maldet(26077): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 05 2025 04:37:05 chs1 maldet(26077): {update} hashing install files and checking against server...
Apr 05 2025 04:37:25 chs1 maldet(26077): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 05 2025 04:37:25 chs1 maldet(26077): {update} latest version already installed.
Apr 05 2025 04:37:25 chs1 maldet(26367): {sigup} performing signature update check...
Apr 05 2025 04:37:25 chs1 maldet(26367): {sigup} local signature set is version 20250404517655
Apr 05 2025 04:37:42 chs1 maldet(26367): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 05 2025 04:37:42 chs1 maldet(26367): {sigup} latest signature set already installed
Apr 05 2025 04:37:42 chs1 maldet(26497): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 05 2025 04:37:43 chs1 maldet(26497): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 05 2025 04:37:43 chs1 maldet(26497): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 05 2025 04:37:43 chs1 maldet(26497): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 05 2025 04:37:43 chs1 maldet(26497): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 05 2025 04:38:17 chs1 maldet(26497): {scan} file list completed in 33s, found 37 files...
Apr 05 2025 04:38:17 chs1 maldet(26497): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 05 2025 04:38:17 chs1 maldet(26497): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (37 files) in progress...
Apr 05 2025 04:38:26 chs1 maldet(26497): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 05 2025 04:38:27 chs1 maldet(26497): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 37, malware hits 1, cleaned hits 0, time 44s
Apr 05 2025 04:38:27 chs1 maldet(26497): {scan} scan report saved, to view run: maldet --report 250405-0437.26497
Apr 05 2025 04:38:27 chs1 maldet(26497): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250405-0437.26497
Apr 06 2025 00:54:51 chs1 maldet(923): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 06 2025 03:41:30 chs1 maldet(45749): {update} checking for available updates...
Apr 06 2025 03:41:31 chs1 maldet(45749): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 06 2025 03:41:31 chs1 maldet(45749): {update} hashing install files and checking against server...
Apr 06 2025 03:41:31 chs1 maldet(45749): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 06 2025 03:41:31 chs1 maldet(45749): {update} latest version already installed.
Apr 06 2025 03:41:31 chs1 maldet(45858): {sigup} performing signature update check...
Apr 06 2025 03:41:31 chs1 maldet(45858): {sigup} local signature set is version 20250404517655
Apr 06 2025 03:41:31 chs1 maldet(45858): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 06 2025 03:41:31 chs1 maldet(45858): {sigup} latest signature set already installed
Apr 06 2025 03:41:32 chs1 maldet(45946): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 06 2025 03:41:32 chs1 maldet(45946): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 06 2025 03:41:32 chs1 maldet(45946): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 06 2025 03:41:32 chs1 maldet(45946): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 06 2025 03:41:32 chs1 maldet(45946): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 06 2025 03:42:09 chs1 maldet(45946): {scan} file list completed in 37s, found 61 files...
Apr 06 2025 03:42:09 chs1 maldet(45946): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 06 2025 03:42:09 chs1 maldet(45946): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (61 files) in progress...
Apr 06 2025 03:42:19 chs1 maldet(45946): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 06 2025 03:42:19 chs1 maldet(45946): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 61, malware hits 1, cleaned hits 0, time 47s
Apr 06 2025 03:42:19 chs1 maldet(45946): {scan} scan report saved, to view run: maldet --report 250406-0341.45946
Apr 06 2025 03:42:19 chs1 maldet(45946): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250406-0341.45946
Apr 07 2025 00:55:08 chs1 maldet(941): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 07 2025 03:25:18 chs1 maldet(42526): {update} checking for available updates...
Apr 07 2025 03:25:18 chs1 maldet(42526): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 07 2025 03:25:18 chs1 maldet(42526): {update} hashing install files and checking against server...
Apr 07 2025 03:25:18 chs1 maldet(42526): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 07 2025 03:25:18 chs1 maldet(42526): {update} latest version already installed.
Apr 07 2025 03:25:19 chs1 maldet(42635): {sigup} performing signature update check...
Apr 07 2025 03:25:19 chs1 maldet(42635): {sigup} local signature set is version 20250404517655
Apr 07 2025 03:25:19 chs1 maldet(42635): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 07 2025 03:25:19 chs1 maldet(42635): {sigup} latest signature set already installed
Apr 07 2025 03:25:19 chs1 maldet(42723): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 07 2025 03:25:19 chs1 maldet(42723): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 07 2025 03:25:19 chs1 maldet(42723): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 07 2025 03:25:19 chs1 maldet(42723): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 07 2025 03:25:19 chs1 maldet(42723): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 07 2025 03:25:48 chs1 maldet(42723): {scan} file list completed in 29s, found 140 files...
Apr 07 2025 03:25:48 chs1 maldet(42723): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 07 2025 03:25:48 chs1 maldet(42723): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (140 files) in progress...
Apr 07 2025 03:25:58 chs1 maldet(42723): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 07 2025 03:25:58 chs1 maldet(42723): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 140, malware hits 1, cleaned hits 0, time 39s
Apr 07 2025 03:25:58 chs1 maldet(42723): {scan} scan report saved, to view run: maldet --report 250407-0325.42723
Apr 07 2025 03:25:58 chs1 maldet(42723): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250407-0325.42723
Apr 08 2025 00:56:05 chs1 maldet(978): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 08 2025 03:14:24 chs1 maldet(40861): {update} checking for available updates...
Apr 08 2025 03:14:25 chs1 maldet(40861): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 08 2025 03:14:25 chs1 maldet(40861): {update} hashing install files and checking against server...
Apr 08 2025 03:14:25 chs1 maldet(40861): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 08 2025 03:14:25 chs1 maldet(40861): {update} latest version already installed.
Apr 08 2025 03:14:25 chs1 maldet(40970): {sigup} performing signature update check...
Apr 08 2025 03:14:25 chs1 maldet(40970): {sigup} local signature set is version 20250404517655
Apr 08 2025 03:14:25 chs1 maldet(40970): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 08 2025 03:14:25 chs1 maldet(40970): {sigup} new signature set 202504071198007 available
Apr 08 2025 03:14:25 chs1 maldet(40970): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 08 2025 03:14:26 chs1 maldet(40970): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 08 2025 03:14:26 chs1 maldet(40970): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 08 2025 03:14:26 chs1 maldet(40970): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 08 2025 03:14:27 chs1 maldet(40970): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 08 2025 03:14:27 chs1 maldet(40970): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 08 2025 03:14:27 chs1 maldet(40970): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 08 2025 03:14:27 chs1 maldet(40970): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 08 2025 03:14:27 chs1 maldet(40970): {sigup} verified md5sum of maldet-clean.tgz
Apr 08 2025 03:14:27 chs1 maldet(40970): {sigup} unpacked and installed maldet-clean.tgz
Apr 08 2025 03:14:27 chs1 maldet(40970): {sigup} signature set update completed
Apr 08 2025 03:14:28 chs1 maldet(40970): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 08 2025 03:14:28 chs1 maldet(41172): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 08 2025 03:14:28 chs1 maldet(41172): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 08 2025 03:14:28 chs1 maldet(41172): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 08 2025 03:14:28 chs1 maldet(41172): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 08 2025 03:14:28 chs1 maldet(41172): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 08 2025 03:16:47 chs1 maldet(41172): {scan} file list completed in 139s, found 50 files...
Apr 08 2025 03:16:47 chs1 maldet(41172): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 08 2025 03:16:47 chs1 maldet(41172): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (50 files) in progress...
Apr 08 2025 03:16:57 chs1 maldet(41172): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 08 2025 03:16:57 chs1 maldet(41172): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 50, malware hits 1, cleaned hits 0, time 149s
Apr 08 2025 03:16:57 chs1 maldet(41172): {scan} scan report saved, to view run: maldet --report 250408-0314.41172
Apr 08 2025 03:16:57 chs1 maldet(41172): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250408-0314.41172
Apr 08 2025 03:27:35 chs1 maldet(961): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 09 2025 00:59:18 chs1 maldet(963): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 09 2025 03:42:56 chs1 maldet(44558): {update} checking for available updates...
Apr 09 2025 03:42:57 chs1 maldet(44558): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 09 2025 03:42:57 chs1 maldet(44558): {update} hashing install files and checking against server...
Apr 09 2025 03:42:57 chs1 maldet(44558): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 09 2025 03:42:57 chs1 maldet(44558): {update} latest version already installed.
Apr 09 2025 03:42:57 chs1 maldet(44668): {sigup} performing signature update check...
Apr 09 2025 03:42:57 chs1 maldet(44668): {sigup} local signature set is version 202504071198007
Apr 09 2025 03:42:58 chs1 maldet(44668): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 09 2025 03:42:58 chs1 maldet(44668): {sigup} latest signature set already installed
Apr 09 2025 03:42:58 chs1 maldet(44756): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 09 2025 03:42:58 chs1 maldet(44756): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 09 2025 03:42:58 chs1 maldet(44756): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 09 2025 03:42:58 chs1 maldet(44756): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 09 2025 03:42:58 chs1 maldet(44756): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 09 2025 03:43:26 chs1 maldet(44756): {scan} file list completed in 28s, found 820 files...
Apr 09 2025 03:43:26 chs1 maldet(44756): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 09 2025 03:43:26 chs1 maldet(44756): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (820 files) in progress...
Apr 09 2025 03:43:57 chs1 maldet(44756): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 09 2025 03:43:57 chs1 maldet(44756): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 820, malware hits 1, cleaned hits 0, time 59s
Apr 09 2025 03:43:57 chs1 maldet(44756): {scan} scan report saved, to view run: maldet --report 250409-0342.44756
Apr 09 2025 03:43:57 chs1 maldet(44756): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250409-0342.44756
Apr 09 2025 03:56:52 chs1 maldet(927): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 10 2025 00:56:43 chs1 maldet(907): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 10 2025 03:40:02 chs1 maldet(46585): {update} checking for available updates...
Apr 10 2025 03:40:03 chs1 maldet(46585): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 10 2025 03:40:03 chs1 maldet(46585): {update} hashing install files and checking against server...
Apr 10 2025 03:40:03 chs1 maldet(46585): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 10 2025 03:40:03 chs1 maldet(46585): {update} latest version already installed.
Apr 10 2025 03:40:03 chs1 maldet(46735): {sigup} performing signature update check...
Apr 10 2025 03:40:03 chs1 maldet(46735): {sigup} local signature set is version 202504071198007
Apr 10 2025 03:40:04 chs1 maldet(46735): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 10 2025 03:40:04 chs1 maldet(46735): {sigup} latest signature set already installed
Apr 10 2025 03:40:04 chs1 maldet(46831): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 10 2025 03:40:05 chs1 maldet(46831): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 10 2025 03:40:05 chs1 maldet(46831): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 10 2025 03:40:05 chs1 maldet(46831): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 10 2025 03:40:05 chs1 maldet(46831): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 10 2025 03:40:32 chs1 maldet(46831): {scan} file list completed in 27s, found 150 files...
Apr 10 2025 03:40:32 chs1 maldet(46831): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 10 2025 03:40:32 chs1 maldet(46831): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (150 files) in progress...
Apr 10 2025 03:40:43 chs1 maldet(46831): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 10 2025 03:40:43 chs1 maldet(46831): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 150, malware hits 1, cleaned hits 0, time 39s
Apr 10 2025 03:40:43 chs1 maldet(46831): {scan} scan report saved, to view run: maldet --report 250410-0340.46831
Apr 10 2025 03:40:43 chs1 maldet(46831): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250410-0340.46831
Apr 11 2025 00:53:47 chs1 maldet(904): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 11 2025 03:30:25 chs1 maldet(45024): {update} checking for available updates...
Apr 11 2025 03:30:25 chs1 maldet(45024): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 11 2025 03:30:25 chs1 maldet(45024): {update} hashing install files and checking against server...
Apr 11 2025 03:30:26 chs1 maldet(45024): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 11 2025 03:30:26 chs1 maldet(45024): {update} latest version already installed.
Apr 11 2025 03:30:26 chs1 maldet(45133): {sigup} performing signature update check...
Apr 11 2025 03:30:26 chs1 maldet(45133): {sigup} local signature set is version 202504071198007
Apr 11 2025 03:30:26 chs1 maldet(45133): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 11 2025 03:30:26 chs1 maldet(45133): {sigup} new signature set 202504101870578 available
Apr 11 2025 03:30:26 chs1 maldet(45133): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 11 2025 03:30:27 chs1 maldet(45133): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 11 2025 03:30:27 chs1 maldet(45133): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 11 2025 03:30:27 chs1 maldet(45133): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 11 2025 03:30:28 chs1 maldet(45133): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 11 2025 03:30:28 chs1 maldet(45133): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 11 2025 03:30:28 chs1 maldet(45133): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 11 2025 03:30:28 chs1 maldet(45133): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 11 2025 03:30:28 chs1 maldet(45133): {sigup} verified md5sum of maldet-clean.tgz
Apr 11 2025 03:30:28 chs1 maldet(45133): {sigup} unpacked and installed maldet-clean.tgz
Apr 11 2025 03:30:28 chs1 maldet(45133): {sigup} signature set update completed
Apr 11 2025 03:30:29 chs1 maldet(45133): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 11 2025 03:30:29 chs1 maldet(45338): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 11 2025 03:30:29 chs1 maldet(45338): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 11 2025 03:30:29 chs1 maldet(45338): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 11 2025 03:30:29 chs1 maldet(45338): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 11 2025 03:30:29 chs1 maldet(45338): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 11 2025 03:32:19 chs1 maldet(45338): {scan} file list completed in 110s, found 81 files...
Apr 11 2025 03:32:19 chs1 maldet(45338): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 11 2025 03:32:19 chs1 maldet(45338): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (81 files) in progress...
Apr 11 2025 03:32:41 chs1 maldet(45338): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 11 2025 03:32:41 chs1 maldet(45338): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 81, malware hits 1, cleaned hits 0, time 132s
Apr 11 2025 03:32:41 chs1 maldet(45338): {scan} scan report saved, to view run: maldet --report 250411-0330.45338
Apr 11 2025 03:32:41 chs1 maldet(45338): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250411-0330.45338
Apr 12 2025 00:52:51 chs1 maldet(899): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 12 2025 03:49:57 chs1 maldet(49952): {update} checking for available updates...
Apr 12 2025 03:49:58 chs1 maldet(49952): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 12 2025 03:49:58 chs1 maldet(49952): {update} hashing install files and checking against server...
Apr 12 2025 03:49:58 chs1 maldet(49952): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 12 2025 03:49:58 chs1 maldet(49952): {update} latest version already installed.
Apr 12 2025 03:49:58 chs1 maldet(50061): {sigup} performing signature update check...
Apr 12 2025 03:49:58 chs1 maldet(50061): {sigup} local signature set is version 202504101870578
Apr 12 2025 03:49:58 chs1 maldet(50061): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 12 2025 03:49:58 chs1 maldet(50061): {sigup} latest signature set already installed
Apr 12 2025 03:49:59 chs1 maldet(50151): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 12 2025 03:49:59 chs1 maldet(50151): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 12 2025 03:49:59 chs1 maldet(50151): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 12 2025 03:49:59 chs1 maldet(50151): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 12 2025 03:49:59 chs1 maldet(50151): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 12 2025 03:50:26 chs1 maldet(50151): {scan} file list completed in 27s, found 148 files...
Apr 12 2025 03:50:26 chs1 maldet(50151): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 12 2025 03:50:26 chs1 maldet(50151): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (148 files) in progress...
Apr 12 2025 03:50:36 chs1 maldet(50151): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 12 2025 03:50:36 chs1 maldet(50151): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 148, malware hits 1, cleaned hits 0, time 37s
Apr 12 2025 03:50:36 chs1 maldet(50151): {scan} scan report saved, to view run: maldet --report 250412-0349.50151
Apr 12 2025 03:50:36 chs1 maldet(50151): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250412-0349.50151
Apr 12 2025 04:07:44 chs1 maldet(940): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 13 2025 00:56:22 chs1 maldet(906): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 13 2025 03:21:36 chs1 maldet(42503): {update} checking for available updates...
Apr 13 2025 03:21:36 chs1 maldet(42503): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 13 2025 03:21:36 chs1 maldet(42503): {update} hashing install files and checking against server...
Apr 13 2025 03:21:37 chs1 maldet(42503): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 13 2025 03:21:37 chs1 maldet(42503): {update} latest version already installed.
Apr 13 2025 03:21:37 chs1 maldet(42612): {sigup} performing signature update check...
Apr 13 2025 03:21:37 chs1 maldet(42612): {sigup} local signature set is version 202504101870578
Apr 13 2025 03:21:37 chs1 maldet(42612): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 13 2025 03:21:37 chs1 maldet(42612): {sigup} latest signature set already installed
Apr 13 2025 03:21:37 chs1 maldet(42700): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 13 2025 03:21:38 chs1 maldet(42700): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 13 2025 03:21:38 chs1 maldet(42700): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 13 2025 03:21:38 chs1 maldet(42700): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 13 2025 03:21:38 chs1 maldet(42700): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 13 2025 03:22:10 chs1 maldet(42700): {scan} file list completed in 32s, found 92 files...
Apr 13 2025 03:22:10 chs1 maldet(42700): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 13 2025 03:22:10 chs1 maldet(42700): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (92 files) in progress...
Apr 13 2025 03:22:20 chs1 maldet(42700): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 13 2025 03:22:20 chs1 maldet(42700): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 92, malware hits 1, cleaned hits 0, time 43s
Apr 13 2025 03:22:20 chs1 maldet(42700): {scan} scan report saved, to view run: maldet --report 250413-0321.42700
Apr 13 2025 03:22:20 chs1 maldet(42700): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250413-0321.42700
Apr 13 2025 03:34:47 chs1 maldet(894): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 14 2025 03:41:51 chs1 maldet(86188): {update} checking for available updates...
Apr 14 2025 03:41:52 chs1 maldet(86188): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 14 2025 03:41:52 chs1 maldet(86188): {update} hashing install files and checking against server...
Apr 14 2025 03:41:52 chs1 maldet(86188): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 14 2025 03:41:52 chs1 maldet(86188): {update} latest version already installed.
Apr 14 2025 03:41:52 chs1 maldet(86299): {sigup} performing signature update check...
Apr 14 2025 03:41:52 chs1 maldet(86299): {sigup} local signature set is version 202504101870578
Apr 14 2025 03:41:53 chs1 maldet(86299): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 14 2025 03:41:53 chs1 maldet(86299): {sigup} new signature set 202504132544993 available
Apr 14 2025 03:41:53 chs1 maldet(86299): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 14 2025 03:41:53 chs1 maldet(86299): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 14 2025 03:41:54 chs1 maldet(86299): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 14 2025 03:41:54 chs1 maldet(86299): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 14 2025 03:41:54 chs1 maldet(86299): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 14 2025 03:41:54 chs1 maldet(86299): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 14 2025 03:41:54 chs1 maldet(86299): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 14 2025 03:41:55 chs1 maldet(86299): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 14 2025 03:41:55 chs1 maldet(86299): {sigup} verified md5sum of maldet-clean.tgz
Apr 14 2025 03:41:55 chs1 maldet(86299): {sigup} unpacked and installed maldet-clean.tgz
Apr 14 2025 03:41:55 chs1 maldet(86299): {sigup} signature set update completed
Apr 14 2025 03:41:55 chs1 maldet(86299): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 14 2025 03:41:55 chs1 maldet(86505): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 14 2025 03:41:56 chs1 maldet(86505): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 14 2025 03:41:56 chs1 maldet(86505): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 14 2025 03:41:56 chs1 maldet(86505): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 14 2025 03:41:56 chs1 maldet(86505): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 14 2025 03:43:46 chs1 maldet(893): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 14 2025 04:47:57 chs1 maldet(20913): {update} checking for available updates...
Apr 14 2025 04:47:58 chs1 maldet(20913): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 14 2025 04:47:58 chs1 maldet(20913): {update} hashing install files and checking against server...
Apr 14 2025 04:47:58 chs1 maldet(20913): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 14 2025 04:47:58 chs1 maldet(20913): {update} latest version already installed.
Apr 14 2025 04:47:58 chs1 maldet(21022): {sigup} performing signature update check...
Apr 14 2025 04:47:58 chs1 maldet(21022): {sigup} local signature set is version 202504132544993
Apr 14 2025 04:47:59 chs1 maldet(21022): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 14 2025 04:47:59 chs1 maldet(21022): {sigup} latest signature set already installed
Apr 14 2025 04:47:59 chs1 maldet(21112): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 14 2025 04:48:01 chs1 maldet(21112): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 14 2025 04:48:01 chs1 maldet(21112): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 14 2025 04:48:01 chs1 maldet(21112): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 14 2025 04:48:01 chs1 maldet(21112): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 14 2025 04:48:37 chs1 maldet(21112): {scan} file list completed in 36s, found 108 files...
Apr 14 2025 04:48:37 chs1 maldet(21112): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 14 2025 04:48:37 chs1 maldet(21112): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (108 files) in progress...
Apr 14 2025 04:48:48 chs1 maldet(21112): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 14 2025 04:48:48 chs1 maldet(21112): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 108, malware hits 1, cleaned hits 0, time 49s
Apr 14 2025 04:48:48 chs1 maldet(21112): {scan} scan report saved, to view run: maldet --report 250414-0447.21112
Apr 14 2025 04:48:48 chs1 maldet(21112): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250414-0447.21112
Apr 15 2025 00:56:52 chs1 maldet(897): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 15 2025 03:30:29 chs1 maldet(42491): {update} checking for available updates...
Apr 15 2025 03:30:29 chs1 maldet(42491): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 15 2025 03:30:29 chs1 maldet(42491): {update} hashing install files and checking against server...
Apr 15 2025 03:30:30 chs1 maldet(42491): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 15 2025 03:30:30 chs1 maldet(42491): {update} latest version already installed.
Apr 15 2025 03:30:30 chs1 maldet(42605): {sigup} performing signature update check...
Apr 15 2025 03:30:30 chs1 maldet(42605): {sigup} local signature set is version 202504132544993
Apr 15 2025 03:30:30 chs1 maldet(42605): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 15 2025 03:30:30 chs1 maldet(42605): {sigup} latest signature set already installed
Apr 15 2025 03:30:30 chs1 maldet(42693): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 15 2025 03:30:31 chs1 maldet(42693): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 15 2025 03:30:31 chs1 maldet(42693): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 15 2025 03:30:31 chs1 maldet(42693): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 15 2025 03:30:31 chs1 maldet(42693): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 15 2025 03:30:57 chs1 maldet(42693): {scan} file list completed in 25s, found 94 files...
Apr 15 2025 03:30:57 chs1 maldet(42693): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 15 2025 03:30:57 chs1 maldet(42693): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (94 files) in progress...
Apr 15 2025 03:31:07 chs1 maldet(42693): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 15 2025 03:31:08 chs1 maldet(42693): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 94, malware hits 1, cleaned hits 0, time 37s
Apr 15 2025 03:31:08 chs1 maldet(42693): {scan} scan report saved, to view run: maldet --report 250415-0330.42693
Apr 15 2025 03:31:08 chs1 maldet(42693): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250415-0330.42693
Apr 15 2025 03:43:07 chs1 maldet(912): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 16 2025 01:09:40 chs1 maldet(890): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 16 2025 03:45:52 chs1 maldet(43633): {update} checking for available updates...
Apr 16 2025 03:45:53 chs1 maldet(43633): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 16 2025 03:45:53 chs1 maldet(43633): {update} hashing install files and checking against server...
Apr 16 2025 03:45:53 chs1 maldet(43633): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 16 2025 03:45:53 chs1 maldet(43633): {update} latest version already installed.
Apr 16 2025 03:45:53 chs1 maldet(43743): {sigup} performing signature update check...
Apr 16 2025 03:45:53 chs1 maldet(43743): {sigup} local signature set is version 202504132544993
Apr 16 2025 03:45:54 chs1 maldet(43743): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 16 2025 03:45:54 chs1 maldet(43743): {sigup} latest signature set already installed
Apr 16 2025 03:45:54 chs1 maldet(43831): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 16 2025 03:45:54 chs1 maldet(43831): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 16 2025 03:45:54 chs1 maldet(43831): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 16 2025 03:45:54 chs1 maldet(43831): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 16 2025 03:45:54 chs1 maldet(43831): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 16 2025 03:46:24 chs1 maldet(43831): {scan} file list completed in 30s, found 1754 files...
Apr 16 2025 03:46:24 chs1 maldet(43831): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 16 2025 03:46:24 chs1 maldet(43831): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (1754 files) in progress...
Apr 16 2025 03:47:01 chs1 maldet(43831): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 16 2025 03:47:01 chs1 maldet(43831): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 1754, malware hits 1, cleaned hits 0, time 67s
Apr 16 2025 03:47:01 chs1 maldet(43831): {scan} scan report saved, to view run: maldet --report 250416-0345.43831
Apr 16 2025 03:47:01 chs1 maldet(43831): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250416-0345.43831
Apr 17 2025 00:58:16 chs1 maldet(895): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 17 2025 03:17:04 chs1 maldet(39441): {update} checking for available updates...
Apr 17 2025 03:17:04 chs1 maldet(39441): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 17 2025 03:17:04 chs1 maldet(39441): {update} hashing install files and checking against server...
Apr 17 2025 03:17:05 chs1 maldet(39441): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 17 2025 03:17:05 chs1 maldet(39441): {update} latest version already installed.
Apr 17 2025 03:17:05 chs1 maldet(39551): {sigup} performing signature update check...
Apr 17 2025 03:17:05 chs1 maldet(39551): {sigup} local signature set is version 202504132544993
Apr 17 2025 03:17:05 chs1 maldet(39551): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 17 2025 03:17:05 chs1 maldet(39551): {sigup} new signature set 202504163218957 available
Apr 17 2025 03:17:05 chs1 maldet(39551): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 17 2025 03:17:06 chs1 maldet(39551): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 17 2025 03:17:06 chs1 maldet(39551): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 17 2025 03:17:06 chs1 maldet(39551): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 17 2025 03:17:06 chs1 maldet(39551): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 17 2025 03:17:07 chs1 maldet(39551): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 17 2025 03:17:07 chs1 maldet(39551): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 17 2025 03:17:07 chs1 maldet(39551): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 17 2025 03:17:07 chs1 maldet(39551): {sigup} verified md5sum of maldet-clean.tgz
Apr 17 2025 03:17:07 chs1 maldet(39551): {sigup} unpacked and installed maldet-clean.tgz
Apr 17 2025 03:17:07 chs1 maldet(39551): {sigup} signature set update completed
Apr 17 2025 03:17:07 chs1 maldet(39551): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 17 2025 03:17:07 chs1 maldet(39753): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 17 2025 03:17:08 chs1 maldet(39753): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 17 2025 03:17:08 chs1 maldet(39753): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 17 2025 03:17:08 chs1 maldet(39753): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 17 2025 03:17:08 chs1 maldet(39753): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 17 2025 03:19:24 chs1 maldet(39753): {scan} file list completed in 136s, found 2958 files...
Apr 17 2025 03:19:24 chs1 maldet(39753): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 17 2025 03:19:24 chs1 maldet(39753): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (2958 files) in progress...
Apr 17 2025 03:21:07 chs1 maldet(39753): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 17 2025 03:21:07 chs1 maldet(39753): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 2958, malware hits 1, cleaned hits 0, time 240s
Apr 17 2025 03:21:07 chs1 maldet(39753): {scan} scan report saved, to view run: maldet --report 250417-0317.39753
Apr 17 2025 03:21:07 chs1 maldet(39753): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250417-0317.39753
Apr 18 2025 00:56:48 chs1 maldet(883): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 18 2025 03:39:22 chs1 maldet(46413): {update} checking for available updates...
Apr 18 2025 03:39:23 chs1 maldet(46413): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 18 2025 03:39:23 chs1 maldet(46413): {update} hashing install files and checking against server...
Apr 18 2025 03:39:23 chs1 maldet(46413): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 18 2025 03:39:23 chs1 maldet(46413): {update} latest version already installed.
Apr 18 2025 03:39:23 chs1 maldet(46523): {sigup} performing signature update check...
Apr 18 2025 03:39:23 chs1 maldet(46523): {sigup} local signature set is version 202504163218957
Apr 18 2025 03:39:24 chs1 maldet(46523): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 18 2025 03:39:24 chs1 maldet(46523): {sigup} latest signature set already installed
Apr 18 2025 03:39:24 chs1 maldet(46611): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 18 2025 03:39:24 chs1 maldet(46611): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 18 2025 03:39:24 chs1 maldet(46611): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 18 2025 03:39:24 chs1 maldet(46611): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 18 2025 03:39:24 chs1 maldet(46611): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 18 2025 03:39:51 chs1 maldet(46611): {scan} file list completed in 27s, found 71 files...
Apr 18 2025 03:39:51 chs1 maldet(46611): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 18 2025 03:39:51 chs1 maldet(46611): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (71 files) in progress...
Apr 18 2025 03:40:00 chs1 maldet(46611): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 18 2025 03:40:00 chs1 maldet(46611): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 71, malware hits 1, cleaned hits 0, time 36s
Apr 18 2025 03:40:00 chs1 maldet(46611): {scan} scan report saved, to view run: maldet --report 250418-0339.46611
Apr 18 2025 03:40:00 chs1 maldet(46611): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250418-0339.46611
Apr 19 2025 00:53:14 chs1 maldet(898): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 19 2025 03:20:36 chs1 maldet(45140): {update} checking for available updates...
Apr 19 2025 03:20:37 chs1 maldet(45140): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 19 2025 03:20:37 chs1 maldet(45140): {update} hashing install files and checking against server...
Apr 19 2025 03:20:37 chs1 maldet(45140): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 19 2025 03:20:37 chs1 maldet(45140): {update} latest version already installed.
Apr 19 2025 03:20:37 chs1 maldet(45251): {sigup} performing signature update check...
Apr 19 2025 03:20:37 chs1 maldet(45251): {sigup} local signature set is version 202504163218957
Apr 19 2025 03:20:38 chs1 maldet(45251): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 19 2025 03:20:38 chs1 maldet(45251): {sigup} latest signature set already installed
Apr 19 2025 03:20:38 chs1 maldet(45341): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 19 2025 03:20:38 chs1 maldet(45341): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 19 2025 03:20:38 chs1 maldet(45341): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 19 2025 03:20:38 chs1 maldet(45341): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 19 2025 03:20:38 chs1 maldet(45341): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 19 2025 03:21:10 chs1 maldet(45341): {scan} file list completed in 32s, found 48 files...
Apr 19 2025 03:21:10 chs1 maldet(45341): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 19 2025 03:21:10 chs1 maldet(45341): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (48 files) in progress...
Apr 19 2025 03:21:21 chs1 maldet(45341): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 19 2025 03:21:21 chs1 maldet(45341): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 48, malware hits 1, cleaned hits 0, time 43s
Apr 19 2025 03:21:21 chs1 maldet(45341): {scan} scan report saved, to view run: maldet --report 250419-0320.45341
Apr 19 2025 03:21:21 chs1 maldet(45341): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250419-0320.45341
Apr 19 2025 03:23:28 chs1 maldet(953): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 20 2025 00:53:53 chs1 maldet(920): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 20 2025 03:59:51 chs1 maldet(51156): {update} checking for available updates...
Apr 20 2025 03:59:51 chs1 maldet(51156): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 20 2025 03:59:51 chs1 maldet(51156): {update} hashing install files and checking against server...
Apr 20 2025 03:59:52 chs1 maldet(51156): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 20 2025 03:59:52 chs1 maldet(51156): {update} latest version already installed.
Apr 20 2025 03:59:52 chs1 maldet(51266): {sigup} performing signature update check...
Apr 20 2025 03:59:52 chs1 maldet(51266): {sigup} local signature set is version 202504163218957
Apr 20 2025 03:59:52 chs1 maldet(51266): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 20 2025 03:59:52 chs1 maldet(51266): {sigup} new signature set 20250419480331 available
Apr 20 2025 03:59:52 chs1 maldet(51266): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 20 2025 03:59:53 chs1 maldet(51266): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 20 2025 03:59:53 chs1 maldet(51266): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 20 2025 03:59:53 chs1 maldet(51266): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 20 2025 03:59:54 chs1 maldet(51266): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 20 2025 03:59:54 chs1 maldet(51266): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 20 2025 03:59:54 chs1 maldet(51266): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 20 2025 03:59:54 chs1 maldet(51266): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 20 2025 03:59:54 chs1 maldet(51266): {sigup} verified md5sum of maldet-clean.tgz
Apr 20 2025 03:59:54 chs1 maldet(51266): {sigup} unpacked and installed maldet-clean.tgz
Apr 20 2025 03:59:54 chs1 maldet(51266): {sigup} signature set update completed
Apr 20 2025 03:59:54 chs1 maldet(51266): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 20 2025 03:59:55 chs1 maldet(51471): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 20 2025 03:59:55 chs1 maldet(51471): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 20 2025 03:59:55 chs1 maldet(51471): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 20 2025 03:59:55 chs1 maldet(51471): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 20 2025 03:59:55 chs1 maldet(51471): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 20 2025 04:02:51 chs1 maldet(898): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 20 2025 05:23:05 chs1 maldet(24552): {update} checking for available updates...
Apr 20 2025 05:23:06 chs1 maldet(24552): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 20 2025 05:23:06 chs1 maldet(24552): {update} hashing install files and checking against server...
Apr 20 2025 05:23:06 chs1 maldet(24552): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 20 2025 05:23:06 chs1 maldet(24552): {update} latest version already installed.
Apr 20 2025 05:23:07 chs1 maldet(24662): {sigup} performing signature update check...
Apr 20 2025 05:23:07 chs1 maldet(24662): {sigup} local signature set is version 20250419480331
Apr 20 2025 05:23:07 chs1 maldet(24662): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 20 2025 05:23:07 chs1 maldet(24662): {sigup} latest signature set already installed
Apr 20 2025 05:23:07 chs1 maldet(24750): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 20 2025 05:23:08 chs1 maldet(24750): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 20 2025 05:23:08 chs1 maldet(24750): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 20 2025 05:23:08 chs1 maldet(24750): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 20 2025 05:23:08 chs1 maldet(24750): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 20 2025 05:23:40 chs1 maldet(24750): {scan} file list completed in 31s, found 40 files...
Apr 20 2025 05:23:40 chs1 maldet(24750): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 20 2025 05:23:40 chs1 maldet(24750): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (40 files) in progress...
Apr 20 2025 05:23:50 chs1 maldet(24750): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 20 2025 05:23:50 chs1 maldet(24750): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 40, malware hits 1, cleaned hits 0, time 43s
Apr 20 2025 05:23:50 chs1 maldet(24750): {scan} scan report saved, to view run: maldet --report 250420-0523.24750
Apr 20 2025 05:23:50 chs1 maldet(24750): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250420-0523.24750
Apr 21 2025 00:53:47 chs1 maldet(892): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 21 2025 03:36:23 chs1 maldet(45176): {update} checking for available updates...
Apr 21 2025 03:36:24 chs1 maldet(45176): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 21 2025 03:36:24 chs1 maldet(45176): {update} hashing install files and checking against server...
Apr 21 2025 03:36:24 chs1 maldet(45176): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 21 2025 03:36:24 chs1 maldet(45176): {update} latest version already installed.
Apr 21 2025 03:36:24 chs1 maldet(45287): {sigup} performing signature update check...
Apr 21 2025 03:36:24 chs1 maldet(45287): {sigup} local signature set is version 20250419480331
Apr 21 2025 03:36:25 chs1 maldet(45287): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 21 2025 03:36:25 chs1 maldet(45287): {sigup} latest signature set already installed
Apr 21 2025 03:36:25 chs1 maldet(45376): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 21 2025 03:36:25 chs1 maldet(45376): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 21 2025 03:36:25 chs1 maldet(45376): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 21 2025 03:36:25 chs1 maldet(45376): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 21 2025 03:36:25 chs1 maldet(45376): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 21 2025 03:36:50 chs1 maldet(45376): {scan} file list completed in 25s, found 23 files...
Apr 21 2025 03:36:50 chs1 maldet(45376): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 21 2025 03:36:50 chs1 maldet(45376): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (23 files) in progress...
Apr 21 2025 03:36:59 chs1 maldet(45376): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 21 2025 03:36:59 chs1 maldet(45376): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 23, malware hits 1, cleaned hits 0, time 34s
Apr 21 2025 03:36:59 chs1 maldet(45376): {scan} scan report saved, to view run: maldet --report 250421-0336.45376
Apr 21 2025 03:36:59 chs1 maldet(45376): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250421-0336.45376
Apr 22 2025 00:53:50 chs1 maldet(902): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 22 2025 03:34:11 chs1 maldet(49196): {update} checking for available updates...
Apr 22 2025 03:34:11 chs1 maldet(49196): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 22 2025 03:34:11 chs1 maldet(49196): {update} hashing install files and checking against server...
Apr 22 2025 03:34:12 chs1 maldet(49196): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 22 2025 03:34:12 chs1 maldet(49196): {update} latest version already installed.
Apr 22 2025 03:34:12 chs1 maldet(49305): {sigup} performing signature update check...
Apr 22 2025 03:34:12 chs1 maldet(49305): {sigup} local signature set is version 20250419480331
Apr 22 2025 03:34:12 chs1 maldet(49305): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 22 2025 03:34:12 chs1 maldet(49305): {sigup} latest signature set already installed
Apr 22 2025 03:34:12 chs1 maldet(49393): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 22 2025 03:34:13 chs1 maldet(49393): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 22 2025 03:34:13 chs1 maldet(49393): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 22 2025 03:34:13 chs1 maldet(49393): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 22 2025 03:34:13 chs1 maldet(49393): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 22 2025 03:34:38 chs1 maldet(49393): {scan} file list completed in 24s, found 58 files...
Apr 22 2025 03:34:38 chs1 maldet(49393): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 22 2025 03:34:38 chs1 maldet(49393): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (58 files) in progress...
Apr 22 2025 03:34:48 chs1 maldet(49393): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 22 2025 03:34:48 chs1 maldet(49393): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 58, malware hits 1, cleaned hits 0, time 36s
Apr 22 2025 03:34:48 chs1 maldet(49393): {scan} scan report saved, to view run: maldet --report 250422-0334.49393
Apr 22 2025 03:34:48 chs1 maldet(49393): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250422-0334.49393
Apr 22 2025 10:17:17 chs1 maldet(963): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 23 2025 01:00:40 chs1 maldet(905): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 23 2025 03:51:47 chs1 maldet(46607): {update} checking for available updates...
Apr 23 2025 03:51:47 chs1 maldet(46607): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 23 2025 03:51:47 chs1 maldet(46607): {update} hashing install files and checking against server...
Apr 23 2025 03:51:48 chs1 maldet(46607): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 23 2025 03:51:48 chs1 maldet(46607): {update} latest version already installed.
Apr 23 2025 03:51:48 chs1 maldet(46716): {sigup} performing signature update check...
Apr 23 2025 03:51:48 chs1 maldet(46716): {sigup} local signature set is version 20250419480331
Apr 23 2025 03:51:48 chs1 maldet(46716): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 23 2025 03:51:48 chs1 maldet(46716): {sigup} new signature set 202504221155028 available
Apr 23 2025 03:51:48 chs1 maldet(46716): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 23 2025 03:51:49 chs1 maldet(46716): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 23 2025 03:51:49 chs1 maldet(46716): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 23 2025 03:51:49 chs1 maldet(46716): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 23 2025 03:51:50 chs1 maldet(46716): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 23 2025 03:51:50 chs1 maldet(46716): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 23 2025 03:51:50 chs1 maldet(46716): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 23 2025 03:51:50 chs1 maldet(46716): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 23 2025 03:51:50 chs1 maldet(46716): {sigup} verified md5sum of maldet-clean.tgz
Apr 23 2025 03:51:50 chs1 maldet(46716): {sigup} unpacked and installed maldet-clean.tgz
Apr 23 2025 03:51:50 chs1 maldet(46716): {sigup} signature set update completed
Apr 23 2025 03:51:50 chs1 maldet(46716): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 23 2025 03:51:50 chs1 maldet(46920): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 23 2025 03:51:52 chs1 maldet(46920): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 23 2025 03:51:52 chs1 maldet(46920): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 23 2025 03:51:52 chs1 maldet(46920): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 23 2025 03:51:52 chs1 maldet(46920): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 23 2025 03:54:05 chs1 maldet(46920): {scan} file list completed in 132s, found 49 files...
Apr 23 2025 03:54:05 chs1 maldet(46920): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 23 2025 03:54:05 chs1 maldet(46920): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (49 files) in progress...
Apr 23 2025 03:54:15 chs1 maldet(46920): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 23 2025 03:54:15 chs1 maldet(46920): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 49, malware hits 1, cleaned hits 0, time 145s
Apr 23 2025 03:54:15 chs1 maldet(46920): {scan} scan report saved, to view run: maldet --report 250423-0351.46920
Apr 23 2025 03:54:15 chs1 maldet(46920): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250423-0351.46920
Apr 23 2025 17:32:50 chs1 maldet(879): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 24 2025 00:55:01 chs1 maldet(950): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 24 2025 03:15:16 chs1 maldet(42200): {update} checking for available updates...
Apr 24 2025 03:15:17 chs1 maldet(42200): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 24 2025 03:15:17 chs1 maldet(42200): {update} hashing install files and checking against server...
Apr 24 2025 03:15:17 chs1 maldet(42200): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 24 2025 03:15:17 chs1 maldet(42200): {update} latest version already installed.
Apr 24 2025 03:15:17 chs1 maldet(42310): {sigup} performing signature update check...
Apr 24 2025 03:15:17 chs1 maldet(42310): {sigup} local signature set is version 202504221155028
Apr 24 2025 03:15:18 chs1 maldet(42310): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 24 2025 03:15:18 chs1 maldet(42310): {sigup} latest signature set already installed
Apr 24 2025 03:15:18 chs1 maldet(42398): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 24 2025 03:15:18 chs1 maldet(42398): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 24 2025 03:15:18 chs1 maldet(42398): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 24 2025 03:15:18 chs1 maldet(42398): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 24 2025 03:15:18 chs1 maldet(42398): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 24 2025 03:15:43 chs1 maldet(42398): {scan} file list completed in 25s, found 63 files...
Apr 24 2025 03:15:43 chs1 maldet(42398): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 24 2025 03:15:43 chs1 maldet(42398): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (63 files) in progress...
Apr 24 2025 03:15:53 chs1 maldet(42398): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 24 2025 03:15:53 chs1 maldet(42398): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 63, malware hits 1, cleaned hits 0, time 35s
Apr 24 2025 03:15:53 chs1 maldet(42398): {scan} scan report saved, to view run: maldet --report 250424-0315.42398
Apr 24 2025 03:15:53 chs1 maldet(42398): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250424-0315.42398
Apr 25 2025 00:58:02 chs1 maldet(905): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 25 2025 03:26:43 chs1 maldet(46100): {update} checking for available updates...
Apr 25 2025 03:26:44 chs1 maldet(46100): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 25 2025 03:26:44 chs1 maldet(46100): {update} hashing install files and checking against server...
Apr 25 2025 03:26:44 chs1 maldet(46100): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 25 2025 03:26:44 chs1 maldet(46100): {update} latest version already installed.
Apr 25 2025 03:26:44 chs1 maldet(46211): {sigup} performing signature update check...
Apr 25 2025 03:26:44 chs1 maldet(46211): {sigup} local signature set is version 202504221155028
Apr 25 2025 03:26:45 chs1 maldet(46211): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 25 2025 03:26:45 chs1 maldet(46211): {sigup} latest signature set already installed
Apr 25 2025 03:26:45 chs1 maldet(46299): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 25 2025 03:26:45 chs1 maldet(46299): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 25 2025 03:26:45 chs1 maldet(46299): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 25 2025 03:26:45 chs1 maldet(46299): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 25 2025 03:26:45 chs1 maldet(46299): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 25 2025 03:27:15 chs1 maldet(46299): {scan} file list completed in 30s, found 84 files...
Apr 25 2025 03:27:15 chs1 maldet(46299): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 25 2025 03:27:15 chs1 maldet(46299): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (84 files) in progress...
Apr 25 2025 03:27:25 chs1 maldet(46299): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 25 2025 03:27:25 chs1 maldet(46299): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 84, malware hits 1, cleaned hits 0, time 40s
Apr 25 2025 03:27:25 chs1 maldet(46299): {scan} scan report saved, to view run: maldet --report 250425-0326.46299
Apr 25 2025 03:27:25 chs1 maldet(46299): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250425-0326.46299
Apr 25 2025 03:38:00 chs1 maldet(892): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 25 2025 10:01:15 chs1 maldet(945): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 25 2025 12:54:35 chs1 maldet(905): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 26 2025 00:58:18 chs1 maldet(915): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 26 2025 02:25:02 chs1 maldet(887): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 26 2025 03:17:11 chs1 maldet(20636): {update} checking for available updates...
Apr 26 2025 03:17:11 chs1 maldet(20636): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 26 2025 03:17:11 chs1 maldet(20636): {update} hashing install files and checking against server...
Apr 26 2025 03:17:12 chs1 maldet(20636): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 26 2025 03:17:12 chs1 maldet(20636): {update} latest version already installed.
Apr 26 2025 03:17:12 chs1 maldet(20747): {sigup} performing signature update check...
Apr 26 2025 03:17:12 chs1 maldet(20747): {sigup} local signature set is version 202504221155028
Apr 26 2025 03:17:12 chs1 maldet(20747): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 26 2025 03:17:12 chs1 maldet(20747): {sigup} new signature set 202504251845085 available
Apr 26 2025 03:17:12 chs1 maldet(20747): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 26 2025 03:17:13 chs1 maldet(20747): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 26 2025 03:17:14 chs1 maldet(20747): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 26 2025 03:17:14 chs1 maldet(20747): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 26 2025 03:17:14 chs1 maldet(20747): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 26 2025 03:17:15 chs1 maldet(20747): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 26 2025 03:17:15 chs1 maldet(20747): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 26 2025 03:17:15 chs1 maldet(20747): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 26 2025 03:17:15 chs1 maldet(20747): {sigup} verified md5sum of maldet-clean.tgz
Apr 26 2025 03:17:15 chs1 maldet(20747): {sigup} unpacked and installed maldet-clean.tgz
Apr 26 2025 03:17:15 chs1 maldet(20747): {sigup} signature set update completed
Apr 26 2025 03:17:15 chs1 maldet(20747): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 26 2025 03:17:15 chs1 maldet(20971): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 26 2025 03:17:16 chs1 maldet(20971): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 26 2025 03:17:16 chs1 maldet(20971): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 26 2025 03:17:16 chs1 maldet(20971): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 26 2025 03:17:16 chs1 maldet(20971): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 26 2025 03:19:35 chs1 maldet(895): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 26 2025 04:46:55 chs1 maldet(29349): {update} checking for available updates...
Apr 26 2025 04:46:55 chs1 maldet(29349): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 26 2025 04:46:55 chs1 maldet(29349): {update} hashing install files and checking against server...
Apr 26 2025 04:46:56 chs1 maldet(29349): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 26 2025 04:46:56 chs1 maldet(29349): {update} latest version already installed.
Apr 26 2025 04:46:56 chs1 maldet(29461): {sigup} performing signature update check...
Apr 26 2025 04:46:56 chs1 maldet(29461): {sigup} local signature set is version 202504251845085
Apr 26 2025 04:46:56 chs1 maldet(29461): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 26 2025 04:46:56 chs1 maldet(29461): {sigup} latest signature set already installed
Apr 26 2025 04:46:56 chs1 maldet(29549): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 26 2025 04:46:57 chs1 maldet(29549): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 26 2025 04:46:57 chs1 maldet(29549): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 26 2025 04:46:57 chs1 maldet(29549): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 26 2025 04:46:57 chs1 maldet(29549): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 26 2025 04:47:29 chs1 maldet(29549): {scan} file list completed in 32s, found 2124 files...
Apr 26 2025 04:47:29 chs1 maldet(29549): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 26 2025 04:47:29 chs1 maldet(29549): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (2124 files) in progress...
Apr 26 2025 04:48:48 chs1 maldet(29549): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 26 2025 04:48:48 chs1 maldet(29549): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 2124, malware hits 1, cleaned hits 0, time 112s
Apr 26 2025 04:48:48 chs1 maldet(29549): {scan} scan report saved, to view run: maldet --report 250426-0446.29549
Apr 26 2025 04:48:48 chs1 maldet(29549): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250426-0446.29549
Apr 27 2025 00:49:42 chs1 maldet(878): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 27 2025 01:54:38 chs1 maldet(914): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 27 2025 03:26:28 chs1 maldet(31240): {update} checking for available updates...
Apr 27 2025 03:26:28 chs1 maldet(31240): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 27 2025 03:26:28 chs1 maldet(31240): {update} hashing install files and checking against server...
Apr 27 2025 03:26:29 chs1 maldet(31240): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 27 2025 03:26:29 chs1 maldet(31240): {update} latest version already installed.
Apr 27 2025 03:26:29 chs1 maldet(31351): {sigup} performing signature update check...
Apr 27 2025 03:26:29 chs1 maldet(31351): {sigup} local signature set is version 202504251845085
Apr 27 2025 03:26:29 chs1 maldet(31351): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 27 2025 03:26:29 chs1 maldet(31351): {sigup} latest signature set already installed
Apr 27 2025 03:26:29 chs1 maldet(31440): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 27 2025 03:26:30 chs1 maldet(31440): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 27 2025 03:26:30 chs1 maldet(31440): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 27 2025 03:26:30 chs1 maldet(31440): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 27 2025 03:26:30 chs1 maldet(31440): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 27 2025 03:27:07 chs1 maldet(31440): {scan} file list completed in 37s, found 80 files...
Apr 27 2025 03:27:07 chs1 maldet(31440): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 27 2025 03:27:07 chs1 maldet(31440): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (80 files) in progress...
Apr 27 2025 03:27:17 chs1 maldet(31440): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 27 2025 03:27:17 chs1 maldet(31440): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 80, malware hits 1, cleaned hits 0, time 48s
Apr 27 2025 03:27:17 chs1 maldet(31440): {scan} scan report saved, to view run: maldet --report 250427-0326.31440
Apr 27 2025 03:27:17 chs1 maldet(31440): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250427-0326.31440
Apr 27 2025 03:39:54 chs1 maldet(953): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 28 2025 00:24:59 chs1 maldet(932): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 28 2025 03:28:49 chs1 maldet(53546): {update} checking for available updates...
Apr 28 2025 03:28:49 chs1 maldet(53546): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 28 2025 03:28:49 chs1 maldet(53546): {update} hashing install files and checking against server...
Apr 28 2025 03:28:49 chs1 maldet(53546): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 28 2025 03:28:49 chs1 maldet(53546): {update} latest version already installed.
Apr 28 2025 03:28:49 chs1 maldet(53657): {sigup} performing signature update check...
Apr 28 2025 03:28:49 chs1 maldet(53657): {sigup} local signature set is version 202504251845085
Apr 28 2025 03:28:50 chs1 maldet(53657): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 28 2025 03:28:50 chs1 maldet(53657): {sigup} latest signature set already installed
Apr 28 2025 03:28:50 chs1 maldet(53746): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 28 2025 03:28:50 chs1 maldet(53746): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 28 2025 03:28:50 chs1 maldet(53746): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 28 2025 03:28:50 chs1 maldet(53746): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 28 2025 03:28:50 chs1 maldet(53746): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 28 2025 03:29:13 chs1 maldet(53746): {scan} file list completed in 23s, found 103 files...
Apr 28 2025 03:29:14 chs1 maldet(53746): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 28 2025 03:29:14 chs1 maldet(53746): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (103 files) in progress...
Apr 28 2025 03:29:24 chs1 maldet(53746): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 28 2025 03:29:24 chs1 maldet(53746): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 103, malware hits 1, cleaned hits 0, time 34s
Apr 28 2025 03:29:24 chs1 maldet(53746): {scan} scan report saved, to view run: maldet --report 250428-0328.53746
Apr 28 2025 03:29:24 chs1 maldet(53746): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250428-0328.53746
Apr 29 2025 00:52:36 chs1 maldet(885): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 29 2025 03:12:23 chs1 maldet(896): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 29 2025 04:37:17 chs1 maldet(26034): {update} checking for available updates...
Apr 29 2025 04:37:51 chs1 maldet(26034): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 29 2025 04:37:51 chs1 maldet(26034): {update} hashing install files and checking against server...
Apr 29 2025 04:38:17 chs1 maldet(26034): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 29 2025 04:38:17 chs1 maldet(26034): {update} latest version already installed.
Apr 29 2025 04:38:17 chs1 maldet(26320): {sigup} performing signature update check...
Apr 29 2025 04:38:17 chs1 maldet(26320): {sigup} local signature set is version 202504251845085
Apr 29 2025 04:38:43 chs1 maldet(26320): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 29 2025 04:38:43 chs1 maldet(26320): {sigup} new signature set 202504282520736 available
Apr 29 2025 04:38:43 chs1 maldet(26320): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 29 2025 04:39:06 chs1 maldet(26320): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Apr 29 2025 04:39:31 chs1 maldet(26320): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Apr 29 2025 04:39:31 chs1 maldet(26320): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 29 2025 04:39:54 chs1 maldet(26320): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Apr 29 2025 04:40:18 chs1 maldet(26320): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Apr 29 2025 04:40:18 chs1 maldet(26320): {sigup} verified md5sum of maldet-sigpack.tgz
Apr 29 2025 04:40:18 chs1 maldet(26320): {sigup} unpacked and installed maldet-sigpack.tgz
Apr 29 2025 04:40:18 chs1 maldet(26320): {sigup} verified md5sum of maldet-clean.tgz
Apr 29 2025 04:40:18 chs1 maldet(26320): {sigup} unpacked and installed maldet-clean.tgz
Apr 29 2025 04:40:18 chs1 maldet(26320): {sigup} signature set update completed
Apr 29 2025 04:40:18 chs1 maldet(26320): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 29 2025 04:40:18 chs1 maldet(27025): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 29 2025 04:40:19 chs1 maldet(27025): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 29 2025 04:40:19 chs1 maldet(27025): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 29 2025 04:40:19 chs1 maldet(27025): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 29 2025 04:40:19 chs1 maldet(27025): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 29 2025 04:42:42 chs1 maldet(27025): {scan} file list completed in 143s, found 236 files...
Apr 29 2025 04:42:42 chs1 maldet(27025): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 29 2025 04:42:42 chs1 maldet(27025): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (236 files) in progress...
Apr 29 2025 04:42:57 chs1 maldet(27025): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 29 2025 04:42:57 chs1 maldet(27025): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 236, malware hits 1, cleaned hits 0, time 159s
Apr 29 2025 04:42:57 chs1 maldet(27025): {scan} scan report saved, to view run: maldet --report 250429-0440.27025
Apr 29 2025 04:42:57 chs1 maldet(27025): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250429-0440.27025
Apr 30 2025 01:00:33 chs1 maldet(966): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 30 2025 01:05:05 chs1 maldet(1082): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 30 2025 03:21:15 chs1 maldet(41980): {update} checking for available updates...
Apr 30 2025 03:21:16 chs1 maldet(41980): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Apr 30 2025 03:21:16 chs1 maldet(41980): {update} hashing install files and checking against server...
Apr 30 2025 03:21:16 chs1 maldet(41980): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Apr 30 2025 03:21:16 chs1 maldet(41980): {update} latest version already installed.
Apr 30 2025 03:21:16 chs1 maldet(42091): {sigup} performing signature update check...
Apr 30 2025 03:21:16 chs1 maldet(42091): {sigup} local signature set is version 202504282520736
Apr 30 2025 03:21:17 chs1 maldet(42091): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Apr 30 2025 03:21:17 chs1 maldet(42091): {sigup} latest signature set already installed
Apr 30 2025 03:21:17 chs1 maldet(42181): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Apr 30 2025 03:21:17 chs1 maldet(42181): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Apr 30 2025 03:21:17 chs1 maldet(42181): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Apr 30 2025 03:21:17 chs1 maldet(42181): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Apr 30 2025 03:21:17 chs1 maldet(42181): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Apr 30 2025 03:21:44 chs1 maldet(42181): {scan} file list completed in 26s, found 171 files...
Apr 30 2025 03:21:44 chs1 maldet(42181): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Apr 30 2025 03:21:44 chs1 maldet(42181): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (171 files) in progress...
Apr 30 2025 03:21:54 chs1 maldet(42181): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Apr 30 2025 03:21:54 chs1 maldet(42181): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 171, malware hits 1, cleaned hits 0, time 37s
Apr 30 2025 03:21:54 chs1 maldet(42181): {scan} scan report saved, to view run: maldet --report 250430-0321.42181
Apr 30 2025 03:21:54 chs1 maldet(42181): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250430-0321.42181
Apr 30 2025 03:33:48 chs1 maldet(938): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 30 2025 09:08:53 chs1 maldet(905): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Apr 30 2025 11:18:29 chs1 maldet(895): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 01 2025 03:11:19 chs1 maldet(950): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 01 2025 04:56:23 chs1 maldet(31959): {update} checking for available updates...
May 01 2025 04:56:24 chs1 maldet(31959): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 01 2025 04:56:24 chs1 maldet(31959): {update} hashing install files and checking against server...
May 01 2025 04:56:24 chs1 maldet(31959): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 01 2025 04:56:24 chs1 maldet(31959): {update} latest version already installed.
May 01 2025 04:56:24 chs1 maldet(32069): {sigup} performing signature update check...
May 01 2025 04:56:24 chs1 maldet(32069): {sigup} local signature set is version 202504282520736
May 01 2025 04:56:25 chs1 maldet(32069): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 01 2025 04:56:25 chs1 maldet(32069): {sigup} latest signature set already installed
May 01 2025 04:56:25 chs1 maldet(32163): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 01 2025 04:56:26 chs1 maldet(32163): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 01 2025 04:56:26 chs1 maldet(32163): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 01 2025 04:56:26 chs1 maldet(32163): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 01 2025 04:56:26 chs1 maldet(32163): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 01 2025 04:56:54 chs1 maldet(32163): {scan} file list completed in 28s, found 643 files...
May 01 2025 04:56:54 chs1 maldet(32163): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 01 2025 04:56:54 chs1 maldet(32163): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (643 files) in progress...
May 01 2025 04:57:33 chs1 maldet(32163): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 01 2025 04:57:33 chs1 maldet(32163): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 643, malware hits 1, cleaned hits 0, time 68s
May 01 2025 04:57:33 chs1 maldet(32163): {scan} scan report saved, to view run: maldet --report 250501-0456.32163
May 01 2025 04:57:33 chs1 maldet(32163): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250501-0456.32163
May 01 2025 05:09:42 chs1 maldet(874): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 02 2025 00:53:35 chs1 maldet(898): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 02 2025 01:18:37 chs1 maldet(891): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 02 2025 03:50:10 chs1 maldet(46127): {update} checking for available updates...
May 02 2025 03:50:11 chs1 maldet(46127): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 02 2025 03:50:11 chs1 maldet(46127): {update} hashing install files and checking against server...
May 02 2025 03:50:11 chs1 maldet(46127): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 02 2025 03:50:11 chs1 maldet(46127): {update} latest version already installed.
May 02 2025 03:50:11 chs1 maldet(46238): {sigup} performing signature update check...
May 02 2025 03:50:11 chs1 maldet(46238): {sigup} local signature set is version 202504282520736
May 02 2025 03:50:12 chs1 maldet(46238): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 02 2025 03:50:12 chs1 maldet(46238): {sigup} new signature set 202505013184135 available
May 02 2025 03:50:12 chs1 maldet(46238): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 02 2025 03:50:12 chs1 maldet(46238): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 02 2025 03:50:13 chs1 maldet(46238): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 02 2025 03:50:13 chs1 maldet(46238): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 02 2025 03:50:13 chs1 maldet(46238): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 02 2025 03:50:13 chs1 maldet(46238): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 02 2025 03:50:13 chs1 maldet(46238): {sigup} verified md5sum of maldet-sigpack.tgz
May 02 2025 03:50:14 chs1 maldet(46238): {sigup} unpacked and installed maldet-sigpack.tgz
May 02 2025 03:50:14 chs1 maldet(46238): {sigup} verified md5sum of maldet-clean.tgz
May 02 2025 03:50:14 chs1 maldet(46238): {sigup} unpacked and installed maldet-clean.tgz
May 02 2025 03:50:14 chs1 maldet(46238): {sigup} signature set update completed
May 02 2025 03:50:14 chs1 maldet(46238): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 02 2025 03:50:14 chs1 maldet(46444): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 02 2025 03:50:15 chs1 maldet(46444): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 02 2025 03:50:15 chs1 maldet(46444): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 02 2025 03:50:15 chs1 maldet(46444): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 02 2025 03:50:15 chs1 maldet(46444): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 02 2025 03:51:58 chs1 maldet(46444): {scan} file list completed in 103s, found 81 files...
May 02 2025 03:51:58 chs1 maldet(46444): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 02 2025 03:51:58 chs1 maldet(46444): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (81 files) in progress...
May 02 2025 03:52:35 chs1 maldet(46444): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 02 2025 03:52:35 chs1 maldet(46444): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 81, malware hits 1, cleaned hits 0, time 141s
May 02 2025 03:52:35 chs1 maldet(46444): {scan} scan report saved, to view run: maldet --report 250502-0350.46444
May 02 2025 03:52:35 chs1 maldet(46444): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250502-0350.46444
May 03 2025 00:53:40 chs1 maldet(876): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 03 2025 02:55:17 chs1 maldet(943): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 03 2025 03:15:44 chs1 maldet(9785): {update} checking for available updates...
May 03 2025 03:15:44 chs1 maldet(9785): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 03 2025 03:15:44 chs1 maldet(9785): {update} hashing install files and checking against server...
May 03 2025 03:15:45 chs1 maldet(9785): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 03 2025 03:15:45 chs1 maldet(9785): {update} latest version already installed.
May 03 2025 03:15:45 chs1 maldet(9894): {sigup} performing signature update check...
May 03 2025 03:15:45 chs1 maldet(9894): {sigup} local signature set is version 202505013184135
May 03 2025 03:15:45 chs1 maldet(9894): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 03 2025 03:15:45 chs1 maldet(9894): {sigup} latest signature set already installed
May 03 2025 03:15:45 chs1 maldet(9983): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 03 2025 03:15:46 chs1 maldet(9983): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 03 2025 03:15:46 chs1 maldet(9983): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 03 2025 03:15:46 chs1 maldet(9983): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 03 2025 03:15:46 chs1 maldet(9983): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 03 2025 03:16:16 chs1 maldet(9983): {scan} file list completed in 30s, found 299 files...
May 03 2025 03:16:16 chs1 maldet(9983): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 03 2025 03:16:16 chs1 maldet(9983): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (299 files) in progress...
May 03 2025 03:17:55 chs1 maldet(880): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 03 2025 04:14:34 chs1 maldet(17966): {update} checking for available updates...
May 03 2025 04:14:35 chs1 maldet(17966): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 03 2025 04:14:35 chs1 maldet(17966): {update} hashing install files and checking against server...
May 03 2025 04:14:35 chs1 maldet(17966): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 03 2025 04:14:35 chs1 maldet(17966): {update} latest version already installed.
May 03 2025 04:14:35 chs1 maldet(18079): {sigup} performing signature update check...
May 03 2025 04:14:35 chs1 maldet(18079): {sigup} local signature set is version 202505013184135
May 03 2025 04:14:36 chs1 maldet(18079): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 03 2025 04:14:36 chs1 maldet(18079): {sigup} latest signature set already installed
May 03 2025 04:14:36 chs1 maldet(18168): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 03 2025 04:14:36 chs1 maldet(18168): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 03 2025 04:14:36 chs1 maldet(18168): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 03 2025 04:14:36 chs1 maldet(18168): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 03 2025 04:14:37 chs1 maldet(18168): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 03 2025 04:15:08 chs1 maldet(18168): {scan} file list completed in 32s, found 297 files...
May 03 2025 04:15:08 chs1 maldet(18168): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 03 2025 04:15:08 chs1 maldet(18168): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (297 files) in progress...
May 03 2025 04:15:23 chs1 maldet(18168): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 03 2025 04:15:23 chs1 maldet(18168): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 297, malware hits 1, cleaned hits 0, time 47s
May 03 2025 04:15:23 chs1 maldet(18168): {scan} scan report saved, to view run: maldet --report 250503-0414.18168
May 03 2025 04:15:23 chs1 maldet(18168): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250503-0414.18168
May 04 2025 00:52:06 chs1 maldet(1003): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 04 2025 02:56:30 chs1 maldet(885): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 04 2025 03:29:25 chs1 maldet(12020): {update} checking for available updates...
May 04 2025 03:29:25 chs1 maldet(12020): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 04 2025 03:29:25 chs1 maldet(12020): {update} hashing install files and checking against server...
May 04 2025 03:29:26 chs1 maldet(12020): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 04 2025 03:29:26 chs1 maldet(12020): {update} latest version already installed.
May 04 2025 03:29:26 chs1 maldet(12131): {sigup} performing signature update check...
May 04 2025 03:29:26 chs1 maldet(12131): {sigup} local signature set is version 202505013184135
May 04 2025 03:29:26 chs1 maldet(12131): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 04 2025 03:29:26 chs1 maldet(12131): {sigup} latest signature set already installed
May 04 2025 03:29:26 chs1 maldet(12219): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 04 2025 03:29:27 chs1 maldet(12219): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 04 2025 03:29:27 chs1 maldet(12219): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 04 2025 03:29:27 chs1 maldet(12219): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 04 2025 03:29:27 chs1 maldet(12219): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 04 2025 03:29:54 chs1 maldet(12219): {scan} file list completed in 27s, found 84 files...
May 04 2025 03:29:54 chs1 maldet(12219): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 04 2025 03:29:54 chs1 maldet(12219): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (84 files) in progress...
May 04 2025 03:30:09 chs1 maldet(12219): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 04 2025 03:30:09 chs1 maldet(12219): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 84, malware hits 1, cleaned hits 0, time 43s
May 04 2025 03:30:09 chs1 maldet(12219): {scan} scan report saved, to view run: maldet --report 250504-0329.12219
May 04 2025 03:30:09 chs1 maldet(12219): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250504-0329.12219
May 04 2025 03:43:02 chs1 maldet(973): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 05 2025 00:57:33 chs1 maldet(917): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 05 2025 02:58:58 chs1 maldet(887): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 05 2025 03:53:13 chs1 maldet(16963): {update} checking for available updates...
May 05 2025 03:53:13 chs1 maldet(16963): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 05 2025 03:53:13 chs1 maldet(16963): {update} hashing install files and checking against server...
May 05 2025 03:53:13 chs1 maldet(16963): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 05 2025 03:53:13 chs1 maldet(16963): {update} latest version already installed.
May 05 2025 03:53:13 chs1 maldet(17075): {sigup} performing signature update check...
May 05 2025 03:53:14 chs1 maldet(17075): {sigup} local signature set is version 202505013184135
May 05 2025 03:53:14 chs1 maldet(17075): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 05 2025 03:53:14 chs1 maldet(17075): {sigup} new signature set 20250504486927 available
May 05 2025 03:53:14 chs1 maldet(17075): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 05 2025 03:53:14 chs1 maldet(17075): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 05 2025 03:53:15 chs1 maldet(17075): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 05 2025 03:53:15 chs1 maldet(17075): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 05 2025 03:53:15 chs1 maldet(17075): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 05 2025 03:53:16 chs1 maldet(17075): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 05 2025 03:53:16 chs1 maldet(17075): {sigup} verified md5sum of maldet-sigpack.tgz
May 05 2025 03:53:16 chs1 maldet(17075): {sigup} unpacked and installed maldet-sigpack.tgz
May 05 2025 03:53:16 chs1 maldet(17075): {sigup} verified md5sum of maldet-clean.tgz
May 05 2025 03:53:16 chs1 maldet(17075): {sigup} unpacked and installed maldet-clean.tgz
May 05 2025 03:53:16 chs1 maldet(17075): {sigup} signature set update completed
May 05 2025 03:53:16 chs1 maldet(17075): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 05 2025 03:53:16 chs1 maldet(17287): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 05 2025 03:53:16 chs1 maldet(17287): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 05 2025 03:53:16 chs1 maldet(17287): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 05 2025 03:53:16 chs1 maldet(17287): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 05 2025 03:53:16 chs1 maldet(17287): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 05 2025 03:54:59 chs1 maldet(17287): {scan} file list completed in 101s, found 107 files...
May 05 2025 03:54:59 chs1 maldet(17287): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 05 2025 03:54:59 chs1 maldet(17287): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (107 files) in progress...
May 05 2025 03:55:42 chs1 maldet(17287): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 05 2025 03:55:42 chs1 maldet(17287): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 107, malware hits 1, cleaned hits 0, time 146s
May 05 2025 03:55:42 chs1 maldet(17287): {scan} scan report saved, to view run: maldet --report 250505-0353.17287
May 05 2025 03:55:42 chs1 maldet(17287): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250505-0353.17287
May 05 2025 12:29:42 chs1 maldet(882): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 06 2025 00:59:10 chs1 maldet(913): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 06 2025 02:59:34 chs1 maldet(933): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 06 2025 03:30:42 chs1 maldet(11589): {update} checking for available updates...
May 06 2025 03:30:43 chs1 maldet(11589): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 06 2025 03:30:43 chs1 maldet(11589): {update} hashing install files and checking against server...
May 06 2025 03:30:43 chs1 maldet(11589): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 06 2025 03:30:43 chs1 maldet(11589): {update} latest version already installed.
May 06 2025 03:30:43 chs1 maldet(11699): {sigup} performing signature update check...
May 06 2025 03:30:43 chs1 maldet(11699): {sigup} local signature set is version 20250504486927
May 06 2025 03:30:44 chs1 maldet(11699): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 06 2025 03:30:44 chs1 maldet(11699): {sigup} latest signature set already installed
May 06 2025 03:30:44 chs1 maldet(11788): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 06 2025 03:30:44 chs1 maldet(11788): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 06 2025 03:30:44 chs1 maldet(11788): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 06 2025 03:30:44 chs1 maldet(11788): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 06 2025 03:30:44 chs1 maldet(11788): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 06 2025 03:31:16 chs1 maldet(11788): {scan} file list completed in 31s, found 72 files...
May 06 2025 03:31:16 chs1 maldet(11788): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 06 2025 03:31:16 chs1 maldet(11788): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (72 files) in progress...
May 06 2025 03:31:25 chs1 maldet(11788): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 06 2025 03:31:25 chs1 maldet(11788): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 72, malware hits 1, cleaned hits 0, time 41s
May 06 2025 03:31:25 chs1 maldet(11788): {scan} scan report saved, to view run: maldet --report 250506-0330.11788
May 06 2025 03:31:25 chs1 maldet(11788): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250506-0330.11788
May 06 2025 09:46:56 chs1 maldet(909): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 07 2025 00:54:16 chs1 maldet(904): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 07 2025 01:26:17 chs1 maldet(928): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 07 2025 03:57:40 chs1 maldet(45694): {update} checking for available updates...
May 07 2025 03:57:40 chs1 maldet(45694): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 07 2025 03:57:40 chs1 maldet(45694): {update} hashing install files and checking against server...
May 07 2025 03:57:41 chs1 maldet(45694): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 07 2025 03:57:41 chs1 maldet(45694): {update} latest version already installed.
May 07 2025 03:57:41 chs1 maldet(45811): {sigup} performing signature update check...
May 07 2025 03:57:41 chs1 maldet(45811): {sigup} local signature set is version 20250504486927
May 07 2025 03:57:41 chs1 maldet(45811): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 07 2025 03:57:41 chs1 maldet(45811): {sigup} latest signature set already installed
May 07 2025 03:57:41 chs1 maldet(45899): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 07 2025 03:57:42 chs1 maldet(45899): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 07 2025 03:57:42 chs1 maldet(45899): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 07 2025 03:57:42 chs1 maldet(45899): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 07 2025 03:57:42 chs1 maldet(45899): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 07 2025 03:58:08 chs1 maldet(45899): {scan} file list completed in 26s, found 87 files...
May 07 2025 03:58:08 chs1 maldet(45899): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 07 2025 03:58:08 chs1 maldet(45899): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (87 files) in progress...
May 07 2025 03:58:19 chs1 maldet(45899): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 07 2025 03:58:19 chs1 maldet(45899): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 87, malware hits 1, cleaned hits 0, time 38s
May 07 2025 03:58:19 chs1 maldet(45899): {scan} scan report saved, to view run: maldet --report 250507-0357.45899
May 07 2025 03:58:19 chs1 maldet(45899): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250507-0357.45899
May 08 2025 02:41:27 chs1 maldet(875): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 08 2025 03:51:06 chs1 maldet(23358): {update} checking for available updates...
May 08 2025 03:51:06 chs1 maldet(23358): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 08 2025 03:51:06 chs1 maldet(23358): {update} hashing install files and checking against server...
May 08 2025 03:51:07 chs1 maldet(23358): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 08 2025 03:51:07 chs1 maldet(23358): {update} latest version already installed.
May 08 2025 03:51:07 chs1 maldet(23467): {sigup} performing signature update check...
May 08 2025 03:51:07 chs1 maldet(23467): {sigup} local signature set is version 20250504486927
May 08 2025 03:51:07 chs1 maldet(23467): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 08 2025 03:51:07 chs1 maldet(23467): {sigup} new signature set 202505071163993 available
May 08 2025 03:51:07 chs1 maldet(23467): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 08 2025 03:51:08 chs1 maldet(23467): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 08 2025 03:51:08 chs1 maldet(23467): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 08 2025 03:51:08 chs1 maldet(23467): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 08 2025 03:51:09 chs1 maldet(23467): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 08 2025 03:51:09 chs1 maldet(23467): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 08 2025 03:51:09 chs1 maldet(23467): {sigup} verified md5sum of maldet-sigpack.tgz
May 08 2025 03:51:09 chs1 maldet(23467): {sigup} unpacked and installed maldet-sigpack.tgz
May 08 2025 03:51:09 chs1 maldet(23467): {sigup} verified md5sum of maldet-clean.tgz
May 08 2025 03:51:09 chs1 maldet(23467): {sigup} unpacked and installed maldet-clean.tgz
May 08 2025 03:51:09 chs1 maldet(23467): {sigup} signature set update completed
May 08 2025 03:51:09 chs1 maldet(23467): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 08 2025 03:51:09 chs1 maldet(23671): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 08 2025 03:51:10 chs1 maldet(23671): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 08 2025 03:51:10 chs1 maldet(23671): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 08 2025 03:51:10 chs1 maldet(23671): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 08 2025 03:51:10 chs1 maldet(23671): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 08 2025 03:53:12 chs1 maldet(23671): {scan} file list completed in 122s, found 284 files...
May 08 2025 03:53:12 chs1 maldet(23671): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 08 2025 03:53:12 chs1 maldet(23671): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (284 files) in progress...
May 08 2025 03:53:34 chs1 maldet(23671): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 08 2025 03:53:34 chs1 maldet(23671): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 284, malware hits 1, cleaned hits 0, time 145s
May 08 2025 03:53:34 chs1 maldet(23671): {scan} scan report saved, to view run: maldet --report 250508-0351.23671
May 08 2025 03:53:34 chs1 maldet(23671): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250508-0351.23671
May 09 2025 00:55:10 chs1 maldet(887): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 09 2025 02:44:15 chs1 maldet(931): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 09 2025 03:39:08 chs1 maldet(18114): {update} checking for available updates...
May 09 2025 03:39:09 chs1 maldet(18114): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 09 2025 03:39:09 chs1 maldet(18114): {update} hashing install files and checking against server...
May 09 2025 03:39:09 chs1 maldet(18114): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 09 2025 03:39:09 chs1 maldet(18114): {update} latest version already installed.
May 09 2025 03:39:09 chs1 maldet(18224): {sigup} performing signature update check...
May 09 2025 03:39:09 chs1 maldet(18224): {sigup} local signature set is version 202505071163993
May 09 2025 03:39:10 chs1 maldet(18224): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 09 2025 03:39:10 chs1 maldet(18224): {sigup} latest signature set already installed
May 09 2025 03:39:10 chs1 maldet(18314): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 09 2025 03:39:10 chs1 maldet(18314): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 09 2025 03:39:10 chs1 maldet(18314): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 09 2025 03:39:10 chs1 maldet(18314): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 09 2025 03:39:10 chs1 maldet(18314): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 09 2025 03:39:38 chs1 maldet(18314): {scan} file list completed in 28s, found 87 files...
May 09 2025 03:39:38 chs1 maldet(18314): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 09 2025 03:39:38 chs1 maldet(18314): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (87 files) in progress...
May 09 2025 03:39:49 chs1 maldet(18314): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 09 2025 03:39:49 chs1 maldet(18314): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 87, malware hits 1, cleaned hits 0, time 39s
May 09 2025 03:39:49 chs1 maldet(18314): {scan} scan report saved, to view run: maldet --report 250509-0339.18314
May 09 2025 03:39:49 chs1 maldet(18314): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250509-0339.18314
May 10 2025 00:56:10 chs1 maldet(895): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 10 2025 03:09:56 chs1 maldet(42166): {update} checking for available updates...
May 10 2025 03:09:57 chs1 maldet(42166): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 10 2025 03:09:57 chs1 maldet(42166): {update} hashing install files and checking against server...
May 10 2025 03:09:57 chs1 maldet(42166): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 10 2025 03:09:57 chs1 maldet(42166): {update} latest version already installed.
May 10 2025 03:09:57 chs1 maldet(42275): {sigup} performing signature update check...
May 10 2025 03:09:57 chs1 maldet(42275): {sigup} local signature set is version 202505071163993
May 10 2025 03:09:57 chs1 maldet(42275): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 10 2025 03:09:57 chs1 maldet(42275): {sigup} latest signature set already installed
May 10 2025 03:09:58 chs1 maldet(42363): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 10 2025 03:09:58 chs1 maldet(42363): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 10 2025 03:09:58 chs1 maldet(42363): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 10 2025 03:09:58 chs1 maldet(42363): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 10 2025 03:09:58 chs1 maldet(42363): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 10 2025 03:10:25 chs1 maldet(42363): {scan} file list completed in 27s, found 80 files...
May 10 2025 03:10:25 chs1 maldet(42363): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 10 2025 03:10:25 chs1 maldet(42363): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (80 files) in progress...
May 10 2025 03:10:36 chs1 maldet(42363): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 10 2025 03:10:36 chs1 maldet(42363): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 80, malware hits 1, cleaned hits 0, time 38s
May 10 2025 03:10:36 chs1 maldet(42363): {scan} scan report saved, to view run: maldet --report 250510-0309.42363
May 10 2025 03:10:36 chs1 maldet(42363): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250510-0309.42363
May 10 2025 03:21:46 chs1 maldet(894): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 11 2025 00:53:47 chs1 maldet(878): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 11 2025 03:15:04 chs1 maldet(45626): {update} checking for available updates...
May 11 2025 03:15:05 chs1 maldet(45626): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 11 2025 03:15:05 chs1 maldet(45626): {update} hashing install files and checking against server...
May 11 2025 03:15:05 chs1 maldet(45626): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 11 2025 03:15:05 chs1 maldet(45626): {update} latest version already installed.
May 11 2025 03:15:05 chs1 maldet(45745): {sigup} performing signature update check...
May 11 2025 03:15:05 chs1 maldet(45745): {sigup} local signature set is version 202505071163993
May 11 2025 03:15:05 chs1 maldet(45745): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 11 2025 03:15:05 chs1 maldet(45745): {sigup} new signature set 202505102039127 available
May 11 2025 03:15:05 chs1 maldet(45745): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 11 2025 03:15:06 chs1 maldet(45745): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 11 2025 03:15:06 chs1 maldet(45745): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 11 2025 03:15:06 chs1 maldet(45745): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 11 2025 03:15:07 chs1 maldet(45745): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 11 2025 03:15:07 chs1 maldet(45745): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 11 2025 03:15:07 chs1 maldet(45745): {sigup} verified md5sum of maldet-sigpack.tgz
May 11 2025 03:15:07 chs1 maldet(45745): {sigup} unpacked and installed maldet-sigpack.tgz
May 11 2025 03:15:07 chs1 maldet(45745): {sigup} verified md5sum of maldet-clean.tgz
May 11 2025 03:15:07 chs1 maldet(45745): {sigup} unpacked and installed maldet-clean.tgz
May 11 2025 03:15:07 chs1 maldet(45745): {sigup} signature set update completed
May 11 2025 03:15:07 chs1 maldet(45745): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 11 2025 03:15:07 chs1 maldet(45951): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 11 2025 03:15:08 chs1 maldet(45951): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 11 2025 03:15:08 chs1 maldet(45951): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 11 2025 03:15:08 chs1 maldet(45951): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 11 2025 03:15:08 chs1 maldet(45951): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 11 2025 03:16:38 chs1 maldet(880): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 11 2025 03:21:19 chs1 maldet(880): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 11 2025 04:33:02 chs1 maldet(23846): {update} checking for available updates...
May 11 2025 04:33:28 chs1 maldet(23846): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 11 2025 04:33:28 chs1 maldet(23846): {update} hashing install files and checking against server...
May 11 2025 04:33:51 chs1 maldet(23846): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 11 2025 04:33:51 chs1 maldet(23846): {update} latest version already installed.
May 11 2025 04:33:51 chs1 maldet(24085): {sigup} performing signature update check...
May 11 2025 04:33:51 chs1 maldet(24085): {sigup} local signature set is version 202505102039127
May 11 2025 04:34:15 chs1 maldet(24085): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 11 2025 04:34:15 chs1 maldet(24085): {sigup} latest signature set already installed
May 11 2025 04:34:16 chs1 maldet(24405): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 11 2025 04:34:17 chs1 maldet(24405): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 11 2025 04:34:17 chs1 maldet(24405): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 11 2025 04:34:17 chs1 maldet(24405): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 11 2025 04:34:17 chs1 maldet(24405): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 11 2025 04:34:40 chs1 maldet(24405): {scan} file list completed in 23s, found 42 files...
May 11 2025 04:34:40 chs1 maldet(24405): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 11 2025 04:34:40 chs1 maldet(24405): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (42 files) in progress...
May 11 2025 04:34:50 chs1 maldet(24405): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 11 2025 04:34:50 chs1 maldet(24405): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 42, malware hits 1, cleaned hits 0, time 34s
May 11 2025 04:34:50 chs1 maldet(24405): {scan} scan report saved, to view run: maldet --report 250511-0434.24405
May 11 2025 04:34:50 chs1 maldet(24405): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250511-0434.24405
May 12 2025 00:56:16 chs1 maldet(938): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 12 2025 03:21:27 chs1 maldet(47656): {update} checking for available updates...
May 12 2025 03:21:27 chs1 maldet(47656): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 12 2025 03:21:28 chs1 maldet(47656): {update} hashing install files and checking against server...
May 12 2025 03:21:28 chs1 maldet(47656): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 12 2025 03:21:28 chs1 maldet(47656): {update} latest version already installed.
May 12 2025 03:21:28 chs1 maldet(47802): {sigup} performing signature update check...
May 12 2025 03:21:28 chs1 maldet(47802): {sigup} local signature set is version 202505102039127
May 12 2025 03:21:29 chs1 maldet(47802): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 12 2025 03:21:29 chs1 maldet(47802): {sigup} latest signature set already installed
May 12 2025 03:21:29 chs1 maldet(47916): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 12 2025 03:21:30 chs1 maldet(47916): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 12 2025 03:21:30 chs1 maldet(47916): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 12 2025 03:21:30 chs1 maldet(47916): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 12 2025 03:21:30 chs1 maldet(47916): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 12 2025 03:21:57 chs1 maldet(47916): {scan} file list completed in 27s, found 64 files...
May 12 2025 03:21:57 chs1 maldet(47916): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 12 2025 03:21:57 chs1 maldet(47916): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (64 files) in progress...
May 12 2025 03:22:08 chs1 maldet(47916): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 12 2025 03:22:09 chs1 maldet(47916): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 64, malware hits 1, cleaned hits 0, time 39s
May 12 2025 03:22:09 chs1 maldet(47916): {scan} scan report saved, to view run: maldet --report 250512-0321.47916
May 12 2025 03:22:09 chs1 maldet(47916): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250512-0321.47916
May 12 2025 04:12:22 chs1 maldet(881): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 13 2025 00:51:43 chs1 maldet(877): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 13 2025 03:36:58 chs1 maldet(49699): {update} checking for available updates...
May 13 2025 03:36:59 chs1 maldet(49699): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 13 2025 03:36:59 chs1 maldet(49699): {update} hashing install files and checking against server...
May 13 2025 03:36:59 chs1 maldet(49699): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 13 2025 03:36:59 chs1 maldet(49699): {update} latest version already installed.
May 13 2025 03:36:59 chs1 maldet(49810): {sigup} performing signature update check...
May 13 2025 03:36:59 chs1 maldet(49810): {sigup} local signature set is version 202505102039127
May 13 2025 03:37:00 chs1 maldet(49810): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 13 2025 03:37:00 chs1 maldet(49810): {sigup} latest signature set already installed
May 13 2025 03:37:00 chs1 maldet(49899): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 13 2025 03:37:01 chs1 maldet(49899): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 13 2025 03:37:01 chs1 maldet(49899): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 13 2025 03:37:01 chs1 maldet(49899): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 13 2025 03:37:01 chs1 maldet(49899): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 13 2025 03:37:31 chs1 maldet(49899): {scan} file list completed in 30s, found 106 files...
May 13 2025 03:37:31 chs1 maldet(49899): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 13 2025 03:37:31 chs1 maldet(49899): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (106 files) in progress...
May 13 2025 03:37:43 chs1 maldet(49899): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 13 2025 03:37:43 chs1 maldet(49899): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 106, malware hits 1, cleaned hits 0, time 43s
May 13 2025 03:37:43 chs1 maldet(49899): {scan} scan report saved, to view run: maldet --report 250513-0337.49899
May 13 2025 03:37:43 chs1 maldet(49899): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250513-0337.49899
May 13 2025 03:49:46 chs1 maldet(886): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 13 2025 03:53:06 chs1 maldet(900): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 14 2025 00:51:19 chs1 maldet(967): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 14 2025 01:29:04 chs1 maldet(1042): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 14 2025 03:46:46 chs1 maldet(45329): {update} checking for available updates...
May 14 2025 03:46:46 chs1 maldet(45329): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 14 2025 03:46:46 chs1 maldet(45329): {update} hashing install files and checking against server...
May 14 2025 03:46:47 chs1 maldet(45329): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 14 2025 03:46:47 chs1 maldet(45329): {update} latest version already installed.
May 14 2025 03:46:47 chs1 maldet(45443): {sigup} performing signature update check...
May 14 2025 03:46:47 chs1 maldet(45443): {sigup} local signature set is version 202505102039127
May 14 2025 03:46:47 chs1 maldet(45443): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 14 2025 03:46:47 chs1 maldet(45443): {sigup} new signature set 202505133012176 available
May 14 2025 03:46:47 chs1 maldet(45443): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 14 2025 03:46:48 chs1 maldet(45443): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 14 2025 03:46:48 chs1 maldet(45443): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 14 2025 03:46:48 chs1 maldet(45443): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 14 2025 03:46:49 chs1 maldet(45443): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 14 2025 03:46:49 chs1 maldet(45443): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 14 2025 03:46:49 chs1 maldet(45443): {sigup} verified md5sum of maldet-sigpack.tgz
May 14 2025 03:46:49 chs1 maldet(45443): {sigup} unpacked and installed maldet-sigpack.tgz
May 14 2025 03:46:49 chs1 maldet(45443): {sigup} verified md5sum of maldet-clean.tgz
May 14 2025 03:46:49 chs1 maldet(45443): {sigup} unpacked and installed maldet-clean.tgz
May 14 2025 03:46:49 chs1 maldet(45443): {sigup} signature set update completed
May 14 2025 03:46:49 chs1 maldet(45443): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 14 2025 03:46:49 chs1 maldet(45645): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 14 2025 03:46:51 chs1 maldet(45645): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 14 2025 03:46:51 chs1 maldet(45645): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 14 2025 03:46:51 chs1 maldet(45645): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 14 2025 03:46:51 chs1 maldet(45645): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 14 2025 03:48:35 chs1 maldet(45645): {scan} file list completed in 104s, found 92 files...
May 14 2025 03:48:35 chs1 maldet(45645): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 14 2025 03:48:35 chs1 maldet(45645): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (92 files) in progress...
May 14 2025 03:48:59 chs1 maldet(45645): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 14 2025 03:48:59 chs1 maldet(45645): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 92, malware hits 1, cleaned hits 0, time 130s
May 14 2025 03:48:59 chs1 maldet(45645): {scan} scan report saved, to view run: maldet --report 250514-0346.45645
May 14 2025 03:48:59 chs1 maldet(45645): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250514-0346.45645
May 15 2025 00:56:39 chs1 maldet(955): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 15 2025 01:40:40 chs1 maldet(949): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 15 2025 03:11:48 chs1 maldet(29754): {update} checking for available updates...
May 15 2025 03:11:49 chs1 maldet(29754): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 15 2025 03:11:49 chs1 maldet(29754): {update} hashing install files and checking against server...
May 15 2025 03:11:49 chs1 maldet(29754): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 15 2025 03:11:49 chs1 maldet(29754): {update} latest version already installed.
May 15 2025 03:11:49 chs1 maldet(29863): {sigup} performing signature update check...
May 15 2025 03:11:49 chs1 maldet(29863): {sigup} local signature set is version 202505133012176
May 15 2025 03:11:50 chs1 maldet(29863): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 15 2025 03:11:50 chs1 maldet(29863): {sigup} latest signature set already installed
May 15 2025 03:11:50 chs1 maldet(29951): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 15 2025 03:11:51 chs1 maldet(29951): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 15 2025 03:11:51 chs1 maldet(29951): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 15 2025 03:11:51 chs1 maldet(29951): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 15 2025 03:11:51 chs1 maldet(29951): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 15 2025 03:12:22 chs1 maldet(29951): {scan} file list completed in 30s, found 162 files...
May 15 2025 03:12:22 chs1 maldet(29951): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 15 2025 03:12:22 chs1 maldet(29951): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (162 files) in progress...
May 15 2025 03:12:48 chs1 maldet(29951): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 15 2025 03:12:48 chs1 maldet(29951): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 162, malware hits 1, cleaned hits 0, time 58s
May 15 2025 03:12:48 chs1 maldet(29951): {scan} scan report saved, to view run: maldet --report 250515-0311.29951
May 15 2025 03:12:48 chs1 maldet(29951): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250515-0311.29951
May 16 2025 00:57:43 chs1 maldet(952): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 16 2025 02:35:14 chs1 maldet(892): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 16 2025 03:26:24 chs1 maldet(18359): {update} checking for available updates...
May 16 2025 03:26:24 chs1 maldet(18359): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 16 2025 03:26:24 chs1 maldet(18359): {update} hashing install files and checking against server...
May 16 2025 03:26:24 chs1 maldet(18359): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 16 2025 03:26:25 chs1 maldet(18359): {update} latest version already installed.
May 16 2025 03:26:25 chs1 maldet(18469): {sigup} performing signature update check...
May 16 2025 03:26:25 chs1 maldet(18469): {sigup} local signature set is version 202505133012176
May 16 2025 03:26:25 chs1 maldet(18469): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 16 2025 03:26:25 chs1 maldet(18469): {sigup} latest signature set already installed
May 16 2025 03:26:25 chs1 maldet(18558): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 16 2025 03:26:26 chs1 maldet(18558): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 16 2025 03:26:26 chs1 maldet(18558): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 16 2025 03:26:26 chs1 maldet(18558): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 16 2025 03:26:26 chs1 maldet(18558): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 16 2025 03:27:43 chs1 maldet(890): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 16 2025 05:05:14 chs1 maldet(32490): {update} checking for available updates...
May 16 2025 05:05:14 chs1 maldet(32490): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 16 2025 05:05:14 chs1 maldet(32490): {update} hashing install files and checking against server...
May 16 2025 05:05:14 chs1 maldet(32490): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 16 2025 05:05:14 chs1 maldet(32490): {update} latest version already installed.
May 16 2025 05:05:15 chs1 maldet(32601): {sigup} performing signature update check...
May 16 2025 05:05:15 chs1 maldet(32601): {sigup} local signature set is version 202505133012176
May 16 2025 05:05:15 chs1 maldet(32601): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 16 2025 05:05:15 chs1 maldet(32601): {sigup} latest signature set already installed
May 16 2025 05:05:15 chs1 maldet(32690): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 16 2025 05:05:16 chs1 maldet(32690): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 16 2025 05:05:16 chs1 maldet(32690): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 16 2025 05:05:16 chs1 maldet(32690): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 16 2025 05:05:16 chs1 maldet(32690): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 16 2025 05:05:43 chs1 maldet(32690): {scan} file list completed in 27s, found 74 files...
May 16 2025 05:05:43 chs1 maldet(32690): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 16 2025 05:05:43 chs1 maldet(32690): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (74 files) in progress...
May 16 2025 05:05:54 chs1 maldet(32690): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 16 2025 05:05:54 chs1 maldet(32690): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 74, malware hits 1, cleaned hits 0, time 39s
May 16 2025 05:05:54 chs1 maldet(32690): {scan} scan report saved, to view run: maldet --report 250516-0505.32690
May 16 2025 05:05:54 chs1 maldet(32690): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250516-0505.32690
May 17 2025 00:56:33 chs1 maldet(909): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 17 2025 03:18:04 chs1 maldet(42801): {update} checking for available updates...
May 17 2025 03:18:05 chs1 maldet(42801): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 17 2025 03:18:05 chs1 maldet(42801): {update} hashing install files and checking against server...
May 17 2025 03:18:06 chs1 maldet(42801): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 17 2025 03:18:06 chs1 maldet(42801): {update} latest version already installed.
May 17 2025 03:18:06 chs1 maldet(42933): {sigup} performing signature update check...
May 17 2025 03:18:06 chs1 maldet(42933): {sigup} local signature set is version 202505133012176
May 17 2025 03:18:06 chs1 maldet(42933): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 17 2025 03:18:06 chs1 maldet(42933): {sigup} new signature set 202505163985107 available
May 17 2025 03:18:06 chs1 maldet(42933): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 17 2025 03:18:07 chs1 maldet(42933): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 17 2025 03:18:07 chs1 maldet(42933): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 17 2025 03:18:07 chs1 maldet(42933): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 17 2025 03:18:07 chs1 maldet(42933): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 17 2025 03:18:08 chs1 maldet(42933): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 17 2025 03:18:08 chs1 maldet(42933): {sigup} verified md5sum of maldet-sigpack.tgz
May 17 2025 03:18:08 chs1 maldet(42933): {sigup} unpacked and installed maldet-sigpack.tgz
May 17 2025 03:18:08 chs1 maldet(42933): {sigup} verified md5sum of maldet-clean.tgz
May 17 2025 03:18:08 chs1 maldet(42933): {sigup} unpacked and installed maldet-clean.tgz
May 17 2025 03:18:08 chs1 maldet(42933): {sigup} signature set update completed
May 17 2025 03:18:08 chs1 maldet(42933): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 17 2025 03:18:08 chs1 maldet(43140): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 17 2025 03:18:09 chs1 maldet(43140): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 17 2025 03:18:09 chs1 maldet(43140): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 17 2025 03:18:09 chs1 maldet(43140): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 17 2025 03:18:10 chs1 maldet(43140): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 17 2025 03:21:14 chs1 maldet(905): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 17 2025 03:45:35 chs1 maldet(892): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 17 2025 04:26:07 chs1 maldet(14600): {update} checking for available updates...
May 17 2025 04:26:07 chs1 maldet(14600): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 17 2025 04:26:07 chs1 maldet(14600): {update} hashing install files and checking against server...
May 17 2025 04:26:08 chs1 maldet(14600): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 17 2025 04:26:08 chs1 maldet(14600): {update} latest version already installed.
May 17 2025 04:26:08 chs1 maldet(14709): {sigup} performing signature update check...
May 17 2025 04:26:08 chs1 maldet(14709): {sigup} local signature set is version 202505163985107
May 17 2025 04:26:08 chs1 maldet(14709): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 17 2025 04:26:08 chs1 maldet(14709): {sigup} latest signature set already installed
May 17 2025 04:26:08 chs1 maldet(14802): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 17 2025 04:26:09 chs1 maldet(14802): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 17 2025 04:26:09 chs1 maldet(14802): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 17 2025 04:26:09 chs1 maldet(14802): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 17 2025 04:26:09 chs1 maldet(14802): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 17 2025 04:26:35 chs1 maldet(14802): {scan} file list completed in 26s, found 80 files...
May 17 2025 04:26:35 chs1 maldet(14802): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 17 2025 04:26:35 chs1 maldet(14802): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (80 files) in progress...
May 17 2025 04:26:46 chs1 maldet(14802): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 17 2025 04:26:46 chs1 maldet(14802): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 80, malware hits 1, cleaned hits 0, time 38s
May 17 2025 04:26:46 chs1 maldet(14802): {scan} scan report saved, to view run: maldet --report 250517-0426.14802
May 17 2025 04:26:46 chs1 maldet(14802): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250517-0426.14802
May 17 2025 04:38:50 chs1 maldet(921): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 18 2025 00:59:48 chs1 maldet(987): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 18 2025 03:20:37 chs1 maldet(40449): {update} checking for available updates...
May 18 2025 03:20:37 chs1 maldet(40449): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 18 2025 03:20:37 chs1 maldet(40449): {update} hashing install files and checking against server...
May 18 2025 03:20:38 chs1 maldet(40449): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 18 2025 03:20:38 chs1 maldet(40449): {update} latest version already installed.
May 18 2025 03:20:38 chs1 maldet(40558): {sigup} performing signature update check...
May 18 2025 03:20:38 chs1 maldet(40558): {sigup} local signature set is version 202505163985107
May 18 2025 03:20:38 chs1 maldet(40558): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 18 2025 03:20:38 chs1 maldet(40558): {sigup} latest signature set already installed
May 18 2025 03:20:38 chs1 maldet(40646): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 18 2025 03:20:39 chs1 maldet(40646): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 18 2025 03:20:39 chs1 maldet(40646): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 18 2025 03:20:39 chs1 maldet(40646): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 18 2025 03:20:39 chs1 maldet(40646): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 18 2025 03:21:16 chs1 maldet(40646): {scan} file list completed in 37s, found 109 files...
May 18 2025 03:21:16 chs1 maldet(40646): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 18 2025 03:21:16 chs1 maldet(40646): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (109 files) in progress...
May 18 2025 03:21:27 chs1 maldet(40646): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 18 2025 03:21:27 chs1 maldet(40646): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 109, malware hits 1, cleaned hits 0, time 49s
May 18 2025 03:21:27 chs1 maldet(40646): {scan} scan report saved, to view run: maldet --report 250518-0320.40646
May 18 2025 03:21:27 chs1 maldet(40646): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250518-0320.40646
May 18 2025 03:33:57 chs1 maldet(964): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 18 2025 10:41:37 chs1 maldet(952): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 19 2025 00:57:36 chs1 maldet(896): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 19 2025 03:33:54 chs1 maldet(45011): {update} checking for available updates...
May 19 2025 03:33:54 chs1 maldet(45011): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 19 2025 03:33:54 chs1 maldet(45011): {update} hashing install files and checking against server...
May 19 2025 03:33:55 chs1 maldet(45011): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 19 2025 03:33:55 chs1 maldet(45011): {update} latest version already installed.
May 19 2025 03:33:55 chs1 maldet(45121): {sigup} performing signature update check...
May 19 2025 03:33:55 chs1 maldet(45121): {sigup} local signature set is version 202505163985107
May 19 2025 03:33:55 chs1 maldet(45121): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 19 2025 03:33:55 chs1 maldet(45121): {sigup} latest signature set already installed
May 19 2025 03:33:55 chs1 maldet(45216): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 19 2025 03:33:56 chs1 maldet(45216): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 19 2025 03:33:56 chs1 maldet(45216): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 19 2025 03:33:56 chs1 maldet(45216): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 19 2025 03:33:56 chs1 maldet(45216): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 19 2025 03:34:26 chs1 maldet(45216): {scan} file list completed in 30s, found 46 files...
May 19 2025 03:34:26 chs1 maldet(45216): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 19 2025 03:34:26 chs1 maldet(45216): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (46 files) in progress...
May 19 2025 03:34:36 chs1 maldet(45216): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 19 2025 03:34:36 chs1 maldet(45216): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 46, malware hits 1, cleaned hits 0, time 41s
May 19 2025 03:34:36 chs1 maldet(45216): {scan} scan report saved, to view run: maldet --report 250519-0333.45216
May 19 2025 03:34:36 chs1 maldet(45216): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250519-0333.45216
May 19 2025 03:46:44 chs1 maldet(943): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 19 2025 06:11:17 chs1 maldet(947): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 20 2025 00:59:50 chs1 maldet(924): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 20 2025 03:13:37 chs1 maldet(41736): {update} checking for available updates...
May 20 2025 03:13:38 chs1 maldet(41736): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 20 2025 03:13:38 chs1 maldet(41736): {update} hashing install files and checking against server...
May 20 2025 03:13:38 chs1 maldet(41736): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 20 2025 03:13:38 chs1 maldet(41736): {update} latest version already installed.
May 20 2025 03:13:38 chs1 maldet(41852): {sigup} performing signature update check...
May 20 2025 03:13:38 chs1 maldet(41852): {sigup} local signature set is version 202505163985107
May 20 2025 03:13:39 chs1 maldet(41852): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 20 2025 03:13:39 chs1 maldet(41852): {sigup} new signature set 20250519762470 available
May 20 2025 03:13:39 chs1 maldet(41852): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 20 2025 03:13:39 chs1 maldet(41852): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 20 2025 03:13:40 chs1 maldet(41852): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 20 2025 03:13:40 chs1 maldet(41852): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 20 2025 03:13:40 chs1 maldet(41852): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 20 2025 03:13:41 chs1 maldet(41852): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 20 2025 03:13:41 chs1 maldet(41852): {sigup} verified md5sum of maldet-sigpack.tgz
May 20 2025 03:13:41 chs1 maldet(41852): {sigup} unpacked and installed maldet-sigpack.tgz
May 20 2025 03:13:41 chs1 maldet(41852): {sigup} verified md5sum of maldet-clean.tgz
May 20 2025 03:13:41 chs1 maldet(41852): {sigup} unpacked and installed maldet-clean.tgz
May 20 2025 03:13:41 chs1 maldet(41852): {sigup} signature set update completed
May 20 2025 03:13:41 chs1 maldet(41852): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 20 2025 03:13:41 chs1 maldet(42063): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 20 2025 03:13:43 chs1 maldet(42063): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 20 2025 03:13:43 chs1 maldet(42063): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 20 2025 03:13:43 chs1 maldet(42063): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 20 2025 03:13:43 chs1 maldet(42063): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 20 2025 03:14:59 chs1 maldet(913): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 20 2025 04:21:46 chs1 maldet(25231): {update} checking for available updates...
May 20 2025 04:21:46 chs1 maldet(25231): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 20 2025 04:21:46 chs1 maldet(25231): {update} hashing install files and checking against server...
May 20 2025 04:21:47 chs1 maldet(25231): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 20 2025 04:21:47 chs1 maldet(25231): {update} latest version already installed.
May 20 2025 04:21:47 chs1 maldet(25346): {sigup} performing signature update check...
May 20 2025 04:21:47 chs1 maldet(25346): {sigup} local signature set is version 20250519762470
May 20 2025 04:21:47 chs1 maldet(25346): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 20 2025 04:21:47 chs1 maldet(25346): {sigup} latest signature set already installed
May 20 2025 04:21:47 chs1 maldet(25435): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 20 2025 04:21:48 chs1 maldet(25435): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 20 2025 04:21:48 chs1 maldet(25435): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 20 2025 04:21:48 chs1 maldet(25435): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 20 2025 04:21:48 chs1 maldet(25435): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 20 2025 04:22:22 chs1 maldet(25435): {scan} file list completed in 34s, found 60 files...
May 20 2025 04:22:22 chs1 maldet(25435): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 20 2025 04:22:22 chs1 maldet(25435): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (60 files) in progress...
May 20 2025 04:22:32 chs1 maldet(25435): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 20 2025 04:22:32 chs1 maldet(25435): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 60, malware hits 1, cleaned hits 0, time 45s
May 20 2025 04:22:32 chs1 maldet(25435): {scan} scan report saved, to view run: maldet --report 250520-0421.25435
May 20 2025 04:22:32 chs1 maldet(25435): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250520-0421.25435
May 20 2025 04:27:33 chs1 maldet(919): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 21 2025 00:56:16 chs1 maldet(882): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 21 2025 03:19:20 chs1 maldet(41707): {update} checking for available updates...
May 21 2025 03:19:20 chs1 maldet(41707): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 21 2025 03:19:20 chs1 maldet(41707): {update} hashing install files and checking against server...
May 21 2025 03:19:21 chs1 maldet(41707): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 21 2025 03:19:21 chs1 maldet(41707): {update} latest version already installed.
May 21 2025 03:19:21 chs1 maldet(41816): {sigup} performing signature update check...
May 21 2025 03:19:21 chs1 maldet(41816): {sigup} local signature set is version 20250519762470
May 21 2025 03:19:21 chs1 maldet(41816): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 21 2025 03:19:21 chs1 maldet(41816): {sigup} latest signature set already installed
May 21 2025 03:19:21 chs1 maldet(41904): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 21 2025 03:19:23 chs1 maldet(41904): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 21 2025 03:19:23 chs1 maldet(41904): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 21 2025 03:19:23 chs1 maldet(41904): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 21 2025 03:19:23 chs1 maldet(41904): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 21 2025 03:19:48 chs1 maldet(41904): {scan} file list completed in 25s, found 91 files...
May 21 2025 03:19:48 chs1 maldet(41904): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 21 2025 03:19:48 chs1 maldet(41904): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (91 files) in progress...
May 21 2025 03:19:59 chs1 maldet(41904): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 21 2025 03:19:59 chs1 maldet(41904): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 91, malware hits 1, cleaned hits 0, time 38s
May 21 2025 03:19:59 chs1 maldet(41904): {scan} scan report saved, to view run: maldet --report 250521-0319.41904
May 21 2025 03:19:59 chs1 maldet(41904): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250521-0319.41904
May 21 2025 08:03:39 chs1 maldet(879): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 22 2025 00:24:36 chs1 maldet(886): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 22 2025 03:44:10 chs1 maldet(57404): {update} checking for available updates...
May 22 2025 03:44:10 chs1 maldet(57404): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 22 2025 03:44:10 chs1 maldet(57404): {update} hashing install files and checking against server...
May 22 2025 03:44:10 chs1 maldet(57404): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 22 2025 03:44:10 chs1 maldet(57404): {update} latest version already installed.
May 22 2025 03:44:10 chs1 maldet(57514): {sigup} performing signature update check...
May 22 2025 03:44:11 chs1 maldet(57514): {sigup} local signature set is version 20250519762470
May 22 2025 03:44:11 chs1 maldet(57514): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 22 2025 03:44:11 chs1 maldet(57514): {sigup} latest signature set already installed
May 22 2025 03:44:11 chs1 maldet(57605): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 22 2025 03:44:12 chs1 maldet(57605): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 22 2025 03:44:12 chs1 maldet(57605): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 22 2025 03:44:12 chs1 maldet(57605): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 22 2025 03:44:12 chs1 maldet(57605): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 22 2025 03:44:35 chs1 maldet(57605): {scan} file list completed in 23s, found 89 files...
May 22 2025 03:44:35 chs1 maldet(57605): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 22 2025 03:44:35 chs1 maldet(57605): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (89 files) in progress...
May 22 2025 03:44:46 chs1 maldet(57605): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 22 2025 03:44:46 chs1 maldet(57605): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 89, malware hits 1, cleaned hits 0, time 35s
May 22 2025 03:44:46 chs1 maldet(57605): {scan} scan report saved, to view run: maldet --report 250522-0344.57605
May 22 2025 03:44:46 chs1 maldet(57605): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250522-0344.57605
May 23 2025 00:55:22 chs1 maldet(975): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 23 2025 00:58:50 chs1 maldet(870): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 23 2025 04:00:05 chs1 maldet(51443): {update} checking for available updates...
May 23 2025 04:00:07 chs1 maldet(51443): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 23 2025 04:00:07 chs1 maldet(51443): {update} hashing install files and checking against server...
May 23 2025 04:00:08 chs1 maldet(51443): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 23 2025 04:00:08 chs1 maldet(51443): {update} latest version already installed.
May 23 2025 04:00:09 chs1 maldet(51587): {sigup} performing signature update check...
May 23 2025 04:00:09 chs1 maldet(51587): {sigup} local signature set is version 20250519762470
May 23 2025 04:00:12 chs1 maldet(51587): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 23 2025 04:00:12 chs1 maldet(51587): {sigup} new signature set 202505221736773 available
May 23 2025 04:00:12 chs1 maldet(51587): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 23 2025 04:00:12 chs1 maldet(51587): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 23 2025 04:00:13 chs1 maldet(51587): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 23 2025 04:00:13 chs1 maldet(51587): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 23 2025 04:00:13 chs1 maldet(51587): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 23 2025 04:00:14 chs1 maldet(51587): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 23 2025 04:00:14 chs1 maldet(51587): {sigup} verified md5sum of maldet-sigpack.tgz
May 23 2025 04:00:14 chs1 maldet(51587): {sigup} unpacked and installed maldet-sigpack.tgz
May 23 2025 04:00:14 chs1 maldet(51587): {sigup} verified md5sum of maldet-clean.tgz
May 23 2025 04:00:14 chs1 maldet(51587): {sigup} unpacked and installed maldet-clean.tgz
May 23 2025 04:00:15 chs1 maldet(51587): {sigup} signature set update completed
May 23 2025 04:00:15 chs1 maldet(51587): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 23 2025 04:00:15 chs1 maldet(51839): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 23 2025 04:00:16 chs1 maldet(51839): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 23 2025 04:00:16 chs1 maldet(51839): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 23 2025 04:00:16 chs1 maldet(51839): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 23 2025 04:00:16 chs1 maldet(51839): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 23 2025 04:01:59 chs1 maldet(878): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 23 2025 05:32:23 chs1 maldet(26094): {update} checking for available updates...
May 23 2025 05:33:11 chs1 maldet(26094): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 23 2025 05:33:11 chs1 maldet(26094): {update} hashing install files and checking against server...
May 23 2025 05:34:11 chs1 maldet(26094): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 23 2025 05:34:11 chs1 maldet(26094): {update} version check shows latest but hash check failed, forcing update...
May 23 2025 05:34:12 chs1 maldet(26094): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz
May 23 2025 05:34:43 chs1 maldet(26094): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5
May 23 2025 05:34:43 chs1 maldet(26094): {update} verified md5sum of maldetect-current.tar.gz
May 23 2025 05:34:43 chs1 maldet(26094): {update} completed update v1.6.6 3a1792 => verror code: 525 359d25, running signature updates...
May 23 2025 05:34:43 chs1 maldet(26656): {sigup} performing signature update check...
May 23 2025 05:34:43 chs1 maldet(26656): {sigup} local signature set is version 202505221736773
May 23 2025 05:35:34 chs1 maldet(26656): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 23 2025 05:35:34 chs1 maldet(26656): {sigup} new signature set error code: 525 available
May 23 2025 05:35:34 chs1 maldet(26656): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 23 2025 05:36:13 chs1 maldet(26656): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 23 2025 05:36:41 chs1 maldet(26656): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 23 2025 05:36:41 chs1 maldet(26656): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 23 2025 05:37:20 chs1 maldet(26656): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 23 2025 05:38:05 chs1 maldet(26656): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 23 2025 05:38:05 chs1 maldet(26656): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
May 23 2025 05:38:05 chs1 maldet(26656): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
May 23 2025 05:38:05 chs1 maldet(26094): {update} update and config import completed
May 23 2025 05:38:06 chs1 maldet(27708): {sigup} performing signature update check...
May 23 2025 05:38:06 chs1 maldet(27708): {sigup} local signature set is version 202505221736773
May 23 2025 05:38:54 chs1 maldet(27708): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 23 2025 05:38:54 chs1 maldet(27708): {sigup} new signature set error code: 525 available
May 23 2025 05:38:54 chs1 maldet(27708): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 23 2025 05:39:34 chs1 maldet(27708): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 23 2025 05:40:20 chs1 maldet(27708): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 23 2025 05:40:20 chs1 maldet(27708): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 23 2025 05:41:08 chs1 maldet(27708): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 23 2025 05:41:54 chs1 maldet(27708): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 23 2025 05:41:54 chs1 maldet(27708): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
May 23 2025 05:41:54 chs1 maldet(27708): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
May 23 2025 05:41:54 chs1 maldet(28721): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 23 2025 05:41:55 chs1 maldet(28721): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 23 2025 05:41:55 chs1 maldet(28721): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 23 2025 05:41:55 chs1 maldet(28721): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 23 2025 05:41:55 chs1 maldet(28721): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 23 2025 05:42:24 chs1 maldet(28721): {scan} file list completed in 29s, found 115 files...
May 23 2025 05:42:24 chs1 maldet(28721): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 23 2025 05:42:24 chs1 maldet(28721): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (115 files) in progress...
May 23 2025 05:42:35 chs1 maldet(28721): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 23 2025 05:42:35 chs1 maldet(28721): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 115, malware hits 1, cleaned hits 0, time 41s
May 23 2025 05:42:35 chs1 maldet(28721): {scan} scan report saved, to view run: maldet --report 250523-0541.28721
May 23 2025 05:42:35 chs1 maldet(28721): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250523-0541.28721
May 23 2025 05:54:56 chs1 maldet(890): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 24 2025 00:56:24 chs1 maldet(939): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 24 2025 03:10:15 chs1 maldet(40325): {update} checking for available updates...
May 24 2025 03:10:16 chs1 maldet(40325): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 24 2025 03:10:16 chs1 maldet(40325): {update} hashing install files and checking against server...
May 24 2025 03:10:16 chs1 maldet(40325): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 24 2025 03:10:16 chs1 maldet(40325): {update} latest version already installed.
May 24 2025 03:10:16 chs1 maldet(40437): {sigup} performing signature update check...
May 24 2025 03:10:16 chs1 maldet(40437): {sigup} local signature set is version 202505221736773
May 24 2025 03:10:17 chs1 maldet(40437): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 24 2025 03:10:17 chs1 maldet(40437): {sigup} latest signature set already installed
May 24 2025 03:10:17 chs1 maldet(40525): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 24 2025 03:10:17 chs1 maldet(40525): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 24 2025 03:10:17 chs1 maldet(40525): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 24 2025 03:10:17 chs1 maldet(40525): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 24 2025 03:10:17 chs1 maldet(40525): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 24 2025 03:10:44 chs1 maldet(40525): {scan} file list completed in 27s, found 77 files...
May 24 2025 03:10:44 chs1 maldet(40525): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 24 2025 03:10:44 chs1 maldet(40525): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (77 files) in progress...
May 24 2025 03:10:54 chs1 maldet(40525): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 24 2025 03:10:54 chs1 maldet(40525): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 77, malware hits 1, cleaned hits 0, time 37s
May 24 2025 03:10:54 chs1 maldet(40525): {scan} scan report saved, to view run: maldet --report 250524-0310.40525
May 24 2025 03:10:54 chs1 maldet(40525): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250524-0310.40525
May 24 2025 03:22:48 chs1 maldet(893): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 24 2025 05:14:05 chs1 maldet(992): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 24 2025 09:52:04 chs1 maldet(989): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 24 2025 21:11:21 chs1 maldet(893): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 25 2025 00:55:02 chs1 maldet(911): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 25 2025 03:20:09 chs1 maldet(40442): {update} checking for available updates...
May 25 2025 03:20:09 chs1 maldet(40442): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 25 2025 03:20:09 chs1 maldet(40442): {update} hashing install files and checking against server...
May 25 2025 03:20:10 chs1 maldet(40442): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 25 2025 03:20:10 chs1 maldet(40442): {update} latest version already installed.
May 25 2025 03:20:10 chs1 maldet(40560): {sigup} performing signature update check...
May 25 2025 03:20:10 chs1 maldet(40560): {sigup} local signature set is version 202505221736773
May 25 2025 03:20:10 chs1 maldet(40560): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 25 2025 03:20:10 chs1 maldet(40560): {sigup} latest signature set already installed
May 25 2025 03:20:10 chs1 maldet(40652): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 25 2025 03:20:11 chs1 maldet(40652): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 25 2025 03:20:11 chs1 maldet(40652): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 25 2025 03:20:11 chs1 maldet(40652): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 25 2025 03:20:11 chs1 maldet(40652): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 25 2025 03:20:46 chs1 maldet(40652): {scan} file list completed in 35s, found 76 files...
May 25 2025 03:20:46 chs1 maldet(40652): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 25 2025 03:20:46 chs1 maldet(40652): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (76 files) in progress...
May 25 2025 03:20:57 chs1 maldet(40652): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 25 2025 03:20:57 chs1 maldet(40652): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 76, malware hits 1, cleaned hits 0, time 47s
May 25 2025 03:20:57 chs1 maldet(40652): {scan} scan report saved, to view run: maldet --report 250525-0320.40652
May 25 2025 03:20:57 chs1 maldet(40652): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250525-0320.40652
May 25 2025 03:32:14 chs1 maldet(905): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 25 2025 08:20:04 chs1 maldet(1078): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 25 2025 09:38:14 chs1 maldet(988): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 25 2025 19:17:32 chs1 maldet(889): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 26 2025 01:00:03 chs1 maldet(1137): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 26 2025 04:00:25 chs1 maldet(52616): {update} checking for available updates...
May 26 2025 04:00:26 chs1 maldet(52616): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 26 2025 04:00:26 chs1 maldet(52616): {update} hashing install files and checking against server...
May 26 2025 04:00:27 chs1 maldet(52616): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 26 2025 04:00:27 chs1 maldet(52616): {update} latest version already installed.
May 26 2025 04:00:27 chs1 maldet(52728): {sigup} performing signature update check...
May 26 2025 04:00:27 chs1 maldet(52728): {sigup} local signature set is version 202505221736773
May 26 2025 04:00:28 chs1 maldet(52728): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 26 2025 04:00:28 chs1 maldet(52728): {sigup} new signature set 202505252708832 available
May 26 2025 04:00:28 chs1 maldet(52728): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 26 2025 04:00:28 chs1 maldet(52728): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 26 2025 04:00:29 chs1 maldet(52728): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 26 2025 04:00:29 chs1 maldet(52728): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 26 2025 04:00:29 chs1 maldet(52728): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 26 2025 04:00:29 chs1 maldet(52728): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 26 2025 04:00:29 chs1 maldet(52728): {sigup} verified md5sum of maldet-sigpack.tgz
May 26 2025 04:00:29 chs1 maldet(52728): {sigup} unpacked and installed maldet-sigpack.tgz
May 26 2025 04:00:29 chs1 maldet(52728): {sigup} verified md5sum of maldet-clean.tgz
May 26 2025 04:00:30 chs1 maldet(52728): {sigup} unpacked and installed maldet-clean.tgz
May 26 2025 04:00:30 chs1 maldet(52728): {sigup} signature set update completed
May 26 2025 04:00:30 chs1 maldet(52728): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 26 2025 04:00:30 chs1 maldet(52933): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 26 2025 04:00:30 chs1 maldet(52933): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 26 2025 04:00:30 chs1 maldet(52933): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 26 2025 04:00:30 chs1 maldet(52933): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 26 2025 04:00:30 chs1 maldet(52933): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 26 2025 04:01:51 chs1 maldet(925): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 26 2025 05:18:40 chs1 maldet(24429): {update} checking for available updates...
May 26 2025 05:18:41 chs1 maldet(24429): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 26 2025 05:18:41 chs1 maldet(24429): {update} hashing install files and checking against server...
May 26 2025 05:18:41 chs1 maldet(24429): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 26 2025 05:18:41 chs1 maldet(24429): {update} latest version already installed.
May 26 2025 05:18:41 chs1 maldet(24538): {sigup} performing signature update check...
May 26 2025 05:18:41 chs1 maldet(24538): {sigup} local signature set is version 202505252708832
May 26 2025 05:18:41 chs1 maldet(24538): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 26 2025 05:18:41 chs1 maldet(24538): {sigup} latest signature set already installed
May 26 2025 05:18:42 chs1 maldet(24631): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 26 2025 05:18:42 chs1 maldet(24631): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 26 2025 05:18:42 chs1 maldet(24631): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 26 2025 05:18:42 chs1 maldet(24631): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 26 2025 05:18:42 chs1 maldet(24631): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 26 2025 05:19:11 chs1 maldet(24631): {scan} file list completed in 29s, found 122 files...
May 26 2025 05:19:11 chs1 maldet(24631): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 26 2025 05:19:11 chs1 maldet(24631): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (122 files) in progress...
May 26 2025 05:19:22 chs1 maldet(24631): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 26 2025 05:19:22 chs1 maldet(24631): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 122, malware hits 1, cleaned hits 0, time 40s
May 26 2025 05:19:22 chs1 maldet(24631): {scan} scan report saved, to view run: maldet --report 250526-0518.24631
May 26 2025 05:19:22 chs1 maldet(24631): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250526-0518.24631
May 26 2025 05:31:06 chs1 maldet(1007): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 26 2025 06:20:23 chs1 maldet(896): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 26 2025 10:07:12 chs1 maldet(888): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 26 2025 13:31:32 chs1 maldet(872): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 27 2025 00:58:44 chs1 maldet(930): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 27 2025 03:51:56 chs1 maldet(48870): {update} checking for available updates...
May 27 2025 03:51:57 chs1 maldet(48870): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 27 2025 03:51:57 chs1 maldet(48870): {update} hashing install files and checking against server...
May 27 2025 03:51:57 chs1 maldet(48870): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 27 2025 03:51:57 chs1 maldet(48870): {update} latest version already installed.
May 27 2025 03:51:58 chs1 maldet(48983): {sigup} performing signature update check...
May 27 2025 03:51:58 chs1 maldet(48983): {sigup} local signature set is version 202505252708832
May 27 2025 03:51:58 chs1 maldet(48983): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 27 2025 03:51:58 chs1 maldet(48983): {sigup} latest signature set already installed
May 27 2025 03:51:58 chs1 maldet(49071): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 27 2025 03:51:59 chs1 maldet(49071): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 27 2025 03:51:59 chs1 maldet(49071): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 27 2025 03:51:59 chs1 maldet(49071): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 27 2025 03:51:59 chs1 maldet(49071): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 27 2025 03:52:27 chs1 maldet(49071): {scan} file list completed in 27s, found 146 files...
May 27 2025 03:52:27 chs1 maldet(49071): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 27 2025 03:52:27 chs1 maldet(49071): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (146 files) in progress...
May 27 2025 03:52:38 chs1 maldet(49071): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 27 2025 03:52:38 chs1 maldet(49071): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 146, malware hits 1, cleaned hits 0, time 40s
May 27 2025 03:52:38 chs1 maldet(49071): {scan} scan report saved, to view run: maldet --report 250527-0351.49071
May 27 2025 03:52:38 chs1 maldet(49071): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250527-0351.49071
May 27 2025 04:04:17 chs1 maldet(875): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 27 2025 09:05:28 chs1 maldet(887): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 28 2025 01:00:55 chs1 maldet(891): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 28 2025 03:24:01 chs1 maldet(899): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 28 2025 04:32:30 chs1 maldet(22263): {update} checking for available updates...
May 28 2025 04:32:31 chs1 maldet(22263): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 28 2025 04:32:31 chs1 maldet(22263): {update} hashing install files and checking against server...
May 28 2025 04:32:31 chs1 maldet(22263): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 28 2025 04:32:31 chs1 maldet(22263): {update} latest version already installed.
May 28 2025 04:32:31 chs1 maldet(22373): {sigup} performing signature update check...
May 28 2025 04:32:31 chs1 maldet(22373): {sigup} local signature set is version 202505252708832
May 28 2025 04:32:32 chs1 maldet(22373): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 28 2025 04:32:32 chs1 maldet(22373): {sigup} latest signature set already installed
May 28 2025 04:32:32 chs1 maldet(22461): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 28 2025 04:32:33 chs1 maldet(22461): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 28 2025 04:32:33 chs1 maldet(22461): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 28 2025 04:32:33 chs1 maldet(22461): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 28 2025 04:32:33 chs1 maldet(22461): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 28 2025 04:33:01 chs1 maldet(22461): {scan} file list completed in 28s, found 248 files...
May 28 2025 04:33:01 chs1 maldet(22461): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 28 2025 04:33:01 chs1 maldet(22461): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (248 files) in progress...
May 28 2025 04:33:16 chs1 maldet(22461): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 28 2025 04:33:16 chs1 maldet(22461): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 248, malware hits 1, cleaned hits 0, time 44s
May 28 2025 04:33:16 chs1 maldet(22461): {scan} scan report saved, to view run: maldet --report 250528-0432.22461
May 28 2025 04:33:16 chs1 maldet(22461): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250528-0432.22461
May 29 2025 00:52:30 chs1 maldet(894): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 29 2025 03:14:47 chs1 maldet(49964): {update} checking for available updates...
May 29 2025 03:14:47 chs1 maldet(49964): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 29 2025 03:14:47 chs1 maldet(49964): {update} hashing install files and checking against server...
May 29 2025 03:14:48 chs1 maldet(49964): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 29 2025 03:14:48 chs1 maldet(49964): {update} latest version already installed.
May 29 2025 03:14:48 chs1 maldet(50073): {sigup} performing signature update check...
May 29 2025 03:14:48 chs1 maldet(50073): {sigup} local signature set is version 202505252708832
May 29 2025 03:14:48 chs1 maldet(50073): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 29 2025 03:14:48 chs1 maldet(50073): {sigup} new signature set 202505283679777 available
May 29 2025 03:14:48 chs1 maldet(50073): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 29 2025 03:14:49 chs1 maldet(50073): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 29 2025 03:14:49 chs1 maldet(50073): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 29 2025 03:14:49 chs1 maldet(50073): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 29 2025 03:14:49 chs1 maldet(50073): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 29 2025 03:14:50 chs1 maldet(50073): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 29 2025 03:14:50 chs1 maldet(50073): {sigup} verified md5sum of maldet-sigpack.tgz
May 29 2025 03:14:50 chs1 maldet(50073): {sigup} unpacked and installed maldet-sigpack.tgz
May 29 2025 03:14:50 chs1 maldet(50073): {sigup} verified md5sum of maldet-clean.tgz
May 29 2025 03:14:50 chs1 maldet(50073): {sigup} unpacked and installed maldet-clean.tgz
May 29 2025 03:14:50 chs1 maldet(50073): {sigup} signature set update completed
May 29 2025 03:14:50 chs1 maldet(50073): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 29 2025 03:14:50 chs1 maldet(50280): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 29 2025 03:14:51 chs1 maldet(50280): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 29 2025 03:14:51 chs1 maldet(50280): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 29 2025 03:14:51 chs1 maldet(50280): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 29 2025 03:14:51 chs1 maldet(50280): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 29 2025 03:17:28 chs1 maldet(50280): {scan} file list completed in 157s, found 123 files...
May 29 2025 03:17:28 chs1 maldet(50280): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 29 2025 03:17:28 chs1 maldet(50280): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (123 files) in progress...
May 29 2025 03:17:40 chs1 maldet(50280): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 29 2025 03:17:40 chs1 maldet(50280): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 123, malware hits 1, cleaned hits 0, time 170s
May 29 2025 03:17:40 chs1 maldet(50280): {scan} scan report saved, to view run: maldet --report 250529-0314.50280
May 29 2025 03:17:40 chs1 maldet(50280): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250529-0314.50280
May 30 2025 00:31:14 chs1 maldet(887): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 30 2025 03:47:13 chs1 maldet(63560): {update} checking for available updates...
May 30 2025 03:47:14 chs1 maldet(63560): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 30 2025 03:47:14 chs1 maldet(63560): {update} hashing install files and checking against server...
May 30 2025 03:47:14 chs1 maldet(63560): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 30 2025 03:47:14 chs1 maldet(63560): {update} latest version already installed.
May 30 2025 03:47:14 chs1 maldet(63681): {sigup} performing signature update check...
May 30 2025 03:47:14 chs1 maldet(63681): {sigup} local signature set is version 202505283679777
May 30 2025 03:47:15 chs1 maldet(63681): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 30 2025 03:47:15 chs1 maldet(63681): {sigup} latest signature set already installed
May 30 2025 03:47:15 chs1 maldet(63769): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 30 2025 03:47:17 chs1 maldet(63769): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 30 2025 03:47:17 chs1 maldet(63769): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 30 2025 03:47:17 chs1 maldet(63769): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 30 2025 03:47:17 chs1 maldet(63769): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 30 2025 03:47:39 chs1 maldet(63769): {scan} file list completed in 21s, found 98 files...
May 30 2025 03:47:39 chs1 maldet(63769): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 30 2025 03:47:39 chs1 maldet(63769): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (98 files) in progress...
May 30 2025 03:47:50 chs1 maldet(63769): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 30 2025 03:47:50 chs1 maldet(63769): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 98, malware hits 1, cleaned hits 0, time 35s
May 30 2025 03:47:50 chs1 maldet(63769): {scan} scan report saved, to view run: maldet --report 250530-0347.63769
May 30 2025 03:47:50 chs1 maldet(63769): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250530-0347.63769
May 30 2025 04:00:52 chs1 maldet(890): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 31 2025 00:54:30 chs1 maldet(960): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 31 2025 03:01:16 chs1 maldet(911): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
May 31 2025 04:10:45 chs1 maldet(21697): {update} checking for available updates...
May 31 2025 04:10:46 chs1 maldet(21697): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 31 2025 04:10:46 chs1 maldet(21697): {update} hashing install files and checking against server...
May 31 2025 04:10:46 chs1 maldet(21697): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 31 2025 04:10:46 chs1 maldet(21697): {update} latest version already installed.
May 31 2025 04:10:46 chs1 maldet(21817): {sigup} performing signature update check...
May 31 2025 04:10:46 chs1 maldet(21817): {sigup} local signature set is version 202505283679777
May 31 2025 04:10:47 chs1 maldet(21817): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 31 2025 04:10:47 chs1 maldet(21817): {sigup} latest signature set already installed
May 31 2025 04:10:47 chs1 maldet(21905): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 31 2025 04:10:48 chs1 maldet(21905): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
May 31 2025 04:10:48 chs1 maldet(21905): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 31 2025 04:10:48 chs1 maldet(21905): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 31 2025 04:10:48 chs1 maldet(21905): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
May 31 2025 04:11:17 chs1 maldet(21905): {scan} file list completed in 29s, found 43 files...
May 31 2025 04:11:17 chs1 maldet(21905): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
May 31 2025 04:11:17 chs1 maldet(21905): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (43 files) in progress...
May 31 2025 04:11:27 chs1 maldet(21905): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
May 31 2025 04:11:27 chs1 maldet(21905): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 43, malware hits 1, cleaned hits 0, time 40s
May 31 2025 04:11:27 chs1 maldet(21905): {scan} scan report saved, to view run: maldet --report 250531-0410.21905
May 31 2025 04:11:27 chs1 maldet(21905): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250531-0410.21905
May 31 2025 23:32:34 chs1 maldet(901): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 01 2025 03:42:35 chs1 maldet(72647): {update} checking for available updates...
Jun 01 2025 03:42:35 chs1 maldet(72647): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 01 2025 03:42:35 chs1 maldet(72647): {update} hashing install files and checking against server...
Jun 01 2025 03:42:36 chs1 maldet(72647): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 01 2025 03:42:36 chs1 maldet(72647): {update} latest version already installed.
Jun 01 2025 03:42:36 chs1 maldet(72761): {sigup} performing signature update check...
Jun 01 2025 03:42:36 chs1 maldet(72761): {sigup} local signature set is version 202505283679777
Jun 01 2025 03:42:36 chs1 maldet(72761): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 01 2025 03:42:36 chs1 maldet(72761): {sigup} new signature set 20250531456902 available
Jun 01 2025 03:42:36 chs1 maldet(72761): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 01 2025 03:42:37 chs1 maldet(72761): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 01 2025 03:42:38 chs1 maldet(72761): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 01 2025 03:42:38 chs1 maldet(72761): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 01 2025 03:42:38 chs1 maldet(72761): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 01 2025 03:42:39 chs1 maldet(72761): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 01 2025 03:42:39 chs1 maldet(72761): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 01 2025 03:42:39 chs1 maldet(72761): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 01 2025 03:42:39 chs1 maldet(72761): {sigup} verified md5sum of maldet-clean.tgz
Jun 01 2025 03:42:39 chs1 maldet(72761): {sigup} unpacked and installed maldet-clean.tgz
Jun 01 2025 03:42:39 chs1 maldet(72761): {sigup} signature set update completed
Jun 01 2025 03:42:39 chs1 maldet(72761): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 01 2025 03:42:39 chs1 maldet(72980): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 01 2025 03:42:41 chs1 maldet(72980): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 01 2025 03:42:41 chs1 maldet(72980): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 01 2025 03:42:41 chs1 maldet(72980): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 01 2025 03:42:41 chs1 maldet(72980): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 01 2025 03:44:40 chs1 maldet(72980): {scan} file list completed in 117s, found 58 files...
Jun 01 2025 03:44:41 chs1 maldet(72980): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 01 2025 03:44:41 chs1 maldet(72980): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (58 files) in progress...
Jun 01 2025 03:46:00 chs1 maldet(885): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 01 2025 04:53:50 chs1 maldet(21170): {update} checking for available updates...
Jun 01 2025 04:53:50 chs1 maldet(21170): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 01 2025 04:53:50 chs1 maldet(21170): {update} hashing install files and checking against server...
Jun 01 2025 04:53:51 chs1 maldet(21170): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 01 2025 04:53:51 chs1 maldet(21170): {update} latest version already installed.
Jun 01 2025 04:53:51 chs1 maldet(21279): {sigup} performing signature update check...
Jun 01 2025 04:53:51 chs1 maldet(21279): {sigup} local signature set is version 20250531456902
Jun 01 2025 04:53:51 chs1 maldet(21279): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 01 2025 04:53:51 chs1 maldet(21279): {sigup} latest signature set already installed
Jun 01 2025 04:53:51 chs1 maldet(21367): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 01 2025 04:53:52 chs1 maldet(21367): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 01 2025 04:53:52 chs1 maldet(21367): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 01 2025 04:53:52 chs1 maldet(21367): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 01 2025 04:53:52 chs1 maldet(21367): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 01 2025 04:54:22 chs1 maldet(21367): {scan} file list completed in 30s, found 59 files...
Jun 01 2025 04:54:22 chs1 maldet(21367): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 01 2025 04:54:22 chs1 maldet(21367): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (59 files) in progress...
Jun 01 2025 04:54:33 chs1 maldet(21367): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 01 2025 04:54:33 chs1 maldet(21367): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 59, malware hits 1, cleaned hits 0, time 42s
Jun 01 2025 04:54:33 chs1 maldet(21367): {scan} scan report saved, to view run: maldet --report 250601-0453.21367
Jun 01 2025 04:54:33 chs1 maldet(21367): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250601-0453.21367
Jun 02 2025 00:52:36 chs1 maldet(884): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 02 2025 03:26:15 chs1 maldet(48615): {update} checking for available updates...
Jun 02 2025 03:26:16 chs1 maldet(48615): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 02 2025 03:26:16 chs1 maldet(48615): {update} hashing install files and checking against server...
Jun 02 2025 03:26:16 chs1 maldet(48615): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 02 2025 03:26:16 chs1 maldet(48615): {update} latest version already installed.
Jun 02 2025 03:26:16 chs1 maldet(48727): {sigup} performing signature update check...
Jun 02 2025 03:26:16 chs1 maldet(48727): {sigup} local signature set is version 20250531456902
Jun 02 2025 03:26:17 chs1 maldet(48727): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 02 2025 03:26:17 chs1 maldet(48727): {sigup} new signature set 202506011196154 available
Jun 02 2025 03:26:17 chs1 maldet(48727): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 02 2025 03:26:17 chs1 maldet(48727): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 02 2025 03:26:18 chs1 maldet(48727): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 02 2025 03:26:18 chs1 maldet(48727): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 02 2025 03:26:18 chs1 maldet(48727): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 02 2025 03:26:18 chs1 maldet(48727): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 02 2025 03:26:18 chs1 maldet(48727): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 02 2025 03:26:19 chs1 maldet(48727): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 02 2025 03:26:19 chs1 maldet(48727): {sigup} verified md5sum of maldet-clean.tgz
Jun 02 2025 03:26:19 chs1 maldet(48727): {sigup} unpacked and installed maldet-clean.tgz
Jun 02 2025 03:26:19 chs1 maldet(48727): {sigup} signature set update completed
Jun 02 2025 03:26:19 chs1 maldet(48727): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 02 2025 03:26:19 chs1 maldet(48943): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 02 2025 03:26:19 chs1 maldet(48943): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 02 2025 03:26:19 chs1 maldet(48943): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 02 2025 03:26:19 chs1 maldet(48943): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 02 2025 03:26:19 chs1 maldet(48943): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 02 2025 03:28:44 chs1 maldet(48943): {scan} file list completed in 145s, found 67 files...
Jun 02 2025 03:28:44 chs1 maldet(48943): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 02 2025 03:28:44 chs1 maldet(48943): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (67 files) in progress...
Jun 02 2025 03:28:56 chs1 maldet(48943): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 02 2025 03:28:56 chs1 maldet(48943): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 67, malware hits 1, cleaned hits 0, time 157s
Jun 02 2025 03:28:56 chs1 maldet(48943): {scan} scan report saved, to view run: maldet --report 250602-0326.48943
Jun 02 2025 03:28:56 chs1 maldet(48943): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250602-0326.48943
Jun 03 2025 00:56:09 chs1 maldet(873): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 03 2025 03:41:06 chs1 maldet(46935): {update} checking for available updates...
Jun 03 2025 03:41:06 chs1 maldet(46935): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 03 2025 03:41:06 chs1 maldet(46935): {update} hashing install files and checking against server...
Jun 03 2025 03:41:07 chs1 maldet(46935): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 03 2025 03:41:07 chs1 maldet(46935): {update} latest version already installed.
Jun 03 2025 03:41:07 chs1 maldet(47044): {sigup} performing signature update check...
Jun 03 2025 03:41:07 chs1 maldet(47044): {sigup} local signature set is version 202506011196154
Jun 03 2025 03:41:07 chs1 maldet(47044): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 03 2025 03:41:07 chs1 maldet(47044): {sigup} latest signature set already installed
Jun 03 2025 03:41:07 chs1 maldet(47132): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 03 2025 03:41:08 chs1 maldet(47132): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 03 2025 03:41:08 chs1 maldet(47132): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 03 2025 03:41:08 chs1 maldet(47132): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 03 2025 03:41:08 chs1 maldet(47132): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 03 2025 03:41:46 chs1 maldet(47132): {scan} file list completed in 38s, found 77 files...
Jun 03 2025 03:41:46 chs1 maldet(47132): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 03 2025 03:41:46 chs1 maldet(47132): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (77 files) in progress...
Jun 03 2025 03:41:57 chs1 maldet(47132): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 03 2025 03:41:57 chs1 maldet(47132): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 77, malware hits 1, cleaned hits 0, time 50s
Jun 03 2025 03:41:57 chs1 maldet(47132): {scan} scan report saved, to view run: maldet --report 250603-0341.47132
Jun 03 2025 03:41:57 chs1 maldet(47132): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250603-0341.47132
Jun 04 2025 00:59:35 chs1 maldet(877): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 04 2025 03:50:19 chs1 maldet(50883): {update} checking for available updates...
Jun 04 2025 03:50:20 chs1 maldet(50883): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 04 2025 03:50:20 chs1 maldet(50883): {update} hashing install files and checking against server...
Jun 04 2025 03:50:20 chs1 maldet(50883): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 04 2025 03:50:20 chs1 maldet(50883): {update} latest version already installed.
Jun 04 2025 03:50:20 chs1 maldet(51012): {sigup} performing signature update check...
Jun 04 2025 03:50:20 chs1 maldet(51012): {sigup} local signature set is version 202506011196154
Jun 04 2025 03:50:21 chs1 maldet(51012): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 04 2025 03:50:21 chs1 maldet(51012): {sigup} latest signature set already installed
Jun 04 2025 03:50:21 chs1 maldet(51124): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 04 2025 03:50:22 chs1 maldet(51124): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 04 2025 03:50:22 chs1 maldet(51124): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 04 2025 03:50:22 chs1 maldet(51124): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 04 2025 03:50:22 chs1 maldet(51124): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 04 2025 03:50:49 chs1 maldet(51124): {scan} file list completed in 26s, found 81 files...
Jun 04 2025 03:50:49 chs1 maldet(51124): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 04 2025 03:50:49 chs1 maldet(51124): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (81 files) in progress...
Jun 04 2025 03:50:59 chs1 maldet(51124): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 04 2025 03:50:59 chs1 maldet(51124): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 81, malware hits 1, cleaned hits 0, time 38s
Jun 04 2025 03:50:59 chs1 maldet(51124): {scan} scan report saved, to view run: maldet --report 250604-0350.51124
Jun 04 2025 03:50:59 chs1 maldet(51124): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250604-0350.51124
Jun 04 2025 15:58:28 chs1 maldet(879): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 05 2025 00:54:46 chs1 maldet(877): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 05 2025 03:53:57 chs1 maldet(56183): {update} checking for available updates...
Jun 05 2025 03:53:58 chs1 maldet(56183): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 05 2025 03:53:58 chs1 maldet(56183): {update} hashing install files and checking against server...
Jun 05 2025 03:53:58 chs1 maldet(56183): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 05 2025 03:53:58 chs1 maldet(56183): {update} latest version already installed.
Jun 05 2025 03:53:58 chs1 maldet(56294): {sigup} performing signature update check...
Jun 05 2025 03:53:58 chs1 maldet(56294): {sigup} local signature set is version 202506011196154
Jun 05 2025 03:53:59 chs1 maldet(56294): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 05 2025 03:53:59 chs1 maldet(56294): {sigup} new signature set 202506042164456 available
Jun 05 2025 03:53:59 chs1 maldet(56294): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 05 2025 03:53:59 chs1 maldet(56294): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 05 2025 03:53:59 chs1 maldet(56294): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 05 2025 03:53:59 chs1 maldet(56294): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 05 2025 03:54:00 chs1 maldet(56294): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 05 2025 03:54:00 chs1 maldet(56294): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 05 2025 03:54:00 chs1 maldet(56294): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 05 2025 03:54:00 chs1 maldet(56294): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 05 2025 03:54:00 chs1 maldet(56294): {sigup} verified md5sum of maldet-clean.tgz
Jun 05 2025 03:54:00 chs1 maldet(56294): {sigup} unpacked and installed maldet-clean.tgz
Jun 05 2025 03:54:00 chs1 maldet(56294): {sigup} signature set update completed
Jun 05 2025 03:54:00 chs1 maldet(56294): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 05 2025 03:54:04 chs1 maldet(56502): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 05 2025 03:54:13 chs1 maldet(56502): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 05 2025 03:54:13 chs1 maldet(56502): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 05 2025 03:54:13 chs1 maldet(56502): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 05 2025 03:54:13 chs1 maldet(56502): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 05 2025 03:55:56 chs1 maldet(903): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 05 2025 04:45:13 chs1 maldet(17035): {update} checking for available updates...
Jun 05 2025 04:45:47 chs1 maldet(17035): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 05 2025 04:45:47 chs1 maldet(17035): {update} hashing install files and checking against server...
Jun 05 2025 04:46:11 chs1 maldet(17035): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 05 2025 04:46:11 chs1 maldet(17035): {update} latest version already installed.
Jun 05 2025 04:46:11 chs1 maldet(17583): {sigup} performing signature update check...
Jun 05 2025 04:46:11 chs1 maldet(17583): {sigup} local signature set is version 202506042164456
Jun 05 2025 04:46:36 chs1 maldet(17583): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 05 2025 04:46:36 chs1 maldet(17583): {sigup} latest signature set already installed
Jun 05 2025 04:46:36 chs1 maldet(17729): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 05 2025 04:46:36 chs1 maldet(17729): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 05 2025 04:46:36 chs1 maldet(17729): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 05 2025 04:46:36 chs1 maldet(17729): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 05 2025 04:46:36 chs1 maldet(17729): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 05 2025 04:47:07 chs1 maldet(17729): {scan} file list completed in 31s, found 153 files...
Jun 05 2025 04:47:07 chs1 maldet(17729): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 05 2025 04:47:07 chs1 maldet(17729): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (153 files) in progress...
Jun 05 2025 04:47:19 chs1 maldet(17729): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 05 2025 04:47:19 chs1 maldet(17729): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 153, malware hits 1, cleaned hits 0, time 43s
Jun 05 2025 04:47:19 chs1 maldet(17729): {scan} scan report saved, to view run: maldet --report 250605-0446.17729
Jun 05 2025 04:47:19 chs1 maldet(17729): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250605-0446.17729
Jun 06 2025 00:59:34 chs1 maldet(995): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 06 2025 03:15:31 chs1 maldet(39024): {update} checking for available updates...
Jun 06 2025 03:15:31 chs1 maldet(39024): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 06 2025 03:15:31 chs1 maldet(39024): {update} hashing install files and checking against server...
Jun 06 2025 03:15:31 chs1 maldet(39024): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 06 2025 03:15:32 chs1 maldet(39024): {update} latest version already installed.
Jun 06 2025 03:15:32 chs1 maldet(39139): {sigup} performing signature update check...
Jun 06 2025 03:15:32 chs1 maldet(39139): {sigup} local signature set is version 202506042164456
Jun 06 2025 03:15:32 chs1 maldet(39139): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 06 2025 03:15:32 chs1 maldet(39139): {sigup} latest signature set already installed
Jun 06 2025 03:15:32 chs1 maldet(39227): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 06 2025 03:15:33 chs1 maldet(39227): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 06 2025 03:15:33 chs1 maldet(39227): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 06 2025 03:15:33 chs1 maldet(39227): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 06 2025 03:15:33 chs1 maldet(39227): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 06 2025 03:16:01 chs1 maldet(39227): {scan} file list completed in 27s, found 111 files...
Jun 06 2025 03:16:01 chs1 maldet(39227): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 06 2025 03:16:01 chs1 maldet(39227): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (111 files) in progress...
Jun 06 2025 03:16:13 chs1 maldet(39227): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 06 2025 03:16:13 chs1 maldet(39227): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 111, malware hits 1, cleaned hits 0, time 41s
Jun 06 2025 03:16:13 chs1 maldet(39227): {scan} scan report saved, to view run: maldet --report 250606-0315.39227
Jun 06 2025 03:16:13 chs1 maldet(39227): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250606-0315.39227
Jun 07 2025 00:58:34 chs1 maldet(887): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 07 2025 03:36:33 chs1 maldet(48090): {update} checking for available updates...
Jun 07 2025 03:36:34 chs1 maldet(48090): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 07 2025 03:36:34 chs1 maldet(48090): {update} hashing install files and checking against server...
Jun 07 2025 03:36:34 chs1 maldet(48090): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 07 2025 03:36:34 chs1 maldet(48090): {update} latest version already installed.
Jun 07 2025 03:36:34 chs1 maldet(48199): {sigup} performing signature update check...
Jun 07 2025 03:36:34 chs1 maldet(48199): {sigup} local signature set is version 202506042164456
Jun 07 2025 03:36:35 chs1 maldet(48199): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 07 2025 03:36:35 chs1 maldet(48199): {sigup} latest signature set already installed
Jun 07 2025 03:36:35 chs1 maldet(48287): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 07 2025 03:36:36 chs1 maldet(48287): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 07 2025 03:36:36 chs1 maldet(48287): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 07 2025 03:36:36 chs1 maldet(48287): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 07 2025 03:36:36 chs1 maldet(48287): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 07 2025 03:37:09 chs1 maldet(48287): {scan} file list completed in 33s, found 85 files...
Jun 07 2025 03:37:09 chs1 maldet(48287): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 07 2025 03:37:09 chs1 maldet(48287): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (85 files) in progress...
Jun 07 2025 03:37:21 chs1 maldet(48287): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 07 2025 03:37:21 chs1 maldet(48287): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 85, malware hits 1, cleaned hits 0, time 46s
Jun 07 2025 03:37:21 chs1 maldet(48287): {scan} scan report saved, to view run: maldet --report 250607-0336.48287
Jun 07 2025 03:37:21 chs1 maldet(48287): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250607-0336.48287
Jun 08 2025 01:09:49 chs1 maldet(882): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 08 2025 03:48:15 chs1 maldet(44519): {update} checking for available updates...
Jun 08 2025 03:48:15 chs1 maldet(44519): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 08 2025 03:48:15 chs1 maldet(44519): {update} hashing install files and checking against server...
Jun 08 2025 03:48:16 chs1 maldet(44519): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 08 2025 03:48:16 chs1 maldet(44519): {update} latest version already installed.
Jun 08 2025 03:48:16 chs1 maldet(44629): {sigup} performing signature update check...
Jun 08 2025 03:48:16 chs1 maldet(44629): {sigup} local signature set is version 202506042164456
Jun 08 2025 03:48:16 chs1 maldet(44629): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 08 2025 03:48:16 chs1 maldet(44629): {sigup} new signature set 20250607589111 available
Jun 08 2025 03:48:16 chs1 maldet(44629): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 08 2025 03:48:17 chs1 maldet(44629): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 08 2025 03:48:17 chs1 maldet(44629): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 08 2025 03:48:17 chs1 maldet(44629): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 08 2025 03:48:17 chs1 maldet(44629): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 08 2025 03:48:18 chs1 maldet(44629): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 08 2025 03:48:18 chs1 maldet(44629): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 08 2025 03:48:18 chs1 maldet(44629): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 08 2025 03:48:18 chs1 maldet(44629): {sigup} verified md5sum of maldet-clean.tgz
Jun 08 2025 03:48:18 chs1 maldet(44629): {sigup} unpacked and installed maldet-clean.tgz
Jun 08 2025 03:48:18 chs1 maldet(44629): {sigup} signature set update completed
Jun 08 2025 03:48:18 chs1 maldet(44629): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 08 2025 03:48:18 chs1 maldet(44836): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 08 2025 03:48:19 chs1 maldet(44836): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 08 2025 03:48:19 chs1 maldet(44836): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 08 2025 03:48:19 chs1 maldet(44836): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 08 2025 03:48:19 chs1 maldet(44836): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 08 2025 03:50:30 chs1 maldet(44836): {scan} file list completed in 131s, found 105 files...
Jun 08 2025 03:50:30 chs1 maldet(44836): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 08 2025 03:50:30 chs1 maldet(44836): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (105 files) in progress...
Jun 08 2025 03:50:43 chs1 maldet(44836): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 08 2025 03:50:43 chs1 maldet(44836): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 105, malware hits 1, cleaned hits 0, time 145s
Jun 08 2025 03:50:43 chs1 maldet(44836): {scan} scan report saved, to view run: maldet --report 250608-0348.44836
Jun 08 2025 03:50:43 chs1 maldet(44836): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250608-0348.44836
Jun 09 2025 00:59:48 chs1 maldet(888): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 09 2025 03:26:47 chs1 maldet(41092): {update} checking for available updates...
Jun 09 2025 03:26:48 chs1 maldet(41092): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 09 2025 03:26:48 chs1 maldet(41092): {update} hashing install files and checking against server...
Jun 09 2025 03:26:48 chs1 maldet(41092): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 09 2025 03:26:48 chs1 maldet(41092): {update} latest version already installed.
Jun 09 2025 03:26:48 chs1 maldet(41207): {sigup} performing signature update check...
Jun 09 2025 03:26:48 chs1 maldet(41207): {sigup} local signature set is version 20250607589111
Jun 09 2025 03:26:49 chs1 maldet(41207): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 09 2025 03:26:49 chs1 maldet(41207): {sigup} latest signature set already installed
Jun 09 2025 03:26:49 chs1 maldet(41295): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 09 2025 03:26:50 chs1 maldet(41295): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 09 2025 03:26:50 chs1 maldet(41295): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 09 2025 03:26:50 chs1 maldet(41295): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 09 2025 03:26:50 chs1 maldet(41295): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 09 2025 03:27:21 chs1 maldet(41295): {scan} file list completed in 31s, found 78 files...
Jun 09 2025 03:27:21 chs1 maldet(41295): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 09 2025 03:27:21 chs1 maldet(41295): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (78 files) in progress...
Jun 09 2025 03:27:32 chs1 maldet(41295): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 09 2025 03:27:32 chs1 maldet(41295): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 78, malware hits 1, cleaned hits 0, time 43s
Jun 09 2025 03:27:32 chs1 maldet(41295): {scan} scan report saved, to view run: maldet --report 250609-0326.41295
Jun 09 2025 03:27:32 chs1 maldet(41295): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250609-0326.41295
Jun 09 2025 12:41:08 chs1 maldet(930): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 09 2025 21:57:28 chs1 maldet(945): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 09 2025 23:06:34 chs1 maldet(909): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 09 2025 23:11:04 chs1 maldet(896): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 10 2025 03:30:42 chs1 maldet(79805): {update} checking for available updates...
Jun 10 2025 03:30:42 chs1 maldet(79805): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 10 2025 03:30:42 chs1 maldet(79805): {update} hashing install files and checking against server...
Jun 10 2025 03:30:43 chs1 maldet(79805): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 10 2025 03:30:43 chs1 maldet(79805): {update} latest version already installed.
Jun 10 2025 03:30:43 chs1 maldet(79915): {sigup} performing signature update check...
Jun 10 2025 03:30:43 chs1 maldet(79915): {sigup} local signature set is version 20250607589111
Jun 10 2025 03:30:43 chs1 maldet(79915): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 10 2025 03:30:43 chs1 maldet(79915): {sigup} latest signature set already installed
Jun 10 2025 03:30:43 chs1 maldet(80004): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 10 2025 03:30:44 chs1 maldet(80004): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 10 2025 03:30:44 chs1 maldet(80004): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 10 2025 03:30:44 chs1 maldet(80004): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 10 2025 03:30:44 chs1 maldet(80004): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 10 2025 03:31:10 chs1 maldet(80004): {scan} file list completed in 26s, found 89 files...
Jun 10 2025 03:31:10 chs1 maldet(80004): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 10 2025 03:31:10 chs1 maldet(80004): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (89 files) in progress...
Jun 10 2025 03:31:22 chs1 maldet(80004): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 10 2025 03:31:22 chs1 maldet(80004): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 89, malware hits 1, cleaned hits 0, time 39s
Jun 10 2025 03:31:22 chs1 maldet(80004): {scan} scan report saved, to view run: maldet --report 250610-0330.80004
Jun 10 2025 03:31:22 chs1 maldet(80004): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250610-0330.80004
Jun 10 2025 03:43:36 chs1 maldet(956): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 11 2025 00:56:52 chs1 maldet(952): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 11 2025 03:41:51 chs1 maldet(48709): {update} checking for available updates...
Jun 11 2025 03:41:52 chs1 maldet(48709): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 11 2025 03:41:52 chs1 maldet(48709): {update} hashing install files and checking against server...
Jun 11 2025 03:41:52 chs1 maldet(48709): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 11 2025 03:41:52 chs1 maldet(48709): {update} latest version already installed.
Jun 11 2025 03:41:52 chs1 maldet(48818): {sigup} performing signature update check...
Jun 11 2025 03:41:52 chs1 maldet(48818): {sigup} local signature set is version 20250607589111
Jun 11 2025 03:41:53 chs1 maldet(48818): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 11 2025 03:41:53 chs1 maldet(48818): {sigup} new signature set 20250610484586 available
Jun 11 2025 03:41:53 chs1 maldet(48818): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 11 2025 03:41:53 chs1 maldet(48818): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 11 2025 03:41:54 chs1 maldet(48818): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 11 2025 03:41:54 chs1 maldet(48818): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 11 2025 03:41:54 chs1 maldet(48818): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 11 2025 03:41:54 chs1 maldet(48818): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 11 2025 03:41:54 chs1 maldet(48818): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 11 2025 03:41:55 chs1 maldet(48818): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 11 2025 03:41:55 chs1 maldet(48818): {sigup} verified md5sum of maldet-clean.tgz
Jun 11 2025 03:41:55 chs1 maldet(48818): {sigup} unpacked and installed maldet-clean.tgz
Jun 11 2025 03:41:55 chs1 maldet(48818): {sigup} signature set update completed
Jun 11 2025 03:41:55 chs1 maldet(48818): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 11 2025 03:41:55 chs1 maldet(49023): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 11 2025 03:41:56 chs1 maldet(49023): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 11 2025 03:41:56 chs1 maldet(49023): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 11 2025 03:41:56 chs1 maldet(49023): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 11 2025 03:41:56 chs1 maldet(49023): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 11 2025 03:43:38 chs1 maldet(49023): {scan} file list completed in 102s, found 86 files...
Jun 11 2025 03:43:38 chs1 maldet(49023): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 11 2025 03:43:38 chs1 maldet(49023): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (86 files) in progress...
Jun 11 2025 03:44:30 chs1 maldet(49023): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 11 2025 03:44:30 chs1 maldet(49023): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 86, malware hits 1, cleaned hits 0, time 155s
Jun 11 2025 03:44:30 chs1 maldet(49023): {scan} scan report saved, to view run: maldet --report 250611-0341.49023
Jun 11 2025 03:44:30 chs1 maldet(49023): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250611-0341.49023
Jun 12 2025 03:56:23 chs1 maldet(29732): {update} checking for available updates...
Jun 12 2025 03:56:24 chs1 maldet(29732): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 12 2025 03:56:24 chs1 maldet(29732): {update} hashing install files and checking against server...
Jun 12 2025 03:56:24 chs1 maldet(29732): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 12 2025 03:56:24 chs1 maldet(29732): {update} latest version already installed.
Jun 12 2025 03:56:24 chs1 maldet(29841): {sigup} performing signature update check...
Jun 12 2025 03:56:24 chs1 maldet(29841): {sigup} local signature set is version 20250610484586
Jun 12 2025 03:56:25 chs1 maldet(29841): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 12 2025 03:56:25 chs1 maldet(29841): {sigup} latest signature set already installed
Jun 12 2025 03:56:25 chs1 maldet(29929): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 12 2025 03:56:25 chs1 maldet(29929): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 12 2025 03:56:25 chs1 maldet(29929): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 12 2025 03:56:25 chs1 maldet(29929): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 12 2025 03:56:25 chs1 maldet(29929): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 12 2025 03:56:51 chs1 maldet(29929): {scan} file list completed in 26s, found 135 files...
Jun 12 2025 03:56:51 chs1 maldet(29929): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 12 2025 03:56:51 chs1 maldet(29929): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (135 files) in progress...
Jun 12 2025 03:57:03 chs1 maldet(29929): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 12 2025 03:57:04 chs1 maldet(29929): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 135, malware hits 1, cleaned hits 0, time 39s
Jun 12 2025 03:57:04 chs1 maldet(29929): {scan} scan report saved, to view run: maldet --report 250612-0356.29929
Jun 12 2025 03:57:04 chs1 maldet(29929): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250612-0356.29929
Jun 12 2025 04:08:33 chs1 maldet(879): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 13 2025 00:55:55 chs1 maldet(905): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 13 2025 03:34:39 chs1 maldet(47001): {update} checking for available updates...
Jun 13 2025 03:34:39 chs1 maldet(47001): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 13 2025 03:34:39 chs1 maldet(47001): {update} hashing install files and checking against server...
Jun 13 2025 03:34:40 chs1 maldet(47001): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 13 2025 03:34:40 chs1 maldet(47001): {update} latest version already installed.
Jun 13 2025 03:34:40 chs1 maldet(47113): {sigup} performing signature update check...
Jun 13 2025 03:34:40 chs1 maldet(47113): {sigup} local signature set is version 20250610484586
Jun 13 2025 03:34:41 chs1 maldet(47113): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 13 2025 03:34:41 chs1 maldet(47113): {sigup} latest signature set already installed
Jun 13 2025 03:34:41 chs1 maldet(47202): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 13 2025 03:34:44 chs1 maldet(47202): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 13 2025 03:34:44 chs1 maldet(47202): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 13 2025 03:34:44 chs1 maldet(47202): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 13 2025 03:34:44 chs1 maldet(47202): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 13 2025 03:35:33 chs1 maldet(47202): {scan} file list completed in 49s, found 76 files...
Jun 13 2025 03:35:33 chs1 maldet(47202): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 13 2025 03:35:33 chs1 maldet(47202): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (76 files) in progress...
Jun 13 2025 03:35:50 chs1 maldet(47202): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 13 2025 03:35:50 chs1 maldet(47202): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 76, malware hits 1, cleaned hits 0, time 69s
Jun 13 2025 03:35:50 chs1 maldet(47202): {scan} scan report saved, to view run: maldet --report 250613-0334.47202
Jun 13 2025 03:35:50 chs1 maldet(47202): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250613-0334.47202
Jun 13 2025 03:47:47 chs1 maldet(886): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 14 2025 00:57:37 chs1 maldet(923): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 14 2025 03:52:45 chs1 maldet(50185): {update} checking for available updates...
Jun 14 2025 03:52:46 chs1 maldet(50185): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 14 2025 03:52:46 chs1 maldet(50185): {update} hashing install files and checking against server...
Jun 14 2025 03:52:46 chs1 maldet(50185): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 14 2025 03:52:46 chs1 maldet(50185): {update} latest version already installed.
Jun 14 2025 03:52:46 chs1 maldet(50295): {sigup} performing signature update check...
Jun 14 2025 03:52:46 chs1 maldet(50295): {sigup} local signature set is version 20250610484586
Jun 14 2025 03:52:47 chs1 maldet(50295): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 14 2025 03:52:47 chs1 maldet(50295): {sigup} new signature set 20250613705251 available
Jun 14 2025 03:52:47 chs1 maldet(50295): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 14 2025 03:52:47 chs1 maldet(50295): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 14 2025 03:52:48 chs1 maldet(50295): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 14 2025 03:52:48 chs1 maldet(50295): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 14 2025 03:52:48 chs1 maldet(50295): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 14 2025 03:52:48 chs1 maldet(50295): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 14 2025 03:52:48 chs1 maldet(50295): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 14 2025 03:52:48 chs1 maldet(50295): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 14 2025 03:52:48 chs1 maldet(50295): {sigup} verified md5sum of maldet-clean.tgz
Jun 14 2025 03:52:49 chs1 maldet(50295): {sigup} unpacked and installed maldet-clean.tgz
Jun 14 2025 03:52:49 chs1 maldet(50295): {sigup} signature set update completed
Jun 14 2025 03:52:49 chs1 maldet(50295): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 14 2025 03:52:49 chs1 maldet(50503): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 14 2025 03:52:49 chs1 maldet(50503): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 14 2025 03:52:49 chs1 maldet(50503): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 14 2025 03:52:49 chs1 maldet(50503): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 14 2025 03:52:49 chs1 maldet(50503): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 14 2025 03:56:05 chs1 maldet(1038): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 14 2025 04:19:17 chs1 maldet(10246): {update} checking for available updates...
Jun 14 2025 04:19:17 chs1 maldet(10246): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 14 2025 04:19:17 chs1 maldet(10246): {update} hashing install files and checking against server...
Jun 14 2025 04:19:18 chs1 maldet(10246): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 14 2025 04:19:18 chs1 maldet(10246): {update} latest version already installed.
Jun 14 2025 04:19:18 chs1 maldet(10356): {sigup} performing signature update check...
Jun 14 2025 04:19:18 chs1 maldet(10356): {sigup} local signature set is version 20250613705251
Jun 14 2025 04:19:18 chs1 maldet(10356): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 14 2025 04:19:18 chs1 maldet(10356): {sigup} latest signature set already installed
Jun 14 2025 04:19:18 chs1 maldet(10444): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 14 2025 04:19:19 chs1 maldet(10444): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 14 2025 04:19:19 chs1 maldet(10444): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 14 2025 04:19:19 chs1 maldet(10444): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 14 2025 04:19:19 chs1 maldet(10444): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 14 2025 04:19:52 chs1 maldet(10444): {scan} file list completed in 33s, found 93 files...
Jun 14 2025 04:19:52 chs1 maldet(10444): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 14 2025 04:19:52 chs1 maldet(10444): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (93 files) in progress...
Jun 14 2025 04:20:05 chs1 maldet(10444): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 14 2025 04:20:05 chs1 maldet(10444): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 93, malware hits 1, cleaned hits 0, time 47s
Jun 14 2025 04:20:05 chs1 maldet(10444): {scan} scan report saved, to view run: maldet --report 250614-0419.10444
Jun 14 2025 04:20:05 chs1 maldet(10444): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250614-0419.10444
Jun 14 2025 20:17:30 chs1 maldet(880): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 14 2025 20:29:28 chs1 maldet(902): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 14 2025 20:53:18 chs1 maldet(958): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 15 2025 03:49:51 chs1 maldet(17201): {update} checking for available updates...
Jun 15 2025 03:49:52 chs1 maldet(17201): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 15 2025 03:49:52 chs1 maldet(17201): {update} hashing install files and checking against server...
Jun 15 2025 03:49:52 chs1 maldet(17201): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 15 2025 03:49:52 chs1 maldet(17201): {update} latest version already installed.
Jun 15 2025 03:49:52 chs1 maldet(17311): {sigup} performing signature update check...
Jun 15 2025 03:49:52 chs1 maldet(17311): {sigup} local signature set is version 20250613705251
Jun 15 2025 03:49:52 chs1 maldet(17311): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 15 2025 03:49:53 chs1 maldet(17311): {sigup} latest signature set already installed
Jun 15 2025 03:49:53 chs1 maldet(17399): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 15 2025 03:49:53 chs1 maldet(17399): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 15 2025 03:49:53 chs1 maldet(17399): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 15 2025 03:49:53 chs1 maldet(17399): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 15 2025 03:49:53 chs1 maldet(17399): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 15 2025 03:50:17 chs1 maldet(17399): {scan} file list completed in 24s, found 87 files...
Jun 15 2025 03:50:17 chs1 maldet(17399): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 15 2025 03:50:17 chs1 maldet(17399): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (87 files) in progress...
Jun 15 2025 03:50:26 chs1 maldet(17399): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 15 2025 03:50:26 chs1 maldet(17399): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 87, malware hits 1, cleaned hits 0, time 33s
Jun 15 2025 03:50:26 chs1 maldet(17399): {scan} scan report saved, to view run: maldet --report 250615-0349.17399
Jun 15 2025 03:50:26 chs1 maldet(17399): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250615-0349.17399
Jun 15 2025 04:03:52 chs1 maldet(903): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 16 2025 03:56:37 chs1 maldet(82911): {update} checking for available updates...
Jun 16 2025 03:56:38 chs1 maldet(82911): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 16 2025 03:56:38 chs1 maldet(82911): {update} hashing install files and checking against server...
Jun 16 2025 03:56:38 chs1 maldet(82911): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 16 2025 03:56:38 chs1 maldet(82911): {update} latest version already installed.
Jun 16 2025 03:56:38 chs1 maldet(83021): {sigup} performing signature update check...
Jun 16 2025 03:56:38 chs1 maldet(83021): {sigup} local signature set is version 20250613705251
Jun 16 2025 03:56:39 chs1 maldet(83021): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 16 2025 03:56:39 chs1 maldet(83021): {sigup} latest signature set already installed
Jun 16 2025 03:56:39 chs1 maldet(83111): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 16 2025 03:56:39 chs1 maldet(83111): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 16 2025 03:56:40 chs1 maldet(83111): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 16 2025 03:56:40 chs1 maldet(83111): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 16 2025 03:56:40 chs1 maldet(83111): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 16 2025 03:57:08 chs1 maldet(83111): {scan} file list completed in 28s, found 107 files...
Jun 16 2025 03:57:08 chs1 maldet(83111): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 16 2025 03:57:08 chs1 maldet(83111): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (107 files) in progress...
Jun 16 2025 03:57:19 chs1 maldet(83111): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 16 2025 03:57:19 chs1 maldet(83111): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 107, malware hits 1, cleaned hits 0, time 40s
Jun 16 2025 03:57:19 chs1 maldet(83111): {scan} scan report saved, to view run: maldet --report 250616-0356.83111
Jun 16 2025 03:57:19 chs1 maldet(83111): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250616-0356.83111
Jun 16 2025 04:08:35 chs1 maldet(875): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 17 2025 03:11:09 chs1 maldet(53861): {update} checking for available updates...
Jun 17 2025 03:11:10 chs1 maldet(53861): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 17 2025 03:11:10 chs1 maldet(53861): {update} hashing install files and checking against server...
Jun 17 2025 03:11:10 chs1 maldet(53861): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 17 2025 03:11:10 chs1 maldet(53861): {update} latest version already installed.
Jun 17 2025 03:11:10 chs1 maldet(53970): {sigup} performing signature update check...
Jun 17 2025 03:11:10 chs1 maldet(53970): {sigup} local signature set is version 20250613705251
Jun 17 2025 03:11:10 chs1 maldet(53970): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 17 2025 03:11:10 chs1 maldet(53970): {sigup} new signature set 20250616812462 available
Jun 17 2025 03:11:10 chs1 maldet(53970): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 17 2025 03:11:11 chs1 maldet(53970): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 17 2025 03:11:11 chs1 maldet(53970): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 17 2025 03:11:11 chs1 maldet(53970): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 17 2025 03:11:12 chs1 maldet(53970): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 17 2025 03:11:12 chs1 maldet(53970): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 17 2025 03:11:12 chs1 maldet(53970): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 17 2025 03:11:12 chs1 maldet(53970): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 17 2025 03:11:12 chs1 maldet(53970): {sigup} verified md5sum of maldet-clean.tgz
Jun 17 2025 03:11:12 chs1 maldet(53970): {sigup} unpacked and installed maldet-clean.tgz
Jun 17 2025 03:11:12 chs1 maldet(53970): {sigup} signature set update completed
Jun 17 2025 03:11:12 chs1 maldet(53970): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 17 2025 03:11:12 chs1 maldet(54176): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 17 2025 03:11:13 chs1 maldet(54176): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 17 2025 03:11:13 chs1 maldet(54176): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 17 2025 03:11:13 chs1 maldet(54176): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 17 2025 03:11:13 chs1 maldet(54176): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 17 2025 03:12:43 chs1 maldet(890): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 17 2025 04:42:05 chs1 maldet(25598): {update} checking for available updates...
Jun 17 2025 04:42:31 chs1 maldet(25598): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 17 2025 04:42:31 chs1 maldet(25598): {update} hashing install files and checking against server...
Jun 17 2025 04:42:55 chs1 maldet(25598): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 17 2025 04:42:55 chs1 maldet(25598): {update} latest version already installed.
Jun 17 2025 04:42:56 chs1 maldet(25803): {sigup} performing signature update check...
Jun 17 2025 04:42:56 chs1 maldet(25803): {sigup} local signature set is version 20250616812462
Jun 17 2025 04:43:44 chs1 maldet(25803): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 17 2025 04:43:44 chs1 maldet(25803): {sigup} latest signature set already installed
Jun 17 2025 04:43:44 chs1 maldet(26035): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 17 2025 04:43:45 chs1 maldet(26035): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 17 2025 04:43:45 chs1 maldet(26035): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 17 2025 04:43:45 chs1 maldet(26035): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 17 2025 04:43:45 chs1 maldet(26035): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 17 2025 04:44:15 chs1 maldet(26035): {scan} file list completed in 30s, found 81 files...
Jun 17 2025 04:44:15 chs1 maldet(26035): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 17 2025 04:44:15 chs1 maldet(26035): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (81 files) in progress...
Jun 17 2025 04:44:34 chs1 maldet(26035): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 17 2025 04:44:35 chs1 maldet(26035): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 81, malware hits 1, cleaned hits 0, time 50s
Jun 17 2025 04:44:35 chs1 maldet(26035): {scan} scan report saved, to view run: maldet --report 250617-0443.26035
Jun 17 2025 04:44:35 chs1 maldet(26035): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250617-0443.26035
Jun 18 2025 00:53:39 chs1 maldet(924): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 18 2025 03:15:20 chs1 maldet(40753): {update} checking for available updates...
Jun 18 2025 03:15:21 chs1 maldet(40753): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 18 2025 03:15:21 chs1 maldet(40753): {update} hashing install files and checking against server...
Jun 18 2025 03:15:21 chs1 maldet(40753): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 18 2025 03:15:21 chs1 maldet(40753): {update} latest version already installed.
Jun 18 2025 03:15:21 chs1 maldet(40866): {sigup} performing signature update check...
Jun 18 2025 03:15:21 chs1 maldet(40866): {sigup} local signature set is version 20250616812462
Jun 18 2025 03:15:22 chs1 maldet(40866): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 18 2025 03:15:22 chs1 maldet(40866): {sigup} latest signature set already installed
Jun 18 2025 03:15:22 chs1 maldet(40956): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 18 2025 03:15:22 chs1 maldet(40956): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 18 2025 03:15:22 chs1 maldet(40956): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 18 2025 03:15:22 chs1 maldet(40956): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 18 2025 03:15:22 chs1 maldet(40956): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 18 2025 03:15:52 chs1 maldet(40956): {scan} file list completed in 30s, found 82 files...
Jun 18 2025 03:15:52 chs1 maldet(40956): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 18 2025 03:15:52 chs1 maldet(40956): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (82 files) in progress...
Jun 18 2025 03:16:02 chs1 maldet(40956): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 18 2025 03:16:02 chs1 maldet(40956): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 82, malware hits 1, cleaned hits 0, time 40s
Jun 18 2025 03:16:02 chs1 maldet(40956): {scan} scan report saved, to view run: maldet --report 250618-0315.40956
Jun 18 2025 03:16:02 chs1 maldet(40956): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250618-0315.40956
Jun 19 2025 00:59:17 chs1 maldet(967): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 19 2025 03:57:33 chs1 maldet(53035): {update} checking for available updates...
Jun 19 2025 03:57:33 chs1 maldet(53035): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 19 2025 03:57:33 chs1 maldet(53035): {update} hashing install files and checking against server...
Jun 19 2025 03:57:34 chs1 maldet(53035): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 19 2025 03:57:34 chs1 maldet(53035): {update} latest version already installed.
Jun 19 2025 03:57:34 chs1 maldet(53146): {sigup} performing signature update check...
Jun 19 2025 03:57:34 chs1 maldet(53146): {sigup} local signature set is version 20250616812462
Jun 19 2025 03:57:34 chs1 maldet(53146): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 19 2025 03:57:34 chs1 maldet(53146): {sigup} latest signature set already installed
Jun 19 2025 03:57:34 chs1 maldet(53234): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 19 2025 03:57:35 chs1 maldet(53234): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 19 2025 03:57:35 chs1 maldet(53234): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 19 2025 03:57:35 chs1 maldet(53234): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 19 2025 03:57:35 chs1 maldet(53234): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 19 2025 03:58:02 chs1 maldet(53234): {scan} file list completed in 27s, found 105 files...
Jun 19 2025 03:58:02 chs1 maldet(53234): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 19 2025 03:58:02 chs1 maldet(53234): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (105 files) in progress...
Jun 19 2025 03:58:15 chs1 maldet(53234): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 19 2025 03:58:16 chs1 maldet(53234): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 105, malware hits 1, cleaned hits 0, time 41s
Jun 19 2025 03:58:16 chs1 maldet(53234): {scan} scan report saved, to view run: maldet --report 250619-0357.53234
Jun 19 2025 03:58:16 chs1 maldet(53234): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250619-0357.53234
Jun 19 2025 10:55:00 chs1 maldet(877): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 20 2025 00:52:40 chs1 maldet(887): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 20 2025 03:40:29 chs1 maldet(51073): {update} checking for available updates...
Jun 20 2025 03:41:41 chs1 maldet(51073): {update} could not download https://cdn.rfxn.com/downloads/maldet.current.ver, please try again later.
Jun 20 2025 03:41:41 chs1 maldet(51073): {update} could not download version file from server, please try again later.
Jun 20 2025 03:41:42 chs1 maldet(51339): {sigup} performing signature update check...
Jun 20 2025 03:41:42 chs1 maldet(51339): {sigup} local signature set is version 20250616812462
Jun 20 2025 03:42:23 chs1 maldet(51339): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 20 2025 03:42:23 chs1 maldet(51339): {sigup} new signature set 202506191777955 available
Jun 20 2025 03:42:23 chs1 maldet(51339): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 20 2025 03:42:46 chs1 maldet(51339): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 20 2025 03:43:02 chs1 maldet(51339): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 20 2025 03:43:02 chs1 maldet(51339): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 20 2025 03:43:16 chs1 maldet(51339): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 20 2025 03:43:27 chs1 maldet(51339): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 20 2025 03:43:27 chs1 maldet(51339): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 20 2025 03:43:28 chs1 maldet(51339): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 20 2025 03:43:28 chs1 maldet(51339): {sigup} verified md5sum of maldet-clean.tgz
Jun 20 2025 03:43:28 chs1 maldet(51339): {sigup} unpacked and installed maldet-clean.tgz
Jun 20 2025 03:43:28 chs1 maldet(51339): {sigup} signature set update completed
Jun 20 2025 03:43:28 chs1 maldet(51339): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 20 2025 03:43:28 chs1 maldet(51936): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 20 2025 03:43:28 chs1 maldet(51936): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 20 2025 03:43:28 chs1 maldet(51936): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 20 2025 03:43:28 chs1 maldet(51936): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 20 2025 03:43:28 chs1 maldet(51936): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 20 2025 03:45:38 chs1 maldet(51936): {scan} file list completed in 129s, found 107 files...
Jun 20 2025 03:45:38 chs1 maldet(51936): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 20 2025 03:45:38 chs1 maldet(51936): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (107 files) in progress...
Jun 20 2025 03:45:58 chs1 maldet(51936): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 20 2025 03:45:58 chs1 maldet(51936): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 107, malware hits 1, cleaned hits 0, time 150s
Jun 20 2025 03:45:58 chs1 maldet(51936): {scan} scan report saved, to view run: maldet --report 250620-0343.51936
Jun 20 2025 03:45:58 chs1 maldet(51936): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250620-0343.51936
Jun 21 2025 00:56:51 chs1 maldet(897): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 21 2025 03:49:42 chs1 maldet(49706): {update} checking for available updates...
Jun 21 2025 03:49:42 chs1 maldet(49706): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 21 2025 03:49:42 chs1 maldet(49706): {update} hashing install files and checking against server...
Jun 21 2025 03:49:43 chs1 maldet(49706): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 21 2025 03:49:43 chs1 maldet(49706): {update} latest version already installed.
Jun 21 2025 03:49:43 chs1 maldet(49817): {sigup} performing signature update check...
Jun 21 2025 03:49:43 chs1 maldet(49817): {sigup} local signature set is version 202506191777955
Jun 21 2025 03:49:43 chs1 maldet(49817): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 21 2025 03:49:43 chs1 maldet(49817): {sigup} latest signature set already installed
Jun 21 2025 03:49:43 chs1 maldet(49906): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 21 2025 03:49:44 chs1 maldet(49906): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 21 2025 03:49:44 chs1 maldet(49906): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 21 2025 03:49:44 chs1 maldet(49906): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 21 2025 03:49:44 chs1 maldet(49906): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 21 2025 03:50:20 chs1 maldet(49906): {scan} file list completed in 36s, found 82 files...
Jun 21 2025 03:50:20 chs1 maldet(49906): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 21 2025 03:50:20 chs1 maldet(49906): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (82 files) in progress...
Jun 21 2025 03:50:31 chs1 maldet(49906): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 21 2025 03:50:31 chs1 maldet(49906): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 82, malware hits 1, cleaned hits 0, time 48s
Jun 21 2025 03:50:31 chs1 maldet(49906): {scan} scan report saved, to view run: maldet --report 250621-0349.49906
Jun 21 2025 03:50:31 chs1 maldet(49906): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250621-0349.49906
Jun 22 2025 00:57:44 chs1 maldet(926): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 22 2025 03:31:05 chs1 maldet(46570): {update} checking for available updates...
Jun 22 2025 03:31:05 chs1 maldet(46570): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 22 2025 03:31:05 chs1 maldet(46570): {update} hashing install files and checking against server...
Jun 22 2025 03:31:06 chs1 maldet(46570): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 22 2025 03:31:06 chs1 maldet(46570): {update} latest version already installed.
Jun 22 2025 03:31:06 chs1 maldet(46679): {sigup} performing signature update check...
Jun 22 2025 03:31:06 chs1 maldet(46679): {sigup} local signature set is version 202506191777955
Jun 22 2025 03:31:06 chs1 maldet(46679): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 22 2025 03:31:06 chs1 maldet(46679): {sigup} latest signature set already installed
Jun 22 2025 03:31:06 chs1 maldet(46770): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 22 2025 03:31:07 chs1 maldet(46770): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 22 2025 03:31:07 chs1 maldet(46770): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 22 2025 03:31:07 chs1 maldet(46770): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 22 2025 03:31:07 chs1 maldet(46770): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 22 2025 03:33:32 chs1 maldet(46770): {scan} file list completed in 144s, found 91 files...
Jun 22 2025 03:33:32 chs1 maldet(46770): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 22 2025 03:33:32 chs1 maldet(46770): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (91 files) in progress...
Jun 22 2025 03:33:53 chs1 maldet(46770): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 22 2025 03:33:53 chs1 maldet(46770): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 91, malware hits 1, cleaned hits 0, time 167s
Jun 22 2025 03:33:53 chs1 maldet(46770): {scan} scan report saved, to view run: maldet --report 250622-0331.46770
Jun 22 2025 03:33:53 chs1 maldet(46770): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250622-0331.46770
Jun 23 2025 01:00:41 chs1 maldet(893): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 23 2025 03:45:44 chs1 maldet(44365): {update} checking for available updates...
Jun 23 2025 03:45:44 chs1 maldet(44365): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 23 2025 03:45:44 chs1 maldet(44365): {update} hashing install files and checking against server...
Jun 23 2025 03:45:44 chs1 maldet(44365): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 23 2025 03:45:44 chs1 maldet(44365): {update} latest version already installed.
Jun 23 2025 03:45:45 chs1 maldet(44490): {sigup} performing signature update check...
Jun 23 2025 03:45:45 chs1 maldet(44490): {sigup} local signature set is version 202506191777955
Jun 23 2025 03:45:45 chs1 maldet(44490): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 23 2025 03:45:45 chs1 maldet(44490): {sigup} new signature set 202506222744524 available
Jun 23 2025 03:45:45 chs1 maldet(44490): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 23 2025 03:45:46 chs1 maldet(44490): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 23 2025 03:45:46 chs1 maldet(44490): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 23 2025 03:45:46 chs1 maldet(44490): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 23 2025 03:45:46 chs1 maldet(44490): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 23 2025 03:45:47 chs1 maldet(44490): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 23 2025 03:45:47 chs1 maldet(44490): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 23 2025 03:45:47 chs1 maldet(44490): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 23 2025 03:45:47 chs1 maldet(44490): {sigup} verified md5sum of maldet-clean.tgz
Jun 23 2025 03:45:47 chs1 maldet(44490): {sigup} unpacked and installed maldet-clean.tgz
Jun 23 2025 03:45:47 chs1 maldet(44490): {sigup} signature set update completed
Jun 23 2025 03:45:47 chs1 maldet(44490): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 23 2025 03:45:47 chs1 maldet(44779): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 23 2025 03:45:49 chs1 maldet(44779): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 23 2025 03:45:49 chs1 maldet(44779): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 23 2025 03:45:49 chs1 maldet(44779): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 23 2025 03:45:49 chs1 maldet(44779): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 23 2025 03:47:58 chs1 maldet(44779): {scan} file list completed in 128s, found 52 files...
Jun 23 2025 03:47:58 chs1 maldet(44779): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 23 2025 03:47:58 chs1 maldet(44779): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (52 files) in progress...
Jun 23 2025 03:48:14 chs1 maldet(44779): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 23 2025 03:48:15 chs1 maldet(44779): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 52, malware hits 1, cleaned hits 0, time 148s
Jun 23 2025 03:48:15 chs1 maldet(44779): {scan} scan report saved, to view run: maldet --report 250623-0345.44779
Jun 23 2025 03:48:15 chs1 maldet(44779): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250623-0345.44779
Jun 24 2025 00:58:47 chs1 maldet(968): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 24 2025 03:42:31 chs1 maldet(45666): {update} checking for available updates...
Jun 24 2025 03:42:32 chs1 maldet(45666): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 24 2025 03:42:32 chs1 maldet(45666): {update} hashing install files and checking against server...
Jun 24 2025 03:42:32 chs1 maldet(45666): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 24 2025 03:42:32 chs1 maldet(45666): {update} latest version already installed.
Jun 24 2025 03:42:32 chs1 maldet(45775): {sigup} performing signature update check...
Jun 24 2025 03:42:32 chs1 maldet(45775): {sigup} local signature set is version 202506222744524
Jun 24 2025 03:42:33 chs1 maldet(45775): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 24 2025 03:42:33 chs1 maldet(45775): {sigup} latest signature set already installed
Jun 24 2025 03:42:33 chs1 maldet(45863): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 24 2025 03:42:33 chs1 maldet(45863): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 24 2025 03:42:33 chs1 maldet(45863): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 24 2025 03:42:33 chs1 maldet(45863): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 24 2025 03:42:33 chs1 maldet(45863): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 24 2025 03:43:00 chs1 maldet(45863): {scan} file list completed in 27s, found 79 files...
Jun 24 2025 03:43:00 chs1 maldet(45863): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 24 2025 03:43:00 chs1 maldet(45863): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (79 files) in progress...
Jun 24 2025 03:43:12 chs1 maldet(45863): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 24 2025 03:43:12 chs1 maldet(45863): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 79, malware hits 1, cleaned hits 0, time 39s
Jun 24 2025 03:43:12 chs1 maldet(45863): {scan} scan report saved, to view run: maldet --report 250624-0342.45863
Jun 24 2025 03:43:12 chs1 maldet(45863): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250624-0342.45863
Jun 25 2025 00:58:52 chs1 maldet(899): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 25 2025 03:22:39 chs1 maldet(46731): {update} checking for available updates...
Jun 25 2025 03:24:36 chs1 maldet(46731): {update} could not download https://cdn.rfxn.com/downloads/maldet.current.ver, please try again later.
Jun 25 2025 03:24:36 chs1 maldet(46731): {update} could not download version file from server, please try again later.
Jun 25 2025 03:24:36 chs1 maldet(47212): {sigup} performing signature update check...
Jun 25 2025 03:24:36 chs1 maldet(47212): {sigup} local signature set is version 202506222744524
Jun 25 2025 03:26:26 chs1 maldet(47212): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 25 2025 03:26:26 chs1 maldet(47212): {sigup} new signature set error code: 522 available
Jun 25 2025 03:26:26 chs1 maldet(47212): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 25 2025 03:27:45 chs1 maldet(47212): {sigup} could not download https://cdn.rfxn.com/downloads/maldet-sigpack.tgz, please try again later.
Jun 25 2025 03:28:35 chs1 maldet(47212): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 25 2025 03:28:35 chs1 maldet(47212): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 25 2025 03:29:22 chs1 maldet(47212): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 25 2025 03:31:12 chs1 maldet(47212): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 25 2025 03:31:12 chs1 maldet(47212): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
Jun 25 2025 03:31:12 chs1 maldet(47212): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
Jun 25 2025 03:31:12 chs1 maldet(49043): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 25 2025 03:31:13 chs1 maldet(49043): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 25 2025 03:31:13 chs1 maldet(49043): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 25 2025 03:31:13 chs1 maldet(49043): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 25 2025 03:31:13 chs1 maldet(49043): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 25 2025 03:31:41 chs1 maldet(49043): {scan} file list completed in 28s, found 137 files...
Jun 25 2025 03:31:41 chs1 maldet(49043): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 25 2025 03:31:41 chs1 maldet(49043): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (137 files) in progress...
Jun 25 2025 03:31:54 chs1 maldet(49043): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 25 2025 03:31:54 chs1 maldet(49043): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 137, malware hits 1, cleaned hits 0, time 42s
Jun 25 2025 03:31:54 chs1 maldet(49043): {scan} scan report saved, to view run: maldet --report 250625-0331.49043
Jun 25 2025 03:31:54 chs1 maldet(49043): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250625-0331.49043
Jun 25 2025 12:59:37 chs1 maldet(896): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 26 2025 00:53:59 chs1 maldet(916): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 26 2025 03:39:34 chs1 maldet(46696): {update} checking for available updates...
Jun 26 2025 03:39:34 chs1 maldet(46696): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 26 2025 03:39:34 chs1 maldet(46696): {update} hashing install files and checking against server...
Jun 26 2025 03:39:35 chs1 maldet(46696): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 26 2025 03:39:35 chs1 maldet(46696): {update} latest version already installed.
Jun 26 2025 03:39:35 chs1 maldet(46806): {sigup} performing signature update check...
Jun 26 2025 03:39:35 chs1 maldet(46806): {sigup} local signature set is version 202506222744524
Jun 26 2025 03:39:35 chs1 maldet(46806): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 26 2025 03:39:35 chs1 maldet(46806): {sigup} new signature set 202506253712170 available
Jun 26 2025 03:39:35 chs1 maldet(46806): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 26 2025 03:39:36 chs1 maldet(46806): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jun 26 2025 03:39:36 chs1 maldet(46806): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jun 26 2025 03:39:36 chs1 maldet(46806): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 26 2025 03:39:37 chs1 maldet(46806): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jun 26 2025 03:39:37 chs1 maldet(46806): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jun 26 2025 03:39:37 chs1 maldet(46806): {sigup} verified md5sum of maldet-sigpack.tgz
Jun 26 2025 03:39:37 chs1 maldet(46806): {sigup} unpacked and installed maldet-sigpack.tgz
Jun 26 2025 03:39:37 chs1 maldet(46806): {sigup} verified md5sum of maldet-clean.tgz
Jun 26 2025 03:39:37 chs1 maldet(46806): {sigup} unpacked and installed maldet-clean.tgz
Jun 26 2025 03:39:37 chs1 maldet(46806): {sigup} signature set update completed
Jun 26 2025 03:39:37 chs1 maldet(46806): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 26 2025 03:39:37 chs1 maldet(47009): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 26 2025 03:39:38 chs1 maldet(47009): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 26 2025 03:39:38 chs1 maldet(47009): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 26 2025 03:39:38 chs1 maldet(47009): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 26 2025 03:39:38 chs1 maldet(47009): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 26 2025 03:42:16 chs1 maldet(47009): {scan} file list completed in 158s, found 69 files...
Jun 26 2025 03:42:16 chs1 maldet(47009): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 26 2025 03:42:16 chs1 maldet(47009): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (69 files) in progress...
Jun 26 2025 03:42:27 chs1 maldet(47009): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 26 2025 03:42:27 chs1 maldet(47009): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 69, malware hits 1, cleaned hits 0, time 170s
Jun 26 2025 03:42:27 chs1 maldet(47009): {scan} scan report saved, to view run: maldet --report 250626-0339.47009
Jun 26 2025 03:42:27 chs1 maldet(47009): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250626-0339.47009
Jun 26 2025 17:34:25 chs1 maldet(899): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 27 2025 03:51:12 chs1 maldet(75809): {update} checking for available updates...
Jun 27 2025 03:51:12 chs1 maldet(75809): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 27 2025 03:51:12 chs1 maldet(75809): {update} hashing install files and checking against server...
Jun 27 2025 03:51:13 chs1 maldet(75809): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 27 2025 03:51:13 chs1 maldet(75809): {update} latest version already installed.
Jun 27 2025 03:51:13 chs1 maldet(75920): {sigup} performing signature update check...
Jun 27 2025 03:51:13 chs1 maldet(75920): {sigup} local signature set is version 202506253712170
Jun 27 2025 03:51:13 chs1 maldet(75920): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 27 2025 03:51:13 chs1 maldet(75920): {sigup} latest signature set already installed
Jun 27 2025 03:51:13 chs1 maldet(76009): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 27 2025 03:51:14 chs1 maldet(76009): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 27 2025 03:51:14 chs1 maldet(76009): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 27 2025 03:51:14 chs1 maldet(76009): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 27 2025 03:51:14 chs1 maldet(76009): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 27 2025 03:51:39 chs1 maldet(76009): {scan} file list completed in 25s, found 47 files...
Jun 27 2025 03:51:39 chs1 maldet(76009): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 27 2025 03:51:39 chs1 maldet(76009): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (47 files) in progress...
Jun 27 2025 03:51:50 chs1 maldet(76009): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 27 2025 03:51:50 chs1 maldet(76009): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 47, malware hits 1, cleaned hits 0, time 37s
Jun 27 2025 03:51:50 chs1 maldet(76009): {scan} scan report saved, to view run: maldet --report 250627-0351.76009
Jun 27 2025 03:51:50 chs1 maldet(76009): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250627-0351.76009
Jun 27 2025 04:03:59 chs1 maldet(901): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 27 2025 12:25:54 chs1 maldet(955): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 28 2025 00:53:39 chs1 maldet(972): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 28 2025 03:36:38 chs1 maldet(49912): {update} checking for available updates...
Jun 28 2025 03:36:39 chs1 maldet(49912): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 28 2025 03:36:39 chs1 maldet(49912): {update} hashing install files and checking against server...
Jun 28 2025 03:36:39 chs1 maldet(49912): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 28 2025 03:36:39 chs1 maldet(49912): {update} latest version already installed.
Jun 28 2025 03:36:39 chs1 maldet(50021): {sigup} performing signature update check...
Jun 28 2025 03:36:39 chs1 maldet(50021): {sigup} local signature set is version 202506253712170
Jun 28 2025 03:36:39 chs1 maldet(50021): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 28 2025 03:36:39 chs1 maldet(50021): {sigup} latest signature set already installed
Jun 28 2025 03:36:40 chs1 maldet(50111): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 28 2025 03:36:40 chs1 maldet(50111): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 28 2025 03:36:40 chs1 maldet(50111): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 28 2025 03:36:40 chs1 maldet(50111): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 28 2025 03:36:40 chs1 maldet(50111): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 28 2025 03:37:09 chs1 maldet(50111): {scan} file list completed in 29s, found 116 files...
Jun 28 2025 03:37:09 chs1 maldet(50111): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 28 2025 03:37:09 chs1 maldet(50111): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (116 files) in progress...
Jun 28 2025 03:37:21 chs1 maldet(50111): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 28 2025 03:37:21 chs1 maldet(50111): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 116, malware hits 1, cleaned hits 0, time 41s
Jun 28 2025 03:37:21 chs1 maldet(50111): {scan} scan report saved, to view run: maldet --report 250628-0336.50111
Jun 28 2025 03:37:21 chs1 maldet(50111): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250628-0336.50111
Jun 29 2025 00:57:26 chs1 maldet(885): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 29 2025 03:27:17 chs1 maldet(49046): {update} checking for available updates...
Jun 29 2025 03:27:18 chs1 maldet(49046): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 29 2025 03:27:18 chs1 maldet(49046): {update} hashing install files and checking against server...
Jun 29 2025 03:27:18 chs1 maldet(49046): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 29 2025 03:27:18 chs1 maldet(49046): {update} latest version already installed.
Jun 29 2025 03:27:18 chs1 maldet(49155): {sigup} performing signature update check...
Jun 29 2025 03:27:18 chs1 maldet(49155): {sigup} local signature set is version 202506253712170
Jun 29 2025 03:27:19 chs1 maldet(49155): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 29 2025 03:27:19 chs1 maldet(49155): {sigup} latest signature set already installed
Jun 29 2025 03:27:19 chs1 maldet(49243): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 29 2025 03:27:20 chs1 maldet(49243): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 29 2025 03:27:20 chs1 maldet(49243): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 29 2025 03:27:20 chs1 maldet(49243): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 29 2025 03:27:20 chs1 maldet(49243): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 29 2025 03:27:46 chs1 maldet(49243): {scan} file list completed in 26s, found 126 files...
Jun 29 2025 03:27:46 chs1 maldet(49243): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 29 2025 03:27:46 chs1 maldet(49243): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (126 files) in progress...
Jun 29 2025 03:27:58 chs1 maldet(49243): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 29 2025 03:27:59 chs1 maldet(49243): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 126, malware hits 1, cleaned hits 0, time 39s
Jun 29 2025 03:27:59 chs1 maldet(49243): {scan} scan report saved, to view run: maldet --report 250629-0327.49243
Jun 29 2025 03:27:59 chs1 maldet(49243): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250629-0327.49243
Jun 30 2025 00:57:54 chs1 maldet(987): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jun 30 2025 03:16:15 chs1 maldet(41401): {update} checking for available updates...
Jun 30 2025 03:16:16 chs1 maldet(41401): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jun 30 2025 03:16:16 chs1 maldet(41401): {update} hashing install files and checking against server...
Jun 30 2025 03:16:16 chs1 maldet(41401): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jun 30 2025 03:16:16 chs1 maldet(41401): {update} latest version already installed.
Jun 30 2025 03:16:16 chs1 maldet(41510): {sigup} performing signature update check...
Jun 30 2025 03:16:16 chs1 maldet(41510): {sigup} local signature set is version 202506253712170
Jun 30 2025 03:16:17 chs1 maldet(41510): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jun 30 2025 03:16:17 chs1 maldet(41510): {sigup} latest signature set already installed
Jun 30 2025 03:16:17 chs1 maldet(41598): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jun 30 2025 03:16:18 chs1 maldet(41598): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jun 30 2025 03:16:18 chs1 maldet(41598): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jun 30 2025 03:16:18 chs1 maldet(41598): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jun 30 2025 03:16:18 chs1 maldet(41598): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jun 30 2025 03:16:45 chs1 maldet(41598): {scan} file list completed in 27s, found 1085 files...
Jun 30 2025 03:16:45 chs1 maldet(41598): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jun 30 2025 03:16:45 chs1 maldet(41598): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (1085 files) in progress...
Jun 30 2025 03:17:17 chs1 maldet(41598): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jun 30 2025 03:17:17 chs1 maldet(41598): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 1085, malware hits 1, cleaned hits 0, time 60s
Jun 30 2025 03:17:17 chs1 maldet(41598): {scan} scan report saved, to view run: maldet --report 250630-0316.41598
Jun 30 2025 03:17:17 chs1 maldet(41598): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250630-0316.41598
Jul 01 2025 00:53:36 chs1 maldet(942): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 01 2025 03:33:53 chs1 maldet(44758): {update} checking for available updates...
Jul 01 2025 03:33:54 chs1 maldet(44758): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 01 2025 03:33:54 chs1 maldet(44758): {update} hashing install files and checking against server...
Jul 01 2025 03:33:54 chs1 maldet(44758): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 01 2025 03:33:54 chs1 maldet(44758): {update} latest version already installed.
Jul 01 2025 03:33:54 chs1 maldet(44867): {sigup} performing signature update check...
Jul 01 2025 03:33:54 chs1 maldet(44867): {sigup} local signature set is version 202506253712170
Jul 01 2025 03:33:54 chs1 maldet(44867): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 01 2025 03:33:54 chs1 maldet(44867): {sigup} latest signature set already installed
Jul 01 2025 03:33:55 chs1 maldet(44955): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 01 2025 03:33:56 chs1 maldet(44955): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 01 2025 03:33:56 chs1 maldet(44955): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 01 2025 03:33:56 chs1 maldet(44955): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 01 2025 03:33:56 chs1 maldet(44955): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 01 2025 03:34:25 chs1 maldet(44955): {scan} file list completed in 28s, found 82 files...
Jul 01 2025 03:34:25 chs1 maldet(44955): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 01 2025 03:34:25 chs1 maldet(44955): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (82 files) in progress...
Jul 01 2025 03:34:34 chs1 maldet(44955): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 01 2025 03:34:34 chs1 maldet(44955): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 82, malware hits 1, cleaned hits 0, time 39s
Jul 01 2025 03:34:34 chs1 maldet(44955): {scan} scan report saved, to view run: maldet --report 250701-0333.44955
Jul 01 2025 03:34:34 chs1 maldet(44955): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250701-0333.44955
Jul 02 2025 00:55:36 chs1 maldet(877): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 02 2025 03:30:18 chs1 maldet(887): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 02 2025 04:10:28 chs1 maldet(13505): {update} checking for available updates...
Jul 02 2025 04:10:29 chs1 maldet(13505): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 02 2025 04:10:29 chs1 maldet(13505): {update} hashing install files and checking against server...
Jul 02 2025 04:10:29 chs1 maldet(13505): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 02 2025 04:10:29 chs1 maldet(13505): {update} latest version already installed.
Jul 02 2025 04:10:30 chs1 maldet(13616): {sigup} performing signature update check...
Jul 02 2025 04:10:30 chs1 maldet(13616): {sigup} local signature set is version 202506253712170
Jul 02 2025 04:10:30 chs1 maldet(13616): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 02 2025 04:10:30 chs1 maldet(13616): {sigup} new signature set 20250701819448 available
Jul 02 2025 04:10:30 chs1 maldet(13616): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 02 2025 04:10:30 chs1 maldet(13616): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 02 2025 04:10:31 chs1 maldet(13616): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 02 2025 04:10:31 chs1 maldet(13616): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 02 2025 04:10:31 chs1 maldet(13616): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 02 2025 04:10:32 chs1 maldet(13616): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 02 2025 04:10:32 chs1 maldet(13616): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 02 2025 04:10:32 chs1 maldet(13616): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 02 2025 04:10:32 chs1 maldet(13616): {sigup} verified md5sum of maldet-clean.tgz
Jul 02 2025 04:10:32 chs1 maldet(13616): {sigup} unpacked and installed maldet-clean.tgz
Jul 02 2025 04:10:32 chs1 maldet(13616): {sigup} signature set update completed
Jul 02 2025 04:10:32 chs1 maldet(13616): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 02 2025 04:10:32 chs1 maldet(13818): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 02 2025 04:10:32 chs1 maldet(13818): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 02 2025 04:10:32 chs1 maldet(13818): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 02 2025 04:10:32 chs1 maldet(13818): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 02 2025 04:10:32 chs1 maldet(13818): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 02 2025 04:13:12 chs1 maldet(13818): {scan} file list completed in 159s, found 172 files...
Jul 02 2025 04:13:12 chs1 maldet(13818): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 02 2025 04:13:12 chs1 maldet(13818): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (172 files) in progress...
Jul 02 2025 04:13:31 chs1 maldet(13818): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 02 2025 04:13:31 chs1 maldet(13818): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 172, malware hits 1, cleaned hits 0, time 179s
Jul 02 2025 04:13:32 chs1 maldet(13818): {scan} scan report saved, to view run: maldet --report 250702-0410.13818
Jul 02 2025 04:13:32 chs1 maldet(13818): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250702-0410.13818
Jul 03 2025 00:52:04 chs1 maldet(990): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 03 2025 03:38:28 chs1 maldet(46245): {update} checking for available updates...
Jul 03 2025 03:38:29 chs1 maldet(46245): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 03 2025 03:38:29 chs1 maldet(46245): {update} hashing install files and checking against server...
Jul 03 2025 03:38:29 chs1 maldet(46245): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 03 2025 03:38:29 chs1 maldet(46245): {update} latest version already installed.
Jul 03 2025 03:38:29 chs1 maldet(46358): {sigup} performing signature update check...
Jul 03 2025 03:38:29 chs1 maldet(46358): {sigup} local signature set is version 20250701819448
Jul 03 2025 03:38:30 chs1 maldet(46358): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 03 2025 03:38:30 chs1 maldet(46358): {sigup} latest signature set already installed
Jul 03 2025 03:38:30 chs1 maldet(46450): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 03 2025 03:38:30 chs1 maldet(46450): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 03 2025 03:38:30 chs1 maldet(46450): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 03 2025 03:38:30 chs1 maldet(46450): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 03 2025 03:38:30 chs1 maldet(46450): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 03 2025 03:39:00 chs1 maldet(46450): {scan} file list completed in 30s, found 190 files...
Jul 03 2025 03:39:00 chs1 maldet(46450): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 03 2025 03:39:00 chs1 maldet(46450): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (190 files) in progress...
Jul 03 2025 03:39:15 chs1 maldet(46450): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 03 2025 03:39:15 chs1 maldet(46450): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 190, malware hits 1, cleaned hits 0, time 45s
Jul 03 2025 03:39:15 chs1 maldet(46450): {scan} scan report saved, to view run: maldet --report 250703-0338.46450
Jul 03 2025 03:39:15 chs1 maldet(46450): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250703-0338.46450
Jul 03 2025 19:36:53 chs1 maldet(937): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 04 2025 03:51:41 chs1 maldet(39489): {update} checking for available updates...
Jul 04 2025 03:51:41 chs1 maldet(39489): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 04 2025 03:51:41 chs1 maldet(39489): {update} hashing install files and checking against server...
Jul 04 2025 03:51:42 chs1 maldet(39489): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 04 2025 03:51:42 chs1 maldet(39489): {update} latest version already installed.
Jul 04 2025 03:51:42 chs1 maldet(39599): {sigup} performing signature update check...
Jul 04 2025 03:51:42 chs1 maldet(39599): {sigup} local signature set is version 20250701819448
Jul 04 2025 03:51:42 chs1 maldet(39599): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 04 2025 03:51:42 chs1 maldet(39599): {sigup} latest signature set already installed
Jul 04 2025 03:51:42 chs1 maldet(39687): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 04 2025 03:51:44 chs1 maldet(39687): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 04 2025 03:51:44 chs1 maldet(39687): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 04 2025 03:51:44 chs1 maldet(39687): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 04 2025 03:51:44 chs1 maldet(39687): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 04 2025 03:52:07 chs1 maldet(39687): {scan} file list completed in 23s, found 131 files...
Jul 04 2025 03:52:07 chs1 maldet(39687): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 04 2025 03:52:07 chs1 maldet(39687): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (131 files) in progress...
Jul 04 2025 03:52:18 chs1 maldet(39687): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 04 2025 03:52:18 chs1 maldet(39687): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 131, malware hits 1, cleaned hits 0, time 36s
Jul 04 2025 03:52:18 chs1 maldet(39687): {scan} scan report saved, to view run: maldet --report 250704-0351.39687
Jul 04 2025 03:52:18 chs1 maldet(39687): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250704-0351.39687
Jul 05 2025 00:54:35 chs1 maldet(883): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 05 2025 03:33:42 chs1 maldet(54477): {update} checking for available updates...
Jul 05 2025 03:33:42 chs1 maldet(54477): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 05 2025 03:33:43 chs1 maldet(54477): {update} hashing install files and checking against server...
Jul 05 2025 03:33:43 chs1 maldet(54477): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 05 2025 03:33:43 chs1 maldet(54477): {update} latest version already installed.
Jul 05 2025 03:33:43 chs1 maldet(54588): {sigup} performing signature update check...
Jul 05 2025 03:33:43 chs1 maldet(54588): {sigup} local signature set is version 20250701819448
Jul 05 2025 03:33:43 chs1 maldet(54588): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 05 2025 03:33:43 chs1 maldet(54588): {sigup} new signature set 202507041798016 available
Jul 05 2025 03:33:44 chs1 maldet(54588): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 05 2025 03:33:44 chs1 maldet(54588): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 05 2025 03:33:44 chs1 maldet(54588): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 05 2025 03:33:44 chs1 maldet(54588): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 05 2025 03:33:45 chs1 maldet(54588): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 05 2025 03:33:45 chs1 maldet(54588): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 05 2025 03:33:45 chs1 maldet(54588): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 05 2025 03:33:45 chs1 maldet(54588): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 05 2025 03:33:45 chs1 maldet(54588): {sigup} verified md5sum of maldet-clean.tgz
Jul 05 2025 03:33:45 chs1 maldet(54588): {sigup} unpacked and installed maldet-clean.tgz
Jul 05 2025 03:33:45 chs1 maldet(54588): {sigup} signature set update completed
Jul 05 2025 03:33:45 chs1 maldet(54588): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 05 2025 03:33:46 chs1 maldet(54792): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 05 2025 03:33:47 chs1 maldet(54792): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 05 2025 03:33:47 chs1 maldet(54792): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 05 2025 03:33:47 chs1 maldet(54792): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 05 2025 03:33:47 chs1 maldet(54792): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 05 2025 03:35:36 chs1 maldet(54792): {scan} file list completed in 109s, found 109 files...
Jul 05 2025 03:35:36 chs1 maldet(54792): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 05 2025 03:35:36 chs1 maldet(54792): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (109 files) in progress...
Jul 05 2025 03:36:20 chs1 maldet(54792): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 05 2025 03:36:20 chs1 maldet(54792): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 109, malware hits 1, cleaned hits 0, time 154s
Jul 05 2025 03:36:21 chs1 maldet(54792): {scan} scan report saved, to view run: maldet --report 250705-0333.54792
Jul 05 2025 03:36:21 chs1 maldet(54792): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250705-0333.54792
Jul 06 2025 00:52:16 chs1 maldet(885): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 06 2025 03:21:59 chs1 maldet(43516): {update} checking for available updates...
Jul 06 2025 03:21:59 chs1 maldet(43516): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 06 2025 03:21:59 chs1 maldet(43516): {update} hashing install files and checking against server...
Jul 06 2025 03:21:59 chs1 maldet(43516): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 06 2025 03:21:59 chs1 maldet(43516): {update} latest version already installed.
Jul 06 2025 03:22:00 chs1 maldet(43632): {sigup} performing signature update check...
Jul 06 2025 03:22:00 chs1 maldet(43632): {sigup} local signature set is version 202507041798016
Jul 06 2025 03:22:00 chs1 maldet(43632): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 06 2025 03:22:00 chs1 maldet(43632): {sigup} latest signature set already installed
Jul 06 2025 03:22:00 chs1 maldet(43720): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 06 2025 03:22:01 chs1 maldet(43720): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 06 2025 03:22:01 chs1 maldet(43720): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 06 2025 03:22:01 chs1 maldet(43720): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 06 2025 03:22:01 chs1 maldet(43720): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 06 2025 03:22:29 chs1 maldet(43720): {scan} file list completed in 28s, found 138 files...
Jul 06 2025 03:22:29 chs1 maldet(43720): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 06 2025 03:22:29 chs1 maldet(43720): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (138 files) in progress...
Jul 06 2025 03:22:41 chs1 maldet(43720): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 06 2025 03:22:41 chs1 maldet(43720): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 138, malware hits 1, cleaned hits 0, time 41s
Jul 06 2025 03:22:41 chs1 maldet(43720): {scan} scan report saved, to view run: maldet --report 250706-0322.43720
Jul 06 2025 03:22:41 chs1 maldet(43720): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250706-0322.43720
Jul 07 2025 00:51:40 chs1 maldet(884): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 07 2025 03:18:29 chs1 maldet(42980): {update} checking for available updates...
Jul 07 2025 03:18:29 chs1 maldet(42980): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 07 2025 03:18:29 chs1 maldet(42980): {update} hashing install files and checking against server...
Jul 07 2025 03:18:30 chs1 maldet(42980): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 07 2025 03:18:30 chs1 maldet(42980): {update} latest version already installed.
Jul 07 2025 03:18:30 chs1 maldet(43098): {sigup} performing signature update check...
Jul 07 2025 03:18:30 chs1 maldet(43098): {sigup} local signature set is version 202507041798016
Jul 07 2025 03:18:30 chs1 maldet(43098): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 07 2025 03:18:30 chs1 maldet(43098): {sigup} latest signature set already installed
Jul 07 2025 03:18:30 chs1 maldet(43187): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 07 2025 03:18:31 chs1 maldet(43187): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 07 2025 03:18:31 chs1 maldet(43187): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 07 2025 03:18:31 chs1 maldet(43187): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 07 2025 03:18:31 chs1 maldet(43187): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 07 2025 03:18:59 chs1 maldet(43187): {scan} file list completed in 28s, found 142 files...
Jul 07 2025 03:18:59 chs1 maldet(43187): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 07 2025 03:18:59 chs1 maldet(43187): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (142 files) in progress...
Jul 07 2025 03:19:12 chs1 maldet(43187): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 07 2025 03:19:13 chs1 maldet(43187): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 142, malware hits 1, cleaned hits 0, time 42s
Jul 07 2025 03:19:13 chs1 maldet(43187): {scan} scan report saved, to view run: maldet --report 250707-0318.43187
Jul 07 2025 03:19:13 chs1 maldet(43187): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250707-0318.43187
Jul 08 2025 01:04:22 chs1 maldet(874): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 08 2025 03:37:09 chs1 maldet(47515): {update} checking for available updates...
Jul 08 2025 03:37:09 chs1 maldet(47515): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 08 2025 03:37:09 chs1 maldet(47515): {update} hashing install files and checking against server...
Jul 08 2025 03:37:10 chs1 maldet(47515): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 08 2025 03:37:10 chs1 maldet(47515): {update} latest version already installed.
Jul 08 2025 03:37:10 chs1 maldet(47629): {sigup} performing signature update check...
Jul 08 2025 03:37:10 chs1 maldet(47629): {sigup} local signature set is version 202507041798016
Jul 08 2025 03:37:10 chs1 maldet(47629): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 08 2025 03:37:10 chs1 maldet(47629): {sigup} new signature set 202507072770854 available
Jul 08 2025 03:37:10 chs1 maldet(47629): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 08 2025 03:37:11 chs1 maldet(47629): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 08 2025 03:37:11 chs1 maldet(47629): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 08 2025 03:37:11 chs1 maldet(47629): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 08 2025 03:37:12 chs1 maldet(47629): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 08 2025 03:37:12 chs1 maldet(47629): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 08 2025 03:37:12 chs1 maldet(47629): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 08 2025 03:37:12 chs1 maldet(47629): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 08 2025 03:37:12 chs1 maldet(47629): {sigup} verified md5sum of maldet-clean.tgz
Jul 08 2025 03:37:12 chs1 maldet(47629): {sigup} unpacked and installed maldet-clean.tgz
Jul 08 2025 03:37:12 chs1 maldet(47629): {sigup} signature set update completed
Jul 08 2025 03:37:13 chs1 maldet(47629): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 08 2025 03:37:13 chs1 maldet(47834): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 08 2025 03:37:14 chs1 maldet(47834): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 08 2025 03:37:14 chs1 maldet(47834): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 08 2025 03:37:14 chs1 maldet(47834): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 08 2025 03:37:14 chs1 maldet(47834): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 08 2025 03:39:36 chs1 maldet(47834): {scan} file list completed in 142s, found 162 files...
Jul 08 2025 03:39:36 chs1 maldet(47834): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 08 2025 03:39:36 chs1 maldet(47834): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (162 files) in progress...
Jul 08 2025 03:40:05 chs1 maldet(47834): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 08 2025 03:40:05 chs1 maldet(47834): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 162, malware hits 1, cleaned hits 0, time 172s
Jul 08 2025 03:40:05 chs1 maldet(47834): {scan} scan report saved, to view run: maldet --report 250708-0337.47834
Jul 08 2025 03:40:05 chs1 maldet(47834): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250708-0337.47834
Jul 08 2025 03:52:00 chs1 maldet(876): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 09 2025 00:54:48 chs1 maldet(906): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 09 2025 03:52:55 chs1 maldet(52023): {update} checking for available updates...
Jul 09 2025 03:52:56 chs1 maldet(52023): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 09 2025 03:52:56 chs1 maldet(52023): {update} hashing install files and checking against server...
Jul 09 2025 03:52:56 chs1 maldet(52023): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 09 2025 03:52:56 chs1 maldet(52023): {update} latest version already installed.
Jul 09 2025 03:52:56 chs1 maldet(52133): {sigup} performing signature update check...
Jul 09 2025 03:52:56 chs1 maldet(52133): {sigup} local signature set is version 202507072770854
Jul 09 2025 03:52:57 chs1 maldet(52133): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 09 2025 03:52:57 chs1 maldet(52133): {sigup} latest signature set already installed
Jul 09 2025 03:52:57 chs1 maldet(52221): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 09 2025 03:52:57 chs1 maldet(52221): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 09 2025 03:52:57 chs1 maldet(52221): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 09 2025 03:52:57 chs1 maldet(52221): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 09 2025 03:52:57 chs1 maldet(52221): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 09 2025 03:53:29 chs1 maldet(52221): {scan} file list completed in 32s, found 111 files...
Jul 09 2025 03:53:29 chs1 maldet(52221): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 09 2025 03:53:29 chs1 maldet(52221): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (111 files) in progress...
Jul 09 2025 03:53:41 chs1 maldet(52221): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 09 2025 03:53:41 chs1 maldet(52221): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 111, malware hits 1, cleaned hits 0, time 44s
Jul 09 2025 03:53:41 chs1 maldet(52221): {scan} scan report saved, to view run: maldet --report 250709-0352.52221
Jul 09 2025 03:53:41 chs1 maldet(52221): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250709-0352.52221
Jul 09 2025 21:29:30 chs1 maldet(916): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 10 2025 03:18:36 chs1 maldet(4651): {update} checking for available updates...
Jul 10 2025 03:18:36 chs1 maldet(4651): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 10 2025 03:18:36 chs1 maldet(4651): {update} hashing install files and checking against server...
Jul 10 2025 03:18:37 chs1 maldet(4651): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 10 2025 03:18:37 chs1 maldet(4651): {update} latest version already installed.
Jul 10 2025 03:18:37 chs1 maldet(4764): {sigup} performing signature update check...
Jul 10 2025 03:18:37 chs1 maldet(4764): {sigup} local signature set is version 202507072770854
Jul 10 2025 03:18:37 chs1 maldet(4764): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 10 2025 03:18:37 chs1 maldet(4764): {sigup} latest signature set already installed
Jul 10 2025 03:18:37 chs1 maldet(4854): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 10 2025 03:18:38 chs1 maldet(4854): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 10 2025 03:18:38 chs1 maldet(4854): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 10 2025 03:18:38 chs1 maldet(4854): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 10 2025 03:18:38 chs1 maldet(4854): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 10 2025 03:19:00 chs1 maldet(4854): {scan} file list completed in 22s, found 233 files...
Jul 10 2025 03:19:00 chs1 maldet(4854): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 10 2025 03:19:00 chs1 maldet(4854): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (233 files) in progress...
Jul 10 2025 03:19:15 chs1 maldet(4854): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 10 2025 03:19:15 chs1 maldet(4854): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 233, malware hits 1, cleaned hits 0, time 38s
Jul 10 2025 03:19:15 chs1 maldet(4854): {scan} scan report saved, to view run: maldet --report 250710-0318.4854
Jul 10 2025 03:19:15 chs1 maldet(4854): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250710-0318.4854
Jul 10 2025 03:30:40 chs1 maldet(909): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 10 2025 06:48:18 chs1 maldet(888): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 10 2025 08:02:57 chs1 maldet(987): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 10 2025 09:42:06 chs1 maldet(1053): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 11 2025 00:56:05 chs1 maldet(1069): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 11 2025 03:10:02 chs1 maldet(45615): {update} checking for available updates...
Jul 11 2025 03:10:03 chs1 maldet(45615): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 11 2025 03:10:03 chs1 maldet(45615): {update} hashing install files and checking against server...
Jul 11 2025 03:10:05 chs1 maldet(45615): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 11 2025 03:10:05 chs1 maldet(45615): {update} latest version already installed.
Jul 11 2025 03:10:05 chs1 maldet(45773): {sigup} performing signature update check...
Jul 11 2025 03:10:05 chs1 maldet(45773): {sigup} local signature set is version 202507072770854
Jul 11 2025 03:10:06 chs1 maldet(45773): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 11 2025 03:10:06 chs1 maldet(45773): {sigup} new signature set 202507103744209 available
Jul 11 2025 03:10:06 chs1 maldet(45773): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 11 2025 03:10:07 chs1 maldet(45773): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 11 2025 03:10:07 chs1 maldet(45773): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 11 2025 03:10:07 chs1 maldet(45773): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 11 2025 03:10:08 chs1 maldet(45773): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 11 2025 03:10:08 chs1 maldet(45773): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 11 2025 03:10:08 chs1 maldet(45773): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 11 2025 03:10:08 chs1 maldet(45773): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 11 2025 03:10:08 chs1 maldet(45773): {sigup} verified md5sum of maldet-clean.tgz
Jul 11 2025 03:10:08 chs1 maldet(45773): {sigup} unpacked and installed maldet-clean.tgz
Jul 11 2025 03:10:08 chs1 maldet(45773): {sigup} signature set update completed
Jul 11 2025 03:10:08 chs1 maldet(45773): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 11 2025 03:10:08 chs1 maldet(45981): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 11 2025 03:10:09 chs1 maldet(45981): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 11 2025 03:10:09 chs1 maldet(45981): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 11 2025 03:10:09 chs1 maldet(45981): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 11 2025 03:10:09 chs1 maldet(45981): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 11 2025 03:12:23 chs1 maldet(45981): {scan} file list completed in 134s, found 309 files...
Jul 11 2025 03:12:23 chs1 maldet(45981): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 11 2025 03:12:23 chs1 maldet(45981): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (309 files) in progress...
Jul 11 2025 03:12:51 chs1 maldet(45981): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 11 2025 03:12:51 chs1 maldet(45981): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 309, malware hits 1, cleaned hits 0, time 163s
Jul 11 2025 03:12:51 chs1 maldet(45981): {scan} scan report saved, to view run: maldet --report 250711-0310.45981
Jul 11 2025 03:12:51 chs1 maldet(45981): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250711-0310.45981
Jul 12 2025 00:56:49 chs1 maldet(919): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 12 2025 03:10:57 chs1 maldet(47788): {update} checking for available updates...
Jul 12 2025 03:10:57 chs1 maldet(47788): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 12 2025 03:10:57 chs1 maldet(47788): {update} hashing install files and checking against server...
Jul 12 2025 03:10:58 chs1 maldet(47788): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 12 2025 03:10:58 chs1 maldet(47788): {update} latest version already installed.
Jul 12 2025 03:10:58 chs1 maldet(47906): {sigup} performing signature update check...
Jul 12 2025 03:10:58 chs1 maldet(47906): {sigup} local signature set is version 202507103744209
Jul 12 2025 03:10:58 chs1 maldet(47906): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 12 2025 03:10:58 chs1 maldet(47906): {sigup} latest signature set already installed
Jul 12 2025 03:10:58 chs1 maldet(47997): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 12 2025 03:11:00 chs1 maldet(47997): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 12 2025 03:11:00 chs1 maldet(47997): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 12 2025 03:11:00 chs1 maldet(47997): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 12 2025 03:11:00 chs1 maldet(47997): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 12 2025 03:11:33 chs1 maldet(47997): {scan} file list completed in 33s, found 89 files...
Jul 12 2025 03:11:33 chs1 maldet(47997): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 12 2025 03:11:33 chs1 maldet(47997): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (89 files) in progress...
Jul 12 2025 03:11:45 chs1 maldet(47997): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 12 2025 03:11:45 chs1 maldet(47997): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 89, malware hits 1, cleaned hits 0, time 47s
Jul 12 2025 03:11:45 chs1 maldet(47997): {scan} scan report saved, to view run: maldet --report 250712-0310.47997
Jul 12 2025 03:11:45 chs1 maldet(47997): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250712-0310.47997
Jul 12 2025 04:15:00 chs1 maldet(887): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 13 2025 00:57:01 chs1 maldet(970): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 13 2025 03:27:27 chs1 maldet(47233): {update} checking for available updates...
Jul 13 2025 03:27:27 chs1 maldet(47233): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 13 2025 03:27:27 chs1 maldet(47233): {update} hashing install files and checking against server...
Jul 13 2025 03:27:27 chs1 maldet(47233): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 13 2025 03:27:27 chs1 maldet(47233): {update} latest version already installed.
Jul 13 2025 03:27:28 chs1 maldet(47346): {sigup} performing signature update check...
Jul 13 2025 03:27:28 chs1 maldet(47346): {sigup} local signature set is version 202507103744209
Jul 13 2025 03:27:28 chs1 maldet(47346): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 13 2025 03:27:28 chs1 maldet(47346): {sigup} latest signature set already installed
Jul 13 2025 03:27:28 chs1 maldet(47440): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 13 2025 03:27:29 chs1 maldet(47440): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 13 2025 03:27:29 chs1 maldet(47440): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 13 2025 03:27:29 chs1 maldet(47440): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 13 2025 03:27:29 chs1 maldet(47440): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 13 2025 03:28:00 chs1 maldet(47440): {scan} file list completed in 31s, found 95 files...
Jul 13 2025 03:28:00 chs1 maldet(47440): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 13 2025 03:28:00 chs1 maldet(47440): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (95 files) in progress...
Jul 13 2025 03:28:15 chs1 maldet(47440): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 13 2025 03:28:15 chs1 maldet(47440): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 95, malware hits 1, cleaned hits 0, time 47s
Jul 13 2025 03:28:15 chs1 maldet(47440): {scan} scan report saved, to view run: maldet --report 250713-0327.47440
Jul 13 2025 03:28:15 chs1 maldet(47440): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250713-0327.47440
Jul 13 2025 06:34:44 chs1 maldet(883): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 13 2025 13:01:17 chs1 maldet(913): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 14 2025 01:01:09 chs1 maldet(1065): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 14 2025 03:42:23 chs1 maldet(51494): {update} checking for available updates...
Jul 14 2025 03:42:24 chs1 maldet(51494): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 14 2025 03:42:24 chs1 maldet(51494): {update} hashing install files and checking against server...
Jul 14 2025 03:42:24 chs1 maldet(51494): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 14 2025 03:42:24 chs1 maldet(51494): {update} latest version already installed.
Jul 14 2025 03:42:24 chs1 maldet(51604): {sigup} performing signature update check...
Jul 14 2025 03:42:24 chs1 maldet(51604): {sigup} local signature set is version 202507103744209
Jul 14 2025 03:42:25 chs1 maldet(51604): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 14 2025 03:42:25 chs1 maldet(51604): {sigup} new signature set 20250713521977 available
Jul 14 2025 03:42:25 chs1 maldet(51604): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 14 2025 03:42:25 chs1 maldet(51604): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 14 2025 03:42:26 chs1 maldet(51604): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 14 2025 03:42:26 chs1 maldet(51604): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 14 2025 03:42:26 chs1 maldet(51604): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 14 2025 03:42:26 chs1 maldet(51604): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 14 2025 03:42:26 chs1 maldet(51604): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 14 2025 03:42:27 chs1 maldet(51604): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 14 2025 03:42:27 chs1 maldet(51604): {sigup} verified md5sum of maldet-clean.tgz
Jul 14 2025 03:42:27 chs1 maldet(51604): {sigup} unpacked and installed maldet-clean.tgz
Jul 14 2025 03:42:27 chs1 maldet(51604): {sigup} signature set update completed
Jul 14 2025 03:42:27 chs1 maldet(51604): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 14 2025 03:42:27 chs1 maldet(51811): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 14 2025 03:42:28 chs1 maldet(51811): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 14 2025 03:42:28 chs1 maldet(51811): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 14 2025 03:42:28 chs1 maldet(51811): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 14 2025 03:42:28 chs1 maldet(51811): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 14 2025 03:44:32 chs1 maldet(51811): {scan} file list completed in 124s, found 65 files...
Jul 14 2025 03:44:32 chs1 maldet(51811): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 14 2025 03:44:32 chs1 maldet(51811): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (65 files) in progress...
Jul 14 2025 03:44:50 chs1 maldet(51811): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 14 2025 03:44:50 chs1 maldet(51811): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 65, malware hits 1, cleaned hits 0, time 143s
Jul 14 2025 03:44:50 chs1 maldet(51811): {scan} scan report saved, to view run: maldet --report 250714-0342.51811
Jul 14 2025 03:44:50 chs1 maldet(51811): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250714-0342.51811
Jul 14 2025 03:52:37 chs1 maldet(907): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 14 2025 03:56:38 chs1 maldet(897): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 15 2025 01:00:43 chs1 maldet(881): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 15 2025 03:27:05 chs1 maldet(47130): {update} checking for available updates...
Jul 15 2025 03:27:05 chs1 maldet(47130): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 15 2025 03:27:05 chs1 maldet(47130): {update} hashing install files and checking against server...
Jul 15 2025 03:27:06 chs1 maldet(47130): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 15 2025 03:27:06 chs1 maldet(47130): {update} latest version already installed.
Jul 15 2025 03:27:06 chs1 maldet(47241): {sigup} performing signature update check...
Jul 15 2025 03:27:06 chs1 maldet(47241): {sigup} local signature set is version 20250713521977
Jul 15 2025 03:27:06 chs1 maldet(47241): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 15 2025 03:27:06 chs1 maldet(47241): {sigup} latest signature set already installed
Jul 15 2025 03:27:06 chs1 maldet(47329): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 15 2025 03:27:08 chs1 maldet(47329): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 15 2025 03:27:08 chs1 maldet(47329): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 15 2025 03:27:08 chs1 maldet(47329): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 15 2025 03:27:08 chs1 maldet(47329): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 15 2025 03:27:35 chs1 maldet(47329): {scan} file list completed in 27s, found 75 files...
Jul 15 2025 03:27:35 chs1 maldet(47329): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 15 2025 03:27:35 chs1 maldet(47329): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (75 files) in progress...
Jul 15 2025 03:27:46 chs1 maldet(47329): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 15 2025 03:27:46 chs1 maldet(47329): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 75, malware hits 1, cleaned hits 0, time 40s
Jul 15 2025 03:27:46 chs1 maldet(47329): {scan} scan report saved, to view run: maldet --report 250715-0327.47329
Jul 15 2025 03:27:46 chs1 maldet(47329): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250715-0327.47329
Jul 16 2025 00:51:38 chs1 maldet(910): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 16 2025 03:35:52 chs1 maldet(56582): {update} checking for available updates...
Jul 16 2025 03:35:52 chs1 maldet(56582): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 16 2025 03:35:52 chs1 maldet(56582): {update} hashing install files and checking against server...
Jul 16 2025 03:35:53 chs1 maldet(56582): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 16 2025 03:35:53 chs1 maldet(56582): {update} latest version already installed.
Jul 16 2025 03:35:53 chs1 maldet(56691): {sigup} performing signature update check...
Jul 16 2025 03:35:53 chs1 maldet(56691): {sigup} local signature set is version 20250713521977
Jul 16 2025 03:35:53 chs1 maldet(56691): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 16 2025 03:35:53 chs1 maldet(56691): {sigup} latest signature set already installed
Jul 16 2025 03:35:53 chs1 maldet(56779): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 16 2025 03:35:53 chs1 maldet(56779): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 16 2025 03:35:54 chs1 maldet(56779): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 16 2025 03:35:54 chs1 maldet(56779): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 16 2025 03:35:54 chs1 maldet(56779): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 16 2025 03:36:22 chs1 maldet(56779): {scan} file list completed in 28s, found 202 files...
Jul 16 2025 03:36:22 chs1 maldet(56779): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 16 2025 03:36:22 chs1 maldet(56779): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (202 files) in progress...
Jul 16 2025 03:36:47 chs1 maldet(56779): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 16 2025 03:36:47 chs1 maldet(56779): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 202, malware hits 1, cleaned hits 0, time 54s
Jul 16 2025 03:36:47 chs1 maldet(56779): {scan} scan report saved, to view run: maldet --report 250716-0335.56779
Jul 16 2025 03:36:47 chs1 maldet(56779): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250716-0335.56779
Jul 16 2025 03:48:18 chs1 maldet(907): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 16 2025 14:51:34 chs1 maldet(875): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 17 2025 03:26:04 chs1 maldet(30932): {update} checking for available updates...
Jul 17 2025 03:26:04 chs1 maldet(30932): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 17 2025 03:26:04 chs1 maldet(30932): {update} hashing install files and checking against server...
Jul 17 2025 03:26:04 chs1 maldet(30932): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 17 2025 03:26:04 chs1 maldet(30932): {update} latest version already installed.
Jul 17 2025 03:26:05 chs1 maldet(31045): {sigup} performing signature update check...
Jul 17 2025 03:26:05 chs1 maldet(31045): {sigup} local signature set is version 20250713521977
Jul 17 2025 03:26:05 chs1 maldet(31045): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 17 2025 03:26:05 chs1 maldet(31045): {sigup} new signature set 202507161493482 available
Jul 17 2025 03:26:05 chs1 maldet(31045): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 17 2025 03:26:05 chs1 maldet(31045): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 17 2025 03:26:06 chs1 maldet(31045): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 17 2025 03:26:06 chs1 maldet(31045): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 17 2025 03:26:06 chs1 maldet(31045): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 17 2025 03:26:07 chs1 maldet(31045): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 17 2025 03:26:07 chs1 maldet(31045): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 17 2025 03:26:07 chs1 maldet(31045): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 17 2025 03:26:07 chs1 maldet(31045): {sigup} verified md5sum of maldet-clean.tgz
Jul 17 2025 03:26:07 chs1 maldet(31045): {sigup} unpacked and installed maldet-clean.tgz
Jul 17 2025 03:26:07 chs1 maldet(31045): {sigup} signature set update completed
Jul 17 2025 03:26:07 chs1 maldet(31045): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 17 2025 03:26:07 chs1 maldet(31251): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 17 2025 03:26:09 chs1 maldet(31251): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 17 2025 03:26:09 chs1 maldet(31251): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 17 2025 03:26:09 chs1 maldet(31251): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 17 2025 03:26:09 chs1 maldet(31251): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 17 2025 03:27:55 chs1 maldet(31251): {scan} file list completed in 106s, found 204 files...
Jul 17 2025 03:27:55 chs1 maldet(31251): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 17 2025 03:27:55 chs1 maldet(31251): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (204 files) in progress...
Jul 17 2025 03:29:06 chs1 maldet(31251): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 17 2025 03:29:06 chs1 maldet(31251): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 204, malware hits 1, cleaned hits 0, time 179s
Jul 17 2025 03:29:06 chs1 maldet(31251): {scan} scan report saved, to view run: maldet --report 250717-0326.31251
Jul 17 2025 03:29:06 chs1 maldet(31251): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250717-0326.31251
Jul 17 2025 12:34:14 chs1 maldet(916): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 17 2025 12:38:11 chs1 maldet(900): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 18 2025 00:54:50 chs1 maldet(923): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 18 2025 03:39:04 chs1 maldet(51994): {update} checking for available updates...
Jul 18 2025 03:39:05 chs1 maldet(51994): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 18 2025 03:39:05 chs1 maldet(51994): {update} hashing install files and checking against server...
Jul 18 2025 03:39:05 chs1 maldet(51994): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 18 2025 03:39:05 chs1 maldet(51994): {update} latest version already installed.
Jul 18 2025 03:39:05 chs1 maldet(52108): {sigup} performing signature update check...
Jul 18 2025 03:39:05 chs1 maldet(52108): {sigup} local signature set is version 202507161493482
Jul 18 2025 03:39:06 chs1 maldet(52108): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 18 2025 03:39:06 chs1 maldet(52108): {sigup} latest signature set already installed
Jul 18 2025 03:39:06 chs1 maldet(52196): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 18 2025 03:39:07 chs1 maldet(52196): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 18 2025 03:39:07 chs1 maldet(52196): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 18 2025 03:39:07 chs1 maldet(52196): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 18 2025 03:39:07 chs1 maldet(52196): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 18 2025 03:39:37 chs1 maldet(52196): {scan} file list completed in 30s, found 120 files...
Jul 18 2025 03:39:37 chs1 maldet(52196): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 18 2025 03:39:37 chs1 maldet(52196): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (120 files) in progress...
Jul 18 2025 03:39:48 chs1 maldet(52196): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 18 2025 03:39:48 chs1 maldet(52196): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 120, malware hits 1, cleaned hits 0, time 42s
Jul 18 2025 03:39:48 chs1 maldet(52196): {scan} scan report saved, to view run: maldet --report 250718-0339.52196
Jul 18 2025 03:39:48 chs1 maldet(52196): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250718-0339.52196
Jul 18 2025 03:52:14 chs1 maldet(887): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 19 2025 00:51:43 chs1 maldet(884): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 19 2025 03:59:18 chs1 maldet(60539): {update} checking for available updates...
Jul 19 2025 03:59:19 chs1 maldet(60539): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 19 2025 03:59:19 chs1 maldet(60539): {update} hashing install files and checking against server...
Jul 19 2025 03:59:19 chs1 maldet(60539): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 19 2025 03:59:19 chs1 maldet(60539): {update} latest version already installed.
Jul 19 2025 03:59:19 chs1 maldet(60648): {sigup} performing signature update check...
Jul 19 2025 03:59:19 chs1 maldet(60648): {sigup} local signature set is version 202507161493482
Jul 19 2025 03:59:19 chs1 maldet(60648): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 19 2025 03:59:19 chs1 maldet(60648): {sigup} latest signature set already installed
Jul 19 2025 03:59:20 chs1 maldet(60736): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 19 2025 03:59:20 chs1 maldet(60736): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 19 2025 03:59:20 chs1 maldet(60736): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 19 2025 03:59:20 chs1 maldet(60736): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 19 2025 03:59:20 chs1 maldet(60736): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 19 2025 03:59:48 chs1 maldet(60736): {scan} file list completed in 28s, found 54 files...
Jul 19 2025 03:59:48 chs1 maldet(60736): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 19 2025 03:59:48 chs1 maldet(60736): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (54 files) in progress...
Jul 19 2025 04:00:10 chs1 maldet(60736): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 19 2025 04:00:12 chs1 maldet(60736): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 54, malware hits 1, cleaned hits 0, time 50s
Jul 19 2025 04:00:12 chs1 maldet(60736): {scan} scan report saved, to view run: maldet --report 250719-0359.60736
Jul 19 2025 04:00:12 chs1 maldet(60736): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250719-0359.60736
Jul 20 2025 00:52:52 chs1 maldet(911): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 20 2025 03:41:26 chs1 maldet(53479): {update} checking for available updates...
Jul 20 2025 03:41:26 chs1 maldet(53479): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 20 2025 03:41:26 chs1 maldet(53479): {update} hashing install files and checking against server...
Jul 20 2025 03:41:27 chs1 maldet(53479): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 20 2025 03:41:27 chs1 maldet(53479): {update} latest version already installed.
Jul 20 2025 03:41:27 chs1 maldet(53591): {sigup} performing signature update check...
Jul 20 2025 03:41:27 chs1 maldet(53591): {sigup} local signature set is version 202507161493482
Jul 20 2025 03:41:27 chs1 maldet(53591): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 20 2025 03:41:27 chs1 maldet(53591): {sigup} new signature set 202507192465560 available
Jul 20 2025 03:41:27 chs1 maldet(53591): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 20 2025 03:41:28 chs1 maldet(53591): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 20 2025 03:41:28 chs1 maldet(53591): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 20 2025 03:41:28 chs1 maldet(53591): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 20 2025 03:41:28 chs1 maldet(53591): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 20 2025 03:41:29 chs1 maldet(53591): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 20 2025 03:41:29 chs1 maldet(53591): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 20 2025 03:41:29 chs1 maldet(53591): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 20 2025 03:41:29 chs1 maldet(53591): {sigup} verified md5sum of maldet-clean.tgz
Jul 20 2025 03:41:29 chs1 maldet(53591): {sigup} unpacked and installed maldet-clean.tgz
Jul 20 2025 03:41:29 chs1 maldet(53591): {sigup} signature set update completed
Jul 20 2025 03:41:29 chs1 maldet(53591): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 20 2025 03:41:29 chs1 maldet(53796): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 20 2025 03:41:31 chs1 maldet(53796): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 20 2025 03:41:31 chs1 maldet(53796): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 20 2025 03:41:31 chs1 maldet(53796): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 20 2025 03:41:31 chs1 maldet(53796): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 20 2025 03:44:11 chs1 maldet(53796): {scan} file list completed in 160s, found 150 files...
Jul 20 2025 03:44:11 chs1 maldet(53796): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 20 2025 03:44:11 chs1 maldet(53796): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (150 files) in progress...
Jul 20 2025 03:44:24 chs1 maldet(53796): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 20 2025 03:44:24 chs1 maldet(53796): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 150, malware hits 1, cleaned hits 0, time 175s
Jul 20 2025 03:44:24 chs1 maldet(53796): {scan} scan report saved, to view run: maldet --report 250720-0341.53796
Jul 20 2025 03:44:24 chs1 maldet(53796): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250720-0341.53796
Jul 21 2025 00:51:53 chs1 maldet(911): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 21 2025 03:21:40 chs1 maldet(44883): {update} checking for available updates...
Jul 21 2025 03:21:40 chs1 maldet(44883): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 21 2025 03:21:40 chs1 maldet(44883): {update} hashing install files and checking against server...
Jul 21 2025 03:21:40 chs1 maldet(44883): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 21 2025 03:21:40 chs1 maldet(44883): {update} latest version already installed.
Jul 21 2025 03:21:41 chs1 maldet(44993): {sigup} performing signature update check...
Jul 21 2025 03:21:41 chs1 maldet(44993): {sigup} local signature set is version 202507192465560
Jul 21 2025 03:21:41 chs1 maldet(44993): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 21 2025 03:21:41 chs1 maldet(44993): {sigup} latest signature set already installed
Jul 21 2025 03:21:41 chs1 maldet(45081): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 21 2025 03:21:41 chs1 maldet(45081): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 21 2025 03:21:41 chs1 maldet(45081): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 21 2025 03:21:41 chs1 maldet(45081): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 21 2025 03:21:41 chs1 maldet(45081): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 21 2025 03:22:12 chs1 maldet(45081): {scan} file list completed in 31s, found 1207 files...
Jul 21 2025 03:22:12 chs1 maldet(45081): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 21 2025 03:22:12 chs1 maldet(45081): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (1207 files) in progress...
Jul 21 2025 03:22:47 chs1 maldet(45081): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 21 2025 03:22:47 chs1 maldet(45081): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 1207, malware hits 1, cleaned hits 0, time 66s
Jul 21 2025 03:22:47 chs1 maldet(45081): {scan} scan report saved, to view run: maldet --report 250721-0321.45081
Jul 21 2025 03:22:47 chs1 maldet(45081): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250721-0321.45081
Jul 21 2025 21:27:06 chs1 maldet(883): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 22 2025 03:39:23 chs1 maldet(19646): {update} checking for available updates...
Jul 22 2025 03:39:24 chs1 maldet(19646): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 22 2025 03:39:24 chs1 maldet(19646): {update} hashing install files and checking against server...
Jul 22 2025 03:39:24 chs1 maldet(19646): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 22 2025 03:39:24 chs1 maldet(19646): {update} latest version already installed.
Jul 22 2025 03:39:24 chs1 maldet(19756): {sigup} performing signature update check...
Jul 22 2025 03:39:24 chs1 maldet(19756): {sigup} local signature set is version 202507192465560
Jul 22 2025 03:39:24 chs1 maldet(19756): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 22 2025 03:39:24 chs1 maldet(19756): {sigup} latest signature set already installed
Jul 22 2025 03:39:25 chs1 maldet(19844): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 22 2025 03:39:25 chs1 maldet(19844): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 22 2025 03:39:25 chs1 maldet(19844): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 22 2025 03:39:25 chs1 maldet(19844): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 22 2025 03:39:25 chs1 maldet(19844): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 22 2025 03:39:50 chs1 maldet(19844): {scan} file list completed in 25s, found 122 files...
Jul 22 2025 03:39:50 chs1 maldet(19844): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 22 2025 03:39:50 chs1 maldet(19844): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (122 files) in progress...
Jul 22 2025 03:40:03 chs1 maldet(19844): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 22 2025 03:40:03 chs1 maldet(19844): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 122, malware hits 1, cleaned hits 0, time 38s
Jul 22 2025 03:40:03 chs1 maldet(19844): {scan} scan report saved, to view run: maldet --report 250722-0339.19844
Jul 22 2025 03:40:03 chs1 maldet(19844): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250722-0339.19844
Jul 22 2025 03:53:19 chs1 maldet(904): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 23 2025 00:56:05 chs1 maldet(1042): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 23 2025 03:37:38 chs1 maldet(53380): {update} checking for available updates...
Jul 23 2025 03:37:38 chs1 maldet(53380): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 23 2025 03:37:38 chs1 maldet(53380): {update} hashing install files and checking against server...
Jul 23 2025 03:37:39 chs1 maldet(53380): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 23 2025 03:37:39 chs1 maldet(53380): {update} latest version already installed.
Jul 23 2025 03:37:39 chs1 maldet(53489): {sigup} performing signature update check...
Jul 23 2025 03:37:39 chs1 maldet(53489): {sigup} local signature set is version 202507192465560
Jul 23 2025 03:37:39 chs1 maldet(53489): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 23 2025 03:37:39 chs1 maldet(53489): {sigup} new signature set 202507223437753 available
Jul 23 2025 03:37:39 chs1 maldet(53489): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 23 2025 03:37:40 chs1 maldet(53489): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 23 2025 03:37:40 chs1 maldet(53489): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 23 2025 03:37:40 chs1 maldet(53489): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 23 2025 03:37:40 chs1 maldet(53489): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 23 2025 03:37:41 chs1 maldet(53489): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 23 2025 03:37:41 chs1 maldet(53489): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 23 2025 03:37:41 chs1 maldet(53489): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 23 2025 03:37:41 chs1 maldet(53489): {sigup} verified md5sum of maldet-clean.tgz
Jul 23 2025 03:37:41 chs1 maldet(53489): {sigup} unpacked and installed maldet-clean.tgz
Jul 23 2025 03:37:41 chs1 maldet(53489): {sigup} signature set update completed
Jul 23 2025 03:37:41 chs1 maldet(53489): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 23 2025 03:37:41 chs1 maldet(53698): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 23 2025 03:37:42 chs1 maldet(53698): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 23 2025 03:37:42 chs1 maldet(53698): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 23 2025 03:37:42 chs1 maldet(53698): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 23 2025 03:37:43 chs1 maldet(53698): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 23 2025 03:40:35 chs1 maldet(900): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 23 2025 04:19:54 chs1 maldet(13938): {update} checking for available updates...
Jul 23 2025 04:19:55 chs1 maldet(13938): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 23 2025 04:19:55 chs1 maldet(13938): {update} hashing install files and checking against server...
Jul 23 2025 04:19:55 chs1 maldet(13938): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 23 2025 04:19:55 chs1 maldet(13938): {update} latest version already installed.
Jul 23 2025 04:19:55 chs1 maldet(14047): {sigup} performing signature update check...
Jul 23 2025 04:19:55 chs1 maldet(14047): {sigup} local signature set is version 202507223437753
Jul 23 2025 04:19:55 chs1 maldet(14047): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 23 2025 04:19:56 chs1 maldet(14047): {sigup} latest signature set already installed
Jul 23 2025 04:19:56 chs1 maldet(14135): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 23 2025 04:19:56 chs1 maldet(14135): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 23 2025 04:19:56 chs1 maldet(14135): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 23 2025 04:19:56 chs1 maldet(14135): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 23 2025 04:19:56 chs1 maldet(14135): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 23 2025 04:20:28 chs1 maldet(14135): {scan} file list completed in 32s, found 134 files...
Jul 23 2025 04:20:28 chs1 maldet(14135): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 23 2025 04:20:28 chs1 maldet(14135): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (134 files) in progress...
Jul 23 2025 04:20:40 chs1 maldet(14135): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 23 2025 04:20:41 chs1 maldet(14135): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 134, malware hits 1, cleaned hits 0, time 45s
Jul 23 2025 04:20:41 chs1 maldet(14135): {scan} scan report saved, to view run: maldet --report 250723-0419.14135
Jul 23 2025 04:20:41 chs1 maldet(14135): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250723-0419.14135
Jul 24 2025 00:52:13 chs1 maldet(897): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 24 2025 03:19:00 chs1 maldet(46424): {update} checking for available updates...
Jul 24 2025 03:19:02 chs1 maldet(46424): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 24 2025 03:19:02 chs1 maldet(46424): {update} hashing install files and checking against server...
Jul 24 2025 03:19:03 chs1 maldet(46424): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 24 2025 03:19:03 chs1 maldet(46424): {update} latest version already installed.
Jul 24 2025 03:19:04 chs1 maldet(46631): {sigup} performing signature update check...
Jul 24 2025 03:19:04 chs1 maldet(46631): {sigup} local signature set is version 202507223437753
Jul 24 2025 03:19:04 chs1 maldet(46631): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 24 2025 03:19:04 chs1 maldet(46631): {sigup} latest signature set already installed
Jul 24 2025 03:19:04 chs1 maldet(46719): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 24 2025 03:19:04 chs1 maldet(46719): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 24 2025 03:19:05 chs1 maldet(46719): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 24 2025 03:19:05 chs1 maldet(46719): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 24 2025 03:19:05 chs1 maldet(46719): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 24 2025 03:19:33 chs1 maldet(46719): {scan} file list completed in 28s, found 208 files...
Jul 24 2025 03:19:33 chs1 maldet(46719): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 24 2025 03:19:33 chs1 maldet(46719): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (208 files) in progress...
Jul 24 2025 03:19:47 chs1 maldet(46719): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 24 2025 03:19:47 chs1 maldet(46719): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 208, malware hits 1, cleaned hits 0, time 43s
Jul 24 2025 03:19:47 chs1 maldet(46719): {scan} scan report saved, to view run: maldet --report 250724-0319.46719
Jul 24 2025 03:19:47 chs1 maldet(46719): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250724-0319.46719
Jul 25 2025 00:52:53 chs1 maldet(991): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 25 2025 03:16:18 chs1 maldet(51869): {update} checking for available updates...
Jul 25 2025 03:16:19 chs1 maldet(51869): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 25 2025 03:16:19 chs1 maldet(51869): {update} hashing install files and checking against server...
Jul 25 2025 03:16:19 chs1 maldet(51869): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 25 2025 03:16:19 chs1 maldet(51869): {update} latest version already installed.
Jul 25 2025 03:16:19 chs1 maldet(51978): {sigup} performing signature update check...
Jul 25 2025 03:16:19 chs1 maldet(51978): {sigup} local signature set is version 202507223437753
Jul 25 2025 03:16:20 chs1 maldet(51978): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 25 2025 03:16:20 chs1 maldet(51978): {sigup} latest signature set already installed
Jul 25 2025 03:16:20 chs1 maldet(52066): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 25 2025 03:16:20 chs1 maldet(52066): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 25 2025 03:16:20 chs1 maldet(52066): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 25 2025 03:16:20 chs1 maldet(52066): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 25 2025 03:16:20 chs1 maldet(52066): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 25 2025 03:16:48 chs1 maldet(52066): {scan} file list completed in 28s, found 52 files...
Jul 25 2025 03:16:48 chs1 maldet(52066): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 25 2025 03:16:48 chs1 maldet(52066): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (52 files) in progress...
Jul 25 2025 03:16:58 chs1 maldet(52066): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 25 2025 03:16:58 chs1 maldet(52066): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 52, malware hits 1, cleaned hits 0, time 38s
Jul 25 2025 03:16:58 chs1 maldet(52066): {scan} scan report saved, to view run: maldet --report 250725-0316.52066
Jul 25 2025 03:16:58 chs1 maldet(52066): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250725-0316.52066
Jul 26 2025 00:53:56 chs1 maldet(899): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 26 2025 03:42:14 chs1 maldet(52833): {update} checking for available updates...
Jul 26 2025 03:42:14 chs1 maldet(52833): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 26 2025 03:42:14 chs1 maldet(52833): {update} hashing install files and checking against server...
Jul 26 2025 03:42:14 chs1 maldet(52833): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 26 2025 03:42:14 chs1 maldet(52833): {update} latest version already installed.
Jul 26 2025 03:42:15 chs1 maldet(52942): {sigup} performing signature update check...
Jul 26 2025 03:42:15 chs1 maldet(52942): {sigup} local signature set is version 202507223437753
Jul 26 2025 03:42:15 chs1 maldet(52942): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 26 2025 03:42:15 chs1 maldet(52942): {sigup} new signature set 20250725225711 available
Jul 26 2025 03:42:15 chs1 maldet(52942): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 26 2025 03:42:15 chs1 maldet(52942): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 26 2025 03:42:16 chs1 maldet(52942): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 26 2025 03:42:16 chs1 maldet(52942): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 26 2025 03:42:16 chs1 maldet(52942): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 26 2025 03:42:17 chs1 maldet(52942): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 26 2025 03:42:17 chs1 maldet(52942): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 26 2025 03:42:17 chs1 maldet(52942): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 26 2025 03:42:17 chs1 maldet(52942): {sigup} verified md5sum of maldet-clean.tgz
Jul 26 2025 03:42:17 chs1 maldet(52942): {sigup} unpacked and installed maldet-clean.tgz
Jul 26 2025 03:42:17 chs1 maldet(52942): {sigup} signature set update completed
Jul 26 2025 03:42:17 chs1 maldet(52942): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 26 2025 03:42:17 chs1 maldet(53149): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 26 2025 03:42:19 chs1 maldet(53149): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 26 2025 03:42:19 chs1 maldet(53149): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 26 2025 03:42:19 chs1 maldet(53149): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 26 2025 03:42:19 chs1 maldet(53149): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 26 2025 03:44:33 chs1 maldet(53149): {scan} file list completed in 134s, found 67 files...
Jul 26 2025 03:44:33 chs1 maldet(53149): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 26 2025 03:44:33 chs1 maldet(53149): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (67 files) in progress...
Jul 26 2025 03:44:56 chs1 maldet(53149): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 26 2025 03:44:56 chs1 maldet(53149): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 67, malware hits 1, cleaned hits 0, time 159s
Jul 26 2025 03:44:56 chs1 maldet(53149): {scan} scan report saved, to view run: maldet --report 250726-0342.53149
Jul 26 2025 03:44:56 chs1 maldet(53149): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250726-0342.53149
Jul 27 2025 00:57:20 chs1 maldet(1042): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 27 2025 03:12:58 chs1 maldet(43177): {update} checking for available updates...
Jul 27 2025 03:12:59 chs1 maldet(43177): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 27 2025 03:12:59 chs1 maldet(43177): {update} hashing install files and checking against server...
Jul 27 2025 03:12:59 chs1 maldet(43177): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 27 2025 03:12:59 chs1 maldet(43177): {update} latest version already installed.
Jul 27 2025 03:12:59 chs1 maldet(43290): {sigup} performing signature update check...
Jul 27 2025 03:12:59 chs1 maldet(43290): {sigup} local signature set is version 20250725225711
Jul 27 2025 03:13:00 chs1 maldet(43290): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 27 2025 03:13:00 chs1 maldet(43290): {sigup} latest signature set already installed
Jul 27 2025 03:13:00 chs1 maldet(43378): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 27 2025 03:13:01 chs1 maldet(43378): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 27 2025 03:13:01 chs1 maldet(43378): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 27 2025 03:13:01 chs1 maldet(43378): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 27 2025 03:13:01 chs1 maldet(43378): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 27 2025 03:13:29 chs1 maldet(43378): {scan} file list completed in 28s, found 60 files...
Jul 27 2025 03:13:29 chs1 maldet(43378): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 27 2025 03:13:29 chs1 maldet(43378): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (60 files) in progress...
Jul 27 2025 03:13:44 chs1 maldet(43378): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 27 2025 03:13:44 chs1 maldet(43378): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 60, malware hits 1, cleaned hits 0, time 44s
Jul 27 2025 03:13:44 chs1 maldet(43378): {scan} scan report saved, to view run: maldet --report 250727-0313.43378
Jul 27 2025 03:13:44 chs1 maldet(43378): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250727-0313.43378
Jul 28 2025 01:00:05 chs1 maldet(2355): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 28 2025 03:27:43 chs1 maldet(51629): {update} checking for available updates...
Jul 28 2025 03:27:43 chs1 maldet(51629): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 28 2025 03:27:43 chs1 maldet(51629): {update} hashing install files and checking against server...
Jul 28 2025 03:27:44 chs1 maldet(51629): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 28 2025 03:27:44 chs1 maldet(51629): {update} latest version already installed.
Jul 28 2025 03:27:44 chs1 maldet(51738): {sigup} performing signature update check...
Jul 28 2025 03:27:44 chs1 maldet(51738): {sigup} local signature set is version 20250725225711
Jul 28 2025 03:27:44 chs1 maldet(51738): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 28 2025 03:27:44 chs1 maldet(51738): {sigup} latest signature set already installed
Jul 28 2025 03:27:44 chs1 maldet(51827): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 28 2025 03:27:45 chs1 maldet(51827): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 28 2025 03:27:45 chs1 maldet(51827): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 28 2025 03:27:45 chs1 maldet(51827): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 28 2025 03:27:45 chs1 maldet(51827): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 28 2025 03:28:17 chs1 maldet(51827): {scan} file list completed in 32s, found 82 files...
Jul 28 2025 03:28:17 chs1 maldet(51827): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 28 2025 03:28:18 chs1 maldet(51827): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (82 files) in progress...
Jul 28 2025 03:28:33 chs1 maldet(51827): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 28 2025 03:28:33 chs1 maldet(51827): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 82, malware hits 1, cleaned hits 0, time 49s
Jul 28 2025 03:28:33 chs1 maldet(51827): {scan} scan report saved, to view run: maldet --report 250728-0327.51827
Jul 28 2025 03:28:33 chs1 maldet(51827): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250728-0327.51827
Jul 29 2025 00:55:17 chs1 maldet(2170): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 29 2025 03:15:56 chs1 maldet(48202): {update} checking for available updates...
Jul 29 2025 03:15:57 chs1 maldet(48202): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 29 2025 03:15:57 chs1 maldet(48202): {update} hashing install files and checking against server...
Jul 29 2025 03:15:57 chs1 maldet(48202): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 29 2025 03:15:57 chs1 maldet(48202): {update} latest version already installed.
Jul 29 2025 03:15:57 chs1 maldet(48314): {sigup} performing signature update check...
Jul 29 2025 03:15:57 chs1 maldet(48314): {sigup} local signature set is version 20250725225711
Jul 29 2025 03:15:58 chs1 maldet(48314): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 29 2025 03:15:58 chs1 maldet(48314): {sigup} new signature set 202507281201435 available
Jul 29 2025 03:15:58 chs1 maldet(48314): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 29 2025 03:15:58 chs1 maldet(48314): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Jul 29 2025 03:15:58 chs1 maldet(48314): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Jul 29 2025 03:15:58 chs1 maldet(48314): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 29 2025 03:15:59 chs1 maldet(48314): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Jul 29 2025 03:15:59 chs1 maldet(48314): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Jul 29 2025 03:15:59 chs1 maldet(48314): {sigup} verified md5sum of maldet-sigpack.tgz
Jul 29 2025 03:15:59 chs1 maldet(48314): {sigup} unpacked and installed maldet-sigpack.tgz
Jul 29 2025 03:15:59 chs1 maldet(48314): {sigup} verified md5sum of maldet-clean.tgz
Jul 29 2025 03:15:59 chs1 maldet(48314): {sigup} unpacked and installed maldet-clean.tgz
Jul 29 2025 03:15:59 chs1 maldet(48314): {sigup} signature set update completed
Jul 29 2025 03:15:59 chs1 maldet(48314): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 29 2025 03:16:00 chs1 maldet(48539): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 29 2025 03:16:01 chs1 maldet(48539): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 29 2025 03:16:01 chs1 maldet(48539): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 29 2025 03:16:01 chs1 maldet(48539): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 29 2025 03:16:01 chs1 maldet(48539): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 29 2025 03:18:22 chs1 maldet(2145): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 29 2025 04:36:31 chs1 maldet(29176): {update} checking for available updates...
Jul 29 2025 04:37:12 chs1 maldet(29176): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 29 2025 04:37:12 chs1 maldet(29176): {update} hashing install files and checking against server...
Jul 29 2025 04:37:38 chs1 maldet(29176): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 29 2025 04:37:38 chs1 maldet(29176): {update} latest version already installed.
Jul 29 2025 04:37:38 chs1 maldet(29480): {sigup} performing signature update check...
Jul 29 2025 04:37:38 chs1 maldet(29480): {sigup} local signature set is version 202507281201435
Jul 29 2025 04:38:04 chs1 maldet(29480): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 29 2025 04:38:04 chs1 maldet(29480): {sigup} latest signature set already installed
Jul 29 2025 04:38:04 chs1 maldet(29740): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 29 2025 04:38:06 chs1 maldet(29740): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 29 2025 04:38:06 chs1 maldet(29740): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 29 2025 04:38:06 chs1 maldet(29740): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 29 2025 04:38:06 chs1 maldet(29740): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 29 2025 04:38:35 chs1 maldet(29740): {scan} file list completed in 29s, found 499 files...
Jul 29 2025 04:38:35 chs1 maldet(29740): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 29 2025 04:38:35 chs1 maldet(29740): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (499 files) in progress...
Jul 29 2025 04:39:32 chs1 maldet(29740): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 29 2025 04:39:32 chs1 maldet(29740): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 499, malware hits 1, cleaned hits 0, time 88s
Jul 29 2025 04:39:32 chs1 maldet(29740): {scan} scan report saved, to view run: maldet --report 250729-0438.29740
Jul 29 2025 04:39:32 chs1 maldet(29740): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250729-0438.29740
Jul 30 2025 00:54:29 chs1 maldet(1909): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 30 2025 03:10:09 chs1 maldet(46602): {update} checking for available updates...
Jul 30 2025 03:10:10 chs1 maldet(46602): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 30 2025 03:10:10 chs1 maldet(46602): {update} hashing install files and checking against server...
Jul 30 2025 03:10:10 chs1 maldet(46602): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 30 2025 03:10:10 chs1 maldet(46602): {update} latest version already installed.
Jul 30 2025 03:10:10 chs1 maldet(46714): {sigup} performing signature update check...
Jul 30 2025 03:10:10 chs1 maldet(46714): {sigup} local signature set is version 202507281201435
Jul 30 2025 03:10:10 chs1 maldet(46714): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 30 2025 03:10:10 chs1 maldet(46714): {sigup} latest signature set already installed
Jul 30 2025 03:10:11 chs1 maldet(46802): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 30 2025 03:10:11 chs1 maldet(46802): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 30 2025 03:10:11 chs1 maldet(46802): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 30 2025 03:10:11 chs1 maldet(46802): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 30 2025 03:10:11 chs1 maldet(46802): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 30 2025 03:11:57 chs1 maldet(46802): {scan} file list completed in 106s, found 507 files...
Jul 30 2025 03:11:57 chs1 maldet(46802): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 30 2025 03:11:57 chs1 maldet(46802): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (507 files) in progress...
Jul 30 2025 03:13:11 chs1 maldet(46802): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 30 2025 03:13:11 chs1 maldet(46802): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 507, malware hits 1, cleaned hits 0, time 180s
Jul 30 2025 03:13:11 chs1 maldet(46802): {scan} scan report saved, to view run: maldet --report 250730-0310.46802
Jul 30 2025 03:13:11 chs1 maldet(46802): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250730-0310.46802
Jul 31 2025 00:58:37 chs1 maldet(3107): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Jul 31 2025 03:36:23 chs1 maldet(55373): {update} checking for available updates...
Jul 31 2025 03:36:24 chs1 maldet(55373): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Jul 31 2025 03:36:24 chs1 maldet(55373): {update} hashing install files and checking against server...
Jul 31 2025 03:36:24 chs1 maldet(55373): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Jul 31 2025 03:36:24 chs1 maldet(55373): {update} latest version already installed.
Jul 31 2025 03:36:24 chs1 maldet(55483): {sigup} performing signature update check...
Jul 31 2025 03:36:24 chs1 maldet(55483): {sigup} local signature set is version 202507281201435
Jul 31 2025 03:36:24 chs1 maldet(55483): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Jul 31 2025 03:36:24 chs1 maldet(55483): {sigup} latest signature set already installed
Jul 31 2025 03:36:25 chs1 maldet(55571): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Jul 31 2025 03:36:25 chs1 maldet(55571): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Jul 31 2025 03:36:25 chs1 maldet(55571): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Jul 31 2025 03:36:25 chs1 maldet(55571): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Jul 31 2025 03:36:25 chs1 maldet(55571): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Jul 31 2025 03:38:48 chs1 maldet(55571): {scan} file list completed in 143s, found 151 files...
Jul 31 2025 03:38:48 chs1 maldet(55571): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Jul 31 2025 03:38:48 chs1 maldet(55571): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (151 files) in progress...
Jul 31 2025 03:39:10 chs1 maldet(55571): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Jul 31 2025 03:39:10 chs1 maldet(55571): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 151, malware hits 1, cleaned hits 0, time 165s
Jul 31 2025 03:39:10 chs1 maldet(55571): {scan} scan report saved, to view run: maldet --report 250731-0336.55571
Jul 31 2025 03:39:10 chs1 maldet(55571): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250731-0336.55571
Jul 31 2025 18:15:05 chs1 maldet(2515): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 01 2025 03:26:44 chs1 maldet(2681): {update} checking for available updates...
Aug 01 2025 03:26:44 chs1 maldet(2681): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 01 2025 03:26:44 chs1 maldet(2681): {update} hashing install files and checking against server...
Aug 01 2025 03:26:44 chs1 maldet(2681): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 01 2025 03:26:44 chs1 maldet(2681): {update} latest version already installed.
Aug 01 2025 03:26:45 chs1 maldet(2792): {sigup} performing signature update check...
Aug 01 2025 03:26:45 chs1 maldet(2792): {sigup} local signature set is version 202507281201435
Aug 01 2025 03:26:45 chs1 maldet(2792): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 01 2025 03:26:45 chs1 maldet(2792): {sigup} new signature set 202507312174018 available
Aug 01 2025 03:26:45 chs1 maldet(2792): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 01 2025 03:26:46 chs1 maldet(2792): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 01 2025 03:26:46 chs1 maldet(2792): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 01 2025 03:26:46 chs1 maldet(2792): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 01 2025 03:26:46 chs1 maldet(2792): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 01 2025 03:26:47 chs1 maldet(2792): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 01 2025 03:26:47 chs1 maldet(2792): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 01 2025 03:26:47 chs1 maldet(2792): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 01 2025 03:26:47 chs1 maldet(2792): {sigup} verified md5sum of maldet-clean.tgz
Aug 01 2025 03:26:47 chs1 maldet(2792): {sigup} unpacked and installed maldet-clean.tgz
Aug 01 2025 03:26:47 chs1 maldet(2792): {sigup} signature set update completed
Aug 01 2025 03:26:47 chs1 maldet(2792): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 01 2025 03:26:47 chs1 maldet(3024): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 01 2025 03:26:49 chs1 maldet(3024): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 01 2025 03:26:49 chs1 maldet(3024): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 01 2025 03:26:49 chs1 maldet(3024): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 01 2025 03:26:49 chs1 maldet(3024): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 01 2025 03:28:11 chs1 maldet(2392): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 01 2025 04:34:44 chs1 maldet(25652): {update} checking for available updates...
Aug 01 2025 04:35:11 chs1 maldet(25652): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 01 2025 04:35:11 chs1 maldet(25652): {update} hashing install files and checking against server...
Aug 01 2025 04:35:39 chs1 maldet(25652): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 01 2025 04:35:39 chs1 maldet(25652): {update} latest version already installed.
Aug 01 2025 04:35:39 chs1 maldet(26076): {sigup} performing signature update check...
Aug 01 2025 04:35:39 chs1 maldet(26076): {sigup} local signature set is version 202507312174018
Aug 01 2025 04:35:59 chs1 maldet(26076): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 01 2025 04:35:59 chs1 maldet(26076): {sigup} new signature set error code: 522 available
Aug 01 2025 04:35:59 chs1 maldet(26076): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 01 2025 04:35:59 chs1 maldet(26076): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 01 2025 04:36:26 chs1 maldet(26076): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 01 2025 04:36:26 chs1 maldet(26076): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 01 2025 04:36:51 chs1 maldet(26076): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 01 2025 04:37:22 chs1 maldet(26076): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 01 2025 04:37:22 chs1 maldet(26076): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 01 2025 04:37:22 chs1 maldet(26076): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 01 2025 04:37:22 chs1 maldet(26076): {sigup} verified md5sum of maldet-clean.tgz
Aug 01 2025 04:37:22 chs1 maldet(26076): {sigup} unpacked and installed maldet-clean.tgz
Aug 01 2025 04:37:22 chs1 maldet(26076): {sigup} signature set update completed
Aug 01 2025 04:37:23 chs1 maldet(26076): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 01 2025 04:37:23 chs1 maldet(26861): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 01 2025 04:37:25 chs1 maldet(26861): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 01 2025 04:37:25 chs1 maldet(26861): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 01 2025 04:37:25 chs1 maldet(26861): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 01 2025 04:37:25 chs1 maldet(26861): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 01 2025 04:39:54 chs1 maldet(26861): {scan} file list completed in 149s, found 102 files...
Aug 01 2025 04:39:54 chs1 maldet(26861): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 01 2025 04:39:54 chs1 maldet(26861): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (102 files) in progress...
Aug 01 2025 04:40:28 chs1 maldet(26861): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 01 2025 04:40:28 chs1 maldet(26861): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 102, malware hits 1, cleaned hits 0, time 185s
Aug 01 2025 04:40:28 chs1 maldet(26861): {scan} scan report saved, to view run: maldet --report 250801-0437.26861
Aug 01 2025 04:40:28 chs1 maldet(26861): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250801-0437.26861
Aug 02 2025 00:50:34 chs1 maldet(2730): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 02 2025 03:35:29 chs1 maldet(60521): {update} checking for available updates...
Aug 02 2025 03:35:30 chs1 maldet(60521): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 02 2025 03:35:30 chs1 maldet(60521): {update} hashing install files and checking against server...
Aug 02 2025 03:35:30 chs1 maldet(60521): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 02 2025 03:35:30 chs1 maldet(60521): {update} latest version already installed.
Aug 02 2025 03:35:30 chs1 maldet(60630): {sigup} performing signature update check...
Aug 02 2025 03:35:30 chs1 maldet(60630): {sigup} local signature set is version 202507312174018
Aug 02 2025 03:35:31 chs1 maldet(60630): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 02 2025 03:35:31 chs1 maldet(60630): {sigup} new signature set 202508012915753 available
Aug 02 2025 03:35:31 chs1 maldet(60630): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 02 2025 03:35:31 chs1 maldet(60630): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 02 2025 03:35:32 chs1 maldet(60630): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 02 2025 03:35:32 chs1 maldet(60630): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 02 2025 03:35:32 chs1 maldet(60630): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 02 2025 03:35:32 chs1 maldet(60630): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 02 2025 03:35:32 chs1 maldet(60630): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 02 2025 03:35:32 chs1 maldet(60630): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 02 2025 03:35:32 chs1 maldet(60630): {sigup} verified md5sum of maldet-clean.tgz
Aug 02 2025 03:35:32 chs1 maldet(60630): {sigup} unpacked and installed maldet-clean.tgz
Aug 02 2025 03:35:32 chs1 maldet(60630): {sigup} signature set update completed
Aug 02 2025 03:35:33 chs1 maldet(60630): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 02 2025 03:35:33 chs1 maldet(60839): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 02 2025 03:35:33 chs1 maldet(60839): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 02 2025 03:35:33 chs1 maldet(60839): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 02 2025 03:35:33 chs1 maldet(60839): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 02 2025 03:35:33 chs1 maldet(60839): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 02 2025 03:37:53 chs1 maldet(60839): {scan} file list completed in 140s, found 357 files...
Aug 02 2025 03:37:53 chs1 maldet(60839): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 02 2025 03:37:53 chs1 maldet(60839): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (357 files) in progress...
Aug 02 2025 03:38:15 chs1 maldet(60839): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 02 2025 03:38:15 chs1 maldet(60839): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 357, malware hits 1, cleaned hits 0, time 162s
Aug 02 2025 03:38:15 chs1 maldet(60839): {scan} scan report saved, to view run: maldet --report 250802-0335.60839
Aug 02 2025 03:38:15 chs1 maldet(60839): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250802-0335.60839
Aug 03 2025 00:50:35 chs1 maldet(3021): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 03 2025 03:13:30 chs1 maldet(59234): {update} checking for available updates...
Aug 03 2025 03:13:31 chs1 maldet(59234): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 03 2025 03:13:31 chs1 maldet(59234): {update} hashing install files and checking against server...
Aug 03 2025 03:13:31 chs1 maldet(59234): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 03 2025 03:13:31 chs1 maldet(59234): {update} latest version already installed.
Aug 03 2025 03:13:31 chs1 maldet(59351): {sigup} performing signature update check...
Aug 03 2025 03:13:31 chs1 maldet(59351): {sigup} local signature set is version 202508012915753
Aug 03 2025 03:13:32 chs1 maldet(59351): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 03 2025 03:13:32 chs1 maldet(59351): {sigup} latest signature set already installed
Aug 03 2025 03:13:32 chs1 maldet(59444): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 03 2025 03:13:33 chs1 maldet(59444): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 03 2025 03:13:33 chs1 maldet(59444): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 03 2025 03:13:33 chs1 maldet(59444): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 03 2025 03:13:33 chs1 maldet(59444): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 03 2025 03:14:06 chs1 maldet(59444): {scan} file list completed in 33s, found 198 files...
Aug 03 2025 03:14:06 chs1 maldet(59444): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 03 2025 03:14:06 chs1 maldet(59444): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (198 files) in progress...
Aug 03 2025 03:14:19 chs1 maldet(59444): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 03 2025 03:14:19 chs1 maldet(59444): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 198, malware hits 1, cleaned hits 0, time 47s
Aug 03 2025 03:14:19 chs1 maldet(59444): {scan} scan report saved, to view run: maldet --report 250803-0313.59444
Aug 03 2025 03:14:19 chs1 maldet(59444): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250803-0313.59444
Aug 04 2025 00:58:50 chs1 maldet(2629): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 04 2025 03:35:16 chs1 maldet(56637): {update} checking for available updates...
Aug 04 2025 03:35:17 chs1 maldet(56637): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 04 2025 03:35:17 chs1 maldet(56637): {update} hashing install files and checking against server...
Aug 04 2025 03:35:17 chs1 maldet(56637): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 04 2025 03:35:17 chs1 maldet(56637): {update} latest version already installed.
Aug 04 2025 03:35:17 chs1 maldet(56746): {sigup} performing signature update check...
Aug 04 2025 03:35:17 chs1 maldet(56746): {sigup} local signature set is version 202508012915753
Aug 04 2025 03:35:17 chs1 maldet(56746): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 04 2025 03:35:17 chs1 maldet(56746): {sigup} latest signature set already installed
Aug 04 2025 03:35:18 chs1 maldet(56834): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 04 2025 03:35:18 chs1 maldet(56834): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 04 2025 03:35:18 chs1 maldet(56834): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 04 2025 03:35:18 chs1 maldet(56834): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 04 2025 03:35:18 chs1 maldet(56834): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 04 2025 03:35:45 chs1 maldet(56834): {scan} file list completed in 27s, found 58 files...
Aug 04 2025 03:35:45 chs1 maldet(56834): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 04 2025 03:35:45 chs1 maldet(56834): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (58 files) in progress...
Aug 04 2025 03:35:55 chs1 maldet(56834): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 04 2025 03:35:55 chs1 maldet(56834): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 58, malware hits 1, cleaned hits 0, time 37s
Aug 04 2025 03:35:55 chs1 maldet(56834): {scan} scan report saved, to view run: maldet --report 250804-0335.56834
Aug 04 2025 03:35:55 chs1 maldet(56834): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250804-0335.56834
Aug 05 2025 00:52:31 chs1 maldet(3059): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 05 2025 03:21:02 chs1 maldet(60314): {update} checking for available updates...
Aug 05 2025 03:21:05 chs1 maldet(60314): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 05 2025 03:21:05 chs1 maldet(60314): {update} hashing install files and checking against server...
Aug 05 2025 03:21:06 chs1 maldet(60314): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 05 2025 03:21:06 chs1 maldet(60314): {update} latest version already installed.
Aug 05 2025 03:21:06 chs1 maldet(60494): {sigup} performing signature update check...
Aug 05 2025 03:21:06 chs1 maldet(60494): {sigup} local signature set is version 202508012915753
Aug 05 2025 03:21:07 chs1 maldet(60494): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 05 2025 03:21:07 chs1 maldet(60494): {sigup} new signature set 202508043889133 available
Aug 05 2025 03:21:07 chs1 maldet(60494): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 05 2025 03:21:08 chs1 maldet(60494): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 05 2025 03:21:09 chs1 maldet(60494): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 05 2025 03:21:09 chs1 maldet(60494): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 05 2025 03:21:10 chs1 maldet(60494): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 05 2025 03:21:11 chs1 maldet(60494): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 05 2025 03:21:11 chs1 maldet(60494): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 05 2025 03:21:11 chs1 maldet(60494): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 05 2025 03:21:11 chs1 maldet(60494): {sigup} verified md5sum of maldet-clean.tgz
Aug 05 2025 03:21:11 chs1 maldet(60494): {sigup} unpacked and installed maldet-clean.tgz
Aug 05 2025 03:21:11 chs1 maldet(60494): {sigup} signature set update completed
Aug 05 2025 03:21:11 chs1 maldet(60494): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 05 2025 03:21:11 chs1 maldet(60715): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 05 2025 03:21:12 chs1 maldet(60715): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 05 2025 03:21:12 chs1 maldet(60715): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 05 2025 03:21:12 chs1 maldet(60715): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 05 2025 03:21:12 chs1 maldet(60715): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 05 2025 03:24:52 chs1 maldet(2990): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 05 2025 03:40:13 chs1 maldet(3064): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 05 2025 04:34:16 chs1 maldet(3133): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 05 2025 05:03:30 chs1 maldet(3064): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 05 2025 06:22:55 chs1 maldet(34152): {update} checking for available updates...
Aug 05 2025 06:22:56 chs1 maldet(34152): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 05 2025 06:22:56 chs1 maldet(34152): {update} hashing install files and checking against server...
Aug 05 2025 06:22:56 chs1 maldet(34152): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 05 2025 06:22:56 chs1 maldet(34152): {update} latest version already installed.
Aug 05 2025 06:22:56 chs1 maldet(34261): {sigup} performing signature update check...
Aug 05 2025 06:22:56 chs1 maldet(34261): {sigup} local signature set is version 202508043889133
Aug 05 2025 06:22:57 chs1 maldet(34261): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 05 2025 06:22:57 chs1 maldet(34261): {sigup} latest signature set already installed
Aug 05 2025 06:22:57 chs1 maldet(34349): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 05 2025 06:22:57 chs1 maldet(34349): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 05 2025 06:22:57 chs1 maldet(34349): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 05 2025 06:22:57 chs1 maldet(34349): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 05 2025 06:22:57 chs1 maldet(34349): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 05 2025 06:24:50 chs1 maldet(2927): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 05 2025 07:40:38 chs1 maldet(34372): {update} checking for available updates...
Aug 05 2025 07:40:38 chs1 maldet(34372): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 05 2025 07:40:38 chs1 maldet(34372): {update} hashing install files and checking against server...
Aug 05 2025 07:41:05 chs1 maldet(34372): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 05 2025 07:41:05 chs1 maldet(34372): {update} latest version already installed.
Aug 05 2025 07:41:05 chs1 maldet(34687): {sigup} performing signature update check...
Aug 05 2025 07:41:05 chs1 maldet(34687): {sigup} local signature set is version 202508043889133
Aug 05 2025 07:41:44 chs1 maldet(34687): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 05 2025 07:41:44 chs1 maldet(34687): {sigup} latest signature set already installed
Aug 05 2025 07:41:44 chs1 maldet(34903): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 05 2025 07:41:45 chs1 maldet(34903): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 05 2025 07:41:45 chs1 maldet(34903): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 05 2025 07:41:45 chs1 maldet(34903): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 05 2025 07:41:45 chs1 maldet(34903): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 05 2025 07:42:20 chs1 maldet(34903): {scan} file list completed in 34s, found 83 files...
Aug 05 2025 07:42:20 chs1 maldet(34903): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 05 2025 07:42:20 chs1 maldet(34903): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (83 files) in progress...
Aug 05 2025 07:42:33 chs1 maldet(34903): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 05 2025 07:42:33 chs1 maldet(34903): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 83, malware hits 1, cleaned hits 0, time 49s
Aug 05 2025 07:42:33 chs1 maldet(34903): {scan} scan report saved, to view run: maldet --report 250805-0741.34903
Aug 05 2025 07:42:33 chs1 maldet(34903): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250805-0741.34903
Aug 05 2025 07:54:40 chs1 maldet(2948): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 06 2025 00:58:45 chs1 maldet(2009): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 06 2025 03:13:09 chs1 maldet(49050): {update} checking for available updates...
Aug 06 2025 03:13:09 chs1 maldet(49050): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 06 2025 03:13:09 chs1 maldet(49050): {update} hashing install files and checking against server...
Aug 06 2025 03:13:10 chs1 maldet(49050): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 06 2025 03:13:10 chs1 maldet(49050): {update} latest version already installed.
Aug 06 2025 03:13:10 chs1 maldet(49160): {sigup} performing signature update check...
Aug 06 2025 03:13:10 chs1 maldet(49160): {sigup} local signature set is version 202508043889133
Aug 06 2025 03:13:10 chs1 maldet(49160): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 06 2025 03:13:10 chs1 maldet(49160): {sigup} latest signature set already installed
Aug 06 2025 03:13:10 chs1 maldet(49250): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 06 2025 03:13:11 chs1 maldet(49250): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 06 2025 03:13:11 chs1 maldet(49250): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 06 2025 03:13:11 chs1 maldet(49250): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 06 2025 03:13:11 chs1 maldet(49250): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 06 2025 03:13:39 chs1 maldet(49250): {scan} file list completed in 28s, found 57 files...
Aug 06 2025 03:13:39 chs1 maldet(49250): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 06 2025 03:13:39 chs1 maldet(49250): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (57 files) in progress...
Aug 06 2025 03:13:50 chs1 maldet(49250): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 06 2025 03:13:50 chs1 maldet(49250): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 57, malware hits 1, cleaned hits 0, time 40s
Aug 06 2025 03:13:50 chs1 maldet(49250): {scan} scan report saved, to view run: maldet --report 250806-0313.49250
Aug 06 2025 03:13:50 chs1 maldet(49250): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250806-0313.49250
Aug 06 2025 18:42:35 chs1 maldet(2956): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 07 2025 03:24:05 chs1 maldet(82508): {update} checking for available updates...
Aug 07 2025 03:24:05 chs1 maldet(82508): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 07 2025 03:24:05 chs1 maldet(82508): {update} hashing install files and checking against server...
Aug 07 2025 03:24:06 chs1 maldet(82508): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 07 2025 03:24:06 chs1 maldet(82508): {update} latest version already installed.
Aug 07 2025 03:24:06 chs1 maldet(82617): {sigup} performing signature update check...
Aug 07 2025 03:24:06 chs1 maldet(82617): {sigup} local signature set is version 202508043889133
Aug 07 2025 03:24:06 chs1 maldet(82617): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 07 2025 03:24:06 chs1 maldet(82617): {sigup} latest signature set already installed
Aug 07 2025 03:24:06 chs1 maldet(82705): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 07 2025 03:24:06 chs1 maldet(82705): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 07 2025 03:24:06 chs1 maldet(82705): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 07 2025 03:24:06 chs1 maldet(82705): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 07 2025 03:24:07 chs1 maldet(82705): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 07 2025 03:24:44 chs1 maldet(82705): {scan} file list completed in 38s, found 746 files...
Aug 07 2025 03:24:44 chs1 maldet(82705): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 07 2025 03:24:44 chs1 maldet(82705): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (746 files) in progress...
Aug 07 2025 03:25:06 chs1 maldet(82705): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 07 2025 03:25:06 chs1 maldet(82705): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 746, malware hits 1, cleaned hits 0, time 60s
Aug 07 2025 03:25:06 chs1 maldet(82705): {scan} scan report saved, to view run: maldet --report 250807-0324.82705
Aug 07 2025 03:25:06 chs1 maldet(82705): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250807-0324.82705
Aug 07 2025 03:36:38 chs1 maldet(2407): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 08 2025 00:51:24 chs1 maldet(2670): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 08 2025 03:57:20 chs1 maldet(70282): {update} checking for available updates...
Aug 08 2025 03:57:21 chs1 maldet(70282): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 08 2025 03:57:21 chs1 maldet(70282): {update} hashing install files and checking against server...
Aug 08 2025 03:57:21 chs1 maldet(70282): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 08 2025 03:57:21 chs1 maldet(70282): {update} latest version already installed.
Aug 08 2025 03:57:21 chs1 maldet(70391): {sigup} performing signature update check...
Aug 08 2025 03:57:21 chs1 maldet(70391): {sigup} local signature set is version 202508043889133
Aug 08 2025 03:57:22 chs1 maldet(70391): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 08 2025 03:57:22 chs1 maldet(70391): {sigup} new signature set 20250807667605 available
Aug 08 2025 03:57:22 chs1 maldet(70391): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 08 2025 03:57:22 chs1 maldet(70391): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 08 2025 03:57:23 chs1 maldet(70391): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 08 2025 03:57:23 chs1 maldet(70391): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 08 2025 03:57:23 chs1 maldet(70391): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 08 2025 03:57:23 chs1 maldet(70391): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 08 2025 03:57:23 chs1 maldet(70391): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 08 2025 03:57:23 chs1 maldet(70391): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 08 2025 03:57:23 chs1 maldet(70391): {sigup} verified md5sum of maldet-clean.tgz
Aug 08 2025 03:57:23 chs1 maldet(70391): {sigup} unpacked and installed maldet-clean.tgz
Aug 08 2025 03:57:23 chs1 maldet(70391): {sigup} signature set update completed
Aug 08 2025 03:57:24 chs1 maldet(70391): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 08 2025 03:57:24 chs1 maldet(70603): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 08 2025 03:57:24 chs1 maldet(70603): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 08 2025 03:57:24 chs1 maldet(70603): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 08 2025 03:57:24 chs1 maldet(70603): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 08 2025 03:57:24 chs1 maldet(70603): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 08 2025 03:59:21 chs1 maldet(70603): {scan} file list completed in 117s, found 140 files...
Aug 08 2025 03:59:21 chs1 maldet(70603): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 08 2025 03:59:21 chs1 maldet(70603): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (140 files) in progress...
Aug 08 2025 03:59:42 chs1 maldet(70603): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 08 2025 03:59:42 chs1 maldet(70603): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 140, malware hits 1, cleaned hits 0, time 138s
Aug 08 2025 03:59:42 chs1 maldet(70603): {scan} scan report saved, to view run: maldet --report 250808-0357.70603
Aug 08 2025 03:59:42 chs1 maldet(70603): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250808-0357.70603
Aug 08 2025 04:15:17 chs1 maldet(2642): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 09 2025 00:51:10 chs1 maldet(2426): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 09 2025 03:23:46 chs1 maldet(56432): {update} checking for available updates...
Aug 09 2025 03:23:47 chs1 maldet(56432): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 09 2025 03:23:47 chs1 maldet(56432): {update} hashing install files and checking against server...
Aug 09 2025 03:23:47 chs1 maldet(56432): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 09 2025 03:23:47 chs1 maldet(56432): {update} latest version already installed.
Aug 09 2025 03:23:47 chs1 maldet(56551): {sigup} performing signature update check...
Aug 09 2025 03:23:47 chs1 maldet(56551): {sigup} local signature set is version 20250807667605
Aug 09 2025 03:23:48 chs1 maldet(56551): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 09 2025 03:23:48 chs1 maldet(56551): {sigup} latest signature set already installed
Aug 09 2025 03:23:48 chs1 maldet(56639): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 09 2025 03:23:48 chs1 maldet(56639): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 09 2025 03:23:48 chs1 maldet(56639): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 09 2025 03:23:48 chs1 maldet(56639): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 09 2025 03:23:48 chs1 maldet(56639): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 09 2025 03:26:00 chs1 maldet(56639): {scan} file list completed in 131s, found 84 files...
Aug 09 2025 03:26:00 chs1 maldet(56639): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 09 2025 03:26:00 chs1 maldet(56639): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (84 files) in progress...
Aug 09 2025 03:26:29 chs1 maldet(56639): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 09 2025 03:26:29 chs1 maldet(56639): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 84, malware hits 1, cleaned hits 0, time 161s
Aug 09 2025 03:26:29 chs1 maldet(56639): {scan} scan report saved, to view run: maldet --report 250809-0323.56639
Aug 09 2025 03:26:29 chs1 maldet(56639): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250809-0323.56639
Aug 10 2025 00:58:03 chs1 maldet(3433): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 10 2025 03:36:27 chs1 maldet(68609): {update} checking for available updates...
Aug 10 2025 03:36:27 chs1 maldet(68609): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 10 2025 03:36:27 chs1 maldet(68609): {update} hashing install files and checking against server...
Aug 10 2025 03:36:28 chs1 maldet(68609): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 10 2025 03:36:28 chs1 maldet(68609): {update} latest version already installed.
Aug 10 2025 03:36:28 chs1 maldet(68722): {sigup} performing signature update check...
Aug 10 2025 03:36:28 chs1 maldet(68722): {sigup} local signature set is version 20250807667605
Aug 10 2025 03:36:28 chs1 maldet(68722): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 10 2025 03:36:28 chs1 maldet(68722): {sigup} latest signature set already installed
Aug 10 2025 03:36:28 chs1 maldet(68810): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 10 2025 03:36:29 chs1 maldet(68810): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 10 2025 03:36:29 chs1 maldet(68810): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 10 2025 03:36:29 chs1 maldet(68810): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 10 2025 03:36:29 chs1 maldet(68810): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 10 2025 03:37:02 chs1 maldet(68810): {scan} file list completed in 32s, found 89 files...
Aug 10 2025 03:37:02 chs1 maldet(68810): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 10 2025 03:37:02 chs1 maldet(68810): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (89 files) in progress...
Aug 10 2025 03:37:14 chs1 maldet(68810): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 10 2025 03:37:14 chs1 maldet(68810): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 89, malware hits 1, cleaned hits 0, time 46s
Aug 10 2025 03:37:14 chs1 maldet(68810): {scan} scan report saved, to view run: maldet --report 250810-0336.68810
Aug 10 2025 03:37:14 chs1 maldet(68810): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250810-0336.68810
Aug 11 2025 00:56:21 chs1 maldet(3385): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 11 2025 04:04:14 chs1 maldet(77977): {update} checking for available updates...
Aug 11 2025 04:04:15 chs1 maldet(77977): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 11 2025 04:04:15 chs1 maldet(77977): {update} hashing install files and checking against server...
Aug 11 2025 04:04:15 chs1 maldet(77977): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 11 2025 04:04:15 chs1 maldet(77977): {update} latest version already installed.
Aug 11 2025 04:04:15 chs1 maldet(78089): {sigup} performing signature update check...
Aug 11 2025 04:04:16 chs1 maldet(78089): {sigup} local signature set is version 20250807667605
Aug 11 2025 04:04:16 chs1 maldet(78089): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 11 2025 04:04:16 chs1 maldet(78089): {sigup} new signature set 202508101639180 available
Aug 11 2025 04:04:16 chs1 maldet(78089): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 11 2025 04:04:16 chs1 maldet(78089): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 11 2025 04:04:17 chs1 maldet(78089): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 11 2025 04:04:17 chs1 maldet(78089): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 11 2025 04:04:17 chs1 maldet(78089): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 11 2025 04:04:18 chs1 maldet(78089): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 11 2025 04:04:18 chs1 maldet(78089): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 11 2025 04:04:18 chs1 maldet(78089): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 11 2025 04:04:18 chs1 maldet(78089): {sigup} verified md5sum of maldet-clean.tgz
Aug 11 2025 04:04:18 chs1 maldet(78089): {sigup} unpacked and installed maldet-clean.tgz
Aug 11 2025 04:04:18 chs1 maldet(78089): {sigup} signature set update completed
Aug 11 2025 04:04:18 chs1 maldet(78089): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 11 2025 04:04:18 chs1 maldet(78294): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 11 2025 04:04:20 chs1 maldet(78294): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 11 2025 04:04:20 chs1 maldet(78294): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 11 2025 04:04:20 chs1 maldet(78294): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 11 2025 04:04:20 chs1 maldet(78294): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 11 2025 04:06:24 chs1 maldet(78294): {scan} file list completed in 123s, found 59 files...
Aug 11 2025 04:06:24 chs1 maldet(78294): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 11 2025 04:06:24 chs1 maldet(78294): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (59 files) in progress...
Aug 11 2025 04:06:44 chs1 maldet(78294): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 11 2025 04:06:45 chs1 maldet(78294): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 59, malware hits 1, cleaned hits 0, time 146s
Aug 11 2025 04:06:45 chs1 maldet(78294): {scan} scan report saved, to view run: maldet --report 250811-0404.78294
Aug 11 2025 04:06:45 chs1 maldet(78294): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250811-0404.78294
Aug 11 2025 19:32:10 chs1 maldet(3414): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 12 2025 01:00:59 chs1 maldet(3086): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 12 2025 03:49:07 chs1 maldet(60795): {update} checking for available updates...
Aug 12 2025 03:49:08 chs1 maldet(60795): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 12 2025 03:49:08 chs1 maldet(60795): {update} hashing install files and checking against server...
Aug 12 2025 03:49:08 chs1 maldet(60795): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 12 2025 03:49:08 chs1 maldet(60795): {update} latest version already installed.
Aug 12 2025 03:49:08 chs1 maldet(60904): {sigup} performing signature update check...
Aug 12 2025 03:49:08 chs1 maldet(60904): {sigup} local signature set is version 202508101639180
Aug 12 2025 03:49:09 chs1 maldet(60904): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 12 2025 03:49:09 chs1 maldet(60904): {sigup} latest signature set already installed
Aug 12 2025 03:49:09 chs1 maldet(60992): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 12 2025 03:49:09 chs1 maldet(60992): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 12 2025 03:49:09 chs1 maldet(60992): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 12 2025 03:49:09 chs1 maldet(60992): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 12 2025 03:49:09 chs1 maldet(60992): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 12 2025 03:49:38 chs1 maldet(60992): {scan} file list completed in 29s, found 105 files...
Aug 12 2025 03:49:38 chs1 maldet(60992): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 12 2025 03:49:38 chs1 maldet(60992): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (105 files) in progress...
Aug 12 2025 03:49:50 chs1 maldet(60992): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 12 2025 03:49:50 chs1 maldet(60992): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 105, malware hits 1, cleaned hits 0, time 41s
Aug 12 2025 03:49:50 chs1 maldet(60992): {scan} scan report saved, to view run: maldet --report 250812-0349.60992
Aug 12 2025 03:49:50 chs1 maldet(60992): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250812-0349.60992
Aug 12 2025 04:31:59 chs1 maldet(3081): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 13 2025 00:54:55 chs1 maldet(3247): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 13 2025 03:41:34 chs1 maldet(59324): {update} checking for available updates...
Aug 13 2025 03:41:35 chs1 maldet(59324): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 13 2025 03:41:35 chs1 maldet(59324): {update} hashing install files and checking against server...
Aug 13 2025 03:41:35 chs1 maldet(59324): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 13 2025 03:41:35 chs1 maldet(59324): {update} latest version already installed.
Aug 13 2025 03:41:35 chs1 maldet(59435): {sigup} performing signature update check...
Aug 13 2025 03:41:35 chs1 maldet(59435): {sigup} local signature set is version 202508101639180
Aug 13 2025 03:41:36 chs1 maldet(59435): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 13 2025 03:41:36 chs1 maldet(59435): {sigup} latest signature set already installed
Aug 13 2025 03:41:36 chs1 maldet(59523): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 13 2025 03:41:36 chs1 maldet(59523): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 13 2025 03:41:36 chs1 maldet(59523): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 13 2025 03:41:36 chs1 maldet(59523): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 13 2025 03:41:36 chs1 maldet(59523): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 13 2025 03:44:37 chs1 maldet(3346): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 13 2025 04:24:22 chs1 maldet(17997): {update} checking for available updates...
Aug 13 2025 04:24:22 chs1 maldet(17997): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 13 2025 04:24:22 chs1 maldet(17997): {update} hashing install files and checking against server...
Aug 13 2025 04:24:22 chs1 maldet(17997): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 13 2025 04:24:22 chs1 maldet(17997): {update} latest version already installed.
Aug 13 2025 04:24:23 chs1 maldet(18106): {sigup} performing signature update check...
Aug 13 2025 04:24:23 chs1 maldet(18106): {sigup} local signature set is version 202508101639180
Aug 13 2025 04:24:23 chs1 maldet(18106): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 13 2025 04:24:23 chs1 maldet(18106): {sigup} latest signature set already installed
Aug 13 2025 04:24:23 chs1 maldet(18194): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 13 2025 04:24:24 chs1 maldet(18194): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 13 2025 04:24:24 chs1 maldet(18194): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 13 2025 04:24:24 chs1 maldet(18194): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 13 2025 04:24:24 chs1 maldet(18194): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 13 2025 04:24:52 chs1 maldet(18194): {scan} file list completed in 28s, found 88 files...
Aug 13 2025 04:24:52 chs1 maldet(18194): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 13 2025 04:24:52 chs1 maldet(18194): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (88 files) in progress...
Aug 13 2025 04:25:04 chs1 maldet(18194): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 13 2025 04:25:04 chs1 maldet(18194): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 88, malware hits 1, cleaned hits 0, time 41s
Aug 13 2025 04:25:04 chs1 maldet(18194): {scan} scan report saved, to view run: maldet --report 250813-0424.18194
Aug 13 2025 04:25:04 chs1 maldet(18194): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250813-0424.18194
Aug 14 2025 01:00:05 chs1 maldet(3515): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 14 2025 03:31:33 chs1 maldet(57065): {update} checking for available updates...
Aug 14 2025 03:31:34 chs1 maldet(57065): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 14 2025 03:31:34 chs1 maldet(57065): {update} hashing install files and checking against server...
Aug 14 2025 03:31:34 chs1 maldet(57065): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 14 2025 03:31:34 chs1 maldet(57065): {update} latest version already installed.
Aug 14 2025 03:31:34 chs1 maldet(57174): {sigup} performing signature update check...
Aug 14 2025 03:31:34 chs1 maldet(57174): {sigup} local signature set is version 202508101639180
Aug 14 2025 03:31:35 chs1 maldet(57174): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 14 2025 03:31:35 chs1 maldet(57174): {sigup} new signature set 202508132610702 available
Aug 14 2025 03:31:35 chs1 maldet(57174): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 14 2025 03:31:35 chs1 maldet(57174): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 14 2025 03:31:36 chs1 maldet(57174): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 14 2025 03:31:36 chs1 maldet(57174): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 14 2025 03:31:36 chs1 maldet(57174): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 14 2025 03:31:36 chs1 maldet(57174): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 14 2025 03:31:36 chs1 maldet(57174): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 14 2025 03:31:37 chs1 maldet(57174): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 14 2025 03:31:37 chs1 maldet(57174): {sigup} verified md5sum of maldet-clean.tgz
Aug 14 2025 03:31:37 chs1 maldet(57174): {sigup} unpacked and installed maldet-clean.tgz
Aug 14 2025 03:31:37 chs1 maldet(57174): {sigup} signature set update completed
Aug 14 2025 03:31:37 chs1 maldet(57174): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 14 2025 03:31:37 chs1 maldet(57378): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 14 2025 03:31:37 chs1 maldet(57378): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 14 2025 03:31:37 chs1 maldet(57378): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 14 2025 03:31:37 chs1 maldet(57378): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 14 2025 03:31:37 chs1 maldet(57378): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 14 2025 03:34:09 chs1 maldet(57378): {scan} file list completed in 152s, found 82 files...
Aug 14 2025 03:34:09 chs1 maldet(57378): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 14 2025 03:34:09 chs1 maldet(57378): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (82 files) in progress...
Aug 14 2025 03:34:21 chs1 maldet(57378): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 14 2025 03:34:21 chs1 maldet(57378): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 82, malware hits 1, cleaned hits 0, time 164s
Aug 14 2025 03:34:21 chs1 maldet(57378): {scan} scan report saved, to view run: maldet --report 250814-0331.57378
Aug 14 2025 03:34:21 chs1 maldet(57378): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250814-0331.57378
Aug 14 2025 13:10:27 chs1 maldet(3331): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 15 2025 00:51:33 chs1 maldet(2562): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 15 2025 03:47:35 chs1 maldet(61099): {update} checking for available updates...
Aug 15 2025 03:47:35 chs1 maldet(61099): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 15 2025 03:47:35 chs1 maldet(61099): {update} hashing install files and checking against server...
Aug 15 2025 03:47:36 chs1 maldet(61099): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 15 2025 03:47:36 chs1 maldet(61099): {update} latest version already installed.
Aug 15 2025 03:47:36 chs1 maldet(61209): {sigup} performing signature update check...
Aug 15 2025 03:47:36 chs1 maldet(61209): {sigup} local signature set is version 202508132610702
Aug 15 2025 03:47:36 chs1 maldet(61209): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 15 2025 03:47:36 chs1 maldet(61209): {sigup} latest signature set already installed
Aug 15 2025 03:47:36 chs1 maldet(61298): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 15 2025 03:47:37 chs1 maldet(61298): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 15 2025 03:47:37 chs1 maldet(61298): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 15 2025 03:47:37 chs1 maldet(61298): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 15 2025 03:47:37 chs1 maldet(61298): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 15 2025 03:48:09 chs1 maldet(61298): {scan} file list completed in 32s, found 76 files...
Aug 15 2025 03:48:09 chs1 maldet(61298): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 15 2025 03:48:09 chs1 maldet(61298): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (76 files) in progress...
Aug 15 2025 03:48:21 chs1 maldet(61298): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 15 2025 03:48:21 chs1 maldet(61298): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 76, malware hits 1, cleaned hits 0, time 45s
Aug 15 2025 03:48:21 chs1 maldet(61298): {scan} scan report saved, to view run: maldet --report 250815-0347.61298
Aug 15 2025 03:48:21 chs1 maldet(61298): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250815-0347.61298
Aug 15 2025 04:04:17 chs1 maldet(2546): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 16 2025 00:54:49 chs1 maldet(3211): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 16 2025 03:21:08 chs1 maldet(54810): {update} checking for available updates...
Aug 16 2025 03:21:09 chs1 maldet(54810): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 16 2025 03:21:09 chs1 maldet(54810): {update} hashing install files and checking against server...
Aug 16 2025 03:21:09 chs1 maldet(54810): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 16 2025 03:21:09 chs1 maldet(54810): {update} latest version already installed.
Aug 16 2025 03:21:09 chs1 maldet(54920): {sigup} performing signature update check...
Aug 16 2025 03:21:09 chs1 maldet(54920): {sigup} local signature set is version 202508132610702
Aug 16 2025 03:21:10 chs1 maldet(54920): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 16 2025 03:21:10 chs1 maldet(54920): {sigup} latest signature set already installed
Aug 16 2025 03:21:10 chs1 maldet(55010): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 16 2025 03:21:10 chs1 maldet(55010): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 16 2025 03:21:10 chs1 maldet(55010): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 16 2025 03:21:10 chs1 maldet(55010): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 16 2025 03:21:10 chs1 maldet(55010): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 16 2025 03:21:36 chs1 maldet(55010): {scan} file list completed in 26s, found 109 files...
Aug 16 2025 03:21:36 chs1 maldet(55010): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 16 2025 03:21:36 chs1 maldet(55010): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (109 files) in progress...
Aug 16 2025 03:21:48 chs1 maldet(55010): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 16 2025 03:21:48 chs1 maldet(55010): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 109, malware hits 1, cleaned hits 0, time 38s
Aug 16 2025 03:21:48 chs1 maldet(55010): {scan} scan report saved, to view run: maldet --report 250816-0321.55010
Aug 16 2025 03:21:48 chs1 maldet(55010): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250816-0321.55010
Aug 16 2025 23:50:58 chs1 maldet(3268): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 17 2025 03:56:32 chs1 maldet(99734): {update} checking for available updates...
Aug 17 2025 03:56:32 chs1 maldet(99734): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 17 2025 03:56:32 chs1 maldet(99734): {update} hashing install files and checking against server...
Aug 17 2025 03:56:33 chs1 maldet(99734): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 17 2025 03:56:33 chs1 maldet(99734): {update} latest version already installed.
Aug 17 2025 03:56:33 chs1 maldet(99844): {sigup} performing signature update check...
Aug 17 2025 03:56:33 chs1 maldet(99844): {sigup} local signature set is version 202508132610702
Aug 17 2025 03:56:33 chs1 maldet(99844): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 17 2025 03:56:33 chs1 maldet(99844): {sigup} latest signature set already installed
Aug 17 2025 03:56:33 chs1 maldet(99933): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 17 2025 03:56:34 chs1 maldet(99933): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 17 2025 03:56:34 chs1 maldet(99933): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 17 2025 03:56:34 chs1 maldet(99933): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 17 2025 03:56:34 chs1 maldet(99933): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 17 2025 03:56:57 chs1 maldet(99933): {scan} file list completed in 23s, found 42 files...
Aug 17 2025 03:56:57 chs1 maldet(99933): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 17 2025 03:56:57 chs1 maldet(99933): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (42 files) in progress...
Aug 17 2025 03:57:10 chs1 maldet(99933): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 17 2025 03:57:10 chs1 maldet(99933): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 42, malware hits 1, cleaned hits 0, time 37s
Aug 17 2025 03:57:10 chs1 maldet(99933): {scan} scan report saved, to view run: maldet --report 250817-0356.99933
Aug 17 2025 03:57:10 chs1 maldet(99933): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250817-0356.99933
Aug 18 2025 01:01:29 chs1 maldet(3457): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 18 2025 03:48:04 chs1 maldet(67169): {update} checking for available updates...
Aug 18 2025 03:48:04 chs1 maldet(67169): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 18 2025 03:48:04 chs1 maldet(67169): {update} hashing install files and checking against server...
Aug 18 2025 03:48:04 chs1 maldet(67169): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 18 2025 03:48:04 chs1 maldet(67169): {update} latest version already installed.
Aug 18 2025 03:48:05 chs1 maldet(67283): {sigup} performing signature update check...
Aug 18 2025 03:48:05 chs1 maldet(67283): {sigup} local signature set is version 202508132610702
Aug 18 2025 03:48:05 chs1 maldet(67283): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 18 2025 03:48:05 chs1 maldet(67283): {sigup} latest signature set already installed
Aug 18 2025 03:48:05 chs1 maldet(67371): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 18 2025 03:48:05 chs1 maldet(67371): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 18 2025 03:48:06 chs1 maldet(67371): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 18 2025 03:48:06 chs1 maldet(67371): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 18 2025 03:48:06 chs1 maldet(67371): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 18 2025 03:48:32 chs1 maldet(67371): {scan} file list completed in 26s, found 72 files...
Aug 18 2025 03:48:32 chs1 maldet(67371): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 18 2025 03:48:32 chs1 maldet(67371): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (72 files) in progress...
Aug 18 2025 03:48:51 chs1 maldet(67371): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 18 2025 03:48:51 chs1 maldet(67371): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 72, malware hits 1, cleaned hits 0, time 46s
Aug 18 2025 03:48:51 chs1 maldet(67371): {scan} scan report saved, to view run: maldet --report 250818-0348.67371
Aug 18 2025 03:48:51 chs1 maldet(67371): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250818-0348.67371
Aug 19 2025 00:53:17 chs1 maldet(3566): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 19 2025 03:12:19 chs1 maldet(54679): {update} checking for available updates...
Aug 19 2025 03:12:19 chs1 maldet(54679): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 19 2025 03:12:19 chs1 maldet(54679): {update} hashing install files and checking against server...
Aug 19 2025 03:12:20 chs1 maldet(54679): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 19 2025 03:12:20 chs1 maldet(54679): {update} latest version already installed.
Aug 19 2025 03:12:20 chs1 maldet(54789): {sigup} performing signature update check...
Aug 19 2025 03:12:20 chs1 maldet(54789): {sigup} local signature set is version 202508132610702
Aug 19 2025 03:12:20 chs1 maldet(54789): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 19 2025 03:12:20 chs1 maldet(54789): {sigup} latest signature set already installed
Aug 19 2025 03:12:20 chs1 maldet(54877): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 19 2025 03:12:21 chs1 maldet(54877): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 19 2025 03:12:21 chs1 maldet(54877): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 19 2025 03:12:21 chs1 maldet(54877): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 19 2025 03:12:21 chs1 maldet(54877): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 19 2025 03:12:48 chs1 maldet(54877): {scan} file list completed in 27s, found 118 files...
Aug 19 2025 03:12:48 chs1 maldet(54877): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 19 2025 03:12:48 chs1 maldet(54877): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (118 files) in progress...
Aug 19 2025 03:13:00 chs1 maldet(54877): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 19 2025 03:13:00 chs1 maldet(54877): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 118, malware hits 1, cleaned hits 0, time 40s
Aug 19 2025 03:13:00 chs1 maldet(54877): {scan} scan report saved, to view run: maldet --report 250819-0312.54877
Aug 19 2025 03:13:00 chs1 maldet(54877): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250819-0312.54877
Aug 20 2025 00:57:40 chs1 maldet(3616): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 20 2025 03:44:51 chs1 maldet(64750): {update} checking for available updates...
Aug 20 2025 03:44:52 chs1 maldet(64750): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 20 2025 03:44:52 chs1 maldet(64750): {update} hashing install files and checking against server...
Aug 20 2025 03:44:52 chs1 maldet(64750): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 20 2025 03:44:52 chs1 maldet(64750): {update} latest version already installed.
Aug 20 2025 03:44:52 chs1 maldet(64859): {sigup} performing signature update check...
Aug 20 2025 03:44:52 chs1 maldet(64859): {sigup} local signature set is version 202508132610702
Aug 20 2025 03:44:53 chs1 maldet(64859): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 20 2025 03:44:53 chs1 maldet(64859): {sigup} new signature set 20250819706470 available
Aug 20 2025 03:44:53 chs1 maldet(64859): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 20 2025 03:44:53 chs1 maldet(64859): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 20 2025 03:44:54 chs1 maldet(64859): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 20 2025 03:44:54 chs1 maldet(64859): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 20 2025 03:44:54 chs1 maldet(64859): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 20 2025 03:44:54 chs1 maldet(64859): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 20 2025 03:44:54 chs1 maldet(64859): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 20 2025 03:44:54 chs1 maldet(64859): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 20 2025 03:44:55 chs1 maldet(64859): {sigup} verified md5sum of maldet-clean.tgz
Aug 20 2025 03:44:55 chs1 maldet(64859): {sigup} unpacked and installed maldet-clean.tgz
Aug 20 2025 03:44:55 chs1 maldet(64859): {sigup} signature set update completed
Aug 20 2025 03:44:55 chs1 maldet(64859): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 20 2025 03:44:55 chs1 maldet(65071): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 20 2025 03:44:55 chs1 maldet(65071): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 20 2025 03:44:55 chs1 maldet(65071): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 20 2025 03:44:55 chs1 maldet(65071): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 20 2025 03:44:55 chs1 maldet(65071): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 20 2025 03:46:51 chs1 maldet(3574): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 20 2025 04:50:00 chs1 maldet(29466): {update} checking for available updates...
Aug 20 2025 04:50:00 chs1 maldet(29466): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 20 2025 04:50:00 chs1 maldet(29466): {update} hashing install files and checking against server...
Aug 20 2025 04:50:01 chs1 maldet(29466): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 20 2025 04:50:01 chs1 maldet(29466): {update} latest version already installed.
Aug 20 2025 04:50:01 chs1 maldet(29585): {sigup} performing signature update check...
Aug 20 2025 04:50:01 chs1 maldet(29585): {sigup} local signature set is version 20250819706470
Aug 20 2025 04:50:02 chs1 maldet(29585): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 20 2025 04:50:02 chs1 maldet(29585): {sigup} latest signature set already installed
Aug 20 2025 04:50:02 chs1 maldet(29813): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 20 2025 04:50:03 chs1 maldet(29813): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 20 2025 04:50:03 chs1 maldet(29813): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 20 2025 04:50:03 chs1 maldet(29813): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 20 2025 04:50:03 chs1 maldet(29813): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 20 2025 04:50:28 chs1 maldet(29813): {scan} file list completed in 25s, found 69 files...
Aug 20 2025 04:50:28 chs1 maldet(29813): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 20 2025 04:50:28 chs1 maldet(29813): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (69 files) in progress...
Aug 20 2025 04:50:39 chs1 maldet(29813): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 20 2025 04:50:39 chs1 maldet(29813): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 69, malware hits 1, cleaned hits 0, time 37s
Aug 20 2025 04:50:39 chs1 maldet(29813): {scan} scan report saved, to view run: maldet --report 250820-0450.29813
Aug 20 2025 04:50:39 chs1 maldet(29813): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250820-0450.29813
Aug 21 2025 00:50:54 chs1 maldet(3434): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 21 2025 03:26:07 chs1 maldet(59997): {update} checking for available updates...
Aug 21 2025 03:26:08 chs1 maldet(59997): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 21 2025 03:26:08 chs1 maldet(59997): {update} hashing install files and checking against server...
Aug 21 2025 03:26:08 chs1 maldet(59997): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 21 2025 03:26:08 chs1 maldet(59997): {update} latest version already installed.
Aug 21 2025 03:26:08 chs1 maldet(60110): {sigup} performing signature update check...
Aug 21 2025 03:26:08 chs1 maldet(60110): {sigup} local signature set is version 20250819706470
Aug 21 2025 03:26:09 chs1 maldet(60110): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 21 2025 03:26:09 chs1 maldet(60110): {sigup} latest signature set already installed
Aug 21 2025 03:26:10 chs1 maldet(60198): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 21 2025 03:26:10 chs1 maldet(60198): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 21 2025 03:26:10 chs1 maldet(60198): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 21 2025 03:26:10 chs1 maldet(60198): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 21 2025 03:26:10 chs1 maldet(60198): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 21 2025 03:26:41 chs1 maldet(60198): {scan} file list completed in 31s, found 97 files...
Aug 21 2025 03:26:41 chs1 maldet(60198): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 21 2025 03:26:41 chs1 maldet(60198): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (97 files) in progress...
Aug 21 2025 03:26:54 chs1 maldet(60198): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 21 2025 03:26:54 chs1 maldet(60198): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 97, malware hits 1, cleaned hits 0, time 44s
Aug 21 2025 03:26:54 chs1 maldet(60198): {scan} scan report saved, to view run: maldet --report 250821-0326.60198
Aug 21 2025 03:26:54 chs1 maldet(60198): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250821-0326.60198
Aug 21 2025 03:38:50 chs1 maldet(3104): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 21 2025 04:39:04 chs1 maldet(2771): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 21 2025 04:30:50 chs1 maldet(3036): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 21 2025 19:49:19 chs1 maldet(2497): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 22 2025 03:53:52 chs1 maldet(68975): {update} checking for available updates...
Aug 22 2025 03:54:35 chs1 maldet(68975): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 22 2025 03:54:35 chs1 maldet(68975): {update} hashing install files and checking against server...
Aug 22 2025 03:55:07 chs1 maldet(68975): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 22 2025 03:55:07 chs1 maldet(68975): {update} latest version already installed.
Aug 22 2025 03:55:07 chs1 maldet(69597): {sigup} performing signature update check...
Aug 22 2025 03:55:07 chs1 maldet(69597): {sigup} local signature set is version 20250819706470
Aug 22 2025 03:55:37 chs1 maldet(69597): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 22 2025 03:55:37 chs1 maldet(69597): {sigup} new signature set 20250822481358 available
Aug 22 2025 03:55:37 chs1 maldet(69597): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 22 2025 03:56:27 chs1 maldet(69597): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 22 2025 03:56:47 chs1 maldet(69597): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 22 2025 03:56:47 chs1 maldet(69597): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 22 2025 03:57:31 chs1 maldet(69597): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 22 2025 03:58:16 chs1 maldet(69597): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 22 2025 03:58:16 chs1 maldet(69597): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
Aug 22 2025 03:58:16 chs1 maldet(69597): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
Aug 22 2025 03:58:16 chs1 maldet(70503): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 22 2025 03:58:16 chs1 maldet(70503): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 22 2025 03:58:16 chs1 maldet(70503): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 22 2025 03:58:16 chs1 maldet(70503): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 22 2025 03:58:16 chs1 maldet(70503): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 22 2025 03:58:27 chs1 maldet(70503): {scan} file list completed in 11s, found 72 files...
Aug 22 2025 03:58:27 chs1 maldet(70503): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 22 2025 03:58:27 chs1 maldet(70503): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (72 files) in progress...
Aug 22 2025 03:58:30 chs1 maldet(70503): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 22 2025 03:58:30 chs1 maldet(70503): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 72, malware hits 1, cleaned hits 0, time 14s
Aug 22 2025 03:58:30 chs1 maldet(70503): {scan} scan report saved, to view run: maldet --report 250822-0358.70503
Aug 22 2025 03:58:30 chs1 maldet(70503): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250822-0358.70503
Aug 22 2025 04:49:17 chs1 maldet(2781): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 22 2025 08:09:53 chs1 maldet(2873): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 23 2025 02:58:38 chs1 maldet(3158): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 23 2025 03:29:43 chs1 maldet(14446): {update} checking for available updates...
Aug 23 2025 03:29:43 chs1 maldet(14446): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 23 2025 03:29:43 chs1 maldet(14446): {update} hashing install files and checking against server...
Aug 23 2025 03:29:44 chs1 maldet(14446): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 23 2025 03:29:44 chs1 maldet(14446): {update} latest version already installed.
Aug 23 2025 03:29:44 chs1 maldet(14555): {sigup} performing signature update check...
Aug 23 2025 03:29:44 chs1 maldet(14555): {sigup} local signature set is version 20250819706470
Aug 23 2025 03:29:44 chs1 maldet(14555): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 23 2025 03:29:44 chs1 maldet(14555): {sigup} new signature set 20250822481358 available
Aug 23 2025 03:29:44 chs1 maldet(14555): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 23 2025 03:29:44 chs1 maldet(14555): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 23 2025 03:29:45 chs1 maldet(14555): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 23 2025 03:29:45 chs1 maldet(14555): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 23 2025 03:29:45 chs1 maldet(14555): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 23 2025 03:29:45 chs1 maldet(14555): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 23 2025 03:29:45 chs1 maldet(14555): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 23 2025 03:29:45 chs1 maldet(14555): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 23 2025 03:29:45 chs1 maldet(14555): {sigup} verified md5sum of maldet-clean.tgz
Aug 23 2025 03:29:45 chs1 maldet(14555): {sigup} unpacked and installed maldet-clean.tgz
Aug 23 2025 03:29:45 chs1 maldet(14555): {sigup} signature set update completed
Aug 23 2025 03:29:45 chs1 maldet(14555): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 23 2025 03:29:45 chs1 maldet(14758): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 23 2025 03:29:45 chs1 maldet(14758): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 23 2025 03:29:45 chs1 maldet(14758): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 23 2025 03:29:45 chs1 maldet(14758): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 23 2025 03:29:45 chs1 maldet(14758): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 23 2025 03:30:09 chs1 maldet(14758): {scan} file list completed in 24s, found 91 files...
Aug 23 2025 03:30:09 chs1 maldet(14758): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 23 2025 03:30:09 chs1 maldet(14758): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (91 files) in progress...
Aug 23 2025 03:30:22 chs1 maldet(14758): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 23 2025 03:30:22 chs1 maldet(14758): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 91, malware hits 1, cleaned hits 0, time 37s
Aug 23 2025 03:30:22 chs1 maldet(14758): {scan} scan report saved, to view run: maldet --report 250823-0329.14758
Aug 23 2025 03:30:22 chs1 maldet(14758): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250823-0329.14758
Aug 23 2025 05:22:20 chs1 maldet(2826): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 23 2025 15:13:24 chs1 maldet(3226): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 24 2025 03:44:44 chs1 maldet(47108): {update} checking for available updates...
Aug 24 2025 03:44:44 chs1 maldet(47108): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 24 2025 03:44:44 chs1 maldet(47108): {update} hashing install files and checking against server...
Aug 24 2025 03:44:45 chs1 maldet(47108): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 24 2025 03:44:45 chs1 maldet(47108): {update} latest version already installed.
Aug 24 2025 03:44:45 chs1 maldet(47217): {sigup} performing signature update check...
Aug 24 2025 03:44:45 chs1 maldet(47217): {sigup} local signature set is version 20250822481358
Aug 24 2025 03:44:45 chs1 maldet(47217): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 24 2025 03:44:45 chs1 maldet(47217): {sigup} latest signature set already installed
Aug 24 2025 03:44:45 chs1 maldet(47305): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 24 2025 03:44:45 chs1 maldet(47305): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 24 2025 03:44:45 chs1 maldet(47305): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 24 2025 03:44:45 chs1 maldet(47305): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 24 2025 03:44:45 chs1 maldet(47305): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 24 2025 03:45:27 chs1 maldet(2295): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 24 2025 04:30:36 chs1 maldet(18778): {update} checking for available updates...
Aug 24 2025 04:30:36 chs1 maldet(18778): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 24 2025 04:30:36 chs1 maldet(18778): {update} hashing install files and checking against server...
Aug 24 2025 04:30:36 chs1 maldet(18778): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 24 2025 04:30:36 chs1 maldet(18778): {update} latest version already installed.
Aug 24 2025 04:30:36 chs1 maldet(18888): {sigup} performing signature update check...
Aug 24 2025 04:30:36 chs1 maldet(18888): {sigup} local signature set is version 20250822481358
Aug 24 2025 04:30:37 chs1 maldet(18888): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 24 2025 04:30:37 chs1 maldet(18888): {sigup} latest signature set already installed
Aug 24 2025 04:30:37 chs1 maldet(18976): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 24 2025 04:30:37 chs1 maldet(18976): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 24 2025 04:30:37 chs1 maldet(18976): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 24 2025 04:30:37 chs1 maldet(18976): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 24 2025 04:30:37 chs1 maldet(18976): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 24 2025 04:30:49 chs1 maldet(18976): {scan} file list completed in 12s, found 133 files...
Aug 24 2025 04:30:49 chs1 maldet(18976): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 24 2025 04:30:49 chs1 maldet(18976): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (133 files) in progress...
Aug 24 2025 04:30:53 chs1 maldet(18976): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 24 2025 04:30:53 chs1 maldet(18976): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 133, malware hits 1, cleaned hits 0, time 16s
Aug 24 2025 04:30:53 chs1 maldet(18976): {scan} scan report saved, to view run: maldet --report 250824-0430.18976
Aug 24 2025 04:30:53 chs1 maldet(18976): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250824-0430.18976
Aug 25 2025 03:32:01 chs1 maldet(44872): {update} checking for available updates...
Aug 25 2025 03:32:01 chs1 maldet(44872): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 25 2025 03:32:01 chs1 maldet(44872): {update} hashing install files and checking against server...
Aug 25 2025 03:32:01 chs1 maldet(44872): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 25 2025 03:32:01 chs1 maldet(44872): {update} latest version already installed.
Aug 25 2025 03:32:01 chs1 maldet(45041): {sigup} performing signature update check...
Aug 25 2025 03:32:01 chs1 maldet(45041): {sigup} local signature set is version 20250822481358
Aug 25 2025 03:32:02 chs1 maldet(45041): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 25 2025 03:32:02 chs1 maldet(45041): {sigup} latest signature set already installed
Aug 25 2025 03:32:02 chs1 maldet(45141): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 25 2025 03:32:02 chs1 maldet(45141): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 25 2025 03:32:02 chs1 maldet(45141): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 25 2025 03:32:02 chs1 maldet(45141): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 25 2025 03:32:02 chs1 maldet(45141): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 25 2025 03:32:13 chs1 maldet(45141): {scan} file list completed in 11s, found 111 files...
Aug 25 2025 03:32:13 chs1 maldet(45141): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 25 2025 03:32:13 chs1 maldet(45141): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (111 files) in progress...
Aug 25 2025 03:32:18 chs1 maldet(45141): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 25 2025 03:32:18 chs1 maldet(45141): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 111, malware hits 1, cleaned hits 0, time 16s
Aug 25 2025 03:32:18 chs1 maldet(45141): {scan} scan report saved, to view run: maldet --report 250825-0332.45141
Aug 25 2025 03:32:18 chs1 maldet(45141): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250825-0332.45141
Aug 24 2025 21:31:05 chs1 maldet(2916): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 26 2025 03:11:06 chs1 maldet(29885): {update} checking for available updates...
Aug 26 2025 03:11:06 chs1 maldet(29885): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 26 2025 03:11:06 chs1 maldet(29885): {update} hashing install files and checking against server...
Aug 26 2025 03:11:06 chs1 maldet(29885): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 26 2025 03:11:06 chs1 maldet(29885): {update} latest version already installed.
Aug 26 2025 03:11:07 chs1 maldet(29994): {sigup} performing signature update check...
Aug 26 2025 03:11:07 chs1 maldet(29994): {sigup} local signature set is version 20250822481358
Aug 26 2025 03:11:07 chs1 maldet(29994): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 26 2025 03:11:07 chs1 maldet(29994): {sigup} new signature set 202508251454227 available
Aug 26 2025 03:11:07 chs1 maldet(29994): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 26 2025 03:11:07 chs1 maldet(29994): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 26 2025 03:11:07 chs1 maldet(29994): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 26 2025 03:11:07 chs1 maldet(29994): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 26 2025 03:11:08 chs1 maldet(29994): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 26 2025 03:11:08 chs1 maldet(29994): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 26 2025 03:11:08 chs1 maldet(29994): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 26 2025 03:11:08 chs1 maldet(29994): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 26 2025 03:11:08 chs1 maldet(29994): {sigup} verified md5sum of maldet-clean.tgz
Aug 26 2025 03:11:08 chs1 maldet(29994): {sigup} unpacked and installed maldet-clean.tgz
Aug 26 2025 03:11:08 chs1 maldet(29994): {sigup} signature set update completed
Aug 26 2025 03:11:08 chs1 maldet(29994): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 26 2025 03:11:08 chs1 maldet(30197): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 26 2025 03:11:09 chs1 maldet(30197): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 26 2025 03:11:09 chs1 maldet(30197): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 26 2025 03:11:09 chs1 maldet(30197): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 26 2025 03:11:09 chs1 maldet(30197): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 25 2025 21:09:57 chs1 maldet(4261): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 26 2025 03:32:56 chs1 maldet(42760): {update} checking for available updates...
Aug 26 2025 03:32:56 chs1 maldet(42760): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 26 2025 03:32:56 chs1 maldet(42760): {update} hashing install files and checking against server...
Aug 26 2025 03:32:56 chs1 maldet(42760): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 26 2025 03:32:56 chs1 maldet(42760): {update} latest version already installed.
Aug 26 2025 03:32:56 chs1 maldet(42869): {sigup} performing signature update check...
Aug 26 2025 03:32:56 chs1 maldet(42869): {sigup} local signature set is version 202508251454227
Aug 26 2025 03:32:57 chs1 maldet(42869): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 26 2025 03:32:57 chs1 maldet(42869): {sigup} latest signature set already installed
Aug 26 2025 03:32:57 chs1 maldet(42957): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 26 2025 03:32:57 chs1 maldet(42957): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 26 2025 03:32:57 chs1 maldet(42957): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 26 2025 03:32:57 chs1 maldet(42957): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 26 2025 03:32:57 chs1 maldet(42957): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 26 2025 03:33:08 chs1 maldet(42957): {scan} file list completed in 11s, found 835 files...
Aug 26 2025 03:33:08 chs1 maldet(42957): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 26 2025 03:33:08 chs1 maldet(42957): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (835 files) in progress...
Aug 26 2025 03:33:20 chs1 maldet(42957): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 26 2025 03:33:20 chs1 maldet(42957): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 835, malware hits 1, cleaned hits 0, time 23s
Aug 26 2025 03:33:20 chs1 maldet(42957): {scan} scan report saved, to view run: maldet --report 250826-0332.42957
Aug 26 2025 03:33:20 chs1 maldet(42957): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250826-0332.42957
Aug 26 2025 04:37:34 chs1 maldet(4287): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 27 2025 03:10:12 chs1 maldet(49828): {update} checking for available updates...
Aug 27 2025 03:10:12 chs1 maldet(49828): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 27 2025 03:10:12 chs1 maldet(49828): {update} hashing install files and checking against server...
Aug 27 2025 03:10:12 chs1 maldet(49828): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 27 2025 03:10:12 chs1 maldet(49828): {update} latest version already installed.
Aug 27 2025 03:10:12 chs1 maldet(49938): {sigup} performing signature update check...
Aug 27 2025 03:10:12 chs1 maldet(49938): {sigup} local signature set is version 202508251454227
Aug 27 2025 03:10:13 chs1 maldet(49938): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 27 2025 03:10:13 chs1 maldet(49938): {sigup} latest signature set already installed
Aug 27 2025 03:10:13 chs1 maldet(50026): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 27 2025 03:10:13 chs1 maldet(50026): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 27 2025 03:10:13 chs1 maldet(50026): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 27 2025 03:10:13 chs1 maldet(50026): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 27 2025 03:10:13 chs1 maldet(50026): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 27 2025 03:10:24 chs1 maldet(50026): {scan} file list completed in 11s, found 122 files...
Aug 27 2025 03:10:24 chs1 maldet(50026): {scan} found clamav binary at /usr/local/cpanel/3rdparty/bin/clamdscan, using clamav scanner engine...
Aug 27 2025 03:10:24 chs1 maldet(50026): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (122 files) in progress...
Aug 27 2025 03:10:28 chs1 maldet(50026): {hit} malware hit {YARA}eval_post found for /home/cloudsms/public_html/refer.txt
Aug 27 2025 03:10:28 chs1 maldet(50026): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 122, malware hits 1, cleaned hits 0, time 15s
Aug 27 2025 03:10:28 chs1 maldet(50026): {scan} scan report saved, to view run: maldet --report 250827-0310.50026
Aug 27 2025 03:10:28 chs1 maldet(50026): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250827-0310.50026
Aug 26 2025 21:19:17 chs1 maldet(2923): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 27 2025 11:48:04 chs1 maldet(3585): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 27 2025 13:28:58 chs1 maldet(3459): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 27 2025 13:30:56 chs1 maldet(3456): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 27 2025 17:34:45 chs1 maldet(3530): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 28 2025 00:18:36 chs1 maldet(3271): {mon} could not find inotifywait command, install yum package inotify-tools or download from https://github.com/rvoicilas/inotify-tools/wiki/
Aug 28 2025 03:20:49 chs1 maldet(65688): {update} checking for available updates...
Aug 28 2025 03:21:31 chs1 maldet(65688): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 28 2025 03:21:31 chs1 maldet(65688): {update} hashing install files and checking against server...
Aug 28 2025 03:21:51 chs1 maldet(65688): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 28 2025 03:21:51 chs1 maldet(65688): {update} version check shows latest but hash check failed, forcing update...
Aug 28 2025 03:21:51 chs1 maldet(65688): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz
Aug 28 2025 03:22:41 chs1 maldet(65688): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5
Aug 28 2025 03:22:41 chs1 maldet(65688): {update} verified md5sum of maldetect-current.tar.gz

Youez - 2016 - github.com/yon3zu
LinuXploit