| Server IP : 103.4.122.14 / Your IP : 216.73.216.103 Web Server : Apache/2.4.62 (Unix) OpenSSL/1.0.2k-fips System : Linux cwp2.slnet.com.au 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64 User : statewid ( 1251) PHP Version : 8.3.31 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/local/maldetect.bk14505/ |
Upload File : |
May 14 2026 03:52:10 cwp2 maldet(15295): {sigup} performing signature update check...
May 14 2026 03:52:10 cwp2 maldet(15295): {sigup} could not determine signature version
May 14 2026 03:52:11 cwp2 maldet(15295): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 14 2026 03:52:11 cwp2 maldet(15295): {sigup} signature files missing or corrupted, forcing update...
May 14 2026 03:52:11 cwp2 maldet(15295): {sigup} new signature set 2026051290484 available
May 14 2026 03:52:11 cwp2 maldet(15295): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 14 2026 03:52:12 cwp2 maldet(15295): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 14 2026 03:52:13 cwp2 maldet(15295): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 14 2026 03:52:13 cwp2 maldet(15295): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 14 2026 03:52:13 cwp2 maldet(15295): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 14 2026 03:52:14 cwp2 maldet(15295): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 14 2026 03:52:14 cwp2 maldet(15295): {sigup} verified md5sum of maldet-sigpack.tgz
May 14 2026 03:52:14 cwp2 maldet(15295): {sigup} unpacked and installed maldet-sigpack.tgz
May 14 2026 03:52:14 cwp2 maldet(15295): {sigup} verified md5sum of maldet-clean.tgz
May 14 2026 03:52:14 cwp2 maldet(15295): {sigup} unpacked and installed maldet-clean.tgz
May 14 2026 03:52:14 cwp2 maldet(15295): {sigup} signature set update completed
May 14 2026 03:52:14 cwp2 maldet(15295): {sigup} 51468 signatures (45387 MD5 | 2375 HEX | 3706 YARA | 0 USER)
May 14 2026 03:52:14 cwp2 maldet(13754): {update} completed update v1.6.6 3a1792 => v1.6.6 e54dca, running signature updates...
May 14 2026 03:52:15 cwp2 maldet(16121): {sigup} performing signature update check...
May 14 2026 03:52:15 cwp2 maldet(16121): {sigup} local signature set is version 2026051290484
May 14 2026 03:52:15 cwp2 maldet(16121): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 14 2026 03:52:15 cwp2 maldet(16121): {sigup} latest signature set already installed
May 14 2026 03:52:15 cwp2 maldet(13754): {update} update and config import completed
May 14 2026 03:52:16 cwp2 maldet(16810): {sigup} performing signature update check...
May 14 2026 03:52:16 cwp2 maldet(16810): {sigup} local signature set is version 2026051290484
May 14 2026 03:52:17 cwp2 maldet(16810): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 14 2026 03:52:17 cwp2 maldet(16810): {sigup} latest signature set already installed
May 14 2026 03:52:18 cwp2 maldet(17489): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 14 2026 03:52:18 cwp2 maldet(17489): {scan} signatures loaded: 51468 (45387 MD5 | 2375 HEX | 3706 YARA | 0 USER)
May 14 2026 03:52:18 cwp2 maldet(17489): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 14 2026 03:52:18 cwp2 maldet(17489): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 14 2026 03:52:18 cwp2 maldet(17489): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 14 2026 03:55:02 cwp2 maldet(17489): {scan} file list completed in 164s, found 8925 files...
May 14 2026 03:55:02 cwp2 maldet(17489): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 14 2026 03:55:02 cwp2 maldet(17489): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (8925 files) in progress...
May 14 2026 04:41:43 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-13-1840_All_Sport_Projects_cb148fe0f59a-themes.zip
May 14 2026 04:41:43 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-13-1840_All_Sport_Projects_cb148fe0f59a-others.zip
May 14 2026 04:41:43 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bayswaterhs/public_html/wp-content/updraft/backup_2026-05-13-1048_Bayswater_Historical_Society_85aafc797a9c-themes.zip
May 14 2026 04:41:43 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-14-0005_Shnei_Ohr_Chabad_North_Caulfield_582e47244a28-themes.zip
May 14 2026 04:41:43 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-14-0005_Shnei_Ohr_Chabad_North_Caulfield_582e47244a28-others.zip
May 14 2026 04:41:43 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dandadev/public_html/wp-content/updraft/backup_2026-05-13-1449_Dandenong_Day_Nursery_7abeab6de287-themes.zip
May 14 2026 04:41:43 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-13-0756_dwell_by_jo_c60d91a8dd91-plugins.zip
May 14 2026 04:41:43 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-13-0756_dwell_by_jo_c60d91a8dd91-others.zip
May 14 2026 04:41:43 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-13-0756_dwell_by_jo_c60d91a8dd91-themes.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/giraffedocklands/public_html/wp-content/updraft/backup_2026-05-14-0009_Giraffe_Early_Learning_Centre_Do_be4d2808a90a-plugins.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/gwfencin/public_html/wp-content/updraft/backup_2026-05-13-1850_GW_Fencing_8e04156a981f-plugins.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/hbtwocom/public_html/wp-content/updraft/backup_2026-05-13-1029_Hot_Books_Bookkeeping_20_76830488d321-themes.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/impeccablerenova/public_html/wp-content/updraft/backup_2026-05-13-1025_Impeccable_Renovations_849e022f8773-themes.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/italiasg/public_html/wp-content/updraft/backup_2026-05-13-0643_Italia_Stone_e6b458272ce3-plugins.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-13-1005_Australian_Jewish_Association_d97f9baa407f-others.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/makifimc/public_html/wp-content/updraft/backup_2026-05-13-1019_MAKIFIM_e5c96b10686e-themes.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-14-0006_Organic_Numbers_9d3abb53bdf7-themes.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/rowlweb/public_html/wp-content/updraft/backup_2026-05-13-1452_Rowland_Contractors_a77f010ff347-themes.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-13-2307_Smile_on_Seniors_e6beb9771aa4-themes.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-13-2307_Smile_on_Seniors_e6beb9771aa4-others.zip
May 14 2026 04:41:44 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/transchemcom/public_html/wp-content/updraft/backup_2026-05-13-1000_TransChem_da16a15bf22c-others.zip
May 14 2026 04:41:45 cwp2 maldet(17489): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/xsalcom/public_html/wp-content/updraft/backup_2026-05-13-0712_Xsal_Real_Estate_118de1fd183c-plugins.zip
May 14 2026 04:41:45 cwp2 maldet(17489): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 8925, malware hits 22, cleaned hits 0, time 2967s
May 14 2026 04:41:45 cwp2 maldet(17489): {scan} scan report saved, to view run: maldet --report 260514-0352.17489
May 14 2026 04:41:45 cwp2 maldet(17489): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260514-0352.17489
May 15 2026 03:55:03 cwp2 maldet(3450): {update} checking for available updates...
May 15 2026 03:55:04 cwp2 maldet(3450): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 15 2026 03:55:04 cwp2 maldet(3450): {update} hashing install files and checking against server...
May 15 2026 03:55:05 cwp2 maldet(3450): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 15 2026 03:55:05 cwp2 maldet(3450): {update} latest version already installed.
May 15 2026 03:55:06 cwp2 maldet(4185): {sigup} performing signature update check...
May 15 2026 03:55:06 cwp2 maldet(4185): {sigup} local signature set is version 2026051290484
May 15 2026 03:55:07 cwp2 maldet(4185): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 15 2026 03:55:07 cwp2 maldet(4185): {sigup} latest signature set already installed
May 15 2026 03:55:08 cwp2 maldet(4897): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 15 2026 03:55:09 cwp2 maldet(4897): {scan} signatures loaded: 51468 (45387 MD5 | 2375 HEX | 3706 YARA | 0 USER)
May 15 2026 03:55:09 cwp2 maldet(4897): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 15 2026 03:55:09 cwp2 maldet(4897): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 15 2026 03:55:09 cwp2 maldet(4897): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 15 2026 03:57:44 cwp2 maldet(4897): {scan} file list completed in 155s, found 10901 files...
May 15 2026 03:57:44 cwp2 maldet(4897): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 15 2026 03:57:44 cwp2 maldet(4897): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (10901 files) in progress...
May 15 2026 04:43:57 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-14-1842_All_Sport_Projects_0549ba8904bf-others.zip
May 15 2026 04:43:57 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-14-1842_All_Sport_Projects_0549ba8904bf-themes.zip
May 15 2026 04:43:57 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bayswaterhs/public_html/wp-content/updraft/backup_2026-05-14-1048_Bayswater_Historical_Society_49ed2ce3ccad-themes.zip
May 15 2026 04:43:57 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-15-0006_Shnei_Ohr_Chabad_North_Caulfield_cda5f8bb87d8-themes.zip
May 15 2026 04:43:57 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-15-0006_Shnei_Ohr_Chabad_North_Caulfield_cda5f8bb87d8-others.zip
May 15 2026 04:43:57 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dandadev/public_html/wp-content/updraft/backup_2026-05-14-1453_Dandenong_Day_Nursery_971fd2a0e511-themes.zip
May 15 2026 04:43:57 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-14-0757_dwell_by_jo_66c70afb0e50-plugins.zip
May 15 2026 04:43:57 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-14-0757_dwell_by_jo_66c70afb0e50-themes.zip
May 15 2026 04:43:57 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-14-0757_dwell_by_jo_66c70afb0e50-others.zip
May 15 2026 04:43:57 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/giraffedocklands/public_html/wp-content/updraft/backup_2026-05-15-0006_Giraffe_Early_Learning_Centre_Do_376a40cc0884-plugins.zip
May 15 2026 04:43:57 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/gwfencin/public_html/wp-content/updraft/backup_2026-05-14-1854_GW_Fencing_b23d517ece55-plugins.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/hbtwocom/public_html/wp-content/updraft/backup_2026-05-14-1022_Hot_Books_Bookkeeping_20_96b639579c2d-themes.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/impeccablerenova/public_html/wp-content/updraft/backup_2026-05-14-1027_Impeccable_Renovations_407de15a5a5f-themes.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/italiasg/public_html/wp-content/updraft/backup_2026-05-14-0649_Italia_Stone_8cb36264148c-plugins.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-14-1005_Australian_Jewish_Association_5e8dd4fc312c-others.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/makifimc/public_html/wp-content/updraft/backup_2026-05-14-1010_MAKIFIM_67810d22e655-themes.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-15-0009_Organic_Numbers_9c9aaf0f7b9a-themes.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/rowlweb/public_html/wp-content/updraft/backup_2026-05-14-1455_Rowland_Contractors_3d8786f88ab0-themes.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-14-2306_Smile_on_Seniors_065f8a89e8ae-themes.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-14-2306_Smile_on_Seniors_065f8a89e8ae-others.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/swanrive/public_html/wp-content/updraft/backup_2026-05-14-0600_Swan_River_Sailing_5fa746f330bc-themes.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/transchemcom/public_html/wp-content/updraft/backup_2026-05-14-1000_TransChem_9cc9dfbde151-others.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/xsalcom/public_html/wp-content/updraft/backup_2026-05-14-0716_Xsal_Real_Estate_6adbe48ba182-plugins.zip
May 15 2026 04:43:58 cwp2 maldet(4897): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 10901, malware hits 23, cleaned hits 0, time 2930s
May 15 2026 04:43:58 cwp2 maldet(4897): {scan} scan report saved, to view run: maldet --report 260515-0355.4897
May 15 2026 04:43:58 cwp2 maldet(4897): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260515-0355.4897
May 16 2026 03:33:33 cwp2 maldet(26526): {update} checking for available updates...
May 16 2026 03:33:34 cwp2 maldet(26526): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 16 2026 03:33:34 cwp2 maldet(26526): {update} hashing install files and checking against server...
May 16 2026 03:33:35 cwp2 maldet(26526): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 16 2026 03:33:35 cwp2 maldet(26526): {update} latest version already installed.
May 16 2026 03:33:36 cwp2 maldet(27234): {sigup} performing signature update check...
May 16 2026 03:33:36 cwp2 maldet(27234): {sigup} local signature set is version 2026051290484
May 16 2026 03:33:36 cwp2 maldet(27234): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 16 2026 03:33:36 cwp2 maldet(27234): {sigup} latest signature set already installed
May 16 2026 03:33:37 cwp2 maldet(27919): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 16 2026 03:33:38 cwp2 maldet(27919): {scan} signatures loaded: 51468 (45387 MD5 | 2375 HEX | 3706 YARA | 0 USER)
May 16 2026 03:33:38 cwp2 maldet(27919): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 16 2026 03:33:38 cwp2 maldet(27919): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 16 2026 03:33:38 cwp2 maldet(27919): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 16 2026 03:35:58 cwp2 maldet(27919): {scan} file list completed in 140s, found 41028 files...
May 16 2026 03:35:58 cwp2 maldet(27919): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 16 2026 03:35:58 cwp2 maldet(27919): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (41028 files) in progress...
May 16 2026 04:44:22 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-15-1847_All_Sport_Projects_722f4a3a0dd2-themes.zip
May 16 2026 04:44:22 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-15-1847_All_Sport_Projects_722f4a3a0dd2-others.zip
May 16 2026 04:44:22 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bayswaterhs/public_html/wp-content/updraft/backup_2026-05-15-1048_Bayswater_Historical_Society_968845579b1f-themes.zip
May 16 2026 04:44:22 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-16-0006_Shnei_Ohr_Chabad_North_Caulfield_0db8f7e93c86-others.zip
May 16 2026 04:44:22 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-16-0006_Shnei_Ohr_Chabad_North_Caulfield_0db8f7e93c86-themes.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dandadev/public_html/wp-content/updraft/backup_2026-05-15-1503_Dandenong_Day_Nursery_e3dead8a1786-themes.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-15-0757_dwell_by_jo_f1a3f8d18b0f-themes.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-15-0757_dwell_by_jo_f1a3f8d18b0f-plugins.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-15-0757_dwell_by_jo_f1a3f8d18b0f-others.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/giraffedocklands/public_html/wp-content/updraft/backup_2026-05-16-0006_Giraffe_Early_Learning_Centre_Do_5e3359a66374-plugins.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/gwfencin/public_html/wp-content/updraft/backup_2026-05-15-1850_GW_Fencing_9e826aaba894-plugins.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/hbtwocom/public_html/wp-content/updraft/backup_2026-05-15-1026_Hot_Books_Bookkeeping_20_090426301be9-themes.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/impeccablerenova/public_html/wp-content/updraft/backup_2026-05-15-1027_Impeccable_Renovations_90ec36d51adc-themes.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/italiasg/public_html/wp-content/updraft/backup_2026-05-15-0644_Italia_Stone_16d5b55e509b-plugins.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-15-1449_Australian_Jewish_Association_42387edd86d0-others.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-14-1005_Australian_Jewish_Association_5e8dd4fc312c-others.zip
May 16 2026 04:44:23 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/makifimc/public_html/wp-content/updraft/backup_2026-05-15-1014_MAKIFIM_4759a03bfbd7-themes.zip
May 16 2026 04:44:24 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-16-0011_Organic_Numbers_68433631c5a0-themes.zip
May 16 2026 04:44:24 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/rowlweb/public_html/wp-content/updraft/backup_2026-05-15-1515_Rowland_Contractors_9cb3d29f1b73-themes.zip
May 16 2026 04:44:24 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-15-2306_Smile_on_Seniors_259a9325ed97-themes.zip
May 16 2026 04:44:24 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-15-2306_Smile_on_Seniors_259a9325ed97-others.zip
May 16 2026 04:44:24 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/transchemcom/public_html/wp-content/updraft/backup_2026-05-15-1000_TransChem_1135f38febd3-others.zip
May 16 2026 04:44:24 cwp2 maldet(27919): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/xsalcom/public_html/wp-content/updraft/backup_2026-05-15-0711_Xsal_Real_Estate_b64e21fc5b42-plugins.zip
May 16 2026 04:44:24 cwp2 maldet(27919): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 41028, malware hits 23, cleaned hits 0, time 4247s
May 16 2026 04:44:24 cwp2 maldet(27919): {scan} scan report saved, to view run: maldet --report 260516-0333.27919
May 16 2026 04:44:24 cwp2 maldet(27919): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260516-0333.27919
May 17 2026 03:36:01 cwp2 maldet(61604): {update} checking for available updates...
May 17 2026 03:36:02 cwp2 maldet(61604): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 17 2026 03:36:02 cwp2 maldet(61604): {update} hashing install files and checking against server...
May 17 2026 03:36:02 cwp2 maldet(61604): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 17 2026 03:36:02 cwp2 maldet(61604): {update} latest version already installed.
May 17 2026 03:36:03 cwp2 maldet(62302): {sigup} performing signature update check...
May 17 2026 03:36:03 cwp2 maldet(62302): {sigup} local signature set is version 2026051290484
May 17 2026 03:36:03 cwp2 maldet(62302): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 17 2026 03:36:04 cwp2 maldet(62302): {sigup} latest signature set already installed
May 17 2026 03:36:04 cwp2 maldet(62971): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 17 2026 03:36:05 cwp2 maldet(62971): {scan} signatures loaded: 51468 (45387 MD5 | 2375 HEX | 3706 YARA | 0 USER)
May 17 2026 03:36:05 cwp2 maldet(62971): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 17 2026 03:36:05 cwp2 maldet(62971): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 17 2026 03:36:05 cwp2 maldet(62971): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 17 2026 03:38:29 cwp2 maldet(62971): {scan} file list completed in 144s, found 3596 files...
May 17 2026 03:38:29 cwp2 maldet(62971): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 17 2026 03:38:29 cwp2 maldet(62971): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (3596 files) in progress...
May 17 2026 04:21:41 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-16-1840_All_Sport_Projects_439b825ffb28-themes.zip
May 17 2026 04:21:41 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-16-1840_All_Sport_Projects_439b825ffb28-others.zip
May 17 2026 04:21:41 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bayswaterhs/public_html/wp-content/updraft/backup_2026-05-16-1048_Bayswater_Historical_Society_229023b18d03-themes.zip
May 17 2026 04:21:41 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-17-0008_Shnei_Ohr_Chabad_North_Caulfield_68cd2a9ea7be-others.zip
May 17 2026 04:21:41 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-17-0008_Shnei_Ohr_Chabad_North_Caulfield_68cd2a9ea7be-themes.zip
May 17 2026 04:21:41 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dandadev/public_html/wp-content/updraft/backup_2026-05-16-1551_Dandenong_Day_Nursery_bd2a6c3b3226-themes.zip
May 17 2026 04:21:41 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-16-0757_dwell_by_jo_7b7a804bc2e9-themes.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-16-0757_dwell_by_jo_7b7a804bc2e9-others.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-16-0757_dwell_by_jo_7b7a804bc2e9-plugins.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/giraffedocklands/public_html/wp-content/updraft/backup_2026-05-17-0006_Giraffe_Early_Learning_Centre_Do_8975c89954f4-plugins.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/gwfencin/public_html/wp-content/updraft/backup_2026-05-16-1928_GW_Fencing_ff90de0d358a-plugins.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/hbtwocom/public_html/wp-content/updraft/backup_2026-05-16-1031_Hot_Books_Bookkeeping_20_ac6da9021918-themes.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/impeccablerenova/public_html/wp-content/updraft/backup_2026-05-16-1023_Impeccable_Renovations_02102bb8fda1-themes.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/italiasg/public_html/wp-content/updraft/backup_2026-05-16-0641_Italia_Stone_b97fbc4a32f5-plugins.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-16-1005_Australian_Jewish_Association_39cc20b8a19d-others.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/makifimc/public_html/wp-content/updraft/backup_2026-05-16-1021_MAKIFIM_4af75186639c-themes.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-17-0007_Organic_Numbers_78ed0b814700-themes.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/rowlweb/public_html/wp-content/updraft/backup_2026-05-16-1506_Rowland_Contractors_deaef9b4199c-themes.zip
May 17 2026 04:21:42 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-16-2305_Smile_on_Seniors_d0c917f45e7a-others.zip
May 17 2026 04:21:43 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-16-2305_Smile_on_Seniors_d0c917f45e7a-themes.zip
May 17 2026 04:21:43 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/swanrive/public_html/wp-content/updraft/backup_2026-05-16-0557_Swan_River_Sailing_30c2f860adec-themes.zip
May 17 2026 04:21:43 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/transchemcom/public_html/wp-content/updraft/backup_2026-05-16-1000_TransChem_3f4d862f806b-others.zip
May 17 2026 04:21:43 cwp2 maldet(62971): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/xsalcom/public_html/wp-content/updraft/backup_2026-05-16-0716_Xsal_Real_Estate_f7bcb4b0615a-plugins.zip
May 17 2026 04:21:43 cwp2 maldet(62971): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 3596, malware hits 23, cleaned hits 0, time 2739s
May 17 2026 04:21:43 cwp2 maldet(62971): {scan} scan report saved, to view run: maldet --report 260517-0336.62971
May 17 2026 04:21:43 cwp2 maldet(62971): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260517-0336.62971
May 18 2026 03:46:41 cwp2 maldet(22950): {update} checking for available updates...
May 18 2026 03:46:41 cwp2 maldet(22950): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 18 2026 03:46:41 cwp2 maldet(22950): {update} hashing install files and checking against server...
May 18 2026 03:46:42 cwp2 maldet(22950): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 18 2026 03:46:42 cwp2 maldet(22950): {update} latest version already installed.
May 18 2026 03:46:43 cwp2 maldet(23667): {sigup} performing signature update check...
May 18 2026 03:46:43 cwp2 maldet(23667): {sigup} local signature set is version 2026051290484
May 18 2026 03:46:43 cwp2 maldet(23667): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 18 2026 03:46:43 cwp2 maldet(23667): {sigup} latest signature set already installed
May 18 2026 03:46:44 cwp2 maldet(24365): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 18 2026 03:46:45 cwp2 maldet(24365): {scan} signatures loaded: 51468 (45387 MD5 | 2375 HEX | 3706 YARA | 0 USER)
May 18 2026 03:46:45 cwp2 maldet(24365): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 18 2026 03:46:45 cwp2 maldet(24365): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 18 2026 03:46:45 cwp2 maldet(24365): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 18 2026 03:49:17 cwp2 maldet(24365): {scan} file list completed in 151s, found 3176 files...
May 18 2026 03:49:17 cwp2 maldet(24365): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 18 2026 03:49:17 cwp2 maldet(24365): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (3176 files) in progress...
May 18 2026 04:32:13 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-17-1846_All_Sport_Projects_d0d9a01a3934-others.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-17-1846_All_Sport_Projects_d0d9a01a3934-themes.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bayswaterhs/public_html/wp-content/updraft/backup_2026-05-17-1048_Bayswater_Historical_Society_f0175166f3a2-themes.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-18-0007_Shnei_Ohr_Chabad_North_Caulfield_7aa58e11278d-others.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-18-0007_Shnei_Ohr_Chabad_North_Caulfield_7aa58e11278d-themes.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dandadev/public_html/wp-content/updraft/backup_2026-05-17-1503_Dandenong_Day_Nursery_17977fde8ac7-themes.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-17-0757_dwell_by_jo_42374f963ab8-plugins.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-17-0757_dwell_by_jo_42374f963ab8-themes.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-17-0757_dwell_by_jo_42374f963ab8-others.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/giraffedocklands/public_html/wp-content/updraft/backup_2026-05-18-0005_Giraffe_Early_Learning_Centre_Do_6f2c3cbaf56f-plugins.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/gwfencin/public_html/wp-content/updraft/backup_2026-05-17-1903_GW_Fencing_13ffde6fa8f3-plugins.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/hbtwocom/public_html/wp-content/updraft/backup_2026-05-17-1034_Hot_Books_Bookkeeping_20_4d9736c3dbe5-themes.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/impeccablerenova/public_html/wp-content/updraft/backup_2026-05-17-1024_Impeccable_Renovations_7b0bf98ff270-themes.zip
May 18 2026 04:32:14 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/italiasg/public_html/wp-content/updraft/backup_2026-05-17-0645_Italia_Stone_4a1ce73d6bcd-plugins.zip
May 18 2026 04:32:15 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-17-1007_Australian_Jewish_Association_8d7f5e32ce0c-others.zip
May 18 2026 04:32:15 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/makifimc/public_html/wp-content/updraft/backup_2026-05-17-1033_MAKIFIM_aebc001bcd5c-themes.zip
May 18 2026 04:32:15 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-18-0008_Organic_Numbers_9d4ebbec51fb-themes.zip
May 18 2026 04:32:15 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/rowlweb/public_html/wp-content/updraft/backup_2026-05-17-1504_Rowland_Contractors_36f01ab60694-themes.zip
May 18 2026 04:32:15 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-17-2306_Smile_on_Seniors_e93b83f27fd2-themes.zip
May 18 2026 04:32:15 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-17-2306_Smile_on_Seniors_e93b83f27fd2-others.zip
May 18 2026 04:32:15 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/transchemcom/public_html/wp-content/updraft/backup_2026-05-17-1000_TransChem_0cc6baaaa731-others.zip
May 18 2026 04:32:15 cwp2 maldet(24365): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/xsalcom/public_html/wp-content/updraft/backup_2026-05-17-0721_Xsal_Real_Estate_a1bbc21a49d1-plugins.zip
May 18 2026 04:32:15 cwp2 maldet(24365): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 3176, malware hits 22, cleaned hits 0, time 2731s
May 18 2026 04:32:15 cwp2 maldet(24365): {scan} scan report saved, to view run: maldet --report 260518-0346.24365
May 18 2026 04:32:15 cwp2 maldet(24365): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260518-0346.24365
May 19 2026 04:16:27 cwp2 maldet(42944): {update} checking for available updates...
May 19 2026 04:16:27 cwp2 maldet(42944): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 19 2026 04:16:27 cwp2 maldet(42944): {update} hashing install files and checking against server...
May 19 2026 04:16:28 cwp2 maldet(42944): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 19 2026 04:16:28 cwp2 maldet(42944): {update} latest version already installed.
May 19 2026 04:16:29 cwp2 maldet(43654): {sigup} performing signature update check...
May 19 2026 04:16:29 cwp2 maldet(43654): {sigup} local signature set is version 2026051290484
May 19 2026 04:16:30 cwp2 maldet(43654): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 19 2026 04:16:30 cwp2 maldet(43654): {sigup} latest signature set already installed
May 19 2026 04:16:30 cwp2 maldet(44347): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 19 2026 04:16:31 cwp2 maldet(44347): {scan} signatures loaded: 51468 (45387 MD5 | 2375 HEX | 3706 YARA | 0 USER)
May 19 2026 04:16:31 cwp2 maldet(44347): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 19 2026 04:16:31 cwp2 maldet(44347): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 19 2026 04:16:31 cwp2 maldet(44347): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 19 2026 04:19:09 cwp2 maldet(44347): {scan} file list completed in 158s, found 14540 files...
May 19 2026 04:19:09 cwp2 maldet(44347): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 19 2026 04:19:09 cwp2 maldet(44347): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (14540 files) in progress...
May 19 2026 05:05:26 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-18-1842_All_Sport_Projects_3fe063ae8a74-themes.zip
May 19 2026 05:05:26 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-18-1842_All_Sport_Projects_3fe063ae8a74-others.zip
May 19 2026 05:05:26 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bayswaterhs/public_html/wp-content/updraft/backup_2026-05-18-1048_Bayswater_Historical_Society_ba926823e6d7-themes.zip
May 19 2026 05:05:26 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-19-0008_Shnei_Ohr_Chabad_North_Caulfield_69367d608dbe-themes.zip
May 19 2026 05:05:26 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-19-0008_Shnei_Ohr_Chabad_North_Caulfield_69367d608dbe-others.zip
May 19 2026 05:05:26 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dandadev/public_html/wp-content/updraft/backup_2026-05-18-1448_Dandenong_Day_Nursery_2b7b691245ae-themes.zip
May 19 2026 05:05:26 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-18-0756_dwell_by_jo_3c16379f507e-themes.zip
May 19 2026 05:05:26 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-18-0756_dwell_by_jo_3c16379f507e-plugins.zip
May 19 2026 05:05:26 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-18-0756_dwell_by_jo_3c16379f507e-others.zip
May 19 2026 05:05:26 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/giraffedocklands/public_html/wp-content/updraft/backup_2026-05-19-0009_Giraffe_Early_Learning_Centre_Do_f74a5903629f-plugins.zip
May 19 2026 05:05:26 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/gwfencin/public_html/wp-content/updraft/backup_2026-05-18-1908_GW_Fencing_b05ab05c3f24-plugins.zip
May 19 2026 05:05:27 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/hbtwocom/public_html/wp-content/updraft/backup_2026-05-18-1031_Hot_Books_Bookkeeping_20_93480404749c-themes.zip
May 19 2026 05:05:27 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/impeccablerenova/public_html/wp-content/updraft/backup_2026-05-18-1022_Impeccable_Renovations_afaee3e8b878-themes.zip
May 19 2026 05:05:27 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/italiasg/public_html/wp-content/updraft/backup_2026-05-18-0642_Italia_Stone_6cf1387190a6-plugins.zip
May 19 2026 05:05:27 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-18-1005_Australian_Jewish_Association_d781af724208-others.zip
May 19 2026 05:05:27 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/makifimc/public_html/wp-content/updraft/backup_2026-05-18-1011_MAKIFIM_a38cf44125f0-themes.zip
May 19 2026 05:05:27 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-19-0007_Organic_Numbers_a4a33e3f875c-themes.zip
May 19 2026 05:05:27 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/rowlweb/public_html/wp-content/updraft/backup_2026-05-18-1537_Rowland_Contractors_d4ca023d3b18-themes.zip
May 19 2026 05:05:27 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-18-2306_Smile_on_Seniors_9233760b590c-others.zip
May 19 2026 05:05:27 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-18-2306_Smile_on_Seniors_9233760b590c-themes.zip
May 19 2026 05:05:27 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/swanrive/public_html/wp-content/updraft/backup_2026-05-18-0557_Swan_River_Sailing_ae68331400e6-themes.zip
May 19 2026 05:05:27 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/transchemcom/public_html/wp-content/updraft/backup_2026-05-18-1001_TransChem_0abb5bb55fac-others.zip
May 19 2026 05:05:28 cwp2 maldet(44347): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/xsalcom/public_html/wp-content/updraft/backup_2026-05-18-0712_Xsal_Real_Estate_d7ab74710ecf-plugins.zip
May 19 2026 05:05:28 cwp2 maldet(44347): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 14540, malware hits 23, cleaned hits 0, time 2937s
May 19 2026 05:05:28 cwp2 maldet(44347): {scan} scan report saved, to view run: maldet --report 260519-0416.44347
May 19 2026 05:05:28 cwp2 maldet(44347): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260519-0416.44347
May 20 2026 03:51:10 cwp2 maldet(61861): {update} checking for available updates...
May 20 2026 03:51:10 cwp2 maldet(61861): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 20 2026 03:51:11 cwp2 maldet(61861): {update} hashing install files and checking against server...
May 20 2026 03:51:11 cwp2 maldet(61861): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 20 2026 03:51:11 cwp2 maldet(61861): {update} latest version already installed.
May 20 2026 03:51:12 cwp2 maldet(62549): {sigup} performing signature update check...
May 20 2026 03:51:12 cwp2 maldet(62549): {sigup} local signature set is version 2026051290484
May 20 2026 03:51:12 cwp2 maldet(62549): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 20 2026 03:51:12 cwp2 maldet(62549): {sigup} latest signature set already installed
May 20 2026 03:51:13 cwp2 maldet(63217): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 20 2026 03:51:14 cwp2 maldet(63217): {scan} signatures loaded: 51468 (45387 MD5 | 2375 HEX | 3706 YARA | 0 USER)
May 20 2026 03:51:14 cwp2 maldet(63217): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 20 2026 03:51:14 cwp2 maldet(63217): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 20 2026 03:51:14 cwp2 maldet(63217): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 20 2026 03:54:47 cwp2 maldet(63217): {scan} file list completed in 213s, found 8833 files...
May 20 2026 03:54:47 cwp2 maldet(63217): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 20 2026 03:54:47 cwp2 maldet(63217): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (8833 files) in progress...
May 20 2026 04:39:43 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-19-1842_All_Sport_Projects_227ef8264d84-themes.zip
May 20 2026 04:39:43 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-19-1842_All_Sport_Projects_227ef8264d84-others.zip
May 20 2026 04:39:43 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bayswaterhs/public_html/wp-content/updraft/backup_2026-05-19-1048_Bayswater_Historical_Society_a373c44cffb7-themes.zip
May 20 2026 04:39:43 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bfcgcom/public_html/wp-content/updraft/backup_2026-05-19-1159_BampF_Consolidated_Group_1640836a01a4-plugins.zip
May 20 2026 04:39:43 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-20-0007_Shnei_Ohr_Chabad_North_Caulfield_917aa8cbcdcc-others.zip
May 20 2026 04:39:43 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-20-0007_Shnei_Ohr_Chabad_North_Caulfield_917aa8cbcdcc-themes.zip
May 20 2026 04:39:43 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dandadev/public_html/wp-content/updraft/backup_2026-05-19-1523_Dandenong_Day_Nursery_5a89f427a5a4-themes.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-19-0757_dwell_by_jo_e98fcd3c5ad2-themes.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-19-0757_dwell_by_jo_e98fcd3c5ad2-others.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-19-0757_dwell_by_jo_e98fcd3c5ad2-plugins.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/giraffedocklands/public_html/wp-content/updraft/backup_2026-05-20-0009_Giraffe_Early_Learning_Centre_Do_6fbb7af5edfe-plugins.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/gwfencin/public_html/wp-content/updraft/backup_2026-05-19-1859_GW_Fencing_9ff8e6d79083-plugins.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/hbtwocom/public_html/wp-content/updraft/backup_2026-05-19-1023_Hot_Books_Bookkeeping_20_701339cd53bc-themes.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/impeccablerenova/public_html/wp-content/updraft/backup_2026-05-19-1022_Impeccable_Renovations_19816768614e-themes.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/italiasg/public_html/wp-content/updraft/backup_2026-05-19-0653_Italia_Stone_7805b5c897eb-plugins.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-19-1005_Australian_Jewish_Association_d5fb10169e35-others.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/makifimc/public_html/wp-content/updraft/backup_2026-05-19-1031_MAKIFIM_a35a6f4f5739-themes.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-20-0005_Organic_Numbers_de906306db67-themes.zip
May 20 2026 04:39:44 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/rowlweb/public_html/wp-content/updraft/backup_2026-05-19-1453_Rowland_Contractors_dbca958b4e23-themes.zip
May 20 2026 04:39:45 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-19-2305_Smile_on_Seniors_98e32bc53f83-themes.zip
May 20 2026 04:39:45 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-19-2305_Smile_on_Seniors_98e32bc53f83-others.zip
May 20 2026 04:39:45 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/transchemcom/public_html/wp-content/updraft/backup_2026-05-19-1000_TransChem_09c9798283fa-others.zip
May 20 2026 04:39:45 cwp2 maldet(63217): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/xsalcom/public_html/wp-content/updraft/backup_2026-05-19-0712_Xsal_Real_Estate_b4f05a91f5d9-plugins.zip
May 20 2026 04:39:45 cwp2 maldet(63217): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 8833, malware hits 23, cleaned hits 0, time 2912s
May 20 2026 04:39:45 cwp2 maldet(63217): {scan} scan report saved, to view run: maldet --report 260520-0351.63217
May 20 2026 04:39:45 cwp2 maldet(63217): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260520-0351.63217
May 21 2026 04:06:33 cwp2 maldet(52172): {update} checking for available updates...
May 21 2026 04:06:34 cwp2 maldet(52172): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 21 2026 04:06:34 cwp2 maldet(52172): {update} hashing install files and checking against server...
May 21 2026 04:06:34 cwp2 maldet(52172): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 21 2026 04:06:34 cwp2 maldet(52172): {update} latest version already installed.
May 21 2026 04:06:35 cwp2 maldet(52896): {sigup} performing signature update check...
May 21 2026 04:06:35 cwp2 maldet(52896): {sigup} local signature set is version 2026051290484
May 21 2026 04:06:35 cwp2 maldet(52896): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 21 2026 04:06:36 cwp2 maldet(52896): {sigup} latest signature set already installed
May 21 2026 04:06:36 cwp2 maldet(53597): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 21 2026 04:06:38 cwp2 maldet(53597): {scan} signatures loaded: 51468 (45387 MD5 | 2375 HEX | 3706 YARA | 0 USER)
May 21 2026 04:06:38 cwp2 maldet(53597): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 21 2026 04:06:38 cwp2 maldet(53597): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 21 2026 04:06:38 cwp2 maldet(53597): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 21 2026 04:18:06 cwp2 maldet(53597): {scan} file list completed in 688s, found 35720 files...
May 21 2026 04:18:06 cwp2 maldet(53597): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 21 2026 04:18:06 cwp2 maldet(53597): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (35720 files) in progress...
May 21 2026 05:15:55 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-20-1842_All_Sport_Projects_eaf72c380dac-themes.zip
May 21 2026 05:15:55 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-20-1842_All_Sport_Projects_eaf72c380dac-others.zip
May 21 2026 05:15:55 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bayswaterhs/public_html/wp-content/updraft/backup_2026-05-20-1048_Bayswater_Historical_Society_1f922cfd2fe5-themes.zip
May 21 2026 05:15:55 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bfcgcom/public_html/wp-content/updraft/backup_2026-05-20-1210_BampF_Consolidated_Group_ad85f84d16c4-plugins.zip
May 21 2026 05:15:55 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-21-0007_Shnei_Ohr_Chabad_North_Caulfield_897eaccb7cfb-themes.zip
May 21 2026 05:15:56 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-21-0007_Shnei_Ohr_Chabad_North_Caulfield_897eaccb7cfb-others.zip
May 21 2026 05:15:56 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dandadev/public_html/wp-content/updraft/backup_2026-05-20-1500_Dandenong_Day_Nursery_a46af99b44ef-themes.zip
May 21 2026 05:15:56 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-20-0757_dwell_by_jo_42d547c0b5f8-themes.zip
May 21 2026 05:15:56 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-20-0757_dwell_by_jo_42d547c0b5f8-others.zip
May 21 2026 05:15:56 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-20-0757_dwell_by_jo_42d547c0b5f8-plugins.zip
May 21 2026 05:15:56 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/giraffedocklands/public_html/wp-content/updraft/backup_2026-05-21-0005_Giraffe_Early_Learning_Centre_Do_aa29ca826efc-plugins.zip
May 21 2026 05:15:56 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/gwfencin/public_html/wp-content/updraft/backup_2026-05-20-1925_GW_Fencing_0f15a72e5e3e-plugins.zip
May 21 2026 05:15:56 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/hbtwocom/public_html/wp-content/updraft/backup_2026-05-20-1030_Hot_Books_Bookkeeping_20_3a5c59a77b09-themes.zip
May 21 2026 05:15:56 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/impeccablerenova/public_html/wp-content/updraft/backup_2026-05-20-1025_Impeccable_Renovations_9a5827c051c4-themes.zip
May 21 2026 05:15:56 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/italiasg/public_html/wp-content/updraft/backup_2026-05-20-0648_Italia_Stone_ac2b0c5f405d-plugins.zip
May 21 2026 05:15:56 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-20-1005_Australian_Jewish_Association_a46e96f352b9-others.zip
May 21 2026 05:15:57 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/makifimc/public_html/wp-content/updraft/backup_2026-05-20-1125_MAKIFIM_f5582cde5111-themes.zip
May 21 2026 05:15:57 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-21-0007_Organic_Numbers_71f7d675fe0d-themes.zip
May 21 2026 05:15:57 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/rowlweb/public_html/wp-content/updraft/backup_2026-05-20-1450_Rowland_Contractors_76f9184bf34b-themes.zip
May 21 2026 05:15:57 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-20-2305_Smile_on_Seniors_a66051244447-others.zip
May 21 2026 05:15:57 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-20-2305_Smile_on_Seniors_a66051244447-themes.zip
May 21 2026 05:15:57 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/swanrive/public_html/wp-content/updraft/backup_2026-05-20-0556_Swan_River_Sailing_99de0cff5bd8-themes.zip
May 21 2026 05:15:57 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/transchemcom/public_html/wp-content/updraft/backup_2026-05-20-1001_TransChem_adc30df04767-others.zip
May 21 2026 05:15:57 cwp2 maldet(53597): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/xsalcom/public_html/wp-content/updraft/backup_2026-05-20-0728_Xsal_Real_Estate_eb9ac466b0ae-plugins.zip
May 21 2026 05:15:57 cwp2 maldet(53597): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 35720, malware hits 24, cleaned hits 0, time 4161s
May 21 2026 05:15:57 cwp2 maldet(53597): {scan} scan report saved, to view run: maldet --report 260521-0406.53597
May 21 2026 05:15:57 cwp2 maldet(53597): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260521-0406.53597
May 22 2026 04:08:55 cwp2 maldet(17072): {update} checking for available updates...
May 22 2026 04:08:55 cwp2 maldet(17072): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 22 2026 04:08:55 cwp2 maldet(17072): {update} hashing install files and checking against server...
May 22 2026 04:08:56 cwp2 maldet(17072): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 22 2026 04:08:56 cwp2 maldet(17072): {update} latest version already installed.
May 22 2026 04:08:56 cwp2 maldet(17787): {sigup} performing signature update check...
May 22 2026 04:08:56 cwp2 maldet(17787): {sigup} local signature set is version 2026051290484
May 22 2026 04:08:57 cwp2 maldet(17787): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 22 2026 04:08:58 cwp2 maldet(17787): {sigup} latest signature set already installed
May 22 2026 04:08:58 cwp2 maldet(18505): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 22 2026 04:08:59 cwp2 maldet(18505): {scan} signatures loaded: 51468 (45387 MD5 | 2375 HEX | 3706 YARA | 0 USER)
May 22 2026 04:08:59 cwp2 maldet(18505): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 22 2026 04:08:59 cwp2 maldet(18505): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 22 2026 04:08:59 cwp2 maldet(18505): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 22 2026 04:20:48 cwp2 maldet(18505): {scan} file list completed in 709s, found 36081 files...
May 22 2026 04:20:48 cwp2 maldet(18505): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 22 2026 04:20:48 cwp2 maldet(18505): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (36081 files) in progress...
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-21-1842_All_Sport_Projects_ea6e4f75c4fc-themes.zip
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-21-1842_All_Sport_Projects_ea6e4f75c4fc-others.zip
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bayswaterhs/public_html/wp-content/updraft/backup_2026-05-21-1048_Bayswater_Historical_Society_3bbb42861c2a-themes.zip
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bfcgcom/public_html/wp-content/updraft/backup_2026-05-21-1204_BampF_Consolidated_Group_d5878f170694-plugins.zip
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-22-0008_Shnei_Ohr_Chabad_North_Caulfield_775bcf824466-others.zip
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-22-0008_Shnei_Ohr_Chabad_North_Caulfield_775bcf824466-themes.zip
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dandadev/public_html/wp-content/updraft/backup_2026-05-21-1458_Dandenong_Day_Nursery_36fada7facf5-themes.zip
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-21-0757_dwell_by_jo_eec5be0cb8cb-plugins.zip
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-21-0757_dwell_by_jo_eec5be0cb8cb-themes.zip
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-21-0757_dwell_by_jo_eec5be0cb8cb-others.zip
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/giraffedocklands/public_html/wp-content/updraft/backup_2026-05-22-0005_Giraffe_Early_Learning_Centre_Do_72ccda9dc90b-plugins.zip
May 22 2026 05:06:31 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/gwfencin/public_html/wp-content/updraft/backup_2026-05-21-1843_GW_Fencing_beba059b6483-plugins.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/hbtwocom/public_html/wp-content/updraft/backup_2026-05-21-1023_Hot_Books_Bookkeeping_20_632c7345be60-themes.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/impeccablerenova/public_html/wp-content/updraft/backup_2026-05-21-1023_Impeccable_Renovations_acd9fb1c38ab-themes.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/italiasg/public_html/wp-content/updraft/backup_2026-05-21-0700_Italia_Stone_721668d70bec-plugins.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-21-1007_Australian_Jewish_Association_454b5641a442-others.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/makifimc/public_html/wp-content/updraft/backup_2026-05-21-1024_MAKIFIM_b963f81dabcf-themes.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-22-0005_Organic_Numbers_67f3353bdf81-themes.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/rowlweb/public_html/wp-content/updraft/backup_2026-05-21-1501_Rowland_Contractors_d469d6be24e0-themes.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-21-2305_Smile_on_Seniors_83399bc5a361-others.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-21-2305_Smile_on_Seniors_83399bc5a361-themes.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/swanrive/public_html/wp-content/updraft/backup_2026-05-21-0557_Swan_River_Sailing_c0ff2826ae4d-themes.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/transchemcom/public_html/wp-content/updraft/backup_2026-05-21-1000_TransChem_6e0b5368c385-others.zip
May 22 2026 05:06:32 cwp2 maldet(18505): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/xsalcom/public_html/wp-content/updraft/backup_2026-05-21-0714_Xsal_Real_Estate_2200339fb418-plugins.zip
May 22 2026 05:06:33 cwp2 maldet(18505): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 36081, malware hits 24, cleaned hits 0, time 3455s
May 22 2026 05:06:33 cwp2 maldet(18505): {scan} scan report saved, to view run: maldet --report 260522-0408.18505
May 22 2026 05:06:33 cwp2 maldet(18505): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260522-0408.18505
May 23 2026 03:57:07 cwp2 maldet(33234): {update} checking for available updates...
May 23 2026 03:57:08 cwp2 maldet(33234): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 23 2026 03:57:08 cwp2 maldet(33234): {update} hashing install files and checking against server...
May 23 2026 03:57:08 cwp2 maldet(33234): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 23 2026 03:57:08 cwp2 maldet(33234): {update} latest version already installed.
May 23 2026 03:57:09 cwp2 maldet(33931): {sigup} performing signature update check...
May 23 2026 03:57:09 cwp2 maldet(33931): {sigup} local signature set is version 2026051290484
May 23 2026 03:57:10 cwp2 maldet(33931): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 23 2026 03:57:10 cwp2 maldet(33931): {sigup} latest signature set already installed
May 23 2026 03:57:11 cwp2 maldet(34613): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 23 2026 03:57:12 cwp2 maldet(34613): {scan} signatures loaded: 51468 (45387 MD5 | 2375 HEX | 3706 YARA | 0 USER)
May 23 2026 03:57:12 cwp2 maldet(34613): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 23 2026 03:57:12 cwp2 maldet(34613): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 23 2026 03:57:12 cwp2 maldet(34613): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 23 2026 04:01:34 cwp2 maldet(34613): {scan} file list completed in 262s, found 15410 files...
May 23 2026 04:01:34 cwp2 maldet(34613): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 23 2026 04:01:34 cwp2 maldet(34613): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (15410 files) in progress...
May 23 2026 04:47:59 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-22-1841_All_Sport_Projects_50e889c8eda6-themes.zip
May 23 2026 04:47:59 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-22-1841_All_Sport_Projects_50e889c8eda6-others.zip
May 23 2026 04:47:59 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bayswaterhs/public_html/wp-content/updraft/backup_2026-05-22-1048_Bayswater_Historical_Society_6436bbb07b1d-themes.zip
May 23 2026 04:47:59 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bfcgcom/public_html/wp-content/updraft/backup_2026-05-22-1218_BampF_Consolidated_Group_54f88bb4a23b-plugins.zip
May 23 2026 04:47:59 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-23-0007_Shnei_Ohr_Chabad_North_Caulfield_39e084cc27b8-themes.zip
May 23 2026 04:47:59 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-23-0007_Shnei_Ohr_Chabad_North_Caulfield_39e084cc27b8-others.zip
May 23 2026 04:47:59 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dandadev/public_html/wp-content/updraft/backup_2026-05-22-1451_Dandenong_Day_Nursery_5d60dbb8dc92-themes.zip
May 23 2026 04:47:59 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-22-0757_dwell_by_jo_665ad684b1cf-others.zip
May 23 2026 04:47:59 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-22-0757_dwell_by_jo_665ad684b1cf-plugins.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-22-0757_dwell_by_jo_665ad684b1cf-themes.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/giraffedocklands/public_html/wp-content/updraft/backup_2026-05-23-0006_Giraffe_Early_Learning_Centre_Do_71106a7438ff-plugins.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/gwfencin/public_html/wp-content/updraft/backup_2026-05-22-1905_GW_Fencing_440b1d1d58bf-plugins.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/impeccablerenova/public_html/wp-content/updraft/backup_2026-05-22-1027_Impeccable_Renovations_e3e0b9cdf634-themes.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/italiasg/public_html/wp-content/updraft/backup_2026-05-22-0645_Italia_Stone_cf999740d6f4-plugins.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-22-1005_Australian_Jewish_Association_5d06ddcbe954-others.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/makifimc/public_html/wp-content/updraft/backup_2026-05-22-1049_MAKIFIM_5c973f73e4e5-themes.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-23-0006_Organic_Numbers_20fea3d774e5-themes.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/rowlweb/public_html/wp-content/updraft/backup_2026-05-22-1506_Rowland_Contractors_c3fc671c0ca8-themes.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-22-2305_Smile_on_Seniors_ff0f39d723a0-others.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-22-2305_Smile_on_Seniors_ff0f39d723a0-themes.zip
May 23 2026 04:48:00 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/swanrive/public_html/wp-content/updraft/backup_2026-05-22-0559_Swan_River_Sailing_59aec7d289d3-themes.zip
May 23 2026 04:48:01 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/transchemcom/public_html/wp-content/updraft/backup_2026-05-22-1001_TransChem_a6896945e84e-others.zip
May 23 2026 04:48:01 cwp2 maldet(34613): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/xsalcom/public_html/wp-content/updraft/backup_2026-05-22-0721_Xsal_Real_Estate_97b3c8caab12-plugins.zip
May 23 2026 04:48:01 cwp2 maldet(34613): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 15410, malware hits 23, cleaned hits 0, time 3050s
May 23 2026 04:48:01 cwp2 maldet(34613): {scan} scan report saved, to view run: maldet --report 260523-0357.34613
May 23 2026 04:48:01 cwp2 maldet(34613): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260523-0357.34613
May 24 2026 04:04:38 cwp2 maldet(55122): {update} checking for available updates...
May 24 2026 04:04:39 cwp2 maldet(55122): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 24 2026 04:04:39 cwp2 maldet(55122): {update} hashing install files and checking against server...
May 24 2026 04:04:40 cwp2 maldet(55122): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 24 2026 04:04:40 cwp2 maldet(55122): {update} latest version already installed.
May 24 2026 04:04:40 cwp2 maldet(55834): {sigup} performing signature update check...
May 24 2026 04:04:40 cwp2 maldet(55834): {sigup} local signature set is version 2026051290484
May 24 2026 04:04:41 cwp2 maldet(55834): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 24 2026 04:04:41 cwp2 maldet(55834): {sigup} new signature set 2026052390483 available
May 24 2026 04:04:41 cwp2 maldet(55834): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 24 2026 04:04:43 cwp2 maldet(55834): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 24 2026 04:04:43 cwp2 maldet(55834): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 24 2026 04:04:44 cwp2 maldet(55834): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 24 2026 04:04:44 cwp2 maldet(55834): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 24 2026 04:04:44 cwp2 maldet(55834): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 24 2026 04:04:44 cwp2 maldet(55834): {sigup} verified md5sum of maldet-sigpack.tgz
May 24 2026 04:04:45 cwp2 maldet(55834): {sigup} unpacked and installed maldet-sigpack.tgz
May 24 2026 04:04:46 cwp2 maldet(55834): {sigup} verified md5sum of maldet-clean.tgz
May 24 2026 04:04:46 cwp2 maldet(55834): {sigup} unpacked and installed maldet-clean.tgz
May 24 2026 04:04:46 cwp2 maldet(55834): {sigup} signature set update completed
May 24 2026 04:04:46 cwp2 maldet(55834): {sigup} 51467 signatures (45387 MD5 | 2374 HEX | 3706 YARA | 0 USER)
May 24 2026 04:04:47 cwp2 maldet(56640): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 24 2026 04:04:47 cwp2 maldet(56640): {scan} signatures loaded: 51467 (45387 MD5 | 2374 HEX | 3706 YARA | 0 USER)
May 24 2026 04:04:47 cwp2 maldet(56640): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 24 2026 04:04:47 cwp2 maldet(56640): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 24 2026 04:04:47 cwp2 maldet(56640): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 24 2026 04:09:29 cwp2 maldet(56640): {scan} file list completed in 282s, found 4503 files...
May 24 2026 04:09:29 cwp2 maldet(56640): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 24 2026 04:09:29 cwp2 maldet(56640): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (4503 files) in progress...
May 24 2026 04:48:18 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-23-1846_All_Sport_Projects_98a52f6351a4-others.zip
May 24 2026 04:48:18 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/allsport/public_html/wp-content/updraft/backup_2026-05-23-1846_All_Sport_Projects_98a52f6351a4-themes.zip
May 24 2026 04:48:18 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bayswaterhs/public_html/wp-content/updraft/backup_2026-05-23-1048_Bayswater_Historical_Society_7dcfa3c06731-themes.zip
May 24 2026 04:48:18 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/bfcgcom/public_html/wp-content/updraft/backup_2026-05-23-1202_BampF_Consolidated_Group_89ea0506d913-plugins.zip
May 24 2026 04:48:18 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-24-0006_Shnei_Ohr_Chabad_North_Caulfield_c1e2cc7856f1-themes.zip
May 24 2026 04:48:18 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/chabadso/public_html/wp-content/updraft/backup_2026-05-24-0006_Shnei_Ohr_Chabad_North_Caulfield_c1e2cc7856f1-others.zip
May 24 2026 04:48:18 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dandadev/public_html/wp-content/updraft/backup_2026-05-23-1459_Dandenong_Day_Nursery_0062b490168c-themes.zip
May 24 2026 04:48:18 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-23-0757_dwell_by_jo_c618168f0d0f-plugins.zip
May 24 2026 04:48:18 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-23-0757_dwell_by_jo_c618168f0d0f-themes.zip
May 24 2026 04:48:18 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/dwellbyjocom/public_html/wp-content/updraft/backup_2026-05-23-0757_dwell_by_jo_c618168f0d0f-others.zip
May 24 2026 04:48:18 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/giraffedocklands/public_html/wp-content/updraft/backup_2026-05-24-0006_Giraffe_Early_Learning_Centre_Do_a37ca5a939dd-plugins.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/gwfencin/public_html/wp-content/updraft/backup_2026-05-23-1901_GW_Fencing_bc8a966becc5-plugins.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/impeccablerenova/public_html/wp-content/updraft/backup_2026-05-23-1023_Impeccable_Renovations_2a47c9c088e8-themes.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/italiasg/public_html/wp-content/updraft/backup_2026-05-23-0649_Italia_Stone_52d8a5cf0c64-plugins.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/jewishas/public_html/wp-content/updraft/backup_2026-05-23-1005_Australian_Jewish_Association_07e94f281439-others.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/makifimc/public_html/wp-content/updraft/backup_2026-05-23-1009_MAKIFIM_2fb9d0f88bc0-themes.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-24-0008_Organic_Numbers_02b4da620125-themes.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/rowlweb/public_html/wp-content/updraft/backup_2026-05-23-1538_Rowland_Contractors_6f24160fe4f1-themes.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-23-2308_Smile_on_Seniors_06097b427587-themes.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/smileons/public_html/wp-content/updraft/backup_2026-05-23-2308_Smile_on_Seniors_06097b427587-others.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/swanrive/public_html/wp-content/updraft/backup_2026-05-23-0602_Swan_River_Sailing_556cf4292260-themes.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {hit} malware hit {HEX}php.polyshell.jfif.phpcomment.704 found for /home/xsalcom/public_html/wp-content/updraft/backup_2026-05-23-0716_Xsal_Real_Estate_f1528f128925-plugins.zip
May 24 2026 04:48:19 cwp2 maldet(56640): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 4503, malware hits 22, cleaned hits 0, time 2612s
May 24 2026 04:48:19 cwp2 maldet(56640): {scan} scan report saved, to view run: maldet --report 260524-0404.56640
May 24 2026 04:48:19 cwp2 maldet(56640): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260524-0404.56640
May 25 2026 03:31:05 cwp2 maldet(11254): {update} checking for available updates...
May 25 2026 03:31:06 cwp2 maldet(11254): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 25 2026 03:31:06 cwp2 maldet(11254): {update} hashing install files and checking against server...
May 25 2026 03:31:07 cwp2 maldet(11254): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 25 2026 03:31:07 cwp2 maldet(11254): {update} latest version already installed.
May 25 2026 03:31:08 cwp2 maldet(11951): {sigup} performing signature update check...
May 25 2026 03:31:08 cwp2 maldet(11951): {sigup} local signature set is version 2026052390483
May 25 2026 03:31:08 cwp2 maldet(11951): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 25 2026 03:31:08 cwp2 maldet(11951): {sigup} new signature set 2026052490478 available
May 25 2026 03:31:08 cwp2 maldet(11951): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 25 2026 03:31:10 cwp2 maldet(11951): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
May 25 2026 03:31:11 cwp2 maldet(11951): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
May 25 2026 03:31:11 cwp2 maldet(11951): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 25 2026 03:31:11 cwp2 maldet(11951): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
May 25 2026 03:31:11 cwp2 maldet(11951): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
May 25 2026 03:31:11 cwp2 maldet(11951): {sigup} verified md5sum of maldet-sigpack.tgz
May 25 2026 03:31:13 cwp2 maldet(11951): {sigup} unpacked and installed maldet-sigpack.tgz
May 25 2026 03:31:13 cwp2 maldet(11951): {sigup} verified md5sum of maldet-clean.tgz
May 25 2026 03:31:13 cwp2 maldet(11951): {sigup} unpacked and installed maldet-clean.tgz
May 25 2026 03:31:13 cwp2 maldet(11951): {sigup} signature set update completed
May 25 2026 03:31:13 cwp2 maldet(11951): {sigup} 51464 signatures (45385 MD5 | 2373 HEX | 3706 YARA | 0 USER)
May 25 2026 03:31:14 cwp2 maldet(12759): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 25 2026 03:31:14 cwp2 maldet(12759): {scan} signatures loaded: 51464 (45385 MD5 | 2373 HEX | 3706 YARA | 0 USER)
May 25 2026 03:31:14 cwp2 maldet(12759): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 25 2026 03:31:14 cwp2 maldet(12759): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 25 2026 03:31:14 cwp2 maldet(12759): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 25 2026 03:38:18 cwp2 maldet(12759): {scan} file list completed in 424s, found 5512 files...
May 25 2026 03:38:18 cwp2 maldet(12759): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 25 2026 03:38:18 cwp2 maldet(12759): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (5512 files) in progress...
May 25 2026 04:21:26 cwp2 maldet(12759): {hit} malware hit {HEX}php.cmdshell.gifheader.399 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-25-0006_Organic_Numbers_c9469fd5c2b7-themes.zip
May 25 2026 04:21:26 cwp2 maldet(12759): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 5512, malware hits 1, cleaned hits 0, time 3012s
May 25 2026 04:21:26 cwp2 maldet(12759): {scan} scan report saved, to view run: maldet --report 260525-0331.12759
May 25 2026 04:21:26 cwp2 maldet(12759): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260525-0331.12759
May 26 2026 03:32:36 cwp2 maldet(22369): {update} checking for available updates...
May 26 2026 03:32:37 cwp2 maldet(22369): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
May 26 2026 03:32:37 cwp2 maldet(22369): {update} hashing install files and checking against server...
May 26 2026 03:32:37 cwp2 maldet(22369): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
May 26 2026 03:32:37 cwp2 maldet(22369): {update} latest version already installed.
May 26 2026 03:32:38 cwp2 maldet(23072): {sigup} performing signature update check...
May 26 2026 03:32:38 cwp2 maldet(23072): {sigup} local signature set is version 2026052490478
May 26 2026 03:32:39 cwp2 maldet(23072): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
May 26 2026 03:32:39 cwp2 maldet(23072): {sigup} latest signature set already installed
May 26 2026 03:32:39 cwp2 maldet(23747): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
May 26 2026 03:32:40 cwp2 maldet(23747): {scan} signatures loaded: 51464 (45385 MD5 | 2373 HEX | 3706 YARA | 0 USER)
May 26 2026 03:32:40 cwp2 maldet(23747): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
May 26 2026 03:32:40 cwp2 maldet(23747): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
May 26 2026 03:32:40 cwp2 maldet(23747): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -25976319c -not -perm 000 -not -uid 0 -not -gid 0
May 26 2026 03:42:19 cwp2 maldet(23747): {scan} file list completed in 579s, found 241259 files...
May 26 2026 03:42:19 cwp2 maldet(23747): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
May 26 2026 03:42:19 cwp2 maldet(23747): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (241259 files) in progress...
May 26 2026 05:17:56 cwp2 maldet(23747): {hit} malware hit {HEX}php.cmdshell.gifheader.399 found for /home/organicnumbersco/public_html/wp-content/updraft/backup_2026-05-26-0006_Organic_Numbers_cd3daf490bc2-themes.zip
May 26 2026 05:17:56 cwp2 maldet(23747): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 241259, malware hits 1, cleaned hits 0, time 6317s
May 26 2026 05:17:56 cwp2 maldet(23747): {scan} scan report saved, to view run: maldet --report 260526-0332.23747
May 26 2026 05:17:56 cwp2 maldet(23747): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 260526-0332.23747