

[1;33m Scan location:	/home/gordonpe/public_html/sjstudyclub.com
 [0m


[1;33m Scan location:	/home/gordonpe/acc.sjstudyclub.com
 [0m
/home/gordonpe/acc.sjstudyclub.com/sec/process1.php: YARA.infected_08_17_18_microsoft_phishing.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/process3.php: YARA.infected_08_17_18_microsoft_phishing.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/process4.php: YARA.infected_08_17_18_microsoft_phishing.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/process2.php: YARA.infected_08_17_18_microsoft_phishing.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/process5.php: YARA.infected_08_17_18_microsoft_phishing.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti6.php: YARA.PAYPAL_PHISHING_001_infected_06_08_18_case127_files_Antibots_anti.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti1.php: YARA.PAYPAL_PHISHING_001_infected_06_08_18_case127_files_Antibots_anti.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti3.php: YARA.PAYPAL_PHISHING_001_infected_06_08_18_case127_files_Antibots_anti.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti2.php: YARA.PAYPAL_PHISHING_001_infected_06_08_18_case127_files_Antibots_anti.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti4.php: YARA.PAYPAL_PHISHING_001_infected_06_08_18_case127_files_Antibots_anti.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti8.php: YARA.PAYPAL_PHISHING_001_infected_06_08_18_case127_files_Antibots_anti.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti7.php: YARA.PAYPAL_PHISHING_001_infected_06_08_18_case127_files_Antibots_anti.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/sec/process.php: YARA.infected_08_17_18_microsoft_phishing.UNOFFICIAL FOUND
/home/gordonpe/acc.sjstudyclub.com/secu.com.zip: YARA.PAYPAL_PHISHING_001_infected_06_08_18_case127_files_Antibots_anti.UNOFFICIAL FOUND


[1;33m Scan location:	/home/gordonpe/public_html/_wildcard_
 [0m


[1;33m Scan location:	/home/gordonpe/public_html
 [0m
/home/gordonpe/public_html/wp_includess/kutiyahoo/htaccess: YARA.htaccess.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp_includess/kutiyahoo.zip: YARA.htaccess.UNOFFICIAL FOUND
/home/gordonpe/public_html/qen/content/blocker.php: YARA.PAYPAL_PHISHING_001_infected_06_08_18_case127_files_Antibots_anti.UNOFFICIAL FOUND
/home/gordonpe/public_html/Dore/content/blocker.php: YARA.PAYPAL_PHISHING_001_infected_06_08_18_case127_files_Antibots_anti.UNOFFICIAL FOUND
/home/gordonpe/public_html/sdr/antibot.php: YARA.PAYPAL_PHISHING_001_infected_06_08_18_case127_files_Antibots_anti.UNOFFICIAL FOUND
/home/gordonpe/public_html/blog/index.php: {HEX}php.generic.malware.446.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp-includes/CN63agVARsL.php: YARA.WFYARAGEN_G4472_rules_1.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp-includes/mb5YC81zeQl.php: YARA.WFYARAGEN_G4472_rules_1.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp-includes/NAJ6YIqlkSm.php: YARA.WFYARAGEN_G4472_rules_1.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp-includes/r91xJI2LtcU.php: YARA.WFYARAGEN_G4472_rules_1.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp-includes/Aldn7icyVsx.php: YARA.WFYARAGEN_G4472_rules_1.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp-includes/1qmph7TMVdb.php: YARA.WFYARAGEN_G4472_rules_1.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp-includes/EwCNSxylIf2.php: YARA.WFYARAGEN_G4472_rules_1.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp-includes/57sZ4FvYGtl.php: YARA.WFYARAGEN_G4472_rules_1.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp-includes/mfynu2XPkCv.php: YARA.WFYARAGEN_G4472_rules_1.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp-includes/index.php: {HEX}php.generic.malware.446.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp-includes/FidcMQuSe9K.php: YARA.WFYARAGEN_G4472_rules_1.UNOFFICIAL FOUND
/home/gordonpe/public_html/wp_contents/index.php: {HEX}php.generic.malware.446.UNOFFICIAL FOUND


Change timestamps on malicious files flagged in the scan

================================================================================

2023-05-26 16:34:03.210935493 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/process1.php
2023-05-26 16:34:03.210935493 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/process3.php
2023-05-26 16:34:03.210935493 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/process4.php
2023-05-26 16:34:03.210935493 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/process2.php
2023-05-26 16:34:03.210935493 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/process5.php
2023-05-26 16:34:03.221935751 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti6.php
2023-05-26 16:34:03.211935516 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti1.php
2023-05-26 16:34:03.211935516 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti3.php
2023-05-26 16:34:03.211935516 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti2.php
2023-05-26 16:34:03.212935539 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti4.php
2023-05-26 16:34:03.222935774 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti8.php
2023-05-26 16:34:03.222935774 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/Bots/anti7.php
2023-05-26 16:34:03.209935469 -0400,/home/gordonpe/acc.sjstudyclub.com/sec/process.php
2023-05-26 16:30:06.297347218 -0400,/home/gordonpe/acc.sjstudyclub.com/secu.com.zip
2023-05-26 19:43:46.062432073 -0400,/home/gordonpe/public_html/wp_includess/kutiyahoo/htaccess
2023-05-26 19:43:45.813426200 -0400,/home/gordonpe/public_html/wp_includess/kutiyahoo.zip
2023-05-27 07:35:11.780294839 -0400,/home/gordonpe/public_html/qen/content/blocker.php
2023-05-29 04:51:45.610962972 -0400,/home/gordonpe/public_html/Dore/content/blocker.php
2023-05-27 07:35:11.817295712 -0400,/home/gordonpe/public_html/sdr/antibot.php
2023-05-29 00:06:09.152751387 -0400,/home/gordonpe/public_html/blog/index.php
2023-05-27 07:39:25.517279940 -0400,/home/gordonpe/public_html/wp-includes/CN63agVARsL.php
2023-05-27 07:39:25.786286286 -0400,/home/gordonpe/public_html/wp-includes/mb5YC81zeQl.php
2023-05-27 07:39:25.700284258 -0400,/home/gordonpe/public_html/wp-includes/NAJ6YIqlkSm.php
2023-05-27 07:39:25.855287913 -0400,/home/gordonpe/public_html/wp-includes/r91xJI2LtcU.php
2023-05-27 07:39:25.448278312 -0400,/home/gordonpe/public_html/wp-includes/Aldn7icyVsx.php
2023-05-27 07:39:25.279274326 -0400,/home/gordonpe/public_html/wp-includes/1qmph7TMVdb.php
2023-05-27 07:39:25.542280531 -0400,/home/gordonpe/public_html/wp-includes/EwCNSxylIf2.php
2023-05-27 07:39:25.386276850 -0400,/home/gordonpe/public_html/wp-includes/57sZ4FvYGtl.php
2023-05-27 07:39:25.826287229 -0400,/home/gordonpe/public_html/wp-includes/mfynu2XPkCv.php
2023-05-27 07:39:25.716284635 -0400,/home/gordonpe/public_html/wp-includes/index.php
2023-05-27 07:39:25.606282039 -0400,/home/gordonpe/public_html/wp-includes/FidcMQuSe9K.php
2023-05-27 07:39:35.407513229 -0400,/home/gordonpe/public_html/wp_contents/index.php