(1) Scanning /home/webumake:

m h m m f x v . m . . w w . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . w . . . h . . . . . . h m L . L . . . . . . . . . . . . . . . . . . . . . . . . . m . . . w . . . v v . v v . . . . . . . . . . . . . . . . m . m . . . . . . . . . . . . h m . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . f f m f f f d . d d d . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . w . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . f . e e f e f f f f f e f e f e f e f e f e e e e e f f L . f e . . w w w . 

----------- SCAN REPORT -----------
(/usr/sbin/cxs --exp --vir -ign /etc/cxs/cxs.ignore --sum -all)


(1) Scanning /home/webumake:
# Match for regular expression (regex) = "/etc/passwd":
'/home/webumake/123 '\'''\'''\'' ... .pl'
# Suspected exploit file:
'/home/webumake/dm.cgi'
# Match for regular expression (regex) = "while\(\\)\;eval\(unpack\(\'u\*\'":
'/home/webumake/dm.cgi'
# Match for regular expression (regex) = "/etc/passwd":
'/home/webumake/AAAA'
# Suspicious file type [application/x-c]:
'/home/webumake/r0nin.c'
# Windows Binary/Executable [application/x-dosexec]:
'/home/webumake/a2p.exe'
# ClamAV detected virus = [Eicar-Test-Signature]:
'/home/webumake/avirus.txt'
# Match for regular expression (regex) = "/etc/passwd":
'/home/webumake/public_html/test.php3'
# World writeable directory:
'/home/webumake/public_html/contacts.old/data/s'
# World writeable directory:
'/home/webumake/public_html/contacts.old/data/s/attachments'
# Windows Binary/Executable [application/x-dosexec]:
'/home/webumake/public_html/contacts.old/published/common/win/webasystwinsetup.exe'
# World writeable directory:
'/home/webumake/public_html/board/uploads'
# Suspected exploit file:
'/home/webumake/public_html/board/sources/lib/emailer.php'
# Suspected exploit file:
'/home/webumake/public_html/uptest/udp.pl'
# Match for regular expression (regex) = "udp flood":
'/home/webumake/public_html/uptest/udp.pl'
# Symlink to [status.php]:
'/home/webumake/public_html/mailscanner/index.php'
# Symlink to [jpgraph-1.12.1]:
'/home/webumake/public_html/mailscanner/jpgraph'
# Match for regular expression (regex) = "/etc/passwd":
'/home/webumake/public_html/cgi-bin/users.cgi'
# World writeable directory:
'/home/webumake/public_html/cgi-bin/linktree/data'
# ClamAV detected virus = [Eicar-Test-Signature]:
'/home/webumake/public_html/cgi-bin/webumake/webudata/manager/sent/1142596163.msg'
# ClamAV detected virus = [Eicar-Test-Signature]:
'/home/webumake/public_html/cgi-bin/webumake/webudata/manager/sent/1153416358.msg'
# ClamAV detected virus = [Eicar-Test-Signature]:
'/home/webumake/public_html/cgi-bin/webumake/webudata/manager/trash/1153416482.msg'
# ClamAV detected virus = [Eicar-Test-Signature]:
'/home/webumake/public_html/cgi-bin/webumake/webudata/manager/trash/1153416483.msg'
# Match for regular expression (regex) = "/etc/passwd":
'/home/webumake/public_html/cgi-bin/webumake/Ftp/Net/FTPServer.pm'
# Match for regular expression (regex) = "/etc/passwd":
'/home/webumake/public_html/cgi-bin/webumake/Ftp/IO/AtomicFile.pm'
# Suspected exploit file:
'/home/webumake/public_html/upload/upload/udp.pl'
# Match for regular expression (regex) = "udp flood":
'/home/webumake/public_html/upload/upload/udp.pl'
# Windows Binary/Executable [application/x-dosexec]:
'/home/webumake/public_html/contacts/published/common/win/webasystwinsetup.exe'
# Windows Binary/Executable [application/x-dosexec]:
'/home/webumake/public_html/dlm_comb/downloads/products/1_product1.exe'
# Suspicious file name:
'/home/webumake/public_html/test/ test.php ; test.sh'
# Suspicious file name:
'/home/webumake/public_html/test/date | smell.php'
# Match for regular expression (regex) = "/etc/passwd":
'/home/webumake/public_html/test/date | smell.php'
# Suspicious file name:
'/home/webumake/public_html/test/ file.zip | otherfile.zip '
# Suspicious file name:
'/home/webumake/public_html/test/date | bob'
# Suspicious file name:
'/home/webumake/public_html/test/ | some.zip | other.sh'
# Suspicious directory:
'/home/webumake/public_html/test/\ \ \ '
# Suspicious directory:
'/home/webumake/public_html/test/\ \| date \| test.zip'
# Suspicious directory:
'/home/webumake/public_html/test/ | date | test.zip'
# Suspicious directory:
'/home/webumake/public_html/test/   '
# Windows Binary/Executable [application/x-dosexec]:
'/home/webumake/public_html/dlm_full/downloads/products/3_product1.exe'
# World writeable directory:
'/home/webumake/public_html/dlm_full/downloads/temp'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/doc/whitepaper-1.3/t1.c'
# Linux Binary/Executable [application/x-executable]:
'/home/webumake/test/libsafe-2.0-16/exploits/canary-exploit'
# Linux Binary/Executable [application/x-executable]:
'/home/webumake/test/libsafe-2.0-16/exploits/t10'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/exploits/t5.c'
# Linux Binary/Executable [application/x-executable]:
'/home/webumake/test/libsafe-2.0-16/exploits/t6'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/exploits/t1.c'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/exploits/t1w.c'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/exploits/t3w.c'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/exploits/t10.c'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/exploits/t4w.c'
# Linux Binary/Executable [application/x-executable]:
'/home/webumake/test/libsafe-2.0-16/exploits/t3w'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/exploits/canary-exploit.c'
# Linux Binary/Executable [application/x-executable]:
'/home/webumake/test/libsafe-2.0-16/exploits/t4'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/exploits/t3.c'
# Linux Binary/Executable [application/x-executable]:
'/home/webumake/test/libsafe-2.0-16/exploits/t5'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/exploits/t4.c'
# Linux Binary/Executable [application/x-executable]:
'/home/webumake/test/libsafe-2.0-16/exploits/t1w'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/exploits/exploit-non-exec-stack.c'
# Linux Binary/Executable [application/x-executable]:
'/home/webumake/test/libsafe-2.0-16/exploits/t1'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/exploits/t6.c'
# Linux Binary/Executable [application/x-executable]:
'/home/webumake/test/libsafe-2.0-16/exploits/t3'
# Linux Binary/Executable [application/x-executable]:
'/home/webumake/test/libsafe-2.0-16/exploits/exploit-non-exec-stack'
# Linux Binary/Executable [application/x-executable]:
'/home/webumake/test/libsafe-2.0-16/exploits/t4w'
# Linux Binary/Executable [application/x-sharedlib]:
'/home/webumake/test/libsafe-2.0-16/src/libsafe.so.2.0.16'
# Linux Binary/Executable [application/x-object]:
'/home/webumake/test/libsafe-2.0-16/src/intercept.o'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/src/util.c'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/src/intercept.c'
# Symlink to [libsafe.so.2.0.16]:
'/home/webumake/test/libsafe-2.0-16/src/libsafe.so'
# Suspicious file type [application/x-c]:
'/home/webumake/test/libsafe-2.0-16/src/log.h'
# Linux Binary/Executable [application/x-object]:
'/home/webumake/test/libsafe-2.0-16/src/util.o'
# World writeable directory:
'/home/webumake/dlm/inc'
# World writeable directory:
'/home/webumake/dlm/downloads'
# World writeable directory:
'/home/webumake/dlm/downloads/products'

----------- SCAN SUMMARY -----------
Scanned directories: 2879
Scanned files: 21122
Ignored items: 9
Suspicious items: 74
Viruses found: 5
Data scanned: 167.92 MB
Scan time/item: 0.006 sec
Time: 149.506 sec



cxs: v1.00

©2009, ConfigServer Services (Way to the Web Limited)