Uname: Linux premium294.web-hosting.com 4.18.0-553.45.1.lve.el8.x86_64 #1 SMP Wed Mar 26 12:08:09 UTC 2025 x86_64
User: 768 (artoqlkw)
Group: 773 (artoqlkw)
Disabled functions: NONE
Safe mode: On[ PHPinfo ]
//home/artoqlkw/      ( Reset | Go to )
File Name: scanreport-artoqlkw-Mar_07_2026_05h37m.txt

----------- SCAN REPORT -----------
TimeStamp: Sat, 7 Mar 2026 05:37:44 -0500
(/usr/sbin/cxs --background --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 50000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --noprobability --qoptions Mv --report /home/artoqlkw/scanreport-artoqlkw-Mar_07_2026_05h37m.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user artoqlkw --virusscan --vmrssmax 2000000 --waitscan 0 --xtra /etc/cxs/cxs.xtra.manual)


Scanning /home/artoqlkw:

'/home/artoqlkw/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/artoqlkw]

'/home/artoqlkw/.nc_plugin/hidden'
# World writeable directory

'/home/artoqlkw/bluetoothoordopjes.net/images/images/images/nymUCWwtXNqi.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/bluetoothoordopjes.net/wp-content/plugins/akismet/_inc/img/logo-ppprnrqpooq.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/bluetoothoordopjes.net/wp-includes/Text/Diff/Engine/ppprnrqpooq.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/bluetoothoordopjes.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/bluetoothoordopjes.net/wp-includes/images/w-ccceaedcbbd.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/bluetoothoordopjes.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/bluetoothoordopjes.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/bluetoothoordopjes.net/wp-includes/images/media/ccceaedcbbd.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/carinsurancequotescom.net/wp-content/plugins/akismet/_inc/img/logo-rqononorppqpr.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/carinsurancequotescom.net/wp-includes/Text/Diff/Engine/rqononorppqpr.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/carinsurancequotescom.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/carinsurancequotescom.net/wp-includes/images/w-edbababeccdce.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/carinsurancequotescom.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/carinsurancequotescom.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/carinsurancequotescom.net/wp-includes/images/media/edbababeccdce.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/carinsurancequotescom.net/wp-includes/rest-api/wp-login.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/artoqlkw/club-admiral-777.net/images/images/images/GxLJcznCrYmBRhNeAf.tif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/club-admiral-777.net/wp-content/plugins/akismet/_inc/img/logo-rspprrpr.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/club-admiral-777.net/wp-includes/Text/Diff/Engine/rspprrpr.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/club-admiral-777.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/club-admiral-777.net/wp-includes/images/w-efcceece.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/club-admiral-777.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/club-admiral-777.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/club-admiral-777.net/wp-includes/images/media/efcceece.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/descargarclashroyalegratis.net/wp-blog-header.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/descargarclashroyalegratis.net/cgi-bin/cgi-bin/swf_69ab8e967b901.zip'
# (compressed file: b_69ab8e967b901.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2202]]

'/home/artoqlkw/descargarclashroyalegratis.net/wp-content/plugins/akismet/_inc/img/logo-oqonrrnnps.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/descargarclashroyalegratis.net/wp-includes/Text/Diff/Engine/oqonrrnnps.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/descargarclashroyalegratis.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/descargarclashroyalegratis.net/wp-includes/images/w-bdbaeeaacf.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/descargarclashroyalegratis.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/descargarclashroyalegratis.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/descargarclashroyalegratis.net/wp-includes/images/media/bdbaeeaacf.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/echotrailapts.net/.tmb'
# World writeable directory

'/home/artoqlkw/echotrailapts.net/wp-content/plugins/akismet/_inc/img/logo-rprqosrqp.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/echotrailapts.net/wp-content/plugins/wp-file-manager/lib/codemirror/mode/clike/index.html'
# Suspicious file type [application/x-c]

'/home/artoqlkw/echotrailapts.net/wp-includes/Text/Diff/Engine/rprqosrqp.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/echotrailapts.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/echotrailapts.net/wp-includes/images/w-ecedbfedc.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/echotrailapts.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/echotrailapts.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/echotrailapts.net/wp-includes/images/media/ecedbfedc.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/echotrailapts.net/wp-includes/theme-compat/content/cache/modules/content/llh/luoma/index.php'
# Known exploit = [Fingerprint Match (fp)] [Exploit URL Exploit [P2088]]

'/home/artoqlkw/escritorio-virtual.net/wp-content/themes/chromenews/admin-dashboard/admin_dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/fermedelaplanche.net/wp-content/plugins/akismet/_inc/img/logo-nsnrrrsrrnoooorp.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/fermedelaplanche.net/wp-includes/Text/Diff/Engine/nsnrrrsrrnoooorp.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/fermedelaplanche.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/fermedelaplanche.net/wp-includes/css/dist/format-library/format-library/PRNKz.png'
# Suspicious image file (hidden script file)

'/home/artoqlkw/fermedelaplanche.net/wp-includes/images/w-afaeeefeeabbbbec.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/fermedelaplanche.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/fermedelaplanche.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/fermedelaplanche.net/wp-includes/images/media/afaeeefeeabbbbec.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/fermedelaplanche.net/wp-includes/sodium_compat/namespaced/Core/content.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/artoqlkw/initiations-magazine.net/cgi-bin/upgrade/upgrade/wbmp_69ab8eb76a076.zip'
# (compressed file: b_69ab8eb76a076.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]]

'/home/artoqlkw/initiations-magazine.net/images/images/images/CmpASaxlqiFVs.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/initiations-magazine.net/wp-content/plugins/akismet/_inc/img/logo-rsnpppqprn.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/initiations-magazine.net/wp-includes/Text/Diff/Engine/rsnpppqprn.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/initiations-magazine.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/initiations-magazine.net/wp-includes/images/w-efacccdcea.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/initiations-magazine.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/initiations-magazine.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/initiations-magazine.net/wp-includes/images/media/efacccdcea.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/lexingtonlibrary.net/wp-content/plugins/akismet/_inc/img/logo-qnqosqqrnqo.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/lexingtonlibrary.net/wp-content/plugins/wordpress-seo/admin/views/views/CsKtgqQfGYERUkblaxwr.jpeg'
# Suspicious image file (hidden script file)

'/home/artoqlkw/lexingtonlibrary.net/wp-includes/Text/Diff/Engine/qnqosqqrnqo.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/lexingtonlibrary.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/lexingtonlibrary.net/wp-includes/images/w-dadbfddeadb.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/lexingtonlibrary.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/lexingtonlibrary.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/lexingtonlibrary.net/wp-includes/images/media/dadbfddeadb.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/madrid-spain-hotels.net/wp-content/plugins/akismet/_inc/img/logo-sqoropsqqqn.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/madrid-spain-hotels.net/wp-content/themes/chromenews/admin-dashboard/admin_dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/madrid-spain-hotels.net/wp-includes/Text/Diff/Engine/sqoropsqqqn.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/madrid-spain-hotels.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/madrid-spain-hotels.net/wp-includes/images/w-fdbebcfddda.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/madrid-spain-hotels.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/madrid-spain-hotels.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/madrid-spain-hotels.net/wp-includes/images/media/fdbebcfddda.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/mnjy-turi.net/cgi-bin/cgi-bin/jpg_69ab8ea70088f.zip'
# (compressed file: b_69ab8ea70088f.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P2189]]

'/home/artoqlkw/mnjy-turi.net/cgi-bin/cgi-bin/cgi-bin/lqWLBCtcFvYk.tif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/mnjy-turi.net/wp-content/plugins/akismet/_inc/img/logo-ppqppnrqr.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/mnjy-turi.net/wp-includes/Text/Diff/Engine/ppqppnrqr.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/mnjy-turi.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/mnjy-turi.net/wp-includes/images/w-ccdccaede.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/mnjy-turi.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/mnjy-turi.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/mnjy-turi.net/wp-includes/images/media/ccdccaede.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/music-for-nature.net/cgi-bin/cgi-bin/mp3_69ab8ea1ada28.zip'
# (compressed file: b_69ab8ea1ada28.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]]

'/home/artoqlkw/music-for-nature.net/images/images/BeXGnVgmxspEkRAWaICz.jpg'
# Suspicious image file (hidden script file)

'/home/artoqlkw/music-for-nature.net/images/images/images/mPfcTVXeIhQALjv.tiff'
# Suspicious image file (hidden script file)

'/home/artoqlkw/music-for-nature.net/wp-admin/css/colors/ectoplasm/ectoplasm/ectoplasm/gif_69ab8ead1af1c.zip'
# (compressed file: b_69ab8ead1af1c.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]]

'/home/artoqlkw/music-for-nature.net/wp-content/plugins/akismet/_inc/img/logo-posqsrnpnnqnpsr.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/music-for-nature.net/wp-content/themes/chromenews/admin-dashboard/admin_dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/music-for-nature.net/wp-includes/Text/Diff/Engine/posqsrnpnnqnpsr.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/music-for-nature.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/music-for-nature.net/wp-includes/blocks/image/image/TbVnhMZyuI.tiff'
# Suspicious image file (hidden script file)

'/home/artoqlkw/music-for-nature.net/wp-includes/blocks/terms-query/terms-query/xbm_69ab8eafdea70.zip'
# (compressed file: b_69ab8eafdea70.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2202]]

'/home/artoqlkw/music-for-nature.net/wp-includes/images/w-cbfdfeacaadacfe.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/music-for-nature.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/music-for-nature.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/music-for-nature.net/wp-includes/images/media/cbfdfeacaadacfe.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/nachhaltigeaktien.net/wp-content/plugins/akismet/_inc/img/logo-psosrrsonqrrqr.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/nachhaltigeaktien.net/wp-content/themes/chromenews/admin-dashboard/admin_dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/nachhaltigeaktien.net/wp-includes/Text/Diff/Engine/psosrrsonqrrqr.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/nachhaltigeaktien.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/nachhaltigeaktien.net/wp-includes/images/w-cfbfeefbadeede.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/nachhaltigeaktien.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/nachhaltigeaktien.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/nachhaltigeaktien.net/wp-includes/images/media/cfbfeefbadeede.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/peoplesmedshop.net/images/images/png_69ab8eb335ce9.zip'
# (compressed file: b_69ab8eb335ce9.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2202]]

'/home/artoqlkw/peoplesmedshop.net/wp-admin/css/css/JaIMbTUqEKQwAfm.tif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/peoplesmedshop.net/wp-content/plugins/akismet/_inc/img/logo-nrprrrpopqn.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/peoplesmedshop.net/wp-content/themes/chromenews/admin-dashboard/admin_dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/peoplesmedshop.net/wp-includes/Text/Diff/Engine/nrprrrpopqn.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/peoplesmedshop.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/peoplesmedshop.net/wp-includes/images/w-aeceeecbcda.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/peoplesmedshop.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/peoplesmedshop.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/peoplesmedshop.net/wp-includes/images/media/aeceeecbcda.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/protrepsis.net/wp-admin/css/colors/ocean/ocean/mp3_69ab8ea17b303.zip'
# (compressed file: b_69ab8ea17b303.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]]

'/home/artoqlkw/protrepsis.net/wp-content/plugins/akismet/_inc/img/logo-popospqs.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/protrepsis.net/wp-includes/Text/Diff/Engine/popospqs.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/protrepsis.net/wp-includes/blocks/cover/index.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/artoqlkw/protrepsis.net/wp-includes/images/w-cbcbfcdf.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/protrepsis.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/protrepsis.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/protrepsis.net/wp-includes/images/media/cbcbfcdf.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/public_html/admin.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/artoqlkw/radioevangeliovivo.net/wp-admin/js/60mlku/60mlku/VECAnZeKTLlHagJYbUhQ.tif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/radioevangeliovivo.net/wp-content/plugins/akismet/_inc/img/logo-oqrrqqporqqon.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/radioevangeliovivo.net/wp-content/themes/chromenews/admin-dashboard/admin_dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/radioevangeliovivo.net/wp-content/themes/chromenews/lib/lib/eIAYXubVChakSKtmzpn.tiff'
# Suspicious image file (hidden script file)

'/home/artoqlkw/radioevangeliovivo.net/wp-includes/Text/Diff/Engine/oqrrqqporqqon.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/radioevangeliovivo.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/radioevangeliovivo.net/wp-includes/images/w-bdeeddcbeddba.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/radioevangeliovivo.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/radioevangeliovivo.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/radioevangeliovivo.net/wp-includes/images/media/bdeeddcbeddba.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/redorchestragame.net/wp-admin/css/colors/coffee/coffee/jpx_69ab8e92339ff.zip'
# (compressed file: b_69ab8e92339ff.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]]

'/home/artoqlkw/redorchestragame.net/wp-content/plugins/akismet/_inc/img/logo-rnqqqopnoqpq.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/redorchestragame.net/wp-includes/Text/Diff/Engine/rnqqqopnoqpq.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/redorchestragame.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/redorchestragame.net/wp-includes/blocks/post-template/wp-l0gin.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/artoqlkw/redorchestragame.net/wp-includes/images/w-eadddbcabdcd.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/redorchestragame.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/redorchestragame.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/redorchestragame.net/wp-includes/images/media/eadddbcabdcd.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/respectmyhustle.net/cgi-bin/cgi-bin/cgi-bin/m3u_69ab8e9e19f3a.zip'
# (compressed file: b_69ab8e9e19f3a.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2202]]

'/home/artoqlkw/respectmyhustle.net/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/jpeg_69ab8eae34171.zip'
# (compressed file: b_69ab8eae34171.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]]

'/home/artoqlkw/respectmyhustle.net/wp-content/plugins/akismet/_inc/img/logo-ppnqsosoqs.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/respectmyhustle.net/wp-includes/Text/Diff/Engine/ppnqsosoqs.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/respectmyhustle.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/respectmyhustle.net/wp-includes/images/w-ccadfbfbdf.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/respectmyhustle.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/respectmyhustle.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/respectmyhustle.net/wp-includes/images/media/ccadfbfbdf.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/rewind-music.net/cgi-bin/headland-one/headland-one/kKAlfemxi.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/rewind-music.net/wp-content/plugins/akismet/_inc/img/logo-norqnnrrppqsn.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/rewind-music.net/wp-content/uploads/2025/09/09/bmp_69ab8eae33bae.zip'
# (compressed file: b_69ab8eae33bae.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]]

'/home/artoqlkw/rewind-music.net/wp-includes/SimplePie/src/Parse/Parse/njmJGBXAgp.tif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/rewind-music.net/wp-includes/Text/Diff/Engine/norqnnrrppqsn.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/rewind-music.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/rewind-music.net/wp-includes/images/w-abedaaeeccdfa.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/rewind-music.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/rewind-music.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/rewind-music.net/wp-includes/images/media/abedaaeeccdfa.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/rochesterstorage.net/wp-content/plugins/akismet/_inc/img/logo-rspqoprqonssq.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/rochesterstorage.net/wp-includes/Text/Diff/Engine/rspqoprqonssq.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/rochesterstorage.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/rochesterstorage.net/wp-includes/blocks/navigation-link/wp-login.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/artoqlkw/rochesterstorage.net/wp-includes/images/w-efcdbcedbaffd.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/rochesterstorage.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/rochesterstorage.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/rochesterstorage.net/wp-includes/images/media/efcdbcedbaffd.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/themusicemporium.net/wp-content/plugins/akismet/_inc/img/logo-rqppqrsrsprr.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/themusicemporium.net/wp-content/themes/chromenews/admin-dashboard/admin_dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/themusicemporium.net/wp-includes/Text/Diff/Engine/rqppqrsrsprr.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/themusicemporium.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/themusicemporium.net/wp-includes/images/w-edccdefefcee.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/themusicemporium.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/themusicemporium.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/themusicemporium.net/wp-includes/images/media/edccdefefcee.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/topintowntechnology.net/images/images/mov_69ab8e987e668.zip'
# (compressed file: b_69ab8e987e668.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]]

'/home/artoqlkw/topintowntechnology.net/images/images/images/images/yMNVFtXTRZHfBnewj.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/topintowntechnology.net/wp-content/plugins/akismet/_inc/img/logo-sqnqpssoqrsrn.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/topintowntechnology.net/wp-includes/Text/Diff/Engine/sqnqpssoqrsrn.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/topintowntechnology.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/topintowntechnology.net/wp-includes/images/w-fdadcffbdefea.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/topintowntechnology.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/topintowntechnology.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/topintowntechnology.net/wp-includes/images/media/fdadcffbdefea.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/townofmontgomerychamber.net/wp-content/plugins/akismet/_inc/img/logo-rqpnnoosnqr.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/townofmontgomerychamber.net/wp-content/plugins/wordpress-seo/src/dashboard/domain/domain/kRnEwUqXfKtre.png'
# Suspicious image file (hidden script file)

'/home/artoqlkw/townofmontgomerychamber.net/wp-includes/Text/Diff/Engine/rqpnnoosnqr.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/townofmontgomerychamber.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/townofmontgomerychamber.net/wp-includes/images/w-edcaabbfade.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/townofmontgomerychamber.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/townofmontgomerychamber.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/townofmontgomerychamber.net/wp-includes/images/media/edcaabbfade.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/townofmontgomerychamber.net/wp-includes/sodium_compat/2index.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/artoqlkw/urban-vpn.net/wp-content/plugins/akismet/_inc/img/logo-ssoqopqprppn.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/urban-vpn.net/wp-content/themes/chromenews/admin-dashboard/admin_dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/urban-vpn.net/wp-includes/Text/Diff/Engine/ssoqopqprppn.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/urban-vpn.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/urban-vpn.net/wp-includes/images/w-ffbdbcdcecca.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/urban-vpn.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/urban-vpn.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/urban-vpn.net/wp-includes/images/media/ffbdbcdcecca.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/urban-vpn.net/wp-includes/rest-api/endpoints/endpoints/hHKzwPVS.tiff'
# Suspicious image file (hidden script file)

'/home/artoqlkw/x-raynews.net/wp-content/plugins/akismet/_inc/img/logo-osrqorqoo.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/x-raynews.net/wp-content/plugins/wordpress-seo/src/elementor/infrastructure/infrastructure/NwCXYq.jpg'
# Suspicious image file (hidden script file)

'/home/artoqlkw/x-raynews.net/wp-content/themes/chromenews/admin-dashboard/admin_dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/x-raynews.net/wp-includes/Text/Diff/Engine/osrqorqoo.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/x-raynews.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/x-raynews.net/wp-includes/images/w-bfedbedbb.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/x-raynews.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/x-raynews.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/x-raynews.net/wp-includes/images/media/bfedbedbb.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/ykie.net/wp-content/themes/chromenews/admin-dashboard/admin_dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/ykie.net/wp-includes/css/dist/2index.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/artoqlkw/yourpropertysuccess.net/wp-content/plugins/akismet/_inc/img/logo-qnooqrsrqnqn.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/yourpropertysuccess.net/wp-content/themes/chromenews/admin-dashboard/admin_dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/yourpropertysuccess.net/wp-content/uploads/2026/02/02/m3u8_69ab8eae95a17.zip'
# (compressed file: b_69ab8eae95a17.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2202]]

'/home/artoqlkw/yourpropertysuccess.net/wp-includes/Text/Diff/Engine/qnooqrsrqnqn.ttf'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/yourpropertysuccess.net/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/yourpropertysuccess.net/wp-includes/images/w-dabbdefedada.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/artoqlkw/yourpropertysuccess.net/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/yourpropertysuccess.net/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/artoqlkw/yourpropertysuccess.net/wp-includes/images/media/dabbdefedada.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

----------- SCAN SUMMARY -----------
Scanned directories: 31293
Scanned files: 214590
Ignored items: 598
Suspicious matches: 314
Viruses found: 0
Fingerprint matches: 23
Data scanned: 4076.61 MB
Scan peak memory: 397112 kB
Scan time/item: 0.029 sec
Scan time: 7028.356 sec

All system for education purposes only. For more tools: Telegram @jackleet

Mr.X Private Shell

Logo
-
New File | New Folder
Command
SQL