ConfigServer Community Forum

I want to know what all the symbols mean which the process indicator is showing.

I found the following list but it looks like too old because I cannot find "s" or "$" in it:

m = regex pattern match
M = fingerprint match
v = virus
O = socket
L = symlink
f = suspicious file
F = skipped directory with too many entries
S = SUID file
G = GUID file
c = core dump file
C = core dump file deleted
h = suspected exploit file
e = Linux binary or executable file
x = Windows binary or executable file
d = suspicious directory name
n = hidden directory owned by nobody user
w = world writable directory
W = world writable directory - chmod to 755
T = script file - identifies PHP, Perl, and other script files as suspicious
E = email script
D = Decoded PHP encoded (e.g. base64) file scan match
R = Match the PHP decode regex
P = Search D/B config files and attempt user login via FTP. Match on success
Z = compressed file - scan within zip, tar, tar.gz and tar.bz2 files
! = Scan timeout per file B<--timemax>
[Zzzzzzz] = sleeping for 60 seconds as load average is > --throttle [num]

https://clients.fluccs.com.au/knowledge ... rvers.html

Where can I find the official symbol explanations?

No FAQ post for this available
https://support.configserver.com/knowle ... tegory/cxs

Thanks!

On your server enter "perldoc cxs" for the up to date help. For a more detailed explanation of the various letters used in the scan progress go to the WHM cxs UI, click on Documentation and then reference.txt at the top.

The $ means that cxs tried to scan the file using clamav but clamd wasn't running. This will have been highlighted in the report you would have received for the scan also.

Regards,
Sarah

Thank you! The info "perldoc cxs" did help me. I do not use WHM - I am using cxs and cxswatch as standalone.