diff --git a/bpfdoor_report_vvm3_2026-03-27_13-42-41.log b/bpfdoor_report_vvm3_2026-03-27_14-07-33.log
similarity index 50%
rename from bpfdoor_report_vvm3_2026-03-27_13-42-41.log
rename to bpfdoor_report_vvm3_2026-03-27_14-07-33.log
index 47a5153..ee6078c 100644
--- a/bpfdoor_report_vvm3_2026-03-27_13-42-41.log
+++ b/bpfdoor_report_vvm3_2026-03-27_14-07-33.log
@@ -9,31 +9,31 @@
 Enhanced Linux BPFDoor Detection Script 
 ==========================================================
 Host   : vvm3
-Date   : 2026-03-27_13-42-41
+Date   : 2026-03-27_14-07-33
 Version: 1.1
 ==========================================================
-[2026-03-27 13:42:41] [INFO] [1/12] Checking /var/run for suspicious zero-byte mutex/lock files
-[2026-03-27 13:42:41] [SUCCESS] [1/12] No known suspicious mutex/lock files found
-[2026-03-27 13:42:41] [INFO] [2/12] Checking /etc/sysconfig for suspicious auto-start entries
-[2026-03-27 13:42:41] [WARN] [2/12] /etc/sysconfig not present; skipping
-[2026-03-27 13:42:41] [INFO] [3/12] Inspecting BPF filters via ss -0pb
-[2026-03-27 13:42:41] [WARN] [3/12] ss command not available; skipping BPF filter check
-[2026-03-27 13:42:41] [INFO] [4/12] Checking RAW and packet socket usage (SOCK_RAW / SOCK_DGRAM)
-[2026-03-27 13:42:41] [SUCCESS] No suspicious RAW/packet socket usage detected
-[2026-03-27 13:42:41] [INFO] [5/12] Checking for suspicious environment variables
-[2026-03-27 13:42:41] [SUCCESS] [5/12] No processes with the full suspicious env var set found
-[2026-03-27 13:42:41] [INFO] [6/12] Checking TCP ports 42391-43390 and 8000
-[2026-03-27 13:42:41] [SUCCESS] [6/12] No connections on known suspicious BPFDoor ports
-[2026-03-27 13:42:41] [INFO] [7/12] Checking for masqueraded processes (Verifying true execution paths)
-[2026-03-27 13:43:24] [SUCCESS] [7/12] No process masquerading detected
-[2026-03-27 13:43:24] [INFO] [8/12] Checking for processes executing deleted binaries (Fileless execution)
-[2026-03-27 13:43:24] [SUCCESS] [8/12] No critical memory-resident/deleted binary execution found
-[2026-03-27 13:43:24] [INFO] [9/12] Checking kernel stacks for raw socket blocking (packet_recvmsg/wait_for_more_packets)
-[2026-03-27 13:43:24] [SUCCESS] [9/12] No processes blocking on suspicious packet socket kernel functions
-[2026-03-27 13:43:24] [INFO] [11/12] Checking for active connections to known BPFDoor C2 domains
-[2026-03-27 13:43:24] [WARN] [11/12] 'dig' or 'ss' missing; skipping C2 connection checks.
-[2026-03-27 13:43:24] [INFO] [12/12] Checking specific processes for hardcoded BPFDoor file signatures
-[2026-03-27 13:43:24] [SUCCESS] [12/12] No hardcoded process signatures detected
-[2026-03-27 13:43:24] [INFO] [10/12] Deep scanning candidate binaries (hash, strings, UPX packing)
-[2026-03-27 13:43:24] [INFO] [10/12] No candidate binaries collected for deep scan
-[2026-03-27 13:43:24] [INFO] [-] Basic persistence triage (cron, systemd, rc scripts)
+[2026-03-27 14:07:33] [INFO] [1/12] Checking /var/run for suspicious zero-byte mutex/lock files
+[2026-03-27 14:07:33] [SUCCESS] [1/12] No known suspicious mutex/lock files found
+[2026-03-27 14:07:33] [INFO] [2/12] Checking /etc/sysconfig for suspicious auto-start entries
+[2026-03-27 14:07:33] [WARN] [2/12] /etc/sysconfig not present; skipping
+[2026-03-27 14:07:33] [INFO] [3/12] Inspecting BPF filters via ss -0pb
+[2026-03-27 14:07:33] [WARN] [3/12] ss command not available; skipping BPF filter check
+[2026-03-27 14:07:33] [INFO] [4/12] Checking RAW and packet socket usage (SOCK_RAW / SOCK_DGRAM)
+[2026-03-27 14:07:33] [SUCCESS] No suspicious RAW/packet socket usage detected
+[2026-03-27 14:07:33] [INFO] [5/12] Checking for suspicious environment variables
+[2026-03-27 14:07:33] [SUCCESS] [5/12] No processes with the full suspicious env var set found
+[2026-03-27 14:07:33] [INFO] [6/12] Checking TCP ports 42391-43390 and 8000
+[2026-03-27 14:07:33] [SUCCESS] [6/12] No connections on known suspicious BPFDoor ports
+[2026-03-27 14:07:33] [INFO] [7/12] Checking for masqueraded processes (Verifying true execution paths)
+[2026-03-27 14:08:17] [SUCCESS] [7/12] No process masquerading detected
+[2026-03-27 14:08:17] [INFO] [8/12] Checking for processes executing deleted binaries (Fileless execution)
+[2026-03-27 14:08:17] [SUCCESS] [8/12] No critical memory-resident/deleted binary execution found
+[2026-03-27 14:08:17] [INFO] [9/12] Checking kernel stacks for raw socket blocking (packet_recvmsg/wait_for_more_packets)
+[2026-03-27 14:08:17] [SUCCESS] [9/12] No processes blocking on suspicious packet socket kernel functions
+[2026-03-27 14:08:17] [INFO] [11/12] Checking for active connections to known BPFDoor C2 domains
+[2026-03-27 14:08:17] [WARN] [11/12] 'dig' or 'ss' missing; skipping C2 connection checks.
+[2026-03-27 14:08:17] [INFO] [12/12] Checking specific processes for hardcoded BPFDoor file signatures
+[2026-03-27 14:08:17] [SUCCESS] [12/12] No hardcoded process signatures detected
+[2026-03-27 14:08:17] [INFO] [10/12] Deep scanning candidate binaries (hash, strings, UPX packing)
+[2026-03-27 14:08:17] [INFO] [10/12] No candidate binaries collected for deep scan
+[2026-03-27 14:08:17] [INFO] [-] Basic persistence triage (cron, systemd, rc scripts)