Issue
After malware was detected and removed, the process related to the deleted file was still running in the memory of the system. The process continued running and Imunify360 did not stop it.
Environment
- Imunify360
- Malware Scanner
- Any supported OS
- Any supported panel
Solution
Imunify360 handles malware detected in files or databases, malware that is located on disk. However, im-memory malware - malicious processes that are running in memory, but with physical files already removed from the server, Imunify360 does not handle at the moment.
The easiest solution here is to suspend and then unsuspend the infected account on the server - this will terminate all in-memory processes and stop the execution of malware if it is present in memory. It is also possible to manually stop such processes using the kill -9 command and PID, for example:
kill -9 12345
Useful links
Comments
0 comments
Please sign in to leave a comment.