Улучшите сканирование вредоносных программ, отправив файлы на карантине.
Форум
  1. Forums
  2. Imunify360
  3. Imunify360 and Imunify Sensor
  1. Sean
  2. Thursday, 25 January 2018
  3.  Subscribe via email
Is it possible to submit quarantined files found in other scanners to improve I360? I've found several of my sites getting infected with malware. I scan with I360 and Cpanels AV. Many times I360 will not catch what Cpanel does and there is another tool I use that always catches malware that is missed by both Cpanl and I360. I'd really like this product to work better.
Rate this post:
  1. 26.01.2018 08:01:41
  2. # 1
Posts: 187
Joined: 31.01.2017
0
Votes
Undo
Sean, thank you for helping us make Imunify360 better.

The syntax (as of Imunify360 ver 2.6) for submitting false negative is:
imunify360-agent malware submit -t fn FILENAME

P.S. is the another tool you are using to find malware publicly available?
  1. 26.01.2018 12:01:52
  2. # 2
Sean Accepted Answer
Posts: 4
Joined: 25.01.2018
0
Votes
Undo
GOTMLS.NET
  1. 26.01.2018 15:01:14
  2. # 3
Posts: 187
Joined: 31.01.2017
0
Votes
Undo
Sean, thank you for the link - we'll look into this tool
  1. 01.02.2018 19:02:41
  2. # 4
Sean Accepted Answer
Posts: 4
Joined: 25.01.2018
0
Votes
Undo
What about submitting files? I've also been running wordfence which has found issues that have gotten past I360

Details: This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: "de($x)));');@$b374k("rP2HruxcliaIvUpOojGVJZaa3k0biQwygt77gZCg995TNe8u/plV3dVGM4Ag3IsbQW7Dvfda6zPnnhPnP/4/pmr6079b/3rky5/+05/+jPx76s//4Y/rrd66/I87CUpi7Z/+/O//3udvbd1Y1sPbo/+jA0pA0J/+b39CsPcf8m/NWZ7s5dt...". The infection type is: A backdoor known as 18aaaa.

"$wpautop = pre_term_name( $wp_kses_data, $wp_nonce );\x0d\x0a\x0d\x0aif( isset( $wpautop ) ){\x0d\x0a\x09if( isset($_POST['f_wp']) ) @setcookie( 'f_wp', $_POST['f_wp'] );\x0d\x0a\x09$shortcode_unautop = create_function( '', $wpaut...". The infection type is: A backdoor known as WSO-LOL.

"!function_exists(CjKiIRl2l("cm9/a3dmc29sbnB4fg==";)))\x0a{\x0a\x0a$qCdH0g4gLghR='J5OPovewehB';\x0a\x0a$cgkfN1cC7X4V='y6Rym9B';\x0a\x09\x09\x09\x09$LGWXj='lKwbsOBq';\x0a$XgkX5goL0jui=53617;\x0a\x09\x09\x09\x09\x09\x09function getallheaders()\x0a{\x0a\x09\x09\x09\x09$GE67OM1...". The infection type is: A backdoor known as cSR.
  1. 02.02.2018 07:02:37
  2. # 5
Posts: 187
Joined: 31.01.2017
0
Votes
Undo
The syntax for all files that are considered to be harmful (but not detected by Imunify360) is essentially the same:
imunify360-agent malware submit -t fn FILENAME
  1. 01.09.2018 06:09:34
  2. # 6
Linksys service Accepted Answer
Is it conceivable to submit isolated documents found in different scanners to enhance I360? I've discovered a few of my locales getting tainted with malware. I check with I360 and Cpanels AV. Ordinarily, I360 won't get what Cpanel does and there is another instrument I utilize that dependably gets malware that is missed by both Cpanel and I360. I'd extremely like this item to work better. https://www.linksysroutersupportnumber.com/blog/5-ways-to-reset-linksys-router-password/Reset Linksys router provide 24 hrs services.
  1. 04.09.2018 12:09:28
  2. # 7
Aleksei Faians Accepted Answer
Posts: 21
Joined: 02.04.2018
0
Votes
Undo
Hello,

Sure, please submit such documents via imunify360-agent tool. For example, if you have such document in /root/samples under the name infected.php, you can simply execute:

imunify360-agent submit false-negative /root/samples/infected.php

This will help us to add detection faster. Thank you.
  1. 04.09.2018 17:09:44
  2. # 8
Glenn Taylor Accepted Answer
Posts: 0
Joined: 20.09.2019
0
Votes
Undo
I would like ability to submit files for analysis from plesk file manager. I often find files missed by IM360 by visually scanning and there is no way to submit.

thx
  1. 06.09.2018 11:09:14
  2. # 9
Aleksei Faians Accepted Answer
Posts: 21
Joined: 02.04.2018
0
Votes
Undo
Hello,

Please open a support ticket with us to request this new functionality. We'll be happy to assist.
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
гость
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.