Jump to content

All Activity

This stream auto-updates     

  1. Today
  2. elzach

    Malicious connection detected

    Thank you both so much. (btw, I intentionally left the entire screenshots, so you can see that I was doing something innocuous like searching on Bing. Plus notice that I had not actually visited that site, it was still in preview mode. Doesn't Bing check what kind of sites go through?). But unfortunately it looks like there is much more to this than meets the eye: a) Just now, when I connected to that modem/router (after 2-3 days), and while having open only Yahoo Mail and this site, sfc.exe went crazy, got stuck at 50% of CPU, PLUS the tray icon froze (see attached). Left-clicking or right-clicking on it did nothing. Disconnecting and connecting to another wifi network did nothing (at least within 1-2 minutes), sfc was still frozen. I had to restart computer. b) Since I'm curious (as you can see) about my network connections, while I was connected to that "Internet Gateway", I clicked on Properties. And in Settings I see the attached. VPN Gate is a vpn that I use sometimes, but I never gave permission for this. I had deleted these settings before, but they come back every time that "Internet Gateway" connection comes up. As far as VPNs Rob, I understand what you're saying and the risks. But here in China we are lucky to find any vpn that actually works, whether it drops the connections or not.
  3. Yesterday
  4. Rob.Turner

    Malicious connection detected

    Richie is correct - the internet connection icon is a standard windows thing. the Bing image search told your browser to show an image from neilrosenthl.com and your browser went to grab it from 104.27.175.64. According to https://dnslytics.com/ip/104.27.175.64 that ip is hosting 290 domains/websites. likely one of them at one point was hosting something malicious. Though currently neilrosental.com appears to be safe. Looks like a false positive to me. Sorry, our bad on that one. I do have one concern here though. It's common to first notice the internet connection icon after having a random router/modem reboot. I The internet stops working, so you go to your network connections to check your ip/network status and while your poking around the internet connection icon appears out of nowhere when the router/modem comes back online. There are lots of good reasons for a router to reboot itself, but it should be noted that not all vpn connections can survive a router reboot. Some can, some will notify you the vpn closed unexpectedly, and some will just fail silently and your internet activity will automatically re-route over non encrypted public internet. Thanks, RobT
  5. ritchie58

    Malicious connection detected

    The Network Connections & other screenshots are very helpful but it would have been sufficient if you could have scaled down the screenshots to just Immunet's little Detection pop-up windows. Something to keep in mind in the future perhaps. The Internet Gateway Network Connection is most commonly used by a wireless network device such as your modem/router. That's why you only see that icon when you're actually using your modem/router. That's normal behavior. The reason you got the malicious connection warning is because our database recognized the IP address re-direct to another site from Bing as one that has a history of attempting to install, without the user's knowledge or consent, arbitrary code or offer malicious downloads. I would very highly recommend you don't try to visit that neilrosenthal site again! I've always been "very suspicious" of sites that re-direct you to another site without first asking if that's what you want. Most legitimate sites won't try to re-direct you like that. Since you were using Firefox during these episodes might I suggest you start using the add-on "NoScript" if your not already! "I wouldn't think of using FF without it!" The NoScript add-on can really cut down on possibly malicious re-directs since almost all unknown/possibly suspicious scripts have to be manually allowed. It's a bit of a pain to learn how to use efficiently at first but it's "well worth the effort!!" Regards, Ritchie...
  6. Last week
  7. Yesterday while I was searching on bing.com (I'm in China, that's why), I got the attached detections. A few seconds later I also noticed this new "internet gateway" (see attached), which wasn't there before. When it was installed, I'm not sure. I disconnected right away, shut off computer and ran MBAM and SAS in safe mode, and Immunet. Nothing was reported. It turns out that "internet gateway" only runs when I'm connected on my ISP's modem/router. Also, I cannot delete it or disable it. Since then I've been connected to my phone's data connection (of which luckily I have a few GBs). Any suggestions?
  8. ritchie58

    OFFLINE INSTALLER

    Hi Venjill, Immunet "does not issue off-line installer packages" for the simple reason that an off-line installer could be manipulated by a hacker to include possibly malicious code to the installer package. Immunet uses a bootstrapper installer to ensure that this scenario does not take place. Like my friend Wookiee mentioned the bootstrapper installer does require an internet connection to successfully install Immunet. An internet connection is also needed for cloud look-ups, to update the ClamAV module and for new version updates after Immunet is installed. Regards, Ritchie...
  9. Wookiee

    OFFLINE INSTALLER

    It requires an active internet connection
  10. Venjill

    OFFLINE INSTALLER

    May I know if we have offline installer for immunet antivirus? If yes, may i know the direct link? Aslo, do we have an offline update for the virus definition since the PC im working on doesn't have an internet connection that why i'm looking for offline install and update. Thanks in advance!
  11. Earlier
  12. boombastik

    I am back to project!

    They can make an option toggle to immunet if users dont wont to register it in windows center. The malwarebytes for example give the option to not register in windows so the defender stays on!
  13. ritchie58

    I am back to project!

    Hello boombastik, with Win. 10 Defender is automatically disabled once you install another antivirus, that is normal behavior. I don't think there is a way to keep Defender enabled once you have another AV installed though. Personally that's "one of the first things I turned off" when I first installed my OS because Windows Defender is not a good as some free products (like Immunet!). So even if you use Immunet as a stand alone AV solution that would still be better than using Defender! Don't forget that Immunet can be used as a companion AV to most major players AV products. I currently have Immunet paired up with Panda Dome Pro (the paid version but there is a free version available) which are both cloud based AV's, they seem to work well together and are both light on system resources.
  14. boombastik

    I am back to project!

    In windows 10 i found that the 2 laptops the windows defender is disabled when i install immunet. It is possible to have both active?
  15. ritchie58

    support forum in https

    This subject has been brought up before. I would also like to see this forum eventually use either Secure Sockets Layer (SSL) or Transport Layer Security (TLS) encryption protocols. That would provide added security when a user logs in to the forum. My Firefox browser warns me every time, when I log in, that this site is not secure.
  16. Wookiee

    I am back to project!

    if you have a second anti-virus, just exclude them from eachother so it doesn't cause any issues and you should be fine.
  17. Wookiee

    support forum in https

    Cisco did take over this project and we are working on improving everything (the software, the forums etc). Glad you like it !
  18. Wookiee

    Feb 4th Infrastructure date is approaching.

    Windows XP isn't even supported by Windows...
  19. boombastik

    support forum in https

    I think after 8 years it is good to go to with HTTPS in forum site. I know that cisko is worldwide leader in networking, i understand that this is a secondary project for them but i know that Cisco products deliver network security, so i think a user it is better to see a HTTPS site under this branding. This is my personal opinion and i tell this with respect in cisko hardware products that have more quality from other brands.
  20. boombastik

    I am back to project!

    Happy New Year! I thought that monitor program install in simple words is the file creation shield and the monitor program start is the file execution shield. If u have a second antivirus that also checks for file creation it is not better to have only a second anti malware that scans only in execution? For now the 2 pc are for older people so i enabled monitor program start also but i created 3 folders exclusions to minimize CPU usage.(old pcs and users don't install anything, only automatic windows updates) 1)i exclude the windows defender antivirus folder. 2)i exclude all the software distribution folder to install windows updates without checking them. 3)i exclude the WindowsApps folder where windows store install the windows apps. Now the performance impact is zero when u install windows updates and windows store updates and i think the security compromise with the three exclusions is very little.
  21. ritchie58

    I am back to project!

    Yes I do remember you boombastik and welcome back to the Immunet community! A little late but Happy New Year! You will find version 6 much improved, both in efficacy & performance, over the old version 3. If you disable Monitor Program Install (which definitely isn't recommended) that means that Immunet will not monitor new software installer packages or program updates for any suspicious/malicious activity during the installation process. It will be up to the user to scan the software after installation. I normally use this setting enabled but I do disable it during "Windows Updates" just to help speed things up a bit and then turn it back on after the Windows Updates are installed. With Monitor Program Start enabled that will monitor automatic start-up programs and any manually started executable code when they're first launched for any suspicious/malicious activity. I would recommend you use both settings enabled for the added layer of security that Monitor Program Install will provide. Cheers, Ritchie...
  22. ritchie58

    Feb 4th Infrastructure date is approaching.

    "Great idea" to remind users of the pending changes Wookiee! I was thinking the folks that are going to be affected the most with this infrastructure change are die-hard XP users that still use compatible 5.0 (or older) versions. Since the newer 6 builds are not compatible with XP that'll leave them in the dark so to speak.
  23. boombastik

    I am back to project!

    I have a question. If i disable in options the monitor program install and leave the monitor program start to on i will have only protection on execution?
  24. boombastik

    I am back to project!

    Hallo i was an old member and today i gave an opportunity again to immunet after verion 3 in 2012! Maybe richie58 remembered me back then. I have 4 pc in my house and i installed immunet in 2 of them (windows 10 with windows defender latest) I found that the program has no false positives and it is more optimized. If i found a bug i will post it here. I give the new team best wishes!
  25. Immunet is undergoing major changes. For a long time, the AMP infrastructure and Immunet infrastructure have been the same. But, we are changing that now to separate the customers of AMP and Immunet into their own cloud infrastructures. As of right now, any Immunet user who is not on version 6.2.0 is on the old infrastructure and will need to upgrade to the latest version as soon as possible. We plan on decommissioning the old infrastructure (that means any versions prior to 6.2.0) on Feb. 4, 2019. What does this mean? This means that all users who aren’t already, need to be on version 6.2.0. If you are on 6.2.0 now, you will not see any changes and do not need to worry. If you are on the older version, you need to upgrade immediately. If you do not upgrade before Feb. 4, you may experience service interruptions and may not be able to upgrade Immunet or receive protection. What happens if you do not upgrade before the decommission? You will need to uninstall and reinstall the software once the old infrastructure is decommissioned. We urge everyone on a version prior to 6.2.0 to upgrade Immediately. If you have any questions or concerns, please contact us via the support forums or posting below.
  26. what is the bios name? or what is the character that is in the bios name?
  27. I did try to install from Safe Mode with Networking to no avail. Not able to change the BIOS name so it appears I will need to wait for a later version of Immunet.
  28. Also, you saved the bios once you removed the character in the name? safe mode with networking would be best to try and install it with, (with full admin rights) IF you did make the name change, are you getting the same error ?
  29. Informative (but regrettable) to know that this BIOS/user name bug exists, been following this topic with some interest! Did you actually try "Safe Mode with Networking" using "Administrator Privileges" like Wookiee suggested YNFART? You would have to use the option of Safe Mode with Networking since Immunet uses a bootstrapper installer that requires an internet connection.
  1. Load more activity
×