Jump to content

dallas7

Immunet Insiders
  • Content count

    162
  • Joined

  • Last visited

  • Days Won

    5

Everything posted by dallas7

  1. dallas7

    64 bit Protection??

    In a thread from last year it was discussed that Immunet 6.0 "...only protects 32 bit processes at this time." 64 bit yet? In 6.0.8? Thank you!
  2. dallas7

    Windows 10 Au?

    Wow. My login still works. Congrats on Immunet 5! I have a Windows 10 Home x64 system which started out as a Technical Preview build on an old clunker E8400 box. But it keeps on updating and works just like retail. Immunet 5 is installed on there and runs well with Defender, Spy Shelter free and Voodoo Shield free. Test results are superb, snagging everything I throw at it from VXVault and malc0de. I also have a new Dell i3-6100 running 10 Home X64 Anniversary Update. I'm a bit reluctant to install Immunet because of, well, you know... Microsoft. Have you folks cleared 5.0.2.10301 for AU yet? Thanks.
  3. dallas7

    Windows 10 Au?

    Nice to be back. I don't put too much faith in anyone's home page. I think I'll just bang out a email to support@
  4. dallas7

    Youtube Test - Excellent Showing

    Yeah. When he enabled that and game mode I thought, "He'll be back." He caught on to that pretty quick and disabled both.
  5. Very good... https://www.youtube.com/watch?v=RoLFL8gwqSY
  6. dallas7

    No-Nag User Inteface

    While I'm logged in for something else, I'd like to once more post up my suggestion for a user interface devoid of the side-banner and orange pane upon a donation-based $12 payment to Immunet and providing the user with the more informative visuals of the Plus version without Tetra's local overhead. Cheers.
  7. dallas7

    Clamav Files?

    Hey Ritchie... Glad to see you're still alive and kickin' too. I'm good, thank you. Except for my memory. The cvd file is there as is that cld file; I should know those well as I supported Clam on a couple of Linux mail servers some years back. I'm sure I was looking for a bit BitDefender folder stuffed with 150+ files. Thanks for the memory jog! Take care.
  8. I remember when I was working with Free v3.0.3 and the ClamAV engine and allow updates were enabled a healthy amount of definition files got downloaded and written to a local directory. I did not see that occur in the v3.0.8 I installed on a freind's system yesterday and I cannot locate any directory containing ClamAV defs. Is this OK? Thank you!
  9. This is a copy of the last posting I'll make in another thread, Mrg Flashtest 2011, which due to timing began with a different focus. I'm beginning this thread to concentrate and unify postings on this unique and highly valuable series of tests (unlike another member posting up separate inconsistently titled threads every time he happens to stop in at the MRG Web site). Since that other thread, things have changed for the better as you can see... Since January and after 52 zero-day samples, Immunet Plus is approaching a 60% pass metric and is better than BitDefender itself at 40%. Astute observers will note Immunet picks up in detections when its BitDefender powered Tetra engine fails. Kudos to Immunet's Cloud and ClamAV. Excluding Norton, Emsisoft and Vipre, Plus now surpasses all other stand-alone AV suites which are multi-layered batteries including firewalls, proprietary behavior blockers, browser extensions and URL/IP white/black lists. http://malwareresearchgroup.com/category/malwareproducttesting/ http://malwareresearchgroup.com/malware-tests/flash-test-results/ I've updated my spreadsheet compilation at https://docs.google.com/leaf?id=0BxamVvlZYmoyNmZhYTQ0MDEtMmY2OS00MzczLTg2MWEtOTU3Yzc2NDNmYjVj&sort=name&layout=list&num=50 Cheers.
  10. Immunet continues to rock the MRG Flash tests, hitting detections even when Bitdefender fails. Now running about 15-20 percentage points ahead of some of the big-shot AVs and suites and on par with others! My latest spreadsheet compilation... https://docs.google.com/leaf?id=0BxamVvlZYmoyNmZhYTQ0MDEtMmY2OS00MzczLTg2MWEtOTU3Yzc2NDNmYjVj&sort=name&layout=list&num=50 Enjoy! Would some one PLEASE disable the Quote function in sweidre's profile. PLEASE!
  11. I read somewhere a while back that in v3.0 the exclusion nsmail.tmp can/should be replaced with one of a wild card nature. It's still listed as the former in the support tiki. While I never had any problems with TBird and Immunet, I'd still like the suggested threat exclusion in my configuration. What is it? Thanks!
  12. dallas7

    Agent.exe Causing System Instability

    So what? Well, thank goodness for that.
  13. dallas7

    Agent.exe Causing System Instability

    Immunet Free v3.0.3.6870 This may or may not be strictly related to the issue(s) under discussion here, but it's as good a thread as any... As reported by Task Manager, agent.exe eventually begins utilizing 400,000-600,000 K of VM Size. I close iptray and any attempt to stop the service returns a failure message (using the services mmc or the net stop command). I have a static 2048kb pagefile so a rampant VM size of that magnitude is causing problems. I should note that when agent isn't problematic, the VM Size is about 120,000 K and stopping the service has always been rapid and successful. I see this behavior on two similarly configured XP SP3 32-bit systems though the hardware platforms are significantly dissimilar. It's been annoying enough for me to have stopped running Immunet as of about three weeks ago. I'll give it another shot with the next upgrade... 3.0.4 or 3.1? Cheers.
  14. dallas7

    Ransomware On The Rise In 2011

    Recently while searching for a video related to a significant breaking news event, opening a page in a small city news affiliate presented me with some unusual requests from my browser. I had hit upon a ransomware attack. Using my test system I have observed in three separate tests last month that those ransomware attacks begin with the browser requesting a TCP port 53 connection to a rogue DNS server followed by a request to open csrss.exe with a connection to 127.0.0.1. Blocking either of these stops the attack. Unless you have a firewall that can lock down DNS connections to UDP and the DNS servers configured in your TCP/IP properties and "ask" for any others as well as "ask" for the loop back you'd never know those were happening. (I use Malware Defender to evoke those rules.) However, this is beyond the expertise of even most network savvy users. The latest crop of suites don't even contain the feature set to build such rules which would mimic a real world example of stopping a criminal "at the gate." The best alternative protection is BitDefender's superb new free Traffic Light extension and to use the DNS services of DynDNS Internet Guide or Norton DNS. (I'd also suggest OpenDNS but if you haven't turned off Firefox's or Chrome's filtering you're already taking advantage of that.) As of Tuesday, either one of those has warned of danger when opening a ransomware link as posted up in malc0de and the Malware Domain List. I know that's not definitive but no one can deny it's Better Than Nothing. Failing those, where the criminal makes it past the gate and gets into your home, up-to-the-minute signature data and/or a powerful HIPS is the only protection. And we know the downside in those... the user will usually select OK or Allow. I am not convinced anyone makes a "behavior blocker" that would be any good because there is nothing unusual about the behavior with respect to the network or user activity. And therein lies The Rub. These attacks are socially engineered to prey on the unsuspecting. As ritchie58 said, "Extortion, plain and simple." So sad.
  15. dallas7

    Immunet 3.0.3 Released!

    Good show! Thanks!!
  16. dallas7

    Behavioral Blocking / Analysis Features In The Future?

    Yeah. Whatever. Good luck with the asking. My reply targeted the original post where I sensed Malcontent's concern that Immunet lacks any behavioral functionality whatsoever. Immunet's core process as delivered by Ethos and Spero is all about behavior and behavior alone. As to it being this analysis or that analysis or that other analysis is a discussion that's a waste of time and bandwidth - a behavior I'm ceasing as of right now. Immunet is for those who seek other than what "so many market vendors have developed" and who've concluded they've succeeded and will continue to excel. EOF
  17. dallas7

    Behavioral Blocking / Analysis Features In The Future?

    Ethos is Immunet's heuristic engine and in a broad sense Spero could be considered a behavior blocker of sorts. "Behavior blocker" processes are proprietary code unique to the various developers and using the term is like observing a pasta recipe needs "sauce." As for 0-day, MRG's Flash tests to date puts Immunet PLUS (with ClamAV and Tetra enabled) in the 58% percentile which is eight to ten points higher (20 higher than Panda) than most of the suites not empowered with a strong HIPS component.
  18. dallas7

    Google Panda Update 2.2 Is Imminent

    It should be noted that Google Panda is their proprietary search algorithm used to identify the validity of Web site content relative to a user's query (and mostly within the construct of quote bracketed text and boolean operators) with the purpose of returning results from what they call "low quality" sites. It's not Immunet's competing product from Panda Security as what might be construed from this member's posting. As for the status of Google and Immunet cooperation, judging by the availability as of this day and time at pack dot google dot com, it looks like they're still cooperating. That was easy.
  19. dallas7

    10 Ways To Stay Safe Online

    This is text swiped from a June 13 article written by Kimberly Palmer and published by U.S. News and World Report. That you post it up here without accreditation is illicit even if you, as is no doubt, did it in ignorance. You should do some of more research before you just copy/paste stuff willy nilly no matter how helpful you think your actions are. Especially when you make it look like you're the one who did the work even down to the fonts and formatting.
  20. dallas7

    Immunet 3.0.2 Beta Available

    @RobT Will the application updater do the production release 3.0.2 upgrade correctly for those of us who started out and currently continue with the ClamAV 2.0.18 "version 3" released last year? Thanks.
  21. dallas7

    Nirsoft Usbdeview V1.89

    FYI: USBDeview.exe false positive W32.Crypt. Was nicely restored from the popup, properly logged in File History and self-populated in File Exclusions. Application runs A-OK. App source: http://www.nirsoft.net/utils/usb_devices_view.html AVG, Malwarebytes Pro, Zemana and Malware Defender evoked no alerts; realtime, on-access or on-demand. Cheers! (No response wanted.)
  22. dallas7

    Malware Tests - Not Video

    Hi Ritchie. These have been ongoing tests since last year and presented daily or every few days. To provide all the information every time would be tedious and cluttered. You can catch up by visiting their forums: 2011: http://forums.malwareresearchgroup.com/viewtopic.php?f=18&t=561 2010: http://forums.malwareresearchgroup.com/viewtopic.php?f=32&t=451 Historical results: http://malwareresearchgroup.com/category/malwareproducttesting/ Ongoing results: http://malwareresearchgroup.com/malware-tests/flash-test-results/ I also maintain compilations at: https://docs.google.com/leaf?id=0BxamVvlZYmoyNmZhYTQ0MDEtMmY2OS00MzczLTg2MWEtOTU3Yzc2NDNmYjVj&sort=name&layout=list&num=50 And I just started this thread: http://forum.immunet.com/index.php?/topic/1041-malware-research-group-flash-tests-2011/ All the detailed information and then some! Cheers.
×