Jump to content


  • Content count

  • Joined

  • Last visited

  • Days Won


ritchie58 last won the day on June 3

ritchie58 had the most liked content!

Community Reputation

362 Excellent

About ritchie58

  • Rank
    Staff Member

Profile Information

  • Gender
  • Location
    : Earth
  • Interests
    End-User Computer Security

Recent Profile Visitors

322 profile views
  1. ritchie58

    Happy 4th Everyone!

    I would just like to say if anyone else reads this and you love your wide screen HDTV make sure you have it plugged into a good voltage surge protector. The higher the joules rating for the protector the better so don't go out and buy the cheapest one you can find. I got one ordered to replace the one that didn't protect my tv. This one has a 920 joules rating, has got a life time guarantee and a $20,000 equipment replacement warranty. It costs about twice as much as a standard power strip but I think it will be worth it.
  2. ritchie58

    Happy 4th Everyone!

    Mmm, smoked brisket! That does sound good Tom! I did pretty much the same thing actually, had a few friends over, broke out the grill and cooked some burgers & dogs, sucked down some cold suds while jammin' out to some rock n' roll on the patio. It was a good time! Edit: Well, it was mostly a good time. A thunder storm rolled through so we had to take the party indoors for a while. Unfortunately, a close lighting strike fried my 50" HDTV and a HDMI splitter connected to it. Funny thing was they were both connected to a surge protector power strip when that happened and the power strip didn't even trip off. Those LED HDTV's are susceptible to damage by even the slightest power surges so I found out the hard way! I ordered a new tv & HDMI splitter online, paid extra for 2 day shipping, so they should be delivered here tomorrow hopefully. An extra expense this month I certainly wasn't anticipating plus that tv wasn't even a year old yet. Bummer! I'm just glad my computer didn't get fried too. We were streaming music videos to the tv at the time. The PC is connected to a different power strip plus I installed a new PSU a few months ago that (thankfully) also has built in over-voltage protection.
  3. ritchie58

    help me

    Hi kaba116, I moved your topic from the General section to here as that's a better place for it. I also deleted your duplicate Chinese language posting in this section as this is a English language forum. Unfortunately it's a national holiday today so I doubt any support person will respond to your inquiries for a day or so. In the mean time can you tell us if those executable files had a supposedly legitimate purpose or were all those files created during a malicious installation?
  4. ritchie58

    Happy 4th Everyone!

    It has become a bit of a tradition to wish everyone well on major holidays so this 4th of July celebration is no exception! "I would like to wish the Immunet team, forum members and guests alike a safe and happy 4th of July as always!" I mentioned this last year but I think it's worth mentioning again, it's best to leave the pyrotechnics to the experts. Cheers, Ritchie...
  5. ritchie58

    False positive ransomware?

    Hello Hernan, I would concur that is a FP, and no you are not infected with ransomware. Believe me, if you were, you'd already know for sure! It appears that Immunet was attempting to quarantine Kaspersky's definition update for a EICAR ransomware test string. EICAR test strings are used to examine an AV's efficacy by using dummy malware signatures that do no harm. Some AV vendors white-list these test strings to avoid unnecessary False Positive reports by users who don't know what they downloaded and opened the test string's compressed folder (usually zip or rar) or don't know how to properly use the strings for testing. That's their logic anyway. One way to avoid conflicts with Immunet & your companion AV is to open the settings and add an exclusion for "Kaspersky's entire Program Files folder" with Immunet. Also do the same for Kaspersky, exclude Immunet's entire Program Files folder in it's settings. Doing this can go a long way to help avoid the situation you just encountered. Best Wishes, Ritchie... P. S. - I don't entirely agree with the reasoning behind AV vendors white-listing these test strings. That means a user can't actually test just how good their AV is themselves. Got something to hide maybe? With Immunet you can't even open & unpack EICAR compressed folders once they're downloaded because they have "already been quarantined" if you have Scan Archive Files & Scan Compressed Files enabled in Settings! Immunet is that good!
  6. ritchie58


    Regardless of how good your AV is if you have a bunch of non-essential start-up programs (especially if you have limited system resources to begin with, like a netbook, tablet or even an older computer) that can have serious detrimental effects on your PC. That's the message I'm tryin' to convey.
  7. Hi guys, Process Hacker has been recognized as a PUP (Potentially Unwanted Program) by a number of other AV's including BitDefender & Malwarebytes so this certainly isn't the first time this software has ever been flagged as suspicious or possibly malicious.
  8. Yeah, that's why I mentioned if the drive is being recognized by Device Manager & Windows Explorer than Immunet should be able to scan that drive. Right?
  9. Ok J, so what you're saying is Device Manager & subsequently Windows Explorer has not problems recognizing the additional drive. Next question would be are you using any other security software that may be interfering or blocking Immunet's processes from performing properly (another AV, behavior blocker, sandboxing software, etc...)?
  10. Hello Nadmin, unfortunately Immunet does not support any kind of user created command line scripting so that option would be out. I also wouldn't recommend you muck about with the files or registry keys. That could have very undesirable effects to Immunet's program or your OS itself if you accidentally alter or delete the wrong registry keys. I would highly recommend you use Immunet's UI and add exclusions the traditional way. Best wishes, Ritchie...
  11. Hi J, Immunet should be able to scan your other drives. That's weird that it is behaving like that. If these files are compressed (rar, zip, 7zip, etc...) you would need to make sure that the Scan Compressed Files & Scan Archived Files options are turned on in Settings. Another consideration, are you using some sort of encryption (like Windows BitLocker Drive Encryption) or file hiding software for the drives as a security measure? If so you would need to decrypt or unhide the drives/folders/files in question first before starting a scan.
  12. ritchie58

    Software Restriction Policies (Srp Gpo)

    Hi Valnat, Immunet & Amp for Endpoints do share the ETHOS, SPERO and the ClamAV engines & sigs. AMP also has the TETRA module that was only available to the Plus (paid) version of Immunet when it was still being supported. TETRA has the ability to detect threats that other AV engines may have trouble with. For instance, encrypted rootkits to name just one. I hope that answered your question. Regards, Ritchie...
  13. ritchie58

    Upgraded Forums / announcements

    I was pretty proud of the fact that I've been with the program long enough to exceed over 2000 posts only to have well over 100 post simply disappear I guess. I'm still rather dismayed & bummed this has happened though. On the bright side I'll get to reach that 2000th post milestone once again if I stick with the cause long enough!
  14. ritchie58

    False Positive Report

    We do have a False Positive submission site you are welcome to use. Providing the correct SHA256 Hash for the file in question will be a great help to the analytical team. Please feel free to submit your findings at this URL link. http://www.immunet.com/false_positive Cheers, Ritchie...
  15. ritchie58

    Upgraded Forums / announcements

    Wow! Definitely some major changes Tom! I have to admit I do like the new theme except for the way user's avatars are displayed. Cool new avatar for you though btw! My avatar is only partially displayed due to the circular configuration. Is there a way to revert back to the rectangular avatar config? No "major biggie" but it does kinda bum me out my avatar is only partially visible now. Something else I've noticed, the total posts I've made is incorrect unless some have been deleted. If that's the case I'd like some clarification on that as to why.