Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


ritchie58 last won the day on December 29 2018

ritchie58 had the most liked content!

Community Reputation

367 Excellent

About ritchie58

  • Rank
    Staff Member

Profile Information

  • Gender
  • Location
    : Earth
  • Interests
    End-User Computer Security

Recent Profile Visitors

762 profile views
  1. ritchie58


    Hi Venjill, Immunet "does not issue off-line installer packages" for the simple reason that an off-line installer could be manipulated by a hacker to include possibly malicious code to the installer package. Immunet uses a bootstrapper installer to ensure that this scenario does not take place. Like my friend Wookiee mentioned the bootstrapper installer does require an internet connection to successfully install Immunet. An internet connection is also needed for cloud look-ups, to update the ClamAV module and for new version updates after Immunet is installed. Regards, Ritchie...
  2. ritchie58

    I am back to project!

    Hello boombastik, with Win. 10 Defender is automatically disabled once you install another antivirus, that is normal behavior. I don't think there is a way to keep Defender enabled once you have another AV installed though. Personally that's "one of the first things I turned off" when I first installed my OS because Windows Defender is not a good as some free products (like Immunet!). So even if you use Immunet as a stand alone AV solution that would still be better than using Defender! Don't forget that Immunet can be used as a companion AV to most major players AV products. I currently have Immunet paired up with Panda Dome Pro (the paid version but there is a free version available) which are both cloud based AV's, they seem to work well together and are both light on system resources.
  3. ritchie58

    support forum in https

    This subject has been brought up before. I would also like to see this forum eventually use either Secure Sockets Layer (SSL) or Transport Layer Security (TLS) encryption protocols. That would provide added security when a user logs in to the forum. My Firefox browser warns me every time, when I log in, that this site is not secure.
  4. ritchie58

    I am back to project!

    Yes I do remember you boombastik and welcome back to the Immunet community! A little late but Happy New Year! You will find version 6 much improved, both in efficacy & performance, over the old version 3. If you disable Monitor Program Install (which definitely isn't recommended) that means that Immunet will not monitor new software installer packages or program updates for any suspicious/malicious activity during the installation process. It will be up to the user to scan the software after installation. I normally use this setting enabled but I do disable it during "Windows Updates" just to help speed things up a bit and then turn it back on after the Windows Updates are installed. With Monitor Program Start enabled that will monitor automatic start-up programs and any manually started executable code when they're first launched for any suspicious/malicious activity. I would recommend you use both settings enabled for the added layer of security that Monitor Program Install will provide. Cheers, Ritchie...
  5. ritchie58

    Feb 4th Infrastructure date is approaching.

    "Great idea" to remind users of the pending changes Wookiee! I was thinking the folks that are going to be affected the most with this infrastructure change are die-hard XP users that still use compatible 5.0 (or older) versions. Since the newer 6 builds are not compatible with XP that'll leave them in the dark so to speak.
  6. Informative (but regrettable) to know that this BIOS/user name bug exists, been following this topic with some interest! Did you actually try "Safe Mode with Networking" using "Administrator Privileges" like Wookiee suggested YNFART? You would have to use the option of Safe Mode with Networking since Immunet uses a bootstrapper installer that requires an internet connection.
  7. ritchie58

    Network Share exclusion

    Is the application in question physically installed on the the same drive (or different drive letter but same computer) as Immunet or is the app only accessed remotely through your network? Also, what exactly is the app & what is your Operating System? That info might be helpful along with some documentation screenshots of Immunet's behavior/activity regarding this issue using your preferred screen grab software. If Immunet & the app share the same computer it should be possible to add an Exclusion rule for it by adding the "exact" file path. If it's only accessed through the network that may be problematic but perhaps not impossible to find a workaround. Like I mentioned, that extra info & screenshots (if you can provide that) just might make the difference to find an adequate solution for your issue! Regards, Ritchie...
  8. ritchie58

    64 bit Protection??

    Well that's reassuring Wookiee & thanks for the clarification!
  9. ritchie58

    64 bit Protection??

    Hello dallas7! I hope your holiday season went well and always great to hear from an old-school member once again! There isn't anything in the 6.2.4 Announcements topic that specifies if 64bit system protection is now included with this newest build. Since I have a 64bit system I'm as curious about that as you are my friend! Best wishes, Ritchie...
  10. ritchie58

    Open sockets in system process -- Immunet?

    Like I mentioned before, you could contact Suricata support with the link I provided to find out if those connections belong to that software package sickpuppy.
  11. ritchie58

    Open sockets in system process -- Immunet?

    For historical purposes & for any user's curiosity here's the reason for the decision to use Amazon's servers back in the good ol' days. At that time Immunet was basically still a fledgling private company and the decision was made to use Amazon's servers to reduce the company server load when pushing new version updates to users since resources where still quite limited. Amazon's servers had some of the best security/intrusion protocols in place at that time so that was a consideration too. There was already a growing need to increase server capacity so it was thought that this approach would best serve the rapidly expanding Immunet cloud community in the interim until a better solution could be attained.
  12. ritchie58

    Open sockets in system process -- Immunet?

    Thanks for the conformation Wookiee! There was a time when Immunet used (of all things) Amazon.com's servers to push new build updates through the UI to users but that was years ago before SourceFire acquired Immunet.
  13. ritchie58

    Open sockets in system process -- Immunet?

    Immunet doesn't use any out-sourced URL connections. Instead Immunet Protect uses it's own dedicated servers for the ETHOS & SPERO cloud look-ups and for the ClamAV module's definition signature updates. So the answer to your question is no, these URL's are not related to Immunet.
  14. ritchie58

    Open sockets in system process -- Immunet?

    Immunet does not rely on any Windows system processes since it has it's own dedicated processes which are sfc.exe & iptray.exe. I would conjecture that those connections are related to your Suricata threat detection/network monitoring engine and not Immunet You could contact Suricata support directly to see if those connections are associated with the software but I bet they are. https://suricata-ids.org/support/
  15. The Administrators, Developers & myself would like to wish all Immunet users, forum members and guests alike a safe & very Happy Holiday Season! "Merry Christmas & Happy New Year everybody!"