Jump to content


  • Content count

  • Joined

  • Last visited

  • Days Won


ritchie58 last won the day on June 3

ritchie58 had the most liked content!

Community Reputation

362 Excellent

About ritchie58

  • Rank
    Staff Member

Profile Information

  • Gender
  • Location
    : Earth
  • Interests
    End-User Computer Security

Recent Profile Visitors

249 profile views
  1. Hi guys, Process Hacker has been recognized as a PUP (Potentially Unwanted Program) by a number of other AV's including BitDefender & Malwarebytes so this certainly isn't the first time this software has ever been flagged as suspicious or possibly malicious.
  2. Yeah, that's why I mentioned if the drive is being recognized by Device Manager & Windows Explorer than Immunet should be able to scan that drive. Right?
  3. Ok J, so what you're saying is Device Manager & subsequently Windows Explorer has not problems recognizing the additional drive. Next question would be are you using any other security software that may be interfering or blocking Immunet's processes from performing properly (another AV, behavior blocker, sandboxing software, etc...)?
  4. Hello Nadmin, unfortunately Immunet does not support any kind of user created command line scripting so that option would be out. I also wouldn't recommend you muck about with the files or registry keys. That could have very undesirable effects to Immunet's program or your OS itself if you accidentally alter or delete the wrong registry keys. I would highly recommend you use Immunet's UI and add exclusions the traditional way. Best wishes, Ritchie...
  5. Hi J, Immunet should be able to scan your other drives. That's weird that it is behaving like that. If these files are compressed (rar, zip, 7zip, etc...) you would need to make sure that the Scan Compressed Files & Scan Archived Files options are turned on in Settings. Another consideration, are you using some sort of encryption (like Windows BitLocker Drive Encryption) or file hiding software for the drives as a security measure? If so you would need to decrypt or unhide the drives/folders/files in question first before starting a scan.
  6. ritchie58

    Software Restriction Policies (Srp Gpo)

    Hi Valnat, Immunet & Amp for Endpoints do share the ETHOS, SPERO and the ClamAV engines & sigs. AMP also has the TETRA module that was only available to the Plus (paid) version of Immunet when it was still being supported. TETRA has the ability to detect threats that other AV engines may have trouble with. For instance, encrypted rootkits to name just one. I hope that answered your question. Regards, Ritchie...
  7. ritchie58

    Upgraded Forums / announcements

    I was pretty proud of the fact that I've been with the program long enough to exceed over 2000 posts only to have well over 100 post simply disappear I guess. I'm still rather dismayed & bummed this has happened though. On the bright side I'll get to reach that 2000th post milestone once again if I stick with the cause long enough!
  8. ritchie58

    False Positive Report

    We do have a False Positive submission site you are welcome to use. Providing the correct SHA256 Hash for the file in question will be a great help to the analytical team. Please feel free to submit your findings at this URL link. http://www.immunet.com/false_positive Cheers, Ritchie...
  9. ritchie58

    Upgraded Forums / announcements

    Wow! Definitely some major changes Tom! I have to admit I do like the new theme except for the way user's avatars are displayed. Cool new avatar for you though btw! My avatar is only partially displayed due to the circular configuration. Is there a way to revert back to the rectangular avatar config? No "major biggie" but it does kinda bum me out my avatar is only partially visible now. Something else I've noticed, the total posts I've made is incorrect unless some have been deleted. If that's the case I'd like some clarification on that as to why.
  10. Twitter announced yesterday that they discovered a serious bug that saved users passwords without encryption to an internal log. Although Twitter says they have since fixed the bug and no data was hacked or misused as far as there investigation has revealed thus far. Twitter reiterated today that this bug was not a security breech by an outside source. The company uses an encryption algorithm to protect user passwords which shows random characters in place of the actual passwords (also called Hashing). But the detected & fixed bug stored the passwords in their original plain-text form to an "internal log" which could have been accessed by company personal. When asked how many user passwords may have been affected Twitter declined to answer. However some, as yet unsubstantiated, outside sources claim that the extensive log may have contained well over 350 million user's passwords worldwide. As a security precaution Twitter is strongly urging all users to change their passwords via a pop-up window on the site that explains the nature of the bug and links to their Settings page (see image). If you used the same password for any other service or web site Twitter is highly recommending you also change those passwords as an additional precaution. Although it's "never a good idea" to use the same password for different sites! I think most people know that "common sense security measure already!" Best wishes, Ritchie... P.S. - In retrospect I think it's "quite commendable" of Twitter to notify it's users of the bug even though it could have been a much simpler matter of just fixing the anomaly and sweeping it under the rug, they could have done that. I bet this was done to be as transparent as possible when it comes to it's user's privacy/security in light of the ongoing Facebook/Cambridge Analytica drama still unfolding.
  11. Hi Dallal, I watched some, but not all of it and like you, I was not impressed either. I would have liked more in-depth questioning about how Facebook is going to keep Russian trolls & other entities from meddling in our democratic election process through malicious accounts spreading fake news or targeting unsuspecting users like Cambridge Analytica did.
  12. Hi caprinod, as you also unfortunately have found out, there seems to be an on-going issue with Server 2012 R2 & Immunet. However the devs are aware of the situation and are working on it. Regards, Ritchie...
  13. There definitely seems to be a recurrent theme of issues with Server 2012 R2 and Immunet being reported of late.
  14. ritchie58

    Service Not Starting

    Thanks for the clarification on Server 2016 Wookiee. ComeAndSee, may I suggest you send Wookiee a Personal Message regarding your Server 2012 issue. Click on the link provided and that will take you to Wookiee's profile page. Then click on the Send me a message tab located to the right. http://support.immunet.com/index.php?/user/46674-wookiee/ Something you can do right now though is make sure that no other software you have installed is blocking or interfering with sfc.exe, like your firewall, another AV, behavioral blocker, sand-boxing or other security software, etc... Best wishes, Ritchie...
  15. I hear ya P36L4! I never wanted anything more to do with the social-media scene after I deleted my Facebook profile years ago.