Jump to content

ritchie58

Moderators
  • Content Count

    2,030
  • Joined

  • Last visited

  • Days Won

    156

Everything posted by ritchie58

  1. Hello Makreel, those temp files are used by Bitdefender when new malware definition signatures are being updated. Those are False Positives. It's always advisable when Immunet is used as a companion AV to exclude the entire Program Files folder of the other AV in Immunet's Exclusion List if it's not already there by default. Do the same for Immunet too, exclude Immunet's Program Files folder with Bitdefender. That can go a long way to help avoid possible conflicts and that should fix the Temp files being mistakenly flagged. In fact, delete that Windows Temp file exclusion once you've made an exclusion for Bitdefender's entire Program Files folder to see if the same behavior occurs. I don't think it should but let us know if it does because if you create a generic exclusion for the Windows Temp file directory that can leave your system more vulnerable to exploits. It's "definitely not" recommended! Best wishes, Ritchie...
  2. Sometimes this can be caused by a connectivity and/or a process issue Ian. Make sure that no other security program (firewall, another AV, sandboxing/behavior blocker software, etc...) you may have installed is not interfering/blocking any of Immunet's processes. That being sfc.exe, iptray.exe and freshclam.exe if you have ClamAV enabled. Allow for both in-coming and out-going data from all processes.
  3. Wow, that is really weird! I've never heard of "anyone" encountering this anomalous behavior before! Did Immunet create multiple scheduled scans with Windows TaskScheduler for some unknown reason? If I ran into this situation that's the first thing I would have checked. Robert, since the deletion of the scheduled scans seemed to have solved the problem how is the new scheduled scans behaving now? If you see the same or similar behavior on any of the machines by all means send Wookiee a SDT report via email per machine affected. http://support.immunet.com/index.php?/topic/1672-how-do-i-submit-a-support-diagnostic-tool-report/ Regards, Ritchie...
  4. Hi guys, I've seen that happen before. Where a user turns on the Verbose Tray Notifications in Settings by mistake or maybe out of curiosity and then wonders why there are so many pop-up messages taking place. The Verbose Tray Notifications setting is used for debugging or troubleshooting purposes only and should ordinarily remain turned off unless instructed by an Admin. or Support person to enable this setting. Cheers, Ritchie...
  5. Hi jimmiea, when the ClamAV module is enabled in Immunet's Settings it uses the Windows process freshclam.exe to pull down new defs but I'm not sure exactly which port that process uses when active. However these are the active ports that Immunet needs for ETHOS, SPERO cloud lookups & ClamAV updates: 53-UDP, 80-TCP, 443-TCP and 32137-TCP. Allow for both in-coming and out-going data packets from all ports. Regards, Ritchie...
  6. Hello lkching7, please use your Personal Messenger feature and contact bcouncil (Christine) about the issue you're encountering like she recommended in the last posted thread before yours. Best wishes, Ritchie...
  7. Hi bertaudmarc, to send Wookiee a personal message click on the link provided and that will take you to Wookiee's Profile page. On the right hand side of his profile page click on the "Send me a message" tab. This will open a dialog box where you can type the necessary information in and just click Send when you're done. http://support.immunet.com/index.php?/user/46674-wookiee/ When you log back in to check for any replies from Wookiee simply click on the Messenger icon on the upper right hand side of the forum (it looks like a little mail envelope) or you can click on your user name in the same location and select Personal Messenger from the little drop down menu to access your PM's. I hope this info is helpful. Regards, Ritchie...
  8. By all means do send in a SDT report to Support Etienne. http://support.immunet.com/index.php?/topic/1672-how-do-i-submit-a-support-diagnostic-tool-report/ Best wishes, Ritchie...
  9. Hi LaniLani, glad to hear you got the update installed. That is unusual that you couldn't kill Immunet with TaskManager using your Admin. account. I can kill Immunet using this method. That was a great idea though, to temporarily uninstall Immunet to update. Just hate to see you having to use such a method. I use to know the DOS Command Prompts that made it easy to stop and start Immunet without rebooting but these have changed or are nonexistent since version 5 unfortunately.
  10. It would be extremely difficult, if not impossible to white-list a temp file like that. Did you try using a temporary generic Exclusion? As an example: If the file path for the temp file is C:\Users\ Ritchie\temp then use an Exclusion for C:\Users\Ritchie ONLY? If that doesn't work another option would be to kill Immunet before attempting to install the update. You can use TaskManager for this. Open TaskManager (press the Ctrl, Alt, Delete keys at the same time) and follow these instructions in this order. Cick on the Services tab -> find the Immunetprotect_6.0.8 Service from the list -> right-click on the Service and select Stop Service -> next go to the Processes tab and click on it -> find iptray.exe from the list -> right-click on the Process and select End Process from the menu. Then see if you can install the update. After the update is installed simply reboot to re-start Immunet. Best wishes, Ritchie...
  11. Because of the incompetent security measures, resulting in the breach of Equifax that ended up compromising 145+ million consumers personal data & other personal data hacks last year, security experts are urging all U.S. taxpayers to file your tax returns as soon as possible! Especially if you know you were one of those affected by the Equifax breach (or one of the other recent hacks) the sooner you file your taxes the less likely that a hacker will attempt to use your stolen data to file a bogus return and end up with your tax refund in his/her pocket! Even if you're using credit monitoring or have a credit freeze that still will not stop this type of taxpayer identity theft the experts are saying. You can get a 6 digit authentication code to be used with your return as an extra security measure by contacting the I.R.S. and requesting this code be added to your return. Regards, Ritchie...
  12. There are some issues with the UI still going on where the cloud stats & maybe your Last Updated time/date may be incorrect. I have a daily flash scan set up and the UI displays that info correctly with my Win 7 machine fortunately. This leads me to believe that what you're encountering is not related to these issues. It may be that your .db history files have become corrupted. This does mysteriously happen sometimes but thankfully it is a rare occurrence. An easy fix for this is to do an uninstall & reinstall. When asked by the uninstaller if you plan to reinstall Immunet again choose the "NO" option and proceed with remainder of the uninstall. Choosing no will delete all of your old history files, that's what you want to take place. Then reinstall and reset your previous settings, add any exclusions you were using and create another scheduled scan if you had one. I've had to do this a couple of times myself over the 7+ years of using Immunet. Let us know if that doesn't correct the issue. Best wishes, Ritchie...
  13. ritchie58

    Exclusion Guide

    If you would have taken the time to research old threads to the forum before you posted this topic you would have found that this subject has been brought up many times in the past already Tornado! When using Immunet as a companion AV to another vendor's supported product "it has always been recommended" that the entire "Program Files folder" is added to Immunet's Exclusion list if it's not already there by default. Some of the major player's products are already excluded when first installing Immunet. It's also advisable to do the same for "Immunet's Program Files folder" for the other AV product, adding an exclusion/exception/allow rule. That way they should recognize each other as safe programs and it helps avoid possible future conflicts as well. Cheers, Ritchie...
  14. He is a she btw. That's what Christine wanted me to do, send any questions or issues her way if I can't provide the correct answers myself. I have no idea why you didn't get a response to your original PM to her. I don't think that this is considered proprietary information that shouldn't be divulged considering I have easy access to some of that data with the Comodo Firewall that I use. My advice would be to send her another personal message and if no response within a day or two then try contacting Support directly via email at this URL: support@immunet.com. Thanks for your patience regarding this. Cheers, Ritchie...
  15. It's tax season once again and with the new tax laws in place this is causing confusion among some consumers. So of course scammers are all to eager to take advantage of this situation. Here's an informative article by The Associated Press about this tax phone scam. More than 20,000 taxpayers have been targeted by fake Internal Revenue Service agents in the largest phone scam the agency has ever seen, the IRS inspector general said Thursday. Thousands of victims have lost a total of more than $1 million. As part of the scam, fake IRS agents call taxpayers, claim they owe taxes, and demand payment using a prepaid debit card or a wire transfer. Those who refuse are threatened with arrest, deportation or loss of a business or driver's license, said J. Russell George, Treasury inspector general for tax administration. Real IRS agents usually contact people first by mail, George said. And they don't demand payment by debit card, credit card or wire transfer. The inspector general's office started receiving complaints about the scam in August. Immigrants were the primary target early on, the IG's office said. But the scam has since become more widespread. Tax scams often escalate during filing season, George said. People have been targeted in nearly every state. "This is the largest scam of its kind that we have ever seen," George said in a statement. "The increasing number of people receiving these unsolicited calls from individuals who fraudulently claim to represent the IRS is alarming." The script is similar in many calls, leading investigators to believe they are connected. The inspector general's office is working with major phone carriers to try to track the origins of the calls, the IG's office said. The scam has been effective in part because the fake agents mask their caller ID, making it look like the call is coming from the IRS, George said. In some cases, fake agents know the last four digits of Social Security numbers, and follow up with official-looking emails.
  16. Thanks for the additional input guys. I noticed tonight that the Last Updated date/time is now correct, which has been off by about 5 time zones with my UI. That's in addition to the incorrect cloud stats of course. I hope that's a good sign that this issue is finally being looked into & worked on.
  17. Hi Kieran, it would have been best if you'd posted in the False Positives section regarding this topic but that's ok. If it's possible to get the SHA256 hash we can white-list the file if it proves to be a FP. We do have a submission site for false positives at this link. http://support.immunet.com/index.php?/topic/3258-how-to-submit-a-false-positive-updated-instructions/ For now if your client wishes to use the program & you're sure it is simply a FP use Immunet's Restore feature for the file. Open the UI -> click on Quarantine located below and to the right of the History tab -> find the file and click on it -> this gives you the option of deleting or restoring the file, choose Restore. This will automatically move the file to the Exclusion list and will no longer be scanned. As always, I'd like to remind all users to only restore a file you are "absolutely sure" is a false positive or you could be giving malware access to your system. Cheers, Ritchie...
  18. That is correct. With these engines combined gives Immunet the ability to detect literally millions of threats!
  19. Thanks for the input chavez243ca. That shows that cloud look-ups are taking place regardless of the incorrect UI stats. BTW - Tonight I did mention to Christine via PM that it seems to be taking a while to correct this issue this time. It is a little puzzling to me why it's taking so long.
  20. Yes, the tetra plug-in uses some of Bitdefender's original code but it has been further developed & improved upon.
  21. The ETHOS & SPERO cloud detection trees are enabled and functioning by default when you install Immunet. These should always remain turned on in Settings. Since version 6.0.0 Immunet has included a "tetra plug-in" that uses a licensed advanced version of Bitdefender's detection engine similar to the TETRA module for the Plus (paid) version of Immunet when it was still available. Don't forget you also have the ClamAV module that can be enabled for improved efficacy at malware detection. There is a slight system performance trade-off when also using Immunet's ClamAV module but I think it's worth the added protection you get. I hope this answers your questions adequately. Best wishes, Ritchie...
  22. Hi John, sorry to hear about the difficulties your encountering but instead of just posting very negative threads why don't you do something about it instead. Namely sending Support a detailed SDT report regarding your issues. That can only help with possibly finding a satisfactory resolution for you. Info on how to create and submit a SDT report can be found at this link. http://support.immunet.com/index.php?/topic/1672-how-do-i-submit-a-support-diagnostic-tool-report/
  23. Hi Tim, I believe what you're seeing is an on-going problem with version 6 where the cloud stats are not displaying correctly. This does not impact the protection that Immunet provides, only the stats on the UI. This issue does need looked into again unfortunately. Other users have posted in this Support (Issues/Defects) topic regarding this matter. http://support.immunet.com/index.php?/topic/3355-0-people-protected-from-0-threats-since-update-v604-v606/ Best wishes, Ritchie...
  24. This can be caused by a connectivity issue. Make sure that Immunet's processes are not being blocked by your firewall or other security apps. I know with every new build of Immunet I have to create new allow rules with my firewall of choice for instance. Something to look into. Best wishes, Ritchie...
  25. No problem sqwhrill. I did notify the Admin. Christine this evening via personal messenger that this cloud stat server issue has reoccurred and is still happening. I'm sure Christine will look into it and get things sorted out again very soon. Best wishes, Ritchie...
×
×
  • Create New...