Jump to content

ritchie58

Moderators
  • Content count

    1,933
  • Joined

  • Last visited

  • Days Won

    150

Everything posted by ritchie58

  1. ritchie58

    Happy 4th Everyone!

    It has become a bit of a tradition to wish everyone well on major holidays so this 4th of July celebration is no exception! "I would like to wish the Immunet team, forum members and guests alike a safe and happy 4th of July as always!" I mentioned this last year but I think it's worth mentioning again, it's best to leave the pyrotechnics to the experts. Cheers, Ritchie...
  2. ritchie58

    Happy 4th Everyone!

    I would just like to say if anyone else reads this and you love your wide screen HDTV make sure you have it plugged into a good voltage surge protector. The higher the joules rating for the protector the better so don't go out and buy the cheapest one you can find. I got one ordered to replace the one that didn't protect my tv. This one has a 920 joules rating, has got a life time guarantee and a $20,000 equipment replacement warranty. It costs about twice as much as a standard power strip but I think it will be worth it.
  3. ritchie58

    Happy 4th Everyone!

    Mmm, smoked brisket! That does sound good Tom! I did pretty much the same thing actually, had a few friends over, broke out the grill and cooked some burgers & dogs, sucked down some cold suds while jammin' out to some rock n' roll on the patio. It was a good time! Edit: Well, it was mostly a good time. A thunder storm rolled through so we had to take the party indoors for a while. Unfortunately, a close lighting strike fried my 50" HDTV and a HDMI splitter connected to it. Funny thing was they were both connected to a surge protector power strip when that happened and the power strip didn't even trip off. Those LED HDTV's are susceptible to damage by even the slightest power surges so I found out the hard way! I ordered a new tv & HDMI splitter online, paid extra for 2 day shipping, so they should be delivered here tomorrow hopefully. An extra expense this month I certainly wasn't anticipating plus that tv wasn't even a year old yet. Bummer! I'm just glad my computer didn't get fried too. We were streaming music videos to the tv at the time. The PC is connected to a different power strip plus I installed a new PSU a few months ago that (thankfully) also has built in over-voltage protection.
  4. ritchie58

    help me

    Hi kaba116, I moved your topic from the General section to here as that's a better place for it. I also deleted your duplicate Chinese language posting in this section as this is a English language forum. Unfortunately it's a national holiday today so I doubt any support person will respond to your inquiries for a day or so. In the mean time can you tell us if those executable files had a supposedly legitimate purpose or were all those files created during a malicious installation?
  5. ritchie58

    False positive ransomware?

    Hello Hernan, I would concur that is a FP, and no you are not infected with ransomware. Believe me, if you were, you'd already know for sure! It appears that Immunet was attempting to quarantine Kaspersky's definition update for a EICAR ransomware test string. EICAR test strings are used to examine an AV's efficacy by using dummy malware signatures that do no harm. Some AV vendors white-list these test strings to avoid unnecessary False Positive reports by users who don't know what they downloaded and opened the test string's compressed folder (usually zip or rar) or don't know how to properly use the strings for testing. That's their logic anyway. One way to avoid conflicts with Immunet & your companion AV is to open the settings and add an exclusion for "Kaspersky's entire Program Files folder" with Immunet. Also do the same for Kaspersky, exclude Immunet's entire Program Files folder in it's settings. Doing this can go a long way to help avoid the situation you just encountered. Best Wishes, Ritchie... P. S. - I don't entirely agree with the reasoning behind AV vendors white-listing these test strings. That means a user can't actually test just how good their AV is themselves. Got something to hide maybe? With Immunet you can't even open & unpack EICAR compressed folders once they're downloaded because they have "already been quarantined" if you have Scan Archive Files & Scan Compressed Files enabled in Settings! Immunet is that good!
  6. ritchie58

    Antivirus

    Regardless of how good your AV is if you have a bunch of non-essential start-up programs (especially if you have limited system resources to begin with, like a netbook, tablet or even an older computer) that can have serious detrimental effects on your PC. That's the message I'm tryin' to convey.
  7. Hi guys, Process Hacker has been recognized as a PUP (Potentially Unwanted Program) by a number of other AV's including BitDefender & Malwarebytes so this certainly isn't the first time this software has ever been flagged as suspicious or possibly malicious.
  8. Yeah, that's why I mentioned if the drive is being recognized by Device Manager & Windows Explorer than Immunet should be able to scan that drive. Right?
  9. Ok J, so what you're saying is Device Manager & subsequently Windows Explorer has not problems recognizing the additional drive. Next question would be are you using any other security software that may be interfering or blocking Immunet's processes from performing properly (another AV, behavior blocker, sandboxing software, etc...)?
  10. Hello Nadmin, unfortunately Immunet does not support any kind of user created command line scripting so that option would be out. I also wouldn't recommend you muck about with the files or registry keys. That could have very undesirable effects to Immunet's program or your OS itself if you accidentally alter or delete the wrong registry keys. I would highly recommend you use Immunet's UI and add exclusions the traditional way. Best wishes, Ritchie...
  11. Hi J, Immunet should be able to scan your other drives. That's weird that it is behaving like that. If these files are compressed (rar, zip, 7zip, etc...) you would need to make sure that the Scan Compressed Files & Scan Archived Files options are turned on in Settings. Another consideration, are you using some sort of encryption (like Windows BitLocker Drive Encryption) or file hiding software for the drives as a security measure? If so you would need to decrypt or unhide the drives/folders/files in question first before starting a scan.
  12. ritchie58

    Software Restriction Policies (Srp Gpo)

    Hi Valnat, Immunet & Amp for Endpoints do share the ETHOS, SPERO and the ClamAV engines & sigs. AMP also has the TETRA module that was only available to the Plus (paid) version of Immunet when it was still being supported. TETRA has the ability to detect threats that other AV engines may have trouble with. For instance, encrypted rootkits to name just one. I hope that answered your question. Regards, Ritchie...
  13. ritchie58

    Upgraded Forums / announcements

    I was pretty proud of the fact that I've been with the program long enough to exceed over 2000 posts only to have well over 100 post simply disappear I guess. I'm still rather dismayed & bummed this has happened though. On the bright side I'll get to reach that 2000th post milestone once again if I stick with the cause long enough!
  14. ritchie58

    False Positive Report

    We do have a False Positive submission site you are welcome to use. Providing the correct SHA256 Hash for the file in question will be a great help to the analytical team. Please feel free to submit your findings at this URL link. http://www.immunet.com/false_positive Cheers, Ritchie...
  15. ritchie58

    Upgraded Forums / announcements

    Wow! Definitely some major changes Tom! I have to admit I do like the new theme except for the way user's avatars are displayed. Cool new avatar for you though btw! My avatar is only partially displayed due to the circular configuration. Is there a way to revert back to the rectangular avatar config? No "major biggie" but it does kinda bum me out my avatar is only partially visible now. Something else I've noticed, the total posts I've made is incorrect unless some have been deleted. If that's the case I'd like some clarification on that as to why.
  16. Twitter announced yesterday that they discovered a serious bug that saved users passwords without encryption to an internal log. Although Twitter says they have since fixed the bug and no data was hacked or misused as far as there investigation has revealed thus far. Twitter reiterated today that this bug was not a security breech by an outside source. The company uses an encryption algorithm to protect user passwords which shows random characters in place of the actual passwords (also called Hashing). But the detected & fixed bug stored the passwords in their original plain-text form to an "internal log" which could have been accessed by company personal. When asked how many user passwords may have been affected Twitter declined to answer. However some, as yet unsubstantiated, outside sources claim that the extensive log may have contained well over 350 million user's passwords worldwide. As a security precaution Twitter is strongly urging all users to change their passwords via a pop-up window on the site that explains the nature of the bug and links to their Settings page (see image). If you used the same password for any other service or web site Twitter is highly recommending you also change those passwords as an additional precaution. Although it's "never a good idea" to use the same password for different sites! I think most people know that "common sense security measure already!" Best wishes, Ritchie... P.S. - In retrospect I think it's "quite commendable" of Twitter to notify it's users of the bug even though it could have been a much simpler matter of just fixing the anomaly and sweeping it under the rug, they could have done that. I bet this was done to be as transparent as possible when it comes to it's user's privacy/security in light of the ongoing Facebook/Cambridge Analytica drama still unfolding.
  17. Hi Dallal, I watched some, but not all of it and like you, I was not impressed either. I would have liked more in-depth questioning about how Facebook is going to keep Russian trolls & other entities from meddling in our democratic election process through malicious accounts spreading fake news or targeting unsuspecting users like Cambridge Analytica did.
  18. I once had a Facebook account but I deleted it several years ago when "I discovered back then" that the company was allowing third-party entities to access user's profile data, for a price. I was "not cool" with that even back then! Plus the malicious re-direct links & the hacker activity didn't exactly entice me to stay either. Facebook was originally created for college students to stay in touch with each other and share ideas. A noble cause indeed! Facebook has now allowed itself to become a global source of fake news & mis-information. Facebook's CEO Mark Zuckerberg publicly offered an apology yesterday for allowing the British firm Cambridge Analytica to access at least 50 million users profile data to try and interfere with the 2016 presidential election. This was done by targeting mis-leading or down right fake new stories to individuals that according to their data within their profiles would be more susceptible to believing the mis-leading or false information to benefit the Trump election campaign. Because of this recent debacle stocks for Facebook has been taking a real downward tumble. It is estimated that the company has lost at least 50 million dollars in stock market trading just in the last few days. I'm sure the major share holders in the company are not happy at all with recent events! It's also been reported that many users are opting to delete their profiles in disbelief & disgust! Did you know that can take up to 90 days to finalize? Since Facebook is also ad driven these days I'm sure that the advertisers are closely watching this situation deciding when it's best to abandon a sinking ship. Facebook isn't the only social media site that allows false or mis-leading information to proliferate. So what's a person to do? First of all don't believe everything you read on the net is factual. Get your news from different sources, TV news, newspapers, magazines. "Be as informed as you can about issues instead of allowing someone else to do your thinking for you!" As an after thought maybe it's time for Mark to step down and allow for some new blood to inject some new thinking into the project before it's too late. My own thoughts for what they're worth.
  19. Hi caprinod, as you also unfortunately have found out, there seems to be an on-going issue with Server 2012 R2 & Immunet. However the devs are aware of the situation and are working on it. Regards, Ritchie...
  20. There definitely seems to be a recurrent theme of issues with Server 2012 R2 and Immunet being reported of late.
  21. ritchie58

    Service Not Starting

    Thanks for the clarification on Server 2016 Wookiee. ComeAndSee, may I suggest you send Wookiee a Personal Message regarding your Server 2012 issue. Click on the link provided and that will take you to Wookiee's profile page. Then click on the Send me a message tab located to the right. http://support.immunet.com/index.php?/user/46674-wookiee/ Something you can do right now though is make sure that no other software you have installed is blocking or interfering with sfc.exe, like your firewall, another AV, behavioral blocker, sand-boxing or other security software, etc... Best wishes, Ritchie...
  22. I hear ya P36L4! I never wanted anything more to do with the social-media scene after I deleted my Facebook profile years ago.
  23. ritchie58

    Service Not Starting

    Hi guys, I'm wondering if Immunet is even compatible with Server 2016 since it's not listed as a supported platform on the official site (click on the Requirements tab). http://www.immunet.com/index That's got me rather curious, is Server 2016 considered compatible or not with the latest build of Immunet?
  24. I saw a segment on NBC's Nightly News this evening that revealed that as many as "87 million" Facebook users profile data was used by Cambridge Analytica, not the 50 million first reported! The Federal Trade Commission has been pressuring CEO Mark Zuckerberg to publicly testify about this breech of trust and he has agreed to answer their questions. He's scheduled to appear before Congress on the 10th of this month. You know they'll be asking Mark some tough questions. Like how & why Cambridge Analytica was able to access so much data from the site without Facebook users knowledge or consent and what steps are being taken by the company to assure a similar incident like this doesn't occur in the future. Facebook announced that they have added some additional security features that users can activate to help keep third-party firms from accessing their profile data. Facebook also announced today that the users affected by this breech of trust will be notified that their data has been compromised starting next Monday. Some good moves but is it too little, to late? Because of this breech of trust stocks for Facebook continue to plummet as more users opt to delete their accounts! The company has now lost well over 85 million dollars in stock market trading.
  25. ritchie58

    Update Immunet By Script

    Yes, ClamAV will provide active malware protection just like it does for Immunet with it's ClamAV module. Make sure to choose the right zip file for your Operating System. Also, there is a Contact link at the top of the site where the knowledgeable ClamAV team can answer any technical questions you may have.
×