Jump to content

Tom Beck

Administrators
  • Content count

    28
  • Joined

  • Last visited

Everything posted by Tom Beck

  1. On This Page FAQ - Frequently Asked Questions - Immunet Protect 1.0.26 BETA How do I report a false positive? What ports does Immunet Protect require to operate? Immunet Protect wrongly detected a clean file, how do I restore it? Are USB drives supported currently? I am running other Anti-Virus already, should I uninstall it? My Immunet Protect found viruses my other AV software did not or vice versa. Should I uninstall my current AV product or Immunet? Can I set up an instance of Immunet Protect for each user in my household on the same computer? I have features I would like to see in the product, who do I tell? I have a bug I would like to report, where do I send it? Why is Immunet Protect so quiet? It doesn't seem to be doing anything! I seem to be unconnected yet I have an Internet connection. How can I force Immunet Protect to reconnect to the cloud? Does the beta support Windows 7 What Anti-Virus packages are supported by Immunet Protect? You do not list my AV software as supported, can I run it with Immunet Protect? How do I submit a suspicious file to Immunet? Users who are running versions of Immunet Protect previous to June 16, 2010 are strong encouraged to upgrade the most recent version of the product. FAQ - Frequently Asked Questions - Immunet Protect 1.0.26 BETA How do I report a false positive? Immunet has a web form you may fill out in the event that Immunet Protect identifies something as a virus incorrectly. This web form allows you to send us the file so we can examine it and possibly white list it against future detection. You can access this form on our Contact Page. Please click on the drop down box titled Contact Reason to access the form itself. What ports does Immunet Protect require to operate? Immunet Protect Beta sends outgoing UDP traffic to destination ports 53 and 32137. You may see random high ports (30,000 +) showing traffic from Immunet Protect. Your system may bind to any available (generally high) port to communicate but the outgoing traffic will always be directed at UDP ports 53 & 32137. Immunet Protect also requires to be able to connect out to TCP port 80 to update itself. Your firewall should allow for rules specific to those destination ports without being sensitive to the source port. Immunet Protect wrongly detected a clean file, how do I restore it? Like any Ant-Virus program, Immunet Protect Beta will occasionally detect good files as viruses. Immunet should never actually delete suspected threats on your computer but instead it renders them harmless and moves them to a 'Quarantine' directory so if you need to restore them you can. Restoring quarantined files is a fairly straight forward process. In order to restore your file(s) you will need to go to your History tab and find the files which have been sent to your Quarantine. The easiest way to look for these events is to look for events in your History marked red. Each entry which has a 'detection' in red will have an item immediately above it marked with a green mark and identifying itself as a 'Quarantine' event. As you can see our two grouped entries have two different names. The item marked red is the name of the 'suspected' threat and the green quarantine item reflects the actual filename of what Immunet Protect Beta 'detected' as a threat. One way to think of this is that if you download a file called 'RestoreMe.exe' off the Internet and Immunet thinks it's actually a virus called W32.Downloader you would see the entries made exactly as seen in this entry. Now, in order to 'Restore' your file you will need to click on the green entry with the actual filename. When you click on the green entry on the left you should now see an option to restore the file. In order to restore your file you now need to simply click the 'Restore' button. In our beta the button can seem as if it does not depress and nor does it announce that it has successfully restored your files, we will change this in the 2.0 release. After you click the button you should see the file in question has been restored. At this point the file in question will be excluded from Immunet Protect's scanning for 24 hours. During that time you may wish to consider adding the file to your Scanning Exclusions under your Settings Tab so it is not detected again in the future. Are USB drives supported currently? No, they are not. During the beta of Immunet Protect USB drives will not be supported. I am running other Anti-Virus already, should I uninstall it? No, you should not. Immunet Protect is unique in the Anti-Virus world in that is is designed to work alongside and compliment other Anti-Virus products. Immunet Protect is also in beta and is not yet as strong as some other Anti-Virus products. Our key benefit during our beta is the extra protection we can give you in tandem with other Anti-Virus products. My Immunet Protect found viruses my other AV software did not or vice versa. Should I uninstall my current AV product or Immunet? No, if Immunet Protect finds new viruses that your current AV product does not it means it's operating as expected. The same is true for your current Anti-Virus software. Unless your current AV product or Immunet are causing your system problems we would not suggest un-installing it. Can I set up an instance of Immunet Protect for each user in my household on the same computer? Regrettably you cannot. During our beta only one instance of Immunet Protect can be set up on each computer. However, it should still be running and catching threats even if other users are logged into the system. I have features I would like to see in the product, who do I tell? The easiest way to tell us your thoughts on what we should have for features is to mail us here and we will follow up with you as soon as we can. I have a bug I would like to report, where do I send it? Please mail any defect reports here. We will follow up with a ticket number and followup questions with each bug report. Why is Immunet Protect so quiet? It doesn't seem to be doing anything! Immunet Protect does not have to constantly pull down content from an Anti-Virus provider (definition or .DAT files) so much of the churn you are used to seeing with traditional AV you will not see with Immunet Protect. We also designed the product to be as quiet as possible. We are of the opinion that your AV product should only be interrupting you with matters of immediate importance. I seem to be unconnected yet I have an Internet connection. How can I force Immunet Protect to reconnect to the cloud? Right now (Immunet 1.0.26 Beta) there is no way to force a connection. However, if you lose connectivity (or the product thinks it has lost it) it will be trying to connect back to the Immunet Cloud every 30 seconds. If you would rather not wait you can try to stop and start the product. Does the beta support Windows 7 Any version past 1.0.16 supports Windows 7. Previous to Windows 7 to make the product work under Windows 7 you need to run it in Windows 7 Compatibility Mode. What Anti-Virus packages are supported by Immunet Protect? Currently Immunet Protect supports the 2009 versions of Norton Antivirus, N360 and Norton Internet Security as well as the beta of Norton Internet Security 2010. Additionally supported is AVG Pro and Mcafee Security Center. You do not list my AV software as supported, can I run it with Immunet Protect? Unless we list it here in the FAQ as a known issue we have never seen a problem with your AV. If you run it side by side and it seems to work we would love to hear from you. How do I submit a suspicious file to Immunet? The easiest way to submit files to us is email. You can mail samples to submit@samples.immunet.com. This will feed your samples to an automated system and if we can build protections for it they will available over the cloud within a day of your submission and in some cases as soon as 2 hours.
  2. Tom Beck

    FAQ - Frequently Asked Questions

    On This Page Immunet General I had previously registered with the Immunet website, it's gone now. What happened? How do I submit a suspicious file to Immunet? What processes does Immunet Protect consist of? What are the similarities & differences between the FREE & PLUS versions? Immunet FREE Immunet Protect Free is Companion Anti-Virus, what other Anti-Virus packages can it run beside? Can I run my Immunet Protect FREE install along 'non-supported' Anti-Virus products? What are the Unofficially Supported Anti-Virus Packages for Immunet Protect Free? Is the Update Now feature working? Immunet PLUS I have Immunet Protect PLUS, can I run other Anti-Virus suites with it? Installation You include an ASK Toobar with Immunet Protect. Is this optional? Why do you include the ASK Toolbar Uninstall Updating How are new versions announced? Scan What are the differences between Flash Scan, Custom Scan, Full Scan & Rootkit Scan? Settings What is gaming mode? Errors Why did I get an error going into My Community that says "An error has occurred atempting to load your community"? Help & Support I see this message "File Could Not Be Deleted. Check to see if Agent is online. If it is please contact." How do I tell if my agent is online? Immunet General I had previously registered with the Immunet website, it's gone now. What happened? When Immunet Protect 2.0 was released (June 16, 2010) the Immunet website retired it's Community features and moved them directly into your product. The 2.0 product will now allow you to directly invite friends, manage current connections and add new friends. The password and email address you used on the old website will now work directly in the product. Community The Community component of Immunet Protect is presented in the left-hand tab of the of the Immunet Protect user interface. It contains the features that enable users to build and manage their Protection Network as well as helping them to keep abreast of the latest security and product news from Immunet. These features will be discussed in depth in the sections that follow. My Community The My Community feature can be launched by clicking on the My Community icon, which is the first button in the left-hand column of the main pane (shown below). The My Community feature is designed to allow users to build and manage their Protection Network, which is a group of individuals that the user has invited to join Immunet. Once individuals who have been invited join the Protection Network have accepted, their computers will start to submit suspicious data to Immunet. Immunet will then use this information to secure the computers of the user community against detected threats. This protection will be enacted almost as soon as the suspect files are submitted to Immunet. It will also extend to the communities of other Immunet users. The more people in a user's network, the more the user will be protected against threats that are detected circulating on the Internet. Further, the bigger a user's network, the more it will contribute to the enhanced security of the entire Immunet community. User Registration, Password Recovery and Change, and Login Upon launching Immunet Protect for the first time, users will be presented with the Welcome to the Immunet Community screen, which is shown below. This pane includes a number of options for the user, which will be discussed in detail below. Current users who have existing accounts can log in by clicking on the Sign in with an existing account button in the lower right-hand corner of the Welcome to the Immunet Community pane. Existing users who have previously registered but who have forgotten their user name and/or password may reset either by clicking on the Recover your password or the Change your password button, as is appropriate. New users who are logging in for the first time and who have not yet registered will be prompted for the following: 1. Your Name - This constitutes the user's Immunet user name. It does not have to be a real name but rather the name that the user wishes present to other members of the Immunet community. 2. Your email - This email address will serve as the user's credential for signing back into the Community feature. It is also the email address to which Immunet Protect will send a confirmation email, enabling the user to validate the account. As a result, the email address must be valid. 3. New Password - This will be the password that the user will use to log on to Immunet Protect. Users will only be prompted for their username and password if they have used the Sign Out functionality in the Community pane (which is available after registration). Once the user has registered, the above window will open. As it states, the user will need to validate the account by responding to a confirmation email that Immunet will send to the email address entered for registration. This email will contain a link that the user can click on to validate the account. Users can return to this window at anytime by clicking back on My Community from the main pane. User Invite Users who wish to invite contacts to join their Protection Network can do so by clicking on the Add people button in the upper right-hand corner of the My Community pane, as shown below. By clicking on the Next button, the user will bring up the Add People screen shown below, which allows the user to invite others into his or her Protection Network. Users can invite individual users to join the community by entering the invitee's e-mail address in the box labeled Email. On the other hand, users can invite groups of users by importing contacts from Gmail, Yahoo or Hotmail. It is important to note that when contacts are to be imported from Gmail, Hotmail or Yahoo, the user's password for those services is required. Immunet does not store or retain this password in any way. Regardless of which method is used to add or invite users to join the Protection Network, each added user will receive an email from Immunet, as shown below. This email will invite the prospective user to download the Immunet Protect product and join the registered user's network. The email will provide basic information about the product and also invite the new user to contact the registered user directly in order to avoid any confusion with spam or phishing related emails. Once the invited user has accepted the invitation and installed Immunet Protect, the registered user will see the invitee's name in the Protection Network pane. My Community The My Community pane shows the user's Protection Network in its current state. It will allow the user to view the threat landscape as it pertains to his or her Protection Network by visually displaying threat data about each part of the user's network. The default screen will always show the user (in this case, Beta User) as the center node with that user's Protection Network surrounding him or her. If the user clicks on any of the other user nodes, that user will then become the center node. The threat landscape data (shown below) of the node that is currently centered will be displayed the right-hand side of the My Community pane. Users will start with two default people in their network, Immunet staff members Oliver Friedrichs and Alfred Huger, which will give users a head start in building their Protection Network. Once the beta user has added ten friends, Oliver and Al will disappear from this pane. Once a user's Protected Network comprises 10 people or more, only the most active people, or those people with the largest networks of their own, will show up on the main pane. Users who are not listed in the main pane may be viewed by clicking on the Full Community link. Users may be removed or added by using the add people button. The data sets presented in the right-hand pane of the My Community page describe the threat landscape of the center node user's Protection Network. These data sets will be discussed in greater length in the sections that follow, they are: 1. Country 2. Community of Beta User 3. Protection Factor Country This box will list data about threat activities that are being detected in the country in which the center node user is located. The country-specific data monitored in this box includes: 1. Total Members: How many members of the Immunet Community at large are situated in this country. 2. Threats Stopped: How many threats have been discovered and stopped by the Immunet Community in this country. 3. Top Threat: The threat that is seen most commonly in this country. The country-specific data is important because it allows users to view activity that is taking place in their own country, as well as the countries of other members of their Protection Network, and to make comparisons. Greater participation from users in a particular country will help to bolster protection for other people in that country, as they are likely to be subject to the same threats. Users situated in a country with low participation can enhance their own protection by encouraging other people in that country to join their Protection Network. User's Community This box shows data about the user's Protection Network or community (if the user has invited users who are participating). The particular data in this box includes: 1. People Protected, which indicates how many people the user has added to his or her Protection Network. It should be noted that the invited users must have installed the Immunet Protect software for this to work and the number of people protected will not count Alfred and Oliver. 2. Threats Stopped, which details total number of threats the user's Protection Network has stopped and, therefore, contributed to the overall Immunet Community. The user's specific data is not reflected in this number. 3. Top Threat, which details the threat that is seen most commonly in the user's Protection Network. The larger the user's Protection Network, the greater will be the user's level of protection and the more the user will be contributing to the protection of others, both in his or her own Protection Network and in the global Immunet Community. Protection Factor This box details the users' Protection Factor, this is a numerical value indicating how much protective value this user and their community contribute back to the Immunet Community overall. A higher score is better in this case. Average users will have a score of between 30 to 100. The score is derived by taking the number of users in a persons community (including themselves) and multiplying that number against the number of threats that Community has stopped. The reason we multiply it against threats is because each time a user stops a threat there is a chance that the threat will be analyzed and protections for it will be instantly made made available for the rest of the Immunet Community (Not all threats will be analyzed, only new threats not previously seen will be sent for analysis). An example would be if a user has stopped 10 threats and has 2 people in their network who have also stopped 10 threats then users Protection Factor would be 30 (3 * 10). Full Community The Full Community link is found on the right-hand side of the My Community page. When this link is clicked, it will expand a user list box to the right of the My Community pane. This list can be used to manage Protected Communities that consist of more than ten users. There is also some extra data available in this pullout that is not seen in the Main Community pane, which will be discussed in the next section. Understanding Full Community Data Whenever a user's name is selected in Full Community mode, the pane will expand to show data about that particular user. Any user who has been selected in this mode may also be removed from the network by clicking the Remove User link on the right-hand side of the My Community page, as shown below. The data displayed in the expanded box for each user is slightly different than that shown in the main pane. The data displayed is as follows: 1. Community: users: indicates how many users are in this user's community. 2. Community: threats: indicates how many threats this user's community has seen compared to the total number of files. The example for Duck Dodgers (above) shows that his community has stopped 6,488 threats and has seen 907,467 files over all. 3. Country: Users: displays this user's country and indicates how many users are in it. 4. Country: threats: indicates how many threats this user's country has seen compared to the total number of files. The example for Canada shows that Canadian users have stopped 49,579 threats and have been exposed to 4,202,128 files overall. How do I submit a suspicious file to Immunet? The easiest way to submit files to us is email. You can mail samples to submit@samples.immunet.com. This will feed your samples to an automated system and if we can build protections for it they will available over the cloud within a day of your submission and in some cases as soon as 2 hours. What processes does Immunet Protect consist of? agent.exe is the main detection engine iptray.exe is the UI What are the similarities & differences between the FREE & PLUS versions? There are two major differences between Free and Plus. The Free version works only when online and Plus works both online and offline. The other major difference is that Plus has detection capabilities found in a traditional AV product. More details can be found at: http://www.immunet.com/plus/compare/index.html Immunet FREE Immunet Protect Free is __Companion Anti-Virus, what other Anti-Virus packages can it run beside? The following anti-virus packages have been tested to work alongside the Immunet Protect beta version. Users should be able to install Immunet Protect alongside each of these packages and significantly increase their ability to detect viruses. In this case, "supported" means that Immunet will test these products in the QA environment and qualify that they co-install properly and work in tandem during normal operations without any obvious interference or resource drag. Supported products will get priority in the QA test/fix cycles and will get priority attention from Immunet Staff on the Community Forum. Product Platform / SP 32/64 AVG 8.5 Windows XP SP2 / Vista 32/64 AVG 9 Windows XP SP3 / Vista SP1 / Windows 7 32/64 Avira Antivir 9 Windows XP SP3 / Vista SP1 / Windows 7 32/64 Avira Antivir 10 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Norton (AV/360/IS) 2009 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Norton (AV/360/IS) 2010 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Mcafee AntiVirus (TP/SC) 2009 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Microsoft Security Essentials Windows XP SP3 /Vista SP1 / Windows 7 32/64 Trend AntiVirus 2010 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Kaspersky (AV/IS) 2010 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Comodo (AV/IS) 4.0 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Trend AntiVirus + AntiSpyware 2010 (Windows XP SP3 / Vista SP1 / Windows 7 32/64 Trend Virus Buster 2010 Windows XP SP3 / Vista SP1 / Windows 7 32/64 K7 Total Security 2010 Windows XP SP3 / Vista SP1 / Windows 7 32/64 Can I run my Immunet Protect FREE install along 'non-supported' Anti-Virus products? Most likely you can yes. However, if your package is not listed here in this FAQ we would ask that you mail us at support@immunet.com and ask us before you install. We'll let you know if we are aware of any issues with the product in question. What are the Unofficially Supported Anti-Virus Packages for Immunet Protect Free? Unofficially Supported Products are products that users have indicated work for them but that have not been tested by Immunet. In some cases, Immunet has received mixed reports regarding functionality issues. Generally, Immunet advises users to use Officially Supported Products with Immunet products, in order to avoid experiencing unexpected (and unwanted) results when using products that Immunet has not yet tested and do not currently support. Product Platform / SP 32/64 Webroot Internet Security Essentials 2010 Windows XP SP3 32/64 Comodo Internet Security Windows XP SP2/SP3 32/64 PrevX 3.5 Vista SP1 32/64 Spyware Doctor 6.1.0.447 Windows XP SP3 32/64 Bit Defender AntiVirus 2010 Windows XP SP3 32/64 Threatfire 4.5.24 Vista SP1 32/64 Sunbelt VIPRE 3.2.2 Vista SP1 32/64 Kaspersky Internet Security 2010 Vista SP1 32/64 QuickHeal AntiVirus Plus 10.0 Vista SP1 32/64 A-Squared Free Vista SP1 32/64 BluePoint Security 1.0.0.68 Vista SP1 32/64 AhnLab V3 Intern Security 8.0 Vista SP1 32/64 BullGuard 8.7 Vista SP1 32/64 Online Armor Vista SP1 32/64 Symantec Endpoint Protection 11.0 Vista SP1 32/64 Users who have questions or feedback about Immunet-supported platforms or anti-virus packages are invited to email Immunet Support. Is the Update Now feature working? Yes, but there are three possible reasons why you may not have a new version prompted during update now. 1) We are testing only new users to make sure there are no problems before upgrading existing users. 2) A bug prevents upgrading in the product and there is no time to fix it for existing users, but the update will help new users. 3) There is a minor release that fixes the few users that are affected. Right now we are unable to do minor upgrades such as 2.0.14.91 to 2.0.14.99. This is on todo list. Immunet PLUS I have Immunet Protect PLUS, can I run other Anti-Virus suites with it? In most cases you can but we suggest that you do not. It may cause support issues which are difficult to resolve. Installation You include an ASK Toobar with Immunet Protect. Is this optional? Yes, it is optional, you may avoid it's installation by simply un-checking the Standard installation box above highlighted in red. Why do you include the ASK Toolbar Most Anti-Virus products, which are free ship with either toolbars or web browsers, pre-packaged with them as a means of getting some small amount of revenue to offset the development costs for their software. Bundling software like this important to Immunet because it helps us cover the cost of allowing your Immunet Protect Free install to stay connected to our cloud full time. Your system will accrue bandwidth costs and processing costs for Immunet just by being turned on. This means that across hundreds of thousands of free systems running our software there is a constantly growing cost we need to cover to continue in order to continue operating our cloud. Uninstall Updating How are new versions announced? A new versions is announced in the Announcements Forum listed with the .. versions. This will include a general list of changes made. Then if a new build is published because some people are seeing bugs, we will list the ... beneath that, but will only notify users who are exhibiting the bug. This will be replaced with a more detailed Changelog system when we have the time and figure out the best method. Scan What are the differences between Flash Scan, Custom Scan, Full Scan & Rootkit Scan? Flash Scan - Scans registry and system process that are in memory to determine which files to scan on disk. Custom Scan - Scans the folder you select Full Scan - Scans all logical drives Rootkit Scan - Looks for hidden Rootkits on volumes Settings What is gaming mode? Gaming mode is the ability to shut off all notifications from Immunet Protect while watching movies or playing games. Errors Why did I get an error going into My Community that says "An error has occurred atempting to load your community"? The following could be reasons for this: 1) Java may have pushed out a new version and you may need to go to right-click on the tray icon and select Exit and then use the shortcut on your desktop to re-spawn the UI. 2) There could be a problem writing to %ALLUSERSPROFILE%\immunet\community.json that may be permissions related. Help & Support I see this message "File Could Not Be Deleted. Check to see if Agent is online. If it is please contact support@immunet.com." How do I tell if my agent is online? Open the windows Task Manager. Depending on which OS, you will either have to check or click on the "Show Processes from all users" button. Then order by Image name or Process name and look for agent.exe. If you see this in the list your agent is running. If not, you should reboot your machine.
  3. On This Page Network Access Immunet Protect Operating Requirements Browser - Microsoft® Windows® Explorer 7 or later Operating Systems Microsoft® Windows® XP with Service Pack 3 or later Microsoft Windows Vista® Home Basic/Home Premium Windows 7 Officially Supported Anti-Virus Packages Unofficially supported products Unofficially Supported Anti-Virus Packages Network Access Immunet Protect Free requires Internet access to operate to full capacity. In order to work successfully Immunet Protect needs access to the following ports to open on an Outgoing basis for Immunet Protect. Port Protocol Purpose Required 32137 UDP Cloud Queries Yes or 53 instead 53 UDP Cloud Queries (Over DNS) Yes or 32137 instead 80 TCP Updates Yes Immunet Protect Operating Requirements Browser - Microsoft® Windows® Explorer 7 or later Immunet Protect requires that Explorer be installed on the computer onto which Immunet Protect will be installed, although the user is free to use other browsers for other Internet applications. Immunet Protect will work with IE 6 and above, although IE 6 is not recommended because it does not display the User Interface entirely correctly. Operating Systems The sections that follow will outline the operating systems with which Immunet Protect is compatible along with the system requirements. Microsoft® Windows® XP with Service Pack 3 or later * 32 bit/64 bit platforms * 300MHz or faster processor * 256MB of RAM * 16 MB of available hard disk space Microsoft Windows Vista® Home Basic/Home Premium * 32 bit/64 bit platforms * 300MHz or faster processor * 256MB of RAM * 16 MB of available hard disk space Windows 7 * 32 bit/64 bit platforms * 300MHz or faster processor * 256MB of RAM * 16 MB of available hard disk space Required for all installations: * A working Internet connection Officially Supported Anti-Virus Packages The following anti-virus packages have been tested to work alongside the Immunet Protect beta version. Users should be able to install Immunet Protect alongside each of these packages and significantly increase their ability to detect viruses. In this case, "supported" means that Immunet will test these products in the QA environment and qualify that they co-install properly and work in tandem during normal operations without any obvious interference or resource drag. Supported products will get priority in the QA test/fix cycles and will get priority attention from Immunet Staff on the Community Forum. Product Platform / SP 32/64 AVG 8.5 Windows XP SP2 / Vista 32/64 AVG 2009/2010/2011 Windows XP SP3 / Vista SP1 / Windows 7 32/64 AVAST 4.6 Free Windows XP SP3 / Vista SP1 / Windows 7 32/64 AVAST 5.0 Free Windows XP SP3 / Vista SP1 / Windows 7 32/64 Avira Antivir 9 Windows XP SP3 / Vista SP1 / Windows 7 32/64 Avira Antivir 10 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Norton (AV/360/IS) 2009 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Norton (AV/360/IS) 2010 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Mcafee AntiVirus (TP/SC) 2009 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Microsoft Security Essentials Windows XP SP3 /Vista SP1 / Windows 7 32/64 Trend AntiVirus 2010 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Kaspersky (AV/IS) 2010 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Comodo (AV/IS) 4.0 Windows XP SP3 /Vista SP1 / Windows 7 32/64 Trend AntiVirus + AntiSpyware 2010 (Windows XP SP3 / Vista SP1 / Windows 7 32/64 Trend Virus Buster 2010 Windows XP SP3 / Vista SP1 / Windows 7 32/64 K7 Total Security 2010 Windows XP SP3 / Vista SP1 / Windows 7 32/64 Unofficially supported products Immunet runs along side a wide breadth of other anti-virus security products. However, in some cases, this can lead to problems from time to time. These problems will generally be listed on Immunet's Known Issues List. Users who encounter any compatability issues with an Immunet product and another security product are requested to please notify Immunet Support by email. Unofficially Supported Anti-Virus Packages Unofficially Supported Products are products that users have indicated work for them but that have not been tested by Immunet. In some cases, Immunet has received mixed reports regarding functionality issues. Generally, Immunet advises users to use Officially Supported Products with Immunet products, in order to avoid experiencing unexpected (and unwanted) results when using products that Immunet has not yet tested and do not currently support. Product Platform / SP 32/64 Webroot Internet Security Essentials 2010 Windows XP SP3 32/64 Comodo Internet Security Windows XP SP2/SP3 32/64 PrevX 3.5 Vista SP1 32/64 Spyware Doctor 6.1.0.447 Windows XP SP3 32/64 Bit Defender AntiVirus 2010 Windows XP SP3 32/64 Threatfire 4.5.24 Vista SP1 32/64 Sunbelt VIPRE 3.2.2 Vista SP1 32/64 Kaspersky Internet Security 2010 Vista SP1 32/64 QuickHeal AntiVirus Plus 10.0 Vista SP1 32/64 A-Squared Free Vista SP1 32/64 BluePoint Security 1.0.0.68 Vista SP1 32/64 AhnLab V3 Intern Security 8.0 Vista SP1 32/64 BullGuard 8.7 Vista SP1 32/64 Online Armor Vista SP1 32/64 Symantec Endpoint Protection 11.0 Vista SP1 32/64 Users who have questions or feedback about Immunet-supported platforms or anti-virus packages are invited to email Immunet Support.
  4. Occasionally Immunet Protect may detect a malicious file but fail to quarantine it, as shown here: In some instances Immunet will report the file as being successfully quarantined but won't actually remove the file from it's original location. This same behavior has also been reported as Immunet detecting the same malicious file every time it's scanned. This usually occurs if the computer was already infected with a virus before Immunet was installed. First, a little background on why this might happening. When Windows runs a program the file that contains that program, and any other files in use by that program, become "locked." This locking prevents the user and any other programs from moving or deleting the files while they're still in use. This typically occurs with DLL files but can occur with other file types too. Immunet Protect handles this scenario by first scanning all the programs running in memory and stopping any known malicious ones. Once stopped, they can be quarantined. The problem occurs when a non-malicious program is tricked into locking a malicious file. For example, consider the case where a user accidentally installs an Internet Explorer toolbar that contains a virus. In this case we have two files: the safe IE.exe file that runs Internet Explorer, and a vir_toolbar.dll file responsible for displaying the malicious toolbar inside of IE. If we run a scan in this scenario vir_toolbar.dll will be detected as malicious; however because IE.exe is running, non-malicious, and currently using (i.e. locking) vir_toolbar.dll, it can't be successfully quarantined. While Immunet Protect will stop some non-malicious programs in order to unlock and quarantine viral files when possible, is important to note that not all non-malicious programs can be stopped safely. For instance, consider the case were your running a non-malicious copy of Microsoft Word that locks a malicious DLL file. In this case, stopping Word to clean the DLL might cause the user to lose any unsaved work. Solution 1 The fastest and easiest way to get a virus removed is to call a professional! Virus removal can be tricky business and often the difference between a successful fix and having to do a full system format/restore/reinstall comes down to having someone with professional experience on your side. Solution 2 If you are determined to skip professional help and want to try and remove the virus yourself here is the general work flow: you need to figure out which program(s) are locking the file, stop them, and then re-scan: 1) Close all the running programs and tray icons you can. 2) Start Immunet Protect and run a full system scan. Once it completes, check the "quarantine" history: and note the full paths to any files that filed to quarantine: 3) Download a copy of Process Explorer from http://download.sysinternals.com/files/ProcessExplorer.zip and extract it. 4) Start Process Explorer by running procexp.exe, then select Find -> File handle or DLL. Enter the file name of one of the files that failed to quarantine in step 2 and click Search: The search window will take a few seconds and then display a list of all the processes using the file. If Process Explorer doesn't find anything please see caveat below*. 5) Now click on any of the results in the Process Explorer Search Window: This will highlight the process in the main Process Explorer Window: 6) Note the process name, then click Process -> Kill Process Tree (or "Kill Process" if "Kill Process Tree" is unavailable). Don't kill "procexp.exe" as this will stop Process Explorer, or "iptray.exe" as this will stop Immunet Protect. Beware, killing some processes may crash Windows. If this happens restart from step 4, and don't kill that same process this time around*. 7) Repeat steps 5 and 6 until you have killed all the processes possible without killing procexp.exe, iptray.exe, or any processes that caused Windows crashes. ? Now wait for a minute and watch for any of the malicious processes getting automatically restarted (i.e. if repeat the search from step 3). If you find the processes has been restarted continue with the next step anyway*. 9) At this point we have hopefully done enough to unlock the malicious file. Run a full system scan with Immunet and this time the malicious file should be successfully quarantined. Reboot. Caveat* Unfortunately there are viruses clever enough that Process Explorer's search can't find them, can't kill them, or can't kill them without crashing Windows. These are particularly nasty virus' and fixing them is beyond the scope of this document. The best we can do is offer you some general tips on where to go from here: -Try the general malware removal instructions found here -Refer back to Solution 1.
  5. Tom Beck

    General Malware Removal

    If you are determined to skip professional help and want to try and remove the malware yourself, here are some guidelines: Figure out why kind of malware you have. Use your favorite search provider and learn as much about the malware as you can. You may have to use someone else's computer or one at the Library. Boot into safe mode Microsoft has a great article describing this (http://support.microsoft.com/kb/315222? Restart your computer and start pressing the F8 key on your keyboard. A boot menu should appear before Windows starts to load. When the Boot menu appears again, select "Safe Mode" and press ENTER. Find and end the malicious process in task manager Open your task manager by clicking on the Start button and going to Run. Then type in: taskmgr Click on the Processes Tab Click on Show Processes for all users at the bottom Now the fun part...guessing which process is malware: If you're lucky, you can lookup the name of the offending application on the Internet. In some cases virus will generate random names for themselves. In general, anything that looks like a bunch of random characters and cannot be found on the Internet is probably a virus. You can also try uploading the file to http://virustotal.com and see if it's detected. To find the location of the file with taskmanager, open the Processes tab and select View->Select Columns->Command Line->Ok. There should now be a Command Line column displaying the path to the file. Try to find out the name of the virus (usually the detection name is a good start) and google for as much information about it as you can find. There are usually specific removal tools for the nastier viruses, but be sure to download them from a reputable vendor otherwise you may end up with a Rouge AV fix (i.e. another virus disguised as a fix for the virus you already have). Try the locked files solution found here Once you locate the offending process, select it and click on End Process. Backup your registry (just in case) (http://windows.microsoft.com/en-US/windows7/Back-up-the-registry) Open the Registry Editor by clicking the Start button, type "regedit" into the search box, and press Enter.‌ If you're prompted for an administrator password or confirmation, type the password or provide confirmation. Locate and click on "My Computer" Click the File menu, and then click Export. In the Save in box, select the location where you want to save the backup copy to, and then type a name for the backup file in the File name box. Click Save. Stop it from starting on reboot: In the registry, search for the offending file and delete any references to it. Usually the file adds entries to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run In the registry, look at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options. If there are a bunch of executables under it that have "Debugger"="'svchost.exe'", then delete those keys. For example, if you see HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agent.exe with "Debugger"="'svchost.exe'" under it, delete the entire agent.exe key. Now close the registry and look for other common startup locations on your disk: C:\Documents and Settings\{username}\Start Menu\Programs\ C:\Documents and Settings\{username}\Start Menu C:\Documents and Settings\All Users\Start Menu\Programs\ C:\Documents and Settings\All Users\Start Menu Clean up your hosts file and proxy settings If you look in your windows directory (%WINDIR%), you can find your "hosts" file in %WINDIR%\system32\drivers\etc\hosts. This file overrides your DNS, so delete any entries in there that don't make sense. For most users, you'll see an entry for localhost 127.0.0.1 and nothing else. If you know you don't use a proxy, go to your browser's Tools --> Options --> Network Settings and remove the proxy if there is one. Now find any copy of the file on your system and delete it.
  6. Tom Beck

    Branding Guidelines

    1) logo for main dialog - FREE File Type: png Dimensions: 155px by 42px Bit Depth: 32 Sample File: logo_immunet_protect.png 2) logo for main dialog - PLUS File Type: png Dimensions: 155px by 42px Bit Depth: 32 Sample File: logo_immunet_protect_plus.png 3) Tray Shortcut and Tray Base Icon File Type: ico (pngs inside = 2) Dimensions: 64x64, 32x32 and 16x16 Bit Depth: 32 Sample File: imi.ico 4) Notification Toaster Messages File Type: pngs (3 individual files) Dimensions: 234x192 Bit Depth: 24 Sample Files: notifier_warning.png notifier_notice.png notifier_general.png 5) Installer Icon (can be same as Tray Shortcut) File Type: ico Dimensions: 32x32 and 16x16 Bit Depth: 32 6) Installer Banner Bitmap File Type: bitmap Dimension: 150x57 Bit Depth: 24 Sample File: Banner.bmp 7) Tray Animation File Type: ico Several ico files animating an action representing the product processing something. Sample Files: tray1-11.ico ? Sky Scrapper Banner height: 540px width: 160px 9) Tray Pop-up Logo (darker to show up better) File Type: png Dimensions: 155px by 42px Bit Depth: 32 Sample File: logo_immunet_protect_dark.png
  7. Tom Beck

    System Diagnostic Tool

    What is the System Diagnostic Tool? The System Diagnostic Tool (SDT) will allow users to generate a "support package" for Immunet Support to help them diagnose issues that they may encounter with Immunet Protect Beta version. When the user clicks the SDT menu item, SDT will generate a file to the user's desktop, which the user can then mail to Immunet Support as an attachment along with a bug report. Using the System Diagnostic Tool (SDT)? Using the SDT is straightforward. First, users open the Immunet folder from the Start menu by opening Start -> All Programs -> Immunet Protect. Second, launch SDT, the user can click on the Systems Diagnostic Tool menu item. Once the item has been clicked, no apparent changes will take place. However, the user will now see a new file on appear on the desktop. It will look similar to the following screenshot. The file is a zip archive that contains a number of log files that Immunet Protect generates in the course of normal operations. It also contains debug data that Immunet generates when users click on the menu item. This archive will look empty if it is inspected with Windows Explorer. It is not. It appears this way because Immunet uses different compression libraries than those used by Explorer. Popular unzip programs like 7Zip or Winzip will open these files if the user wishes to view the contents. What is in the System Diagnostic Tool archive? The following is a list of all the files Immunet places in the SDT archive and a description of the data within each file: Files Details agent.exe.log This is a synopsis of all the Immunet Protect "agent" activity, including issues related to communication and access (such as history.db, cache.db and kernel driver). ipsupporttool.log This includes a detailed description of the user's system including: language, time zone, operating system, and patch level. It also includes a detailed list of all kernel drivers that are loaded on the user's computer and their respective locations, as well as all registered Windows services. iptray.exe.log This file contains records of all issues that are specific to the Immunet Protect user interface (iptray.exe). cache.db This is a SQLite database that shows all of the user's cached file lookups. This includes the lookup to the Immunet Cloud and the response from the Immunet Cloud. history.db This is a SQLite database that shows all of the user's file copies, downloads, convictions, quarantine items, and quarantine roll backs. local.xml Contains all of the local environment variables the user may set in Immunet Protect. global.xml Contains all of the global environment variables the user may set in Immunet Protect. install.log Shows a detailed history of the installation process. This includes installation paths, driver load successes and failures, and general product file creation at install time. Event Logs From time to time it is helpful for Immunet Support to see a user's event logs. This is particularly useful when users are experiencing installation failures in which the Immunet drivers are failing to load. Immunet has a quick batch file for Windows Vista and Windows 7 users to use. In order to facilitate the generation of event logs, users can copy the bolded text below into their clipboard and save it as "Eventlog.bat" on their desktop. REM From http://technet.microsoft.com/en-us/library/cc749339(WS.10).aspx SET outputdir=%USERPROFILE%\Desktop\EventLogs mkdir "NaV" wevtutil epl Application "NaV\Application.evtx" wevtutil epl System "NaV\System.evtx" Once this file is saved on the desktop, the user can follow these steps: Right click on EventLogs.bat and select "Run As Administrator." This will leave a folder on your desktop entitled "EventLogs". Zip the EventLogs folder. You can user standard zip or 7zip for this. Email the zip file to support@immunet.com
  8. ID Summary Component Status 933 Ask Me & Right-click scan - Unable to quit iptray User Interface Open 932 Wrap Exclusions Text Settings Open 931 Not all files can be removed from Quarantine History Open 930 Ask Me about Malicious files that are cached Scan Interface Open 929 Multiple History Windows opening Scan Interface Open 928 Javascript error on front page User Interface Open 923 Agent not registering with uninstall URL First 5 Minutes Open 922 Uninstall Ask Toolbar First 5 Minutes Open 919 "Threats Remove" overwrite Scan Interface Open 918 Right-click scanning of empty folder Scan Interface Open 915 Successfully Restored Quaratined File - Error messages History Open 914 Prevent user from inviting oneself Community Open 913 Improve security for updater Updater Open 912 Need to have a unique name for immpro.exe Updater Open 910 IPTray Crash if user deletes immpro.exe Updater Open 909 Cloud Notification not working User Interface Open 904 Unable to delete Scheduled Task that does not exist Settings Open 903 Scan Settings not expanding Settings Open 901 History losing first letter History Open 899 Tetra not initializing after Defs download Efficacy Open 898 While update is running "Close" button should be "Hide" Updater Open 897 Update Button for Defs Updater Open 896 Tetra Still trying to Initialize after license expired Efficacy Open 895 User is continuously prompted for Accept/Decline an invite Community Open 894 Reset Password - remove "Retry" link Community Open 893 Error Handling for Change Password Community Open 892 Add Change Password to a Logged in account Community Open 891 UI Pops up when closing Verbose notification User Interface Open 889 Task Preview Bug User Interface Open 888 Uninstalling leaves Scheduled Scan First 5 Minutes Open 887 Stop Scheduled Scan — Complete instead of Cancel Scan Interface Open 876 Need to default Blocking Mode Off First 5 Minutes Open 874 Cancel Scan Toast message Scan Interface Open 873 Enhancement - User would like to confirm password or show password on registration Community Open 872 Failed to Create Scheduled Scan dialog improvements Settings Open 871 Two tags in local.xml Updater Open 870 Cancelled Scan should show Canceled in History History Open 869 Unable to login to community message Community Open 868 Removing User doesn't refresh Full Community Community Open 867 2.0.4 seems slower than 2.0.3 for Scan Speed Engine Performance Open 864 IPTray crashing with Zone Alarm User Interface Zone Alarm not supported 863 failed looks are showing up in Clean File History History Open 858 Clicking Back on Immunet Directory causes error First 5 Minutes Open 856 Enhancement - User wants "Ask Me" options User Interface Open 854 Full Community Management Numbers are not explained Efficacy Open 850 Missing logout button on registering user after user Community Open 844 Plus version - Secure not going to Green after scan User Interface Open 843 Make Scans a low priority Engine Performance Open 842 IMP slowing down Unity3D Engine Performance Open 838 Lost visual indicators defs downloading/installing Updater Open 837 Upgrade Free to Pro not changing Update Now Updater Open 835 Simple 'user' unable to Close community Community Open 834 IPTray crash as simple "user" User Interface Open 833 Inconsistencies in Temp directories User Interface Open 827 No circles clickable Community Open 821 Update needs to cleanup old files Updater Open 816 Update not going to Yellow Updater Open 810 History::Add: database or disk is full Windows Agent Open 807 High CPU pegged during stress test Engine Performance Open 803 Missing Flags Community Open 793 0x80004005 - Error During registration Community Open 786 Not all Invitations being accepted at once Community Open 785 Flash Scan Hanging Scan Interface Still Broke 780 Multi-User Invite Button Color at end of Mouse Over is inconsistent Community Open 779 Higher Quality Images for Multi-User Invite for Y!, Gmail, and Hotmail Community Open 773 Suppress Ask Toolbar Offer if already installed First 5 Minutes Open 768 Crash on non-existent update file Updater Open 762 Files failed to delete from quarantine lose last two character in history view History Open 761 Filename for deleted file from quarantine loses last character in history view History Open 757 All dialog boxes do not align up to the same starting position User Interface Open 756 Need opt-out link in user invite email Community Open 751 Once you remove a user, you cannot resent an invite Community Open 746 Make the 3 little dots clickable ... on Notices Notices Open 745 Free to Trial - Trial banner overwrite upsell banner User Interface Open 744 Free to Trial loses focus on Settings dialog Settings Open 742 Clicking on articles in Notices in IE6 brings IE behind the Notices dialog Notices Open 739 Deleting Quaratined File from History does not refresh History Open 738 Not all parameters are passed through for upsell banner User interface Open 716 Need to recover from lost connection for multi-user invite better Community Open 710 Tray animation missing one image User Interface Open 704 Summary/File History Dialog Alignment Scan Interface Open 699 Failed to send Invite Message unreadable Community Open 696 Plus - Update Now not reflected in UI Updater Open 686 Logging off Community should Close Community Open 669 A window pops-up at the start of a scheduled scan Scan Interface Open 668 Paths with HTML partially interpreted as HTML in History Details History Open 661 During Rootscan, time is elapsing per drive Scan Interface Open 660 Javascript errors doing SQL injection into History History Open 653 Gap on bottom of Summary graph at the beginning of month History Open 650 History showing "Unable to Retrieve Scan Type" on Scan termination History Open 621 Community not working well when disconnect Community Open 611 Community Side Panel - user's disappearing Community Open 610 Affiliate/License extraction inconsistent First 5 Minutes Open 609 Silent Install not working First 5 Minutes Open 605 History for Scanned Archived files could be improved History Open 603 Suspicious test file not detected Efficacy Open 600 Scanning files with long filenames gets cut off Scan Interface Open 597 "Fix It" link for Update is not working Updater Open 591 Prevent a user from scheduling two scans at once Scan Interface Open 589 Find a way to present users with Threats detected during Scheduled Scan Scan Interface Open 583 Limit the number of scheduled scans Settings Open 571 History bar showing blue for 0 clean files History Open 566 Browsing for Folder should show Hidden files/folders instead of relying on Explorer configuration Scan Interface Open 555 "McAfee Real-time Scanner" is not fitting in the box First 5 Minutes Open 519 Vertically center Security Products First 5 Minutes Open 518 Agent needs to handle history loss by starting a new one Windows Agent Open 515 Enhancement - change tray icon when agent is disabled User Interface Open 509 Need to give user feed back on invalid license entered in settings Settings Open 508 First of the month pushing the summary graph History Open 506 using Custom Scan on a zip file treats it like a directory Scan Interface Open 492 Spec says File History is supposed to have section separators History Open 490 Drag locations for Summary window are not friendly History Open 482 On Win 7x64, Control Panel showing up twice Scan Interface Open 476 When data is not found, the view is not being reset properly History Open 475 File History Start Date should not be greater than End Date History Open 474 ? should be more obvious where to click History Open 473 Login button should be defaulted when logging into Community Community Open 468 Clicking on Tray icon when minimized is not restoring User Interface Open 453 Add ability to remove pending invite Community Open 450 The graphic sometimes covers the path in History detail History Open 446 Add the ability to re-request a user accept an invite Community Open 436 Top & Bottom of Settings Help bubble getting cut off Setting Open 435 Unwanted UI Collapse when clicking on Left Settings Open 429 Tab when going into Settings goes to Exclusions Settings Open 418 Rootkit Scan option needs to be hidden on x64 Scan Interface Open 417 Rootkit Scan needs better user feedback Scan Interface Open 409 Clicking and Dragging buttons leave them highlighted User Interface Open 403 IE6 - Strange highlighting/mouse over after clicking on Apply Settings IE6 not supported 402 IE6 - Cannot scroll after applying settings Settings IE6 not supported 400 Custom Scan allowing you to select non-scannable objects Scan Interface Open 397 Banner alignment issue when flash is enabled User Interface Open 390 Pause should stop "Time Taken" Scan Interface Open 387 Inconsistency of static image with flash installed First 5 Minutes Open 386 Need the ability to disable flash banner and go back to static image Settings Open 374 Custom Scan Dialog name inconsistent between XP & Win7 Scan Interface Open 362 AP inconsistencies Efficacy Open 336 Need better detection of other security products First 5 Minutes Open 331 Need to improve memory footprint Engine Performance Open 328 Need a way to temporarily disable engines for period of time Windows Agent Open 319 Two instances of iptray.exe running will it appear the agent is offline User Interface Open 254 Restoring Quarantined file to path that does not exist will not work History Open 252 IPSupport icon different between XP and Win7/Vista First 5 Minutes Open 248 Need to roll log over based on time or size Windows Agent Open 217 Exclusion based on threat name not working Efficacy Open
  9. On This Page Installation Community Invite Community Pane Review 2.0.2 Community Pane Review (Deprecated) Installation This screencast offers an overview of the installation process as it appears on Windows XP/Vista/7 32- and 64-bit systems. Community Invite This screencast offers an overview of the My Community feature of Immunet Protect. This will describe the feature up to and including the step of inviting others to join the user's community. Community Pane Review 2.0.2 This screencast discusses the most recent version of the My Community pane as it appears when the user has logged in and has a community of protected friends. Community Pane Review (Deprecated) This screencast will review the details of the My Community pane as it appears to users who have logged in, have friends in their network, and are able to navigate the social graph.
  10. On This Page Incompatible Software Packages Known Issues Immunet Protect Plus interferes with Thunderbird for Windows. Incompatible Software Packages The following software packages have been found to not work alongside Immunet Protect Free or Plus. Users should avoid installing alongside the following packages: Product Platform / SP 32/64 Geswall ANY 32/64 Webroot SpySweeper Windows XP SP3 / Vista SP1 / Windows 7 32/64 Zone Alarm Windows XP SP3 / Vista SP1 / Windows 7 32/64 SunBelt ViPRE ANY 32/64 ShadowProtect Desktop ANY 32/64 Kasperky Internet Security 2011 ANY 32/64 Users who have questions or feedback about Immunet-supported platforms or anti-virus packages are invited to email Immunet Support. Known Issues Immunet Protect Plus interferes with Thunderbird for Windows. Immunet Protect Plus users who use Thunderbird may experience difficulty sending or reply to email when Immunet Protect Plus is installed. The current work around for this issue is to enter the following Threat Name exclusion in your settings: nsmail.tmp Once this exclusion is applied your Thunderbird installation should begin to work properly again.
  11. This document provides a solution for: iTunes sometimes failing to start and displaying the message: "The iTunes application could not be opened. An unknown error occurred (13014)." iTunes launching it's initial setup/music import wizard even though it has been previously completed. Rhapsody failing to start. Adobe Photoshop CS3 & Content Bridge run slowly or displaying this error message on exit: The Operation could not be completed. The requested operation cannot be performed on a file with a user-mapped section open. Netflix failing to start. This solution applies to users running: Immunet Protect 3.0.0.18. 64bit versions of Windows Vista or Windows 7 operating systems. Solution 1: Try the Immunet 3.0.1 Beta A public beta of Immunet 3.0.1 has been released which addresses the above software incompatibilities. If you would like to participate the beta can be obtained from: http://forum.immunet.com/index.php?/topic/824-immunet-301-beta-available Solution 2: Enable Blocking Mode Blocking Mode prevents applications from being installed on your computer until they have been scanned and determined to be safe. Enabling this setting fixes various issues with the programs listed above and will provide you with broader Anti-virus coverage, however it also incurs a slight performance decrease when installing new programs: 1) Open the Immunet Protect interface and select Settings: 2) Now change Blocking Mode to On: 3) Click Apply to save your changes before closing the settings dialog: http://forum.immunet.com/index.php?/topic/824-immunet-301-beta-available
  12. Tom Beck

    Access Violation Error..

    Hello, Are you absolutely sure that Immunet has crashed? It's likely you would get an error message if that happened. If you see that the agent.exe and iptray.exe process is still running in task manager, there should be no issue. Looking at SOLUTO's support, it seems like it is possible for false positives to be reported: https://support.soluto.com/entries/20859392-about-crash-reports https://support.soluto.com/entries/23668261-False-crashes
  13. On This Page Using Immunet 3.0 Main Pane Status Orbs Connected Secure Up To Date Performance Gauges Right-click Context Scanning Community My Community User Registration, Password Recovery and Change, and Login User Invite My Community Country User's Community Protection Factor Full Community Understanding Full Community Data Notices Computer Pane Scan Now Flash Scan (Cloud Scan) Custom Scan Full Scan Rootkit Scan Common Scan Dialogue Elements Pause, Stop Scan, and Close Pause Stop Scan Close Completed Scans Files Scanned Threats Detected Threats Removed Elapsed Time Scan History Summary Link History View Types Default View Clean File History Malicious File History Scan History Quarantine - Restoring and Deleting Product Pane Updating with Immunet 3.0 Update Now Button Settings Protection Monitor Program Install Monitor Program Start Blocking Mode Detection Engines ETHOS SPERO ClamAV TETRA (Plus Only) Allow Definition Updates Quarantine Behavior On Detection of Malicious Files On Detection of Suspicious Files Scan Settings Scan Archive Files Scan Packed Files Scan Email DeepScan Exclusions Scheduled Scan Notifications Cloud Notifications Verbose Tray Notifications Gaming Mode Community SettingsCommunity Sharing Custom Signature Creation Using Immunet 3.0 The Immunet 3.0 3.0 User Guide is formatted to reflect the layout of the Immunet 3.0 user interface. Immunet 3.0 can be broken down into four separate components. They are: 1. Main Pane 2. Community 3. Computer, and 4. Product Each of these components has a distinct set of features. The following sections of the Immunet 3.0 3.0 User Guide will discuss each component in detail, along with key features of each. Main Pane The Main Pane of the user interface (shown below) includes several fixed items that are designed to inform the user of the product's status. These are as follows: 1. Status Orbs (Only in Immunet 3.0 Plus) 2. Performance gauges 3. Right-click context scanning These features will be discussed at length in the sections that follow. Main Pane Status OrbsThe status orbs are the colored circles at the base of each of the three tabs on the main pane and are only present in Immunet 3.0 Plus installations. They reflect the current operational status of the different components of Immunet 3.0. The different colors and the operational status that each indicates are as follows: Color Meaning Status Green Functioning Properly No Attention Required Yellow Functioning With Issues Requires Non-Urgent Attention Red Not Functioning Requires Urgent Attention In the event that a status orb is yellow or red, the user interface will present the user with an option to fix the issue and re-establish the status as green (if possible). This option will appear beneath the status orb as Fix it. Status Orbs The Main Pane features three different status orbs, each of which refers to a different functionality. Each of these status orbs will be discussed at length in the sections that follow. They are as follows: 1. Connected 2. Secure 3. Up to Date ConnectedThe Connected orb appears as part of the Community tab. It indicates whether or not Immunet 3.0 can connect to the Internet successfully. This is important because in order to function properly Immunet 3.0 Free must be connected to the Internet. Immunet Plus can operate without an Internet connection; however, in order to be updated, it must connect to the Internet. The longer it is offline, the more likely it is that its definition files will become outdated. As a result, Immunet Plus users should connect to the Internet periodically to ensure that the anti-virus definitions stay current. A green Connected orb indicates that the computer is successfully connected with no problems. Yellow status will only appear for users of Immunet Plus. It indicates that the computer is in offline mode and is not receiving any protection from Immunet's cloud engines. Red status indicates that the computer is not connected to the Internet or that the Immunet 3.0 cannot access the Internet for some reason. Users who encounter a red Connected orb should refer to the Knowledge Base article or email the Immunet Support Team on offline mode. SecureThe Secure orb indicates the security status of the Immunet 3.0 host at the time of the most recent scan. Green status indicates that the user has performed an initial scan after install (any scan) and that the system is secure. A yellow Secure orb indicates that the host requires a Flash Scan. Typically, this is seen if a scan has not been conducted on first use after install and indicates that the user should perform a system scan (of any type) to determine the security of the computer. Up To DateThe Up To Date orb indicates whether or not the Immune Protect product has the most recent updates installed. Immunet 3.0 checks hourly for new updates for both Immunet 3.0 Free and Immunet Plus. If there is a new product update available, the orb will move to red and offer the user the option of updating with the most recent components. Performance GaugesThe performance gauges on the right-hand side of the main pane indicate the amount of the host computer's memory and CPU capacity that is currently being consumed by Immunet 3.0. The CPU gauge reflects the effect on both the engines and the Immunet 3.0 User Interface. However, the Memory gauge only reflects the effects of the Immunet engines. Right-click Context Scanning Any file visible in Windows may be scanned by Immunet 3.0 by right-clicking on the file itself (as shown to the right). This will present a dialogue box that will give the user the option to review the file in question. The current implementation of this feature does not pull up a scan window; instead, the results of the scan will appear in the message tray, as seen below. Tray Message Community The Community component of Immunet 3.0 is presented in the left-hand tab of the of the Immunet 3.0 user interface. It contains the features that enable users to build and manage their Protection Network as well as helping them to keep abreast of the latest security and product news from Immunet. These features will be discussed in depth in the sections that follow. My Community The My Community feature allows users to build their own protection network. The goal of this feature is to allow people to draw in those close to them and allow them help create a small network which they use to help protect each other. This is done under the premise that people with similar languages, preferences and surfing habits will encounter similar threats and can therefore band together to form their own early warning network of sorts. Because each person in the network can submit threats to Immunet which they encounter you can quickly build up a powerful protection network. It's like having your own anti-virus company and focusing it just on your friends. Here is an example to illustrate how this work: A Norwegian Network Example If you live in Norway and have (for example) 50 people in Norway connected to you, with the Community Feature, then your community will likely encounter and send up threats predominant in Norway. People in your network will see threats that are hosted on Norwegian web sites, sent out in Norwegian language spam and phishing attacks etc. So the more people you surround yourself with who have similar language preferences, geographic locations, hobbies etc. the better. However even without people in your network you get the full protection of the Immunet Cloud. The My Community feature can be launched by clicking on the My Community icon, which is the first button in the left-hand column of the main pane (shown below). The My Community feature is designed to allow users to build and manage their Protection Network, which is a group of individuals that the user has invited to join Immunet. Once individuals who have been invited join the Protection Network have accepted, their computers will start to submit suspicious data to Immunet. Immunet will then use this information to secure the computers of the user community against detected threats. This protection will be enacted almost as soon as the suspect files are submitted to Immunet. It will also extend to the communities of other Immunet users. The more people in a user's network, the more the user will be protected against threats that are detected circulating on the Internet. Further, the bigger a user's network, the more it will contribute to the enhanced security of the entire Immunet community. User Registration, Password Recovery and Change, and LoginUpon launching Immunet 3.0 for the first time, users will be presented with the Welcome to the Immunet Community screen, which is shown below. This pane includes a number of options for the user, which will be discussed in detail below. Current users who have existing accounts can log in by clicking on the Sign in with an existing account button in the lower right-hand corner of the Welcome to the Immunet Community pane. Existing users who have previously registered but who have forgotten their user name and/or password may reset either by clicking on the Recover your password or the Change your password button, as is appropriate. New users who are logging in for the first time and who have not yet registered will be prompted for the following: 1. Your Name - This constitutes the user's Immunet user name. It does not have to be a real name but rather the name that the user wishes present to other members of the Immunet community. 2. Your email - This email address will serve as the user's credential for signing back into the Community feature. It is also the email address to which Immunet 3.0 will send a confirmation email, enabling the user to validate the account. As a result, the email address must be valid. 3. New Password - This will be the password that the user will use to log on to Immunet 3.0. Users will only be prompted for their username and password if they have used the Sign Out functionality in the Community pane (which is available after registration). Once the user has registered, the above window will open. As it states, the user will need to validate the account by responding to a confirmation email that Immunet will send to the email address entered for registration. This email will contain a link that the user can click on to validate the account. Users can return to this window at anytime by clicking back on My Community from the main pane. User InviteUsers who wish to invite contacts to join their Protection Network can do so by clicking on the Add people button in the upper right-hand corner of the My Community pane, as shown below. By clicking on the Next button, the user will bring up the Add People screen shown below, which allows the user to invite others into his or her Protection Network. Users can invite individual users to join the community by entering the invitee's e-mail address in the box labeled Email. On the other hand, users can invite groups of users by importing contacts from Gmail, Yahoo or Hotmail. It is important to note that when contacts are to be imported from Gmail, Hotmail or Yahoo, the user's password for those services is required. Immunet does not store or retain this password in any way. Regardless of which method is used to add or invite users to join the Protection Network, each added user will receive an email from Immunet, as shown below. This email will invite the prospective user to download the Immunet 3.0 product and join the registered user's network. The email will provide basic information about the product and also invite the new user to contact the registered user directly in order to avoid any confusion with spam or phishing related emails. Once the invited user has accepted the invitation and installed Immunet 3.0, the registered user will see the invitee's name in the Protection Network pane. My CommunityThe My Community pane shows the user's Protection Network in its current state. It will allow the user to view the threat landscape as it pertains to his or her Protection Network by visually displaying threat data about each part of the user's network. The default screen will always show the user (in this case, Beta User) as the center node with that user's Protection Network surrounding him or her. If the user clicks on any of the other user nodes, that user will then become the center node. The threat landscape data (shown below) of the node that is currently centered will be displayed the right-hand side of the My Community pane. Beta users will start with two default people in their network, Immunet staff members Oliver Friedrichs and Alfred Huger, which will give users a head start in building their Protection Network. Once the beta user has added ten friends, Oliver and Al will disappear from this pane. Once a user's Protected Network comprises 10 people or more, only the most active people, or those people with the largest networks of their own, will show up on the main pane. Users who are not listed in the main pane may be viewed by clicking on the Full Community link. Users may be removed or added by using the add people button. The data sets presented in the right-hand pane of the My Community page describe the threat landscape of the center node user's Protection Network. These data sets will be discussed in greater length in the sections that follow, they are: 1. Country 2. Community of Beta User 3. Protection Factor CountryThis box will list data about threat activities that are being detected in the country in which the center node user is located. The country-specific data monitored in this box includes: 1. Total Members: How many members of the Immunet Community at large are situated in this country. 2. Threats Stopped: How many threats have been discovered and stopped by the Immunet Community in this country. 3. Top Threat: The threat that is seen most commonly in this country. The country-specific data is important because it allows users to view activity that is taking place in their own country, as well as the countries of other members of their Protection Network, and to make comparisons. Greater participation from users in a particular country will help to bolster protection for other people in that country, as they are likely to be subject to the same threats. Users situated in a country with low participation can enhance their own protection by encouraging other people in that country to join their Protection Network. User's CommunityThis box shows data about the user's Protection Network or community (if the user has invited users who are participating). The particular data in this box includes: 1. People Protected, which indicates how many people the user has added to his or her Protection Network. It should be noted that the invited users must have installed the Immunet 3.0 software for this to work and the number of people protected will not count Alfred and Oliver. 2. Threats Stopped, which details total number of threats the user's Protection Network has stopped and, therefore, contributed to the overall Immunet Community. The user's specific data is not reflected in this number. 3. Top Threat, which details the threat that is seen most commonly in the user's Protection Network. The larger the user's Protection Network, the greater will be the user's level of protection and the more the user will be contributing to the protection of others, both in his or her own Protection Network and in the global Immunet Community. Protection FactorThis box details the users' Protection Factor, this is a numerical value indicating how much protective value this user and their community contribute back to the Immunet Community overall. A higher score is better in this case. Average users will have a score of between 30 to 100. The score is derived by taking the number of users in a persons community (including themselves) and multiplying that number against the number of threats that Community has stopped in the last 30 days. The reason we multiply it against threats is because each time a user stops a threat there is a chance that the threat will be analyzed and protections for it will be instantly made made available for the rest of the Immunet Community (Not all threats will be analyzed, only new threats not previously seen will be sent for analysis). An example would be if a user has stopped 10 threats and has 2 people in their network who have also stopped 10 threats then users Protection Factor would be 30 (3 * 10). Full CommunityThe Full Community link is found on the right-hand side of the My Community page. When this link is clicked, it will expand a user list box to the right of the My Community pane. This list can be used to manage Protected Communities that consist of more than ten users. There is also some extra data available in this pullout that is not seen in the Main Community pane, which will be discussed in the next section. Understanding Full Community Data Whenever a user's name is selected in Full Community mode, the pane will expand to show data about that particular user. Any user who has been selected in this mode may also be removed from the network by clicking the Remove User link on the right-hand side of the My Community page, as shown below. The data displayed in the expanded box for each user is slightly different than that shown in the main pane. The data displayed is as follows: 1. Community: users: indicates how many users are in this user's community. 2. Community: threats: indicates how many threats this user's community has seen compared to the total number of files. The example for Duck Dodgers (above) shows that his community has stopped 6,488 threats and has seen 907,467 files over all. 3. Country: Users: displays this user's country and indicates how many users are in it. 4. Country: threats: indicates how many threats this user's country has seen compared to the total number of files. The example for Canada shows that Canadian users have stopped 49,579 threats and have been exposed to 4,202,128 files overall. NoticesThe Notices button on the My Community pane will open the Notices pane. This pane lists all of the most recent content generated by Immunet, including weekly blogs, product upgrade announcements, and security news. Notices Panel All Notices will be shown with a bolded title along with several sentences of text to provide a summary of the notice. These notices will often contain important information about Immunet products or about topics that Immunet feels are of interest to users, such as current security threats in the wild. As new notices become available, users will be alerted by a pop-up message from the tray icon in the lower right-hand corner of their screen. Computer Pane The Computer is the central component of Immunet 3.0. It is also the central tab of the Immunet 3.0 main page. The Computer contains all of the core anti-virus functionality of the Immunet 3.0. This includes the functionality of scanning, scan configuration, quarantine and system history as it pertains for file installation and and scanning events. The features included in Computer include: 1. Scan Now 2. Summary 3. History These features will be discussed in the sections that follow. Scan NowThe Scan Now button is the first of three buttons in the Computer column. Clicking Scan Now allows the user to launch the main scan dialogue for Immunet 3.0. The dialogue will enable the user to start any of the scan types that Immunet 3.0 supports, including: Flash Scan, Custom Scan, Full Scan, and Rootkit Scan. Clicking on each individual scan type will immediately launch that scan except in the case of Custom Scan, which will allow the to select the files to be scanned. Each of these scan options will be discussed at greater length in the following sections. Flash Scan (Cloud Scan)The Flash Scan will quickly review the user's system, looking for malicious files that were on the computer prior to the installation of Immunet 3.0 by scanning the system registry and running processes. The user will be prompted to run a Flash Scan on the first usage after installation of Immunet 3.0. The scan should be relatively quick and will ensure that the computer is not infected with any threats. Even if there are other anti-virus products installed on the computer, it is still prudent to perform this scan: it is not uncommon for Immunet 3.0 to detect viruses that other anti-virus packages may have missed. The Flash Scan is strictly a cloud-based scan and, as such, will require network connectivity. The Flash Scan is available in both Immunet 3.0 Free and Immunet Plus. Custom Scan Custom Scan allows the user to designate specific directories or files for scanning. Selecting this scan type will open a file selection dialogue with which the user can indicate the files or directories to be scanned. Custom Scan is available in both Immunet 3.0 Free and Immunet Plus. Full Scan Full Scan will attempt to scan the entire computer, including all attached storage (such as USB drives). This scan can be very time consuming, as well as being CPU- and memory-intensive. It should be performed when the system is not in heavy use. Full Scan is available in both Immunet 3.0 Free and Immunet Plus. Rootkit ScanThe Rootkit Scan is designed to scan the computer's file system for installed rootkits. Rootkit scanning is only available in Immunet Plus. Rootkit Scanning shows up as a grayed out option in all 32 and 64 bit versions of Immunet 3.0. However, it is only possible to be used on 32 bit platforms. This is because currently rootkits are not known to function on 64 bit platforms so the scanner is not needed as their is no threat to 64 bit platforms from this vector. Therefore on 64 bit versions of Immunet Plus this option disappears. Common Scan Dialogue ElementsEach Immunet 3.0 scan type has a specific scan dialogue window, which it will open. Each of these windows contain two common scan dialogue elements: Completed Scans and Pause, Stop Scan, and Close. Each of these scan dialogue elements will be discussed at greater length in the following sections. Pause, Stop Scan, and CloseEach of the Immunet 3.0 scan windows contains three boxes in the lower right-hand corner, as shown below. These are: Pause, Stop Scan, and Close. These commands will be discussed at length in the following sections. PauseEach scan may be paused by clicking on the Pause button. The paused state will be indicated by the presence of a Resume button, which will appear as soon as Pause is selected. The scan can be restarted by clicking Resume. The paused state will be maintained even if the user clicks Close. Stop ScanAny scan may be stopped by clicking on the Stop button. In some cases, some scans may continue briefly before completely shutting down. CloseClicking Close will close the scan dialogue window but it will not stop the scan being performed. Scan dialogue windows that have been closed can be re-opened and will show the progress of any scan that was running when the window was closed. Completed ScansRegardless of which scan type is used, once a scan is completed, it will display the results of the scan in a common format, as seen below. Each element of the results will be discussed at greater length in the following sections. Files Scanned Files Scanned will indicate how any files the Immunet engines reviewed during a scan. This number will, on occasion, be greater the apparent number of physical files on the disk. This is because the scan engines will uncompress and unpack files that are archived or packed and will count all of the available contents. Threats Detected Threats Detected will indicate how many malicious threats were discovered during the course of the scan. Threats Removed Threats Removed will indicate how many malicious threats were detected during the course of the scan and were subsequently removed . This number will not always directly match the number indicated in the Threats Detected section. This may indicate that the threat could not be removed. This can happen with machines that are already heavily infected. In this instance please contact Immunet Support. Elapsed Time Elapsed Time indicates how much time has elapsed since the start of the scan (if the scan is still running) or between the start and completion of the scan (if the scan is complete). The elapsed time will include any time during which the scan was paused. Scan History Scan History will open a detailed File History of the scan. Summary LinkThe Summary link is the second feature present under the Computer column. Clicking the Summary link opens the History Graph (shown below), which is a graphical representation of all file activity on the computer for the last thirty days. All files that have been dowloaded onto the computer, whether through user activity or by programs on the computer, will be displayed here. Files that are considered to be clean or non-malicious will be represented by blue vertical bars on the graph, whereas malicious or suspicious files will be displayed in red. Users can view any of the data by hovering their mouse over each data type column (as shown in the screenshot above) to show the relevant summary data (which is presented for the whole day). Users can also click anywhere on the vertical bar to drill down on specific data for the time period that the bar represents. Clicking on the blue portion of a bar will show more detailed data for non-malicious files, whereas clicking on a red portion of the bar will drill down into data on malicious files. To view the all of the data at a more granular level, users can click on the Detailed History box, in the lower right-hand corner of the pane, which will be open up a new pane to reveal all files according to category or type. HistoryThe History link is the third button on the Computer column. It opens a File History pane. The File History pane allows users to view all of the file events that Immunet 3.0 has been tracking. This pane allows the user to view all items that have been quarantined by Immunet 3.0 and, if necessary, to restore or delete files from quarantine. Users can navigate the File History pane with the navigation bar at the top of the pane (shown below). This bar allows users to view their data according to predetermined categories (which will be discussed in the next section) or to search the user's history by keyword, as is shown in the screenshot below. In all cases, the File History pane will feature two panes. In the left-hand pane, the files will be presented by name in chronological order according to the time the file was first seen by Immunet 3.0. On the left side of the left-hand pane, an icon will indicate whether the file is clean (represented by a green check mark) or malicious (as indicated by a red X icon). When a file is selected (or highlighted), the right-hand pane will display details about about the selected file, such as what event type it is associated with (if any), which program introduced it to the system and where it resides on the computer. View TypesAs indicated previously, the navigation bar at the top of the File History pane allows users to view their data according to predetermined categories. These are: 1. Default View 2. Clean File History 3. Malicious File History 4. Scan History Each of these will be discussed at greater length in the following sections. Default ViewThe Default View will sort the user's data, regardless of type, in chronological order. This is the pane that is presented by default when the user clicks Detailed History on the Summary pane. It is also the default view offered by the File History Pane. Clean File HistoryThe Clean File History view lists all non-malicious files that have been downloaded onto the user's computer in chronological order. The number of files can be quite high because many programs download and install files silently. Details about each file will be listed on the right-hand side of the pane in the Details box, which includes three items. The first is the Path, which indicates where on the user's system the file is situated. The second is the Installed By heading, which details on the program that transmitted or installed the file to the computer are displayed. The third detail is the Date, which indicates when the file was first seen by Immunet 3.0. Malicious File HistoryThe Malicious Files History will list all detection and quarantine events associated with malicious files. Any time a malicious file is detected on the user's system it will generate a Detection Event, which is indicated by a red X icon. Details about each file will be listed on the right-hand side of the pane in the Details box. Clicking on a particular file name will display three details describing the threat. The first is the Detection Name, which indicates what detection or virus name the threat is associated with. The second is the Installed By heading, which provides details on the program that installed the file on the computer. And the third, the Date, indicates when the file was first detected and assessed by Immunet 3.0. If Immunet 3.0 is able to quarantine the threat, this will be indicated by the presence of a red lock icon, which indicates a quarantine event. This particular view will always list detection and/or quarantine events for the same file together. This means that if a threat is discovered and quarantined, both events will show in the list on top of each other. Scan History Scan History is a File History view that details all scans performed by Immunet 3.0. The details of each scan are provided in the right-hand pane. Specifically, these details will provide the following information: 1. Event type, which details the type of scan that was performed. 2. Results, which details the results of the scan. 3. Date, which gives the time and date of the scan performed. Quarantine - Restoring and DeletingUpon detecting files that it deems to be malicious or otherwise suspicious, Immune Protect will attempt to quarantine the file. This refers to the act of moving the file from general usage files to an isolated file directory where the suspect file can then be assessed without the risk of triggering a malicious action. The quarantine status of a potentially malicious file that has been detected is indicated in the Event Type window in the Details box of the File History pane. Any file that has been quarantined by Immunet 3.0 may be restored or deleted. The right-hand panel of any Quarantine Event includes both Delete and Restore buttons, which allow the user to delete and restore items from the Quarantine folder as required. Quarantined items that are being restored will be placed back in the exact file from which they were originally quarantined. Product PaneThe Product Pane is presented in the right-hand column of the Immunet 3.0 main pane. The two main components of the Product Pane are the Update Now and Settings components, which will discussed in the following sections. Updating with Immunet 3.0Unlike traditional anti-virus programs, Immunet 3.0 Free does not download virus definitions. From a user-protection standpoint, as long as Immunet 3.0 Free is connected to the Internet, it will always be up to date. Updates for Immunet Plus consist of software updates that are applied to the Immunet 3.0 product itself. Usually, these updates consist of upgraded features, full new releases, and bug fixes. Each release will be accompanied by a tray pop-up (shown below) indicating there is new release, at which time the update orb at the bottom of the Product pane will turn yellow and will announce New Version Available. Clicking on the Fix it (as shown below) will download the new package and allow the user to install it. Update Now ButtonThe Update Now button can be found immediately beneath the Product Pane heading. Clicking on the Update Now button will launch a dialogue box (below) that checks with Immunet's update servers to see if a new version of the product is available. If updates are required and/or available, it will download the most product version and prompt the user to install it. The update installation process is very similar to the initial installation, although it may not always require a reboot. In cases where the user is prompted for a reboot, Immunet suggests that this be done immediately. Because of this, users should close all running applications and save their work before running a product update. SettingsThe Settings button can be found immediately beneath Update Now button under the Product Pane heading. Settings allows users to configure all aspects of Immunet 3.0 that allow for configuration. The Settings pane is divided into sections that each allow for the configuration of a different Immunet 3.0 feature. Some features are labeled with a Plus graphic, (as shown on the right). This graphic indicates that this feature is only available or configurable in Immunet Plus, the commercial version of Immunet 3.0. The features that Settings presents to the reader for configuration (where applicable) include: Protection, Detection Engines and Quarantine Behaviour. Each of these shall be discussed in-depth in the sections that follow. Protection Protection allows the user to determine what applications will be scanned and when. The specific Protection configurations that are available for selection by the user are as follows: Monitor Program InstallExamines all new software applications that are installed on the user's computer. This includes programs that the user intentionally installs, as well as programs that are installed by other applications in the background (such as updates). This setting should be enabled at all times. Monitor Program StartExamines all applications when they begin to run on the user's computer. This provides an additional layer of security by detecting threats that were missed during their installation. Blocking ModePlaces both Monitor Program Install and Start in blocking mode. This means that in both cases Immunet must verify that the action being performed (program installation or program starting) is non-malicious before it will be allowed to take place. This can slow down the copying of large files or software installation; however, it provides a higher degree of security. Detection Engines ETHOS ETHOS protection is a heuristic-based engine. It is specially designed to find threats generically and then send them to the cloud so users in the Immunet Community can be protected against them. ETHOS examines every file executed, downloaded, and flash scanned on the user's computer. This level of protection may cause a slight delay in the execution of a program if it is the first time ETHOS has seen the program. SPERO SPERO is a lightweight cloud engine that detects threats based on machine learning-based models, which are updated based on threat activity that is detected on computers that make up the Immunet community. ClamAV ClamAV is a powerful group of engines which provide comprehensive offline protection for Immunet Plus users. Once enabled this engine will automatically pull down our latest detection sets and allow for complete detection coverage, even when you are not connected to the Internet. It is not suggested to run the ClamAV engine with other Anti-Virus products resident on your computer unless you are willing to incur a performance impact on memory consumption and file access times. The impact will vary on systems depending on their specifications. TETRA (Plus Only) TETRA is a powerful traditional anti-virus engine that provides comprehensive protection for users when they are not connected to the Internet. It also acts in a supporting role to the other cloud engines (that is, detection engines connected and contributing to the Immunet community) when the user's computer is connected and online. TETRA is only available on Plus installations. It is not suggested to run the Plus engine with other Anti-Virus products resident on your computer. If TETRA and ClamAV are enabled you will get a heightened level of protection but may experience a performance impact on memory consumption, file copies, program starts and boot times, the impact will vary based on the specifications of the computer. Allow Definition UpdatesThis feature is used to toggle on and off the fetching of online virus signatures for the ClamAV and TETRA engines. Quarantine Behavior Quarantine Behavior allows the user to determine what actions Immunet 3.0 should take upon the detection of malicious or suspicious files. Each of these scenarios will be discussed in the following two sections. On Detection of Malicious Files On Detection of Malicious Files allows the user to determine what actions to take when Immunet 3.0 encounters a file it determines to be malicious. When set to Automatic, it will quarantine the file immediately without prompting the user. In Ask mode, it will quarantine the threat automatically and then provide a prompt to restore the file from quarantine. On Detection of Suspicious Files On Detection of Suspicious Files allows the user to determine what actions to take when Immunet 3.0 encounters a file it determines to be suspicious. When set to Automatic, it will quarantine the file immediately without prompting the user for any action. In Ask mode, it will quarantine the file and then provide a prompt to restore the file out of quarantine. Scan Settings Scan Settings allows users to configure the specific files that Immunet 3.0 will scan for malicious or suspicious content. Scan Settings includes four scan settings that the user can turn on or off, including: 1. Scan Archive Files 2. Scan Packed Files 3. Scan Email 4. Deep Scan Each of these four settings will be discussed in the sections that follow. Scan Archive FilesAllows Immunet 3.0 to look inside archived and compressed files (such as .rar files) for infected files. The scanning of large archive files can slow down overall scanning. (Warning: if infected files are found in an archive, the whole archive will be removed and placed into quarantine.) This setting also allows for scanning of compressed files that have been compressed with utilities like Zip. Scan Packed FilesAllows for the scanning of packed files; that is, files that are packed by software in order to compress or obfuscate the file. Many malicious files will be packed or compressed, so Immunet advises users to keep this option turned on. Scan EmailAllows the user to configure Immunet 3.0 to scan all incoming mail for malicious attachments. Many threats are distributed by email, so Immunet advises users to keep this setting turned on. DeepScanAllows the user to configure Immunet 3.0 to scan all product installation files (such as, MSI, NSIS and others) and CHM files. Exclusions Exclusions allows users to to exclude certain files, directories and file types from being scanned. As the screenshot below illustrates, exclusions can be designated by file or folder, by file extension or by threat name. Scheduled Scan Scheduled Scan allows for the implementation of scans (Full Scan, Flash Scan or Custom Scan) on a predetermined schedule. Immunet suggests that this schedule be implemented to run scans when the computer is not likely to be in use. Notifications Notifications allows the user to customize the delivery of Immunet 3.0 notifications in three ways: Cloud notifications, verbose tray notifications, and gaming mode. Each of these options will be discussed in the sections that follow. Cloud Notifications Cloud Notifications allows the user to enable or disable messages from the Immunet Cloud being transmitted to the tray icon. Verbose Tray NotificationsEnables verbose notification of most activity seen by (or performed by) Immunet 3.0. This is meant as a debugging tool for Immunet Support purposes. Gaming ModeDisables pop-ups from the tray icon or other messages from being displayed on the screen. Community Settings Community Settings allow users to establish parameters affecting the interchange of information with members of their Protection Network and with the Immunet community as a whole. Community Sharing Community Sharing allows the user to choose whether or not suspect files found on the computer will be submitted to the Immunet cloud for assessment and sharing of relevant information with the Immunet cloud. Custom Signature Creation Something which has been missing in modern Windows Anti-Virus products is a feature which allows advanced users to craft and deploy their own signatures or detection capabilities. With 3.0 we now offer the first Windows Anti-Virus product which allows our users to write their own detections with our engines just as we would. Users can now hunt threats (or Advanced Persistent Threats if you like) by creating signatures which range from simplistic (straight MD5 matches) to complex (logically chained expressive signatures w/ offset support and wild carding). Signature management is done with the new SigUI tool which is available in Start -> All Programs -> Immunet 3.0 and looks like this: Documentation for the SigUI may be found here and our manual for creation of signatures can be found here. We encourage you to write your signatures and post them to our online Forum.
  14. Tom Beck

    Translations / Localization

    To contribute to the translations, please see the forums: http://forum.immunet.com/. This is a break down of the dialogs and the required strings for each dialog. It is intended to help with the translation. For those of you working on translations, if you are unsure of the context of a specific string, feel free to contact charles@immunet.com. I recommend installing our free english version, which you can find here: http://www.immunet.com/. I've only shown a few variations in the images of the dialogs below. I'm not entirely sure how useful they'll be to you, so I've held back on the effort. If you wish for additional variation, or wonder where a string will be displayed, please ask. I will gladly update the image, or explain what you're looking for. Main 1000 = Community 1001 = people protected 1002 = from 1003 = threats 1004 = Installed Antivirus Product 1005 = CPU 1006 = Memory 1007 = My Community 1008 = Local Community Graph 1009 = Notices 1010 = Immunet Community Notices 1011 = Computer 1012 = Scan Now 1013 = Scan on Demand 1014 = Scan Settings 1015 = Summary 1016 = Activity Summary 1017 = History 1018 = Detailed History 1019 = Quarantine 1020 = Product 1021 = Update Now 1022 = Check for Updates 1023 = Settings 1024 = Product Settings 1025 = Connected 1026 = Disconnected 1027 = Fix It! 1028 = Last Scanned 1029 = unknown 1030 = Secure 1031 = Not Secure 1032 = Last Updated 1033 = Current Version 1034 = - 1035 = Up To Date 1036 = Not Updated 1037 = New Version Available 1038 = License Expired 1039 = Toll Free Tech Support: 1-877-678-2096 1040 = Support 1041 = Feedback 1042 = Copyright © 2010 Immunet Corporation 1043 = About 1044 = Immunet Protect 1045 = Scanning... 1046 = Updating... 1047 = Update... 1048 = Never Updated
  15. ClamAV allows users to deploy and use their own (or third party) virus signatures in addition to the official virus signatures. The virus signature database updater (freshclam) can also be adapted to the user's environment. A new tool is needed to make these changes: Signature configuration UI (SigUI). The full user manual can be downloaded from here: sigui-manual.pdf. Documentation on the signature format is available here: signatures.pdf Table of contents Features Launching the application How it works User manual contents Features Using SigUI an Administrator can: Configure freshclam to use a proxy Configure which mirror freshclam should use Configure updates of custom signatures by freshclam Manually copy virus signature databases to ClamAV's database directory Deploy an existing freshclam.conf to multiple machines Launching the application The application can be launched from the Start Menu: Start→All Programs→ClamAV for Windows→SigUI. Or you can navigate to the installation directory of ClamAV for Windows, and from the clamav subdirectory launch sigui.exe. In either case you must run this program with administrative privileges. On Windows Vista and later you will get the UAC popup to grant Administrator privileges to the application. On earlier versions you will need to login as Administrator. How it works When changing freshclam settings via the UI, it first verifies that the settings are syntactically correct, and saves them in freshclam.conf. When installing custom signatures, SigUI verifies that ClamAV can successfully load the databases, and install only those that are successfully loaded. Any changes you make will not take effect immediately, but only the next time the databases are reloaded. This usually happens each hour. You can reload the databases immediately by opening the ClamAV for Windows user interface , and clicking on Update Now. User manual contents Contents of the User Manual: Overview Features Using SigUI Launching the application How it works Usage examples Configuring a proxy Choosing a mirror Deploying custom signature updates Deploying your own signatures from a webserver Deploying your own signatures from a network share Deploying third-party signatures Manually copying custom signatures to database directory Removing signature files Automating signature and configuration file deployments on a network Setting up a local mirror User interface Updater configuration Proxy settings Signature sources Saving configuration and testing Local signature management Run freshclam to test configuration Custom URLs Reloading the databases Copyright and License Glossary
  16. On This Page Installation Requirements Introduction Begin Installation Choosing an installation location and EULA File installation Installation complete Initiating a Flash Scan Submit Suspicious Files to Immunet Inviting Contact to the Immunet 3.0 Community Immunet Toll-Free Support & Internet Forum Support Immunet Plus Licenses & Licensing Issues Installation The installation of Immunet 3.0 should take no more than two minutes and will typically take less than one minute. This section of the Immunet 3.0 User Guide will outline the installation process. PLEASE NOTE, Immunet Plus should not be installed along side other full security products. Only Immunet 3.0 Free is built for 'Companion' installs and only if the ClamAV engine is turned off. Running the Tetra engine (in Plus) or the ClamAV engine with other full security suites may impact your system performance. RequirementsPrior to installation, please ensure your system meets the following minimum requirements: Microsoft Windows 7 Windows 7 32-bit or 64-bit operating system 100 MB of available hard disk space Must meet the minimum Windows 7 operating system requirements Microsoft Windows Vista SP1 Windows Vista 32-bit or 64-bit operating system Service Pack 1 or later 100 MB of available hard disk space Must meet the minimum Windows Vista operating system requirements Microsoft Windows XP SP3 Windows XP 32-bit operating system Service Pack 3 or later 100 MB of available hard disk space Must meet the minimum Windows XP operating system requirements Required for All Installations A working Internet connection IntroductionOnce Immunet 3.0 3.0 has been downloaded and the user has clicked on the installation package, a series of brief set-up screens will be presented. These screens are designed to help the user configure Immunet 3.0 as quickly and as easily as possible. The following discussion will walk users through each screen and explain how it relates to Immunet 3.0 and what steps the reader should take. Begin InstallationIf you are installing the free version of Immunet 3.0, you will start with a screen that allows you to install Cloud, Cloud + ClamAV or Trial/Plus. Free, Trial, or Plus. Each of the installation types have a corresponding grid which details the functions of each. The Trial selection will allow you to try the Plus version for 14 days. If you have a license key select Cloud and enter your license when it asked for later during the install. Begin Installation and select your installation type. Choosing an installation location and EULAAfter selecting the desired installation type the user will then be prompted to install the Immunet 3.0 software. The first step in this process is to identify a preferred location for the file. Typically, users select the C:\ drive but they may choose a different location by selecting the Browse... button and identifying a location of their choice. As with most software, Immunet 3.0 comes with an end user license agreement (EULA) that outlines the mutual rights and obligations of both the user and the vendor (Immunet). This screen also contains links to Immunet's privacy policy. Users must read it and, if they accept the terms outlined therein, please click Install to proceed. Install Location and EULA File installationWhen the File Installation screen appears, Immunet 3.0 is being downloaded onto the hard drive in the designated location. This operation may pause intermittently. This is normal, and downloading will resume without any user action. The file installation process should take no more than 45 seconds. File Installation During installation, the user can view the details of each file being installed by clicking the Show details button. This will open a window to display the relevant information for all the files that are being installed. Once the file installation progress bar has completed, the downloading of the program files is complete. The user should then click Next to continue. File Installation Installation completeWhen the Installation Complete pane appears, the installation is complete. From there, you can "Create a Desktop Shortcut", "Initiate a FlashScan", or invite their friends to take part in the Immunet Community through Twitter and/or Facebook. Installation Complete Initiating a Flash ScanWhen Immunet 3.0 is opened up for the first time on the computer, the Immunet 3.0 Setup screen will present the user with the option to Initiate a Flash Scan (shown below). This is a procedure that performs a quick scan to detect and remove any threats that may already be present in commonly infected files on the user's computer. By default, the Initiate a Flash Scan option is selected. Immunet recommends that users do not deselect it. The first time that user interface is opened (and only the first time), the scan will start in the background. While the scan is being performed, the user will see occasional pop-up messages identifying the files being scanned. FlashScan Status If the user chooses not to run the Flash Scan on the first usage after installation, the Computer tab of the user interface for Immunet Plus users will show a yellow Not Secure status orb (as shown below) until the Flash Scan has been run. It is important to note that Immunet 3.0 will still protect the computer from viruses while the program is showing Not Secure . However, the status will remain Not Secure until the user completes the scan. Flash Scan Required The user can perform the scan manually by clicking on the Scan Now button, which is the first button on the Computer tab of the main pane. Clicking this button will open the Scan Now pane. Selecting Flash Scan in the Scan Now dialogue box will perform the fastest of the available scanning options. Once the scan is selected, the user will see that it is commencing and will be shown which files are being scanned. The user may close this window at any time and the scan will continue. Once the scan is complete in the case of Immunet 3.0 Plus users, the Last Scanned status will change from yellow (Not Secure) to green (Secure). Scan Now Submit Suspicious Files to ImmunetOne of the key features of Immunet 3.0 is the ability to examine potentially malicious or suspicious files on the user's computer. In order to facilitate this, suspicious files are identified by Immunet 3.0 and submitted automatically to the Immunet cloud for automated inspection. The Submit Suspicious Files to Immunet option is enabled by default. Users may opt out of it. However, because other users in the community will be protected against malware that is detected and submitted through this feature, Immunet recommends that users leave the option enabled, for the benefit of the community as a whole. Users who choose to opt out of this feature will still receive the full benefit of Immunet 3.0. Inviting Contact to the Immunet 3.0 CommunityUsers who have successfully installed and activated Immunet 3.0 can announce it to friends, family, and other contacts through Facebook and Twitter and invite them to join the Immunet 3.0 community. When the product starts, the user will also be prompted to build his or her own community to start protecting friends, family, and other contacts. Announcing over Facebook and Twitter Immunet Toll-Free Support & Internet Forum Support Only Immunet 3.0 Plus users are entitled to phone based technical support. Users who encounter any issues during the installation process can call Immunet's toll-free support line: 1-877-678-2096 . All users of our Immunet Protect 3.0 free version may rely on the our public Internet Forum. Immunet Plus Licenses & Licensing Issues Once a purchase of Immunet 3.0 is made a license key will be made available to you. Typically this will come over email or will be offered to you in your online store experience while purchasing Immunet Plus. Your initial download of the product from the point of purchase will be a fully licensed copy of your product. However you may also enter in your license key at any time into the Settings panel of the product to perform an upgrade of the product. License During Install If you already have the agent installed and running, you can put your license in through Settings or by clicking on any of the orange Plus logos. To go through Settings, click on the Settings link in the main dialog and scroll down to "Product License". Click on the Product License heading and it will expand (Note: you may have to scroll down some more) and below that you will see the "Change Your License Key" link. Change Your License Key Next you should get to the License Key entry box. You can go to your email and hold down the 'Ctrl' key and then the 'C' to copy your license key from there. Then on the first field of the license entry box and paste in your license by holding down the 'Ctrl' key and then the 'V'. This will allow the "Activate" button to be enabled and you click Activate to continue. License Key Entry Licenses are purchased for one or more computers. Each license is tied to one installation. This means that if you remove and reinstall the license it will not work. Please mail support@immunet.com to resolve this issue. If your license is not authenticating when you enter it into the box in the License section of the Settings Pane please ensure that you are not copying extra character spaces. If you are typing it in manually please ensure you are typing the correct characters in. Lastly, network congestion may at times cause licensing authentication failures, this can often be solved by entering the license multiple times. If any issues are persistent please contact support@immunet.com
  17. Typically, the default firewall configurations that ship with Windows 7, Windows Vista and Windows XP do not interfere with Immunet Protect; however, after-market or OEM configuration choices may cause Windows Firewall to do so. This Knowledge Base Article will explain how to identify if the Windows firewall is turned on and, if so, how to configure the firewall for usage with Immunet Protect. On This Page Windows 7 Checking for Windows 7 Firewall Configuring Windows 7 Firewall Windows Vista Checking for Windows Vista Firewall Configuring Windows Vista Firewall Windows XP Checking for Windows XP Firewall Configuring Windows XP Firewall Windows 7 Checking for Windows 7 Firewall To see if Windows 7 Firewall is running: 1. Click the Windows icon, and select Control Panel. The Control Panel window will appear. 2. Click on System and Security. The System and Security Panel will appear. 3.Click on Windows Firewall. The Windows Firewall panel will appear. 4. If a green check mark appears, Windows Firewall is running. Configuring Windows 7 Firewall If Windows Firewall is running and Immunet Protect is indicating "Offline Mode" problems, take the following steps: 1. On the left side of the Windows Firewall panel, click the Allow a program or feature through Windows Firewall link. The Allowed Programs panel will appear. 2. Click the Change Settings button. 3. Find Immunet Protect in the list of programs. If it appears in the list of programs, select Immunet Protect (or agent.exe) and click the Remove button. Confirm that the entry should be removed (the next steps will re-install the program). If Immunet Protect does not appear, then proceed to the next step. 4. Click the Allow another program button. The Add a Program window will appear. 5. In the Add a Program window, click the Browse... button. 6. Navigate to the Immunet Protect program directory (e.g. C:\Program Files\Immunet Protecrt\2.0\) and double-click on agent.exe. 7. Click the Add button. 8. Do this same for updater.exe. 9. Click the OK button to close the Allowed Programs panel. Windows Vista Checking for Windows Vista Firewall To see if Windows Firewall is running: 1. Click the Windows icon, and select Control Panel. The Control Panel window will appear. 2. Click on the System header. The Security Panel will appear. 3. Click on the Windows Firewall header. The Windows Firewall panel will appear. 4. If a green check mark appears along with the message Windows Firewall is helping to protect your computer, Windows Firewall is running. Configuring Windows Vista Firewall 1. On the left side of the Windows Firewall panel, click the Allow a program or feature through Windows Firewall. The Windows Firewall Settings window will appear. 2. Find Immunet Protect in the list of programs. If it is there, click to select it. If not, skip the next step. 3. With Immunet Protect selected, click the Delete button. Confirm that the entry should be deleted. 4. After removing the Immunet Protect entry or if Immunet Protect does not appear in the list of programs, click the Add program... button. The Add a Program window will appear. 5. In the Add a Program window, click the Browse... button. 6. Navigate to the Immunet Protect program directory (e.g. C:\Program Files\Immunet Protecrt\2.0\) and double-click on agent.exe. 7. Click the Add button. 8. Follow the same steps for updater.exe. 9. Click the OK button to close the Allowed Programs panel. 8. In the Windows Firewall Settings window, click to select the General tab. 9. Ensure that Block all incoming connections is not selected. 10. Click the OK button to close the Windows Firewall Settings window. Windows XP Checking for Windows XP Firewall To see if Windows Firewall is running: 1. Click on the Windows Start button, and select Control Panel. The Control Panel window will appear. 2. Click on the Security Center link. 3. In the newly opened panel, if the Firewall header says ON, Windows Firewall is running. Configuring Windows XP FirewallIf Windows XP Firewall is running and Immunet Protect is experiencing connection problems, perform the following steps: 1. In the Security Center, click the Windows Firewall graphic. 2. Ensure that Don't allow exceptions is not selected. 3. Click to select the Exceptions tab. 4. Find Immunet in the list of programs. If it is there, click to select it. If it is not on the list of programs, skip the next step. 5. With Immunet selected, click the Delete button. Confirm that the entry should be deleted (the next steps will re-install the program). 6. Click the Add Program button. 7. In the Add a Program window, click the Browse... button. 8. Navigate to the Immunet Protect program directory (e.g. C:\Program Files\Immunet Protecrt\2.0\) and double-click on agent.exe. 9. Click the OK button to close the Add a Program window. 10. Click the OK button to close the Windows Firewall Settings window.
  18. Immunet Protect is designed to install and work with Kaspersky Internet Security 2010 (KIS 2010). KIS 2010 has no default firewall configurations that interfere with the functioning of Immunet Protect. However, user configuration choices and/or upgrades to either product may cause Immunet users to experience issues with the KIS 2010 firewall. This Knowledge Base Article will show users how to configure the two products work together as seamlessly as possible. Firewall ConfigurationIssues in the functioning of Immunet and KIS 2010 are typically a result of the way in which the firewall is configured. Users who are encountering "Offline mode" difficulties when using the two products together are advised to take the following steps: 1. Review the firewall setting for Immunet Protect by right-clicking on the KIS icon in the lower right-hand corner of the screen and clicking on Settings. 2. On the Firewall Settings screen, any application for which KIS 2010 shows a green check mark in the right-hand column is trusted by KIS 2010 and is allowed to send and receive network traffic. If this green check mark is not present for Immunet Protect, click the Add button at in the lower left-hand corner of the screen. 3. In the Network rule window, select the Allow button and ensure that all options are selected in the Network Service section. Please review the Help in the lower left-hand corner of the Network rule pane to review how to add specific rules.
  19. Immunet Protect is designed to install and work with Comodo Internet Security; however, it is possible that Immunet users may experience "Offline mode" issues due to configuration choices. This Knowledge Base Article will show users how to configure the two products work together as seamlessly as possible. On This Page Initial Installation Message Firewall Configuration Initial Installation Message Comodo Internet Security has very aggressive firewall settings in the default configuration. When users install Immunet Protect, they will be prompted to allow Immunet Protect to run in an elevated privileged state. In order to install Immunet Protect successfully, the user should select Allow. Users will note that Always trust the publisher of this title is checked by default. It is important to keep this checked as it will allow the product to update itself in the future without interference. Firewall Configuration It is good practice to include Immunet Protect in Commodo Internet Security as a Trusted Application to ensure problem-free operation in the future. To add Immunet as a Trusted Application, navigate to the Firewall link at the top the Commodo Internet Security user interface. A box in the left-hand column entitled Define a New Trusted Application will appear. Click on this link. In the pop-up window, click Select -> Running Processes. A series of processes running on the host computer wiil now appear, which the user may designate to have Comodo Internet Security trust. The two processes the user will need to select are agent.exe and IPTray.exe . Users may only be able to select one at a time. Once processes to be trusted have been selected, users may wish to reboot in order to ensure that the changes have taken effect.
  20. Immunet Protect is designed to install and work with the AVG Internet Security 9 firewall; however, it is possible that Immunet users may experience "Offline mode" issues due to configuration choices. This Knowledge Base Article will show users how to configure the two products work together as seamlessly as possible. On This Page Initial Installation Message Firewall Configuration Initial Installation Message If AVG 9 is being installed on the computer after the installation of Immunet Protect, the Potentially incompatible software message shown below may appear. This is a default response from AVG that will be triggered by the presence of any other security products that are installed on the host. Immunet does not feel this warning message is warranted. Immunet suggests that users click Skip in order to avoid having Immunet Protect uninstalled. Firewall Configuration Most compatibility issues between AVG 9 and Immunet are the result of highly aggressive AVG 9 Firewall settings. AVG 9 does not ship by default with firewall rules that interfere with the functioning of Immunet Protect. However, if the use of AVG 9 with Immunet Protect result in an "Offline" state, users are advised to check the configuration of the AVG Firewall. AVG 9 Internet Security has a firewall component that controls network traffic to and from the host computer. If Immunet cannot connect to the Internet (in which case, the orb in the lower right-hand corner of the Immunet User Interface will be red), users are advised to remove Immunet from the AVG Firewall and add it back manually. To do so, perform the following steps: 1. Open the AVG User Interface by clicking on the Windows Start button, selecting All Programs, selecting AVG 9.0, and then selecting AVG User Interface. 2. In the AVG Internet Security window, click the Tools menu and then select Firewall settings to open the Firewall Settings window. 3. Look for Immunet Protect in the list of applications. 4. With Immunet selected, click the Delete button (the next step will reinstall Immunet). When prompted, click Yes to confirm the deletion. 5. Click the Add button. 6. Click the ... button, then navigate to the Immunet installation directory (e.g. C:\Program Files\Immunet Proteect\2.0\), then select the agent.exe item, and then click the Open button. 7. Ensure that the Application action is set to Allow for all. 8. Repeat this process for Iptray.exe. 9. Repeat the same process for updater.exe. 9. Click the OK button to close the Firewall Settings window. 10. Click the X in the top right-hand corner of the AVG Internet Security window to close it.
  21. Immunet Protect 1.0.26 is the last beta version of Immunet Protect. Official support is still available for this version, but will be discontinued on January 1, 2011. As a result, Immunet recommends that users do not install this version but instead install the most recent version at this time. On This Page Immunet Protect Installation Guide (Beta version) Installing - Quick and Easy Flash Scan Installation Complete Immunet Protect Installation Guide (Beta version) Immunet Protect 1.0.26 and previous versions represent Beta releases of the product and are outdated. Please download the most recent version of Immunet Protect. Installing - Quick and Easy Typically, installing Immunet Protect takes less than two minutes. After the Immunet__ package has been downloaded to the desktop, simply double-click on the Immunet icon (which appears as follows: ) in order to start the install. The installer will first prompt the user to accept the terms of an end user license agreement (EULA). It will then prompt the user for an install location. This will begin the installation of Immunet Protect files and three drivers onto the computer in the designated location. Once the user has selected an installation path and clicked Next, the following progess window will appear: Once this is complete, the user will be prompted to start a Flash Scan, which is the last stage of installation. Immunet strongly suggests that users follow the prompt and perform the scan. If users choose not to initiate this scan, Immunet Protect will still be successfully installed. Flash Scan The Flash Scan is an important part of the Immunet Protect set-up. The Flash Scan will quickly scan your system registry and running processes to ensure that the host is secure. The scan should be relatively quick and will allow users to ensure that their computers are not infected with any threats that they may be unaware of. Even other antivirus software is installed on the computer, users are still advised to perform the scan. It is not unusual for Immunet Protect to find viruses that other antivirus programs have missed. The scan itself should not take more than two or three minutes. When it is complete, the installation process will be finished. Immunet Protect will now run in the background on its own or alongside a currently installed antivirus product (assuming that it is supported by Immunet Protect). Installation Complete Once Immunet Protect has been successfully installed, a tray icon should be visible in the lower right-hand portion of the task bar. Immediately following install, a balloon pop-up will appear above the icon indicating that the computer is connected to the Immunet Cloud. The pop-up will also tell indicate how many other users from the Immunet community are online, as well as giving users a running total of the number of threats against which they are protected while running Immunet Protect. The tray icon will also launch a pop-up notifying users of noteworthy events, such as a virus being stopped and quarantined, or issues that may require attention.
  22. On This Page Initial installation End User License Agreement Choosing an installation location File installation Installation complete Install configuration Initiating a Flash Scan Submitting suspicious files to Immunet Announcing to your new Immunet Protect community Installation Complete! Immunet Toll-Free Support Users who are upgrading from a previous version of Immunet Protect, such as Version 1.0.26 or earlier, are asked to refer to this Knowledge Base article instead. Initial installationOnce Immunet Protect 2.0 has been downloaded and the user has clicked on the installation package, a series of brief set-up screens will be presented. These screens are designed to configure the product as quickly and as easily as possible with the configuration choices of the user. The following discussion will walk users through each screen and explain how it relats to Immunet Protect and what steps the reader should take. End User License AgreementAs with most software, Immunet Protect comes with an end user license agreement (EULA) that outlines the mutual rights and obligations of both the user and the vendor (Immunet). This license also contains links to our privacy policy. Users must read it and, if they accept the terms outlined therein, check the I accept... box provided and click the Next button to proceed. Immunet EULA Screen Choosing an installation locationAfter accepting the EULA, the user will be prompted to install the Immunet Protect software. The first step in this process is to identify a preferred location for the file. Typically, users select the C:\ drive but they may choose a different location by selecting the Browse... button and identifying a location of their choice. Immunet Protect only requires 18 MB of drive capacity, so available disk space should not be an issue. Once the location has been selected, please click Install to proceed. Immunet EULA Screen File installationWhen the File Installation screen appears on the screen, Immunet Protect is being downloaded onto the user's hard drive in the designated location. This operation may pause intermittently. This is normal, and downloading will resume without any user action. The file installation process should not take more than 30-45 seconds. File Installation During installation, the user can view the details of each file being installed by clicking the Show details button. This will open a window to display the relevant information for all the files that are being installed. Once the file installation progress bar has completed, the downloading of the program files is complete. The user should then click Next to continue. File Installation Installation completeWhen the Installation Complete pane appears, the installation is complete. If the version being installed is Immunet Protect Free, the user should click on the Immunet Protect FREE button, which is selected by deault. If the version being installed is Immunet Protect Pro, the user should select Immunet Protect PLUS and enter the license key number, either by cutting and pasting it or by entering it manually). Installation Complete Once that step is complete, the user should click Next . The user will then receive a prompt to perform some basic configuration options to complete the installation. Install configurationOnce installation and activation are complete, the Immunet Protect Setup screen will appear. This will allow the user to set some start-up parameters. This pane also enables users to invite their friends to take part in the Immunet Community through Twitter and/or Facebook. Immunet Protect Setup Initiating a Flash ScanWhen Immunet Protect is opened up for the first time on the computer, the Immunet Protect Setup screen present the user with the option to Initiate a Flash Scan. This is a procedure that performs a quick scan to detect and remove any threats that may already be present in commonly infected files on the user's computer. By default, the Initiate a Flash Scan option is selected. Immunet recommends that users do not deselect it. The first time that user interface is opened (and only the first time), the scan will start in the background. While the scan is being performed, the user will see occasional pop-up messages identifying the files being scanned. FlashScan Status If the user chooses not to run the Flash Scan on the first usage after installation, the Computer tab of the user interface will show a yellow Not Secure status orb (as shown below) until the Flash Scan has been run. Flash Scan Required It is important to note that Immunet Protect will still protect the computer from viruses while the program is in yellow, Not Secure status. However, the status will continue to remain Not Secure until the user completes the scan. The user can perform the scan manually by clicking on the Scan Now button, which is the first button the Computer tab of the main pane. Clicking this button will open the Scan Now pane. Selecting Flash Scan in the Scan Now dialogue box will perform the fastest of the available scanning options. Once the scan is selected, the user will see that it is commencing and will be shown which files are being scanned. The user may close this window at any time and the scan will still continue. Once the scan is complete, the Last Scanned status will change from yellow (Not Secure) to green (Secure). Scan Now Submitting suspicious files to ImmunetOne of the key features of Immunet Protect is the ability to examine potentially malicious or suspicious files on the user's computer. In order to facilitate this, suspicious files are identified by Immunet Protect and submitted automatically to the Immunet cloud for automated inspection. The Submit Suspicious Files to Immunet option is enabled by default. Users may opt out of it. However, because other users in the community will be protected against malware that is detected and submitted through this feature, Immunet recommends that users leave the option enabled, for the benefit of the community as a whole. Users who choose to opt out of this feature will still receive the full benefit of Immunet Protect. Announcing to your new Immunet Protect communityUsers who have successfully installed and activated Immunet Protect can announce it to friends, family, and other contacts through Facebook and Twitter and invite them to join the Immunet Protect community. When the product starts, the user will also be prompted to build his or her own community to start protecting friends, family, and other contacts. Announcing over Facebook and Twitter Installation Complete!The installation of Immunet Protect is now complete. The user can click Close and start using the product. Immunet Toll-Free SupportAll versions of Immunet Protect come with free technical support. Users who encounter any issues during the installation process can call Immunet's toll-free support line: 1-877-678-2096 Users are also encouraged to call this support number if they have any problems with their computer, computer peripherals or are concerned that they might have a virus.
  23. Hi Peter, Activating Immunet Plus with your key should work now. I have sent you an email too, you can reply if you are having any more trouble.
  24. The Custom Scan function allows you to specify a folder to scan. I agree that this can be made more robust by being able to select multiple folders/files and save your filters. It's a feature we will consider. Thanks!
  25. Tom Beck

    Would Like To Buy 10 Oem Keys At A Time?

    Hi, you have replied to my message and I am happy to continue to helping you to get in contact with our sales. Please message me if the contact I supplied you with isn't answering. Thanks!
×