Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Hi Nick, What zombunny2 suggested has merit. Since you're using a server environment with multiple endpoints Immunet's enterprise version called 'Secure Endpoints' (formally, AMP for Endpoints) would definitely better suit your needs. Secure Endpoints is 'much more individually configurable' than Immunet. It's also designed to work with and compliment any other security software you may be currently using. Although not free to use like Immunet (there is a free trial period however) the price is reasonable & actually negotiable depending on how many endpoints need to be protected, the type of and length of your license that you choose. Another nice thing about Secure Endpoints is that you don't need a Ph.D. in Computer Science to configure the software to your specific needs. Here's a URL link if you care to investigate Secure Endpoints for yourself. https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html Best wishes, Ritchie...
  3. Yesterday
  4. Thank you for your help. I will have to requisition and research on the budget for the school.
  5. Your query looks a lot like you are running Immunet in some sort of organisation or corporate environment. Immunet is targeted at home users, so you may find you can only accomplish what you need with the corporate "version", Cisco AMP, instead. Additionally, support is not provided to Immunet users in corporate environments. If you have already tried adding the relevant scripts and program components to Immunet's exception lists, and it still doesn't work, and you're not a home user, just buy AMP. To the best of my knowledge you can't add specific ports as exceptions in Immunet and it's not intended for having config changes pushed remotely (e.g. via Powershell) because those are the sorts of things home users don't usually need to do.
  6. immunet 7.4.4 is blocking request from pywinrm. We are trying to update workstations using ansible and winrm. However, immunet after upgrading to 7.4.4 is blocking execution. I am attaching before removal of immunet 7.4.4 and after nbhanji@srv-fog:~/ansible-playbooks/testing$ ansible testing -m win_ping [DEPRECATION WARNING]: Ansible will require Python 3.8 or newer on the controller starting with Ansible 2.12. Current version: 3.6.9 (default, Jan 26 2021, 15:33:00) [GCC 8.4.0]. This feature will be removed from ansible-core in version 2.12. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. [WARNING]: ERROR DURING WINRM SEND INPUT - attempting to recover: WinRMError The pipe has been ended. (extended fault data: {'transport_message': 'Bad HTTP response returned from server. Code 500', 'http_status_code': 500, 'wsmanfault_code': '109', 'fault_code': 's:Receiver', 'fault_subcode': 'w:InternalError'}) | FAILED! => { "msg": "winrm send_input failed; \nstdout: \nstderr An error occurred while creating the pipeline.\r\n + CategoryInfo : NotSpecified: (:) [], ParentContainsErrorRecordException\r\n + FullyQualifiedErrorId : RuntimeException\r\n " } After removal. nbhanji@srv-fog:~/ansible-playbooks/testing$ ansible testing -m win_ping [DEPRECATION WARNING]: Ansible will require Python 3.8 or newer on the controller starting with Ansible 2.12. Current version: 3.6.9 (default, Jan 26 2021, 15:33:00) [GCC 8.4.0]. This feature will be removed from ansible-core in version 2.12. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. | SUCCESS => { "changed": false, "ping": "pong" } I can execute in powershell: enter-pssession -ComputerName 10.50.x.x -Credential xxx this allows the session. Is there a way of adding an exception to immunet and to ignore the requests to port 5985-5986 and also push that change with powershell script. Thanks in advance for the help.
  7. Last week
  8. Earlier
  9. Hello all, We are happy to announce a new release of Immunet 7.4.4! This latest version of Immunet provides the same great protection against malware and viruses as before, but also includes some new features, enhancements and bug fixes as below. Changes in 7.4.4: Bugfixes/Enhancements: The Behavioral Protection engine can now detect command line spoofing Updated ClamAV to 0.103.2 You can get the new installer from here https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe Expected upgrade behavior for Immunet users: * Upgrades from Connector versions below 7.0.0 to 7.0.0 and higher require a reboot to complete * Upgrades from Connector versions starting 7.0.0 to any higher version do not require a reboot to complete If you are running an older version of Immunet, you should be able to upgrade via the 'Update Now' button in the UI. If you don't see the update in your UI we recommend uninstalling Immunet and reinstalling the version downloaded from http://www.immunet.com/index
  10. Hey Frank, One option at your disposal is to disable the ClamAV module & updates for it if it's causing you that much grief! Just use the ETHOS & SPERO cloud engines instead. Then you could pair another compatible AV with Immunet. That's the setup I & many other Immunet users have! In fact it is recommended that the ClamAV module be disabled when Immunet is run as a companion AV to another AV product anyways. You are right there though, the ClamAV module does seem to have the same update bug being encountered build after build. Why the devs can't seem to be able fix this bug once & for all is rather disconcerting & annoying to those that wish to use the ClamAV module. Best wishes, Ritchie...
  11. Its a never ending story... again and again. Immunet was unable to update the database because the clamav engine was outdated. Immunet it try again and again... I reinstalled Immunet, try it again and immunet report me that Database is up to date. But there was only the daily databasefile in the folder, main database file is missed. I try the update again, same result. Up to date. I tryed to update my portable ClamAV with newest clam engine and i get this. Update ClamAV Databases... ClamAV update process started at Tue Jul 20 13:43:28 2021 WARNING: FreshClam previously received error code 429 from the ClamAV Content Delivery Network (CDN). This means that you have been rate limited by the CDN. 1. Run FreshClam no more than once an hour to check for updates. FreshClam should check DNS first to see if an update is needed. 2. If you have more than 10 hosts on your network attempting to download, it is recommended that you set up a private mirror on your network using cvdupdate (https://pypi.org/project/cvdupdate/) to save bandwidth on the CDN and your own network. 3. Please do not open a ticket asking for an exemption from the rate limit, it will not be granted. WARNING: You are still on cool-down until after: 2021-07-21 13:23:22 Thank you very much, really good job. Apparently you caused so much traffic that ClamAV had to take these measures. The bad thing is that I do not receive any information from Immunet if an update does not work. If you don't check every couple of days to see if everything is working, you’re kidding. Please, please bury this project.
  12. Thanks for the heads-up on Bitdefender Messiah! I guess I won't be endorsing that AV with Immunet users! I've heard of that before, some AV's will prompt you to delete the currently installed AV app & there's a reason for that. Security experts actually agree that normally running two AV apps simultaneously can cause unforeseen problems. But that's where Immunet is different, it has been designed to be an additional security layer to your existing security set-up. Sometimes all that's needed is just an exclusion or two created to make everything compatible if need be. You are running a number of security apps! The trick to using multiple security apps is finding ones that are (of course) compatible with each other or can made to be & don't use up excessive system resources when running together. I do use a few security/privacy extensions for my browser of choice too. Currently I use No-Script, Browser Protect, Ghostery, Adblock Plus & Cookie AutoDelete. Cheers, Ritchie...
  13. Forgive me for the late answer zombunny2, unlike what you said I think the security you put on your windows machine is completely fine and legitimate. Better be safe than sorry, as windows is the prime target of hackers. As for myself, on my Windows I decided to go for Immunet + Avast/Kaspersky (in turn one month each) At first I wanted to go for Bitdefender but it's trying to force the uninstallation of Ummunet with no-compromise. I thought of installing Bitdefender first then exclude Immunet if it's possible, but I was a bit against it after some research as many people seems to say that there is an incompatibility from Bitdefender side, so maybe for later. For a firewall, I'm going to try both Comodo firewall (best available now but have some bad points concerning pop-ups & adware) and Tinywall (currently using). As for the finishing touch, ProtonVPN, 9Quad dns, Brave browser with extensions such as Brave shield, Duckduckgo Privacy Essentials, uBlock origin, and I'm considering some in-demand scanning software for malwares and spywares like HitmanPro. I think that's what you can call overdoing, but I personally think it's alright. We only need to go through this once and you can rest easy with a peace of mind afterward. Also learning new stuff is fun and useful.
  14. Thanks for the additional input Zom! Your absolutely right there once again! Hackers & malware authors will normally target the most used worldwide platforms as that gives them a better chance at success. For that reason I have never relied on just one app to keep me safe, instead using a layered approach to my security set-up. It sounds like you have a decent layered security set-up when you're not using Linux Zom! I too don't mind paying for a product if it has desirable merits. That's why I'm currently using Panda Dome Pro as my primary AV as it has a built in VPN service & excellent efficacy against ransomware. I added a topic in the 'Ideas' section of the forum a while back to include a secure VPN service with a new 'paid' version of Immunet. I still think that would be a great idea as that could be a possible money-maker for Cisco because VPN services are quite popular these days! A bit of product loyalty maybe as years ago I was already a voluntary alpha/beta tester using a VM for Panda Cloud AV as it was called back then, this is before I ever heard of Immunet to be honest. That's what got my attention when I first discovered Immunet! "Cool!" Another new cloud based AV I can Investigate. The rest is history I guess, lol! In a way I feel almost privileged to be able to be on the ground floor when "the first two cloud based AV solutions on the planet" were still in it's infancy & "to be part of that development!" Your friend, Ritchie...
  15. I have found Immunet to play nicely with Sophos home free in the past. It worked with no exclusions added to either; however to be on the safe side, I excluded Sophos's "program files" and "programdata" folders in Immunet, and Immunet's (Program Files\Immunet, Program Files\Cisco\Immunet, Programdata\Immunet, Programdata\Cisco\Immunet) in Sophos. I also tried Immunet with Kaspersky home free and I seem to remember it worked OK but did require each being added to the other's exclusions list to be stable. On my Windows box, I currently use it in tandem with both F-Secure AV and Malwarebytes Premium with no issues (because Malwarebytes itself is also a "companion AV"). To ensure this will work with no problems, I enter each program and add the other two solutions' "Program Files" and "Programdata" folders as exclusions. You'd think it would drag it down but it works fine on a circa-2011 machine with 4GB RAM and a mechanical hard disk drive. That said, I don't use Windows much nowadays as am almost completely a full-time Linux user. The solution is probably overkill, especially for my limited usage, but it's a Windows box, it's the low-hanging fruit that all opportunistic crackers and social-engineering scammers go for. It's the weak point from which all my documents could get trashed or accounts compromised. I figure even it it's overkill, a year's protection from the two paid-for solutions still costs less than a single tank of fuel for your car.
  16. I see, well thank's again Ritchie (you got such a good name that I feel like mentioning it everytime). Also I'm using Win8.1, I'm going to check what's better for me from the AVS you advised me with and do comparisons. Best regards,
  17. It depends what build of (I'm assuming you use) Win 10 you have weather you can use Defender or not. Newer builds of Win 10 will automatically disable Defender if you install another AV solution. Microsoft even admits that Defender is only meant for users that don't have or don't want to use a good third-party AV anyways. I've never used Defender myself as it's not a robust AV compared to some free AV products even! This has been proven once again by 'recent' AV Comparatives testing. Most of the major player's AV products are compatible with Immunet. Such as AVG, Avira, AVAST, Norton, McAfee, Trend Micro, Kaspersky & others. If you look at the Immunet's Exclusion list a number of AV's are already excluded by default. Personally I have Immunet paired with Panda Dome Pro. It is a great idea if you use Immunet as a companion AV to create an exclusion/exception/allow rule for 'Immunet's entire Program Files folder' for the other AV. If the other AV you choose is not listed with Immunet's Exclusion list then also create a custom Exclusion rule for the other AV's entire Program Files folder as well. This really can go a long way at avoiding possible future conflicts or problems between both AV's. They should recognize each other as safe programs. Also, if you do use Immunet as a companion AV to another product it is recommended that you disable the ClamAV module & updates for it and just use the cloud engines instead. This will (sometimes significantly) decrease system resources being used by Immunet. Best wishes, Ritchie... P.S. - I'm not completely unfamiliar with Comodo. Back in the day I used just the Firewall & Defense+ modules minus the AV module enabled for some older builds of Windows. I quit using Comodo back then because it was increasingly becoming a resource hog (bloatware).
  18. Thank you very much Ritchie! It's good that only unknown or suspicious files are sent while keeping privacy. And if it's okay I wish to ask another question. What good AV is good to use with Immunet currently? I tried to download the Comodo AV+Firewall but was met with troubles from both my Immunet av and browsers that see the setup file as harmful. I was told then that Comodo is not that good now and it was better to just use Windows defender in this case. Any thoughts on that?
  19. ETHOS is one of two cloud based detection engines that Immunet uses. The difference is the cloud based engines will be looking for known malware signatures. The cloud engines also have learning heuristic capabilities that can detect possibly malicious activity and react to the possible threat in real time. If you decide to send files to Immunet with the 'Send files to Immunet for analysis' setting enabled means that any unknown or possibly suspicious file that Immunet encounters will be uploaded for further investigation. Of course it's up to you if you wish to use this feature but keep in mind that no user identifiable information is included in any uploaded file so your privacy is assured. It is highly recommended that both the ETHOS & SPERO cloud engines always remain enabled with Immunet. I hope that answers your questions. Cheers, Ritchie...
  20. Hello, I'm new to Immunet and I wish to ask some questions. What's the difference between Ethos and the option of sending files of interest to Immunet for analysis (from Miscellaneous Settings). How do they work? And to what extents either of them affect privacy and safety? What happens if I were to disable one of them or both? Would I still receive the complete protection?
  21. Microsoft has issued a security patch for a security flaw for all Windows platforms. Microsoft has decided to include even Win 7 users for this security update. The flaw is called 'PrintNightmare' also identified as CVE-2021-34527 which affects all versions of Windows. The flaw is associated with the Print Spooler Service. The Print Spooler service manages access to a printer connected to your system. Hackers can use this vulnerability to view or delete data, download arbitrary code or even create new user accounts using Administrator privileges. Depending on your Windows Platform the Windows Update package that will be installed are KB5004945 through KB5004959. Microsoft is advising all users to update your PC ASAP to get this security patch. If you have Windows Updates set to automatic you will get the security update. If you update Windows manually run the Windows Updater as soon as you get the chance. If you don't use a printer anyways you can go into Services and disable the Print Spooler Service which won't affect any other process. Since I don't use a printer I already had that Service disabled thankfully! However, I would still recommend you get this update installed. Just in case you decide to connect a printer to your system at a later date. Best wishes, Ritchie...
  22. There is a known issue with devices using 4k screens and the Immunet UI being displayed too small. If that's the case there is no fix or work-around that I'm aware of. This issue was reported to Support several years ago actually. For my Win 10 PC using a wide screen HDMI PC monitor (but not 4k) I use a screen resolution of 1920 x 1080. For my PC the UI looks normal & useable with that resolution being used. Regards, Ritchie...
  23. Hi, I just recently downloaded Immunet on my Windows 10 and have issues seeing the app. I've tried changing the setting display "scale and layout" as well adjusting the compatibility in the app "properties". None of these methods worked. I'm wondering if anyone is experiencing this and whether there is a solution?
  24. You can download the newest 7.4.2. 20335 boot-strapper installer package at the included URL link so you won't have to attempt to update through the UI. First do another uninstall of Immunet. When asked by the uninstaller if you plan to reinstall Immunet again "select the 'NO' option!" This does give you the cleanest uninstall possible with the built-in uninstaller when choosing the NO option but you will have to reconfigure the Settings to the way you had them, add any custom Exclusions & Scheduled Scan(s) you might have been using too. After doing the uninstall first reboot -> then go into the Program Files directory -> delete all Immunet folders you see in that directory -> clear any junk files & then use a good Registry cleaner to find any orphaned Registry keys (CCleaner has a decent junk file & Registry cleaner, I use it on a daily basis) -> reboot your computer again after cleaning & then download & run this new boot-strapper installer. https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe Don't forget to close your browser first after downloading the installer before running it. In fact, close any unnecessary third-party apps that are running beforehand. Also, since Immunet uses a boot-strapper installer it does require an unencumbered internet connection during the complete installation process as the install files are being pulled down from the cloud. So make sure any other security software isn't interfering with that installation process including your Firewall. -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- After a successful installation make sure the necessary processes that Immunet uses to function properly are not being interfered with too. These are sfc.exe, iptray.exe, cscm.exe and freshclam.exe (if using the ClamAV module). Allow both in-coming & out-going internet traffic for these processes with, once again, your Firewall & any other installed security software you may be using. I hope these suggestions are of help Michael. Regards, Ritchie...
  25. I am unable to update unless i un-install and re install the software.
  26. "The Immunet team would like to wish everyone a safe & happy 4th of July holiday weekend!" Almost all cities & towns across the country canceled their fireworks display because of the pandemic last year. "I'm sure there are lots of people, including myself, looking forward to this years' fireworks display!"
  27. This site only uses the 'English language' as there are no translators. You will need to first translate any additional post to English next time. I was able to translate the post myself and here's information by the developers on how to remove Tron Script from your computer. Delete the tron .exe file that you downloaded, the tron and integrity_verification Program Files folders that were created when you ran the tron .exe file, and the logs folder at the root level of your startup drive. Uninstall Malwarebytes. Use a registry cleaner (such as CCleaner) to clean out any orphaned registry entries. Empty Recycle Bin, reboot.
  28. Hace poco me comentaron que Tron Scritp me ayudaria con malware y proteger mi dispositvo pero ahora lo quiero eliminar alguien sabe como?
  29. You're right there Zom! As newer software becomes increasingly more complex, requiring additional system resources, sometimes even a newer computer might need a performance boost by increasing the amount of available Random Access Memory. For my custom built HP Elite Desktop tower PC I already have the maximum amount of memory installed that the mobo can accommodate, which is 32GB of DDR3 RAM (4 x 8GB 1600MHz [PC3-12800] modules). OS - Win 10 Pro (Business Edition) x64, CPU is the I7 4790 Intel quad core chip @ 3.8 GHz, hardware overclocked & stable @ 4.2 GHz & 3 X 2TB SSD's using a RAID 0 configuration for faster data I/O, my PC is a "lighting quick monster" as a comparison!
  1. Load more activity
  • Create New...