Jump to content

All Activity

This stream auto-updates     

  1. Yesterday
  2. Hi Spatha, If you're sure your copy of the software is not malicious (you can use VirusTotal to check to make sure https://www.virustotal.com/gui/home/upload) I would suggest you also report that as a False Positive like I advised wintonson at our FP reporting site. https://www.immunet.com/false_positive You can still use the software if you create a custom exclusion rule with Immunet as I described in my last thread to this topic. Cheers, Ritchie...
  3. Hello, I got the same blocking with Mp3Tag, a freeware I use to modify .MP3, .FLAC & others medias files...
  4. Last week
  5. Hi zombunny2, Glad to hear you fixed the issue you were encountering! Sorry to hear you had to go through so much stuff to achieve that though. My personal opinion is that Immunet needs a comprehensive removal tool developed, that will work with the newest builds, to clean all traces of the software just in case. Cheers, Ritchie...
  6. Hi all, apologies for resurrecting an older thread, but I simply haven't had the chance to reply. In the interests of courtesy and helping others with similar issues in the future, I thought I'd reply. I had already tried uninstalling (and thought I'd clicked "no" to the "remember stuff?" dialog) - however I did it again, just to be sure. I then ran the Windows built-in disk cleaner, Revo Uninstaller's "search for junk files", Bleachbit, and CCleaner, to ensure I'd removed all temporary files, orphaned registry entries, etc. I also manually searched for any immunet traces by using "dir /s/a/b/p *immunet*" from the command line, from the root directory of drive C. You can use a similar technique to search for anything cisco, sourcefire or clamav related, but in my case it didn't reveal anything Immunet-related, and risks identifying other software. It's then just a case of using "del" and "rd" as appropriate to remove any traces of Immunet (there were virtually none). (There might be a GUI-based way of doing this, but MS generally try to hide directory-structures and system files in their GUI dialogs, so it probably won't work. It was very easy in WfW/Win9x/NT/2000, but I think something changed from XP onwards. If you want to just get something done, cmd is your friend)! Finally, a reboot and clean reinstall of Immunet and it was working fine again. I'm not sure which of these actions cleared the relevant temporary files or database-files that were causing the problem, but this sequence of steps fixed it.
  7. Earlier
  8. Hi novirus, Do you have samples of these possible exploits/malware? If so, here are instructions on how & where to send them to. We don't want forum members posting actual malware samples here on this site (for the security of other members) but we do have a malware sample submission site using this email address: submit@samples.immunet.com Before sending the samples put them all in a folder, compress the folder using a program like 7zip or WinRAR and use a password to encrypt it, add that as an attachment to the email. As the email header type: Virus Samples, so the tech immediately knows what it is. Include a description of the type of malware it is and any other pertinent data you can think of in the email, just don't forget to include the password so the folder can be unpacked. Regards, Ritchie...
  9. new variants of power shell exploits these are not detected by av believed these were addressed by April 2019 windows fix but i dont know also nov updates regular computer user gonna be messed big,my 1 cent or penny
  10. The U.S. Army has issued a public statement saying that some American citizens are receiving fake draft notices in the form of text messages via smartphone. That they report to the nearest recruiting station for training & deployment to Iran. Army officials issued a statement, saying, "U.S. Army Recruiting Command has received multiple calls and emails about these fake text messages and wants to ensure Americans understand these texts are false and were not initiated by this command or the U.S. Army." There hasn't been any compulsory military service obligation since shortly after the Vietnam war ended. The U.S. military is comprised of strictly voluntary members since 1973. The messages don't seem to appear to target one particular age group or gender. Some childern's phones have actually even been targeted! If you get one of these fake texts, Mallory Vergara with the Better Business Bureau warns people not to click on anything. “As soon as you click that information, they can hack into your phone, get your email, address, social, whatever information that you have on your phone," Vergara said. So if you're unlucky enough to get one of these bogus text messages just delete it. Don't click on any attachments or links that may be included in the text message. Here is a image what the fake text message may look like.
  11. There is one solution: Buy the commercial Cisco AMP for Endpoints subscription. Just sayin'.
  12. Sorry for the delay in responding. I came down with that darn flu virus that's goin' around. I was down for the count for a few days, wishing someone would just put me out of my misery, lol! Instead of using your personal email it would be more convenient if we use the forum's Private Message feature. Just click on the little envelope icon on the upper right-hand side of the page after logging in to view or send a PM. It's that easy. I'll send you a PM on how to start the diagnostic procedure and where & who to send the data to. Regards, Ritchie... Edit: PM sent!
  13. IN you'll only see a popup detection message if anything malicious is actually detected. So nO news is good news. If you open the main immunet dialog on screen and then right click -> scan a directory with a lot of files in it: the "Scan now" button in the main Immunet dialog will change to just "Scanning" while the scan is in progress. And if you click on it at this time it'll open up the scan progress window. This also happens when you scan just a single file but often the button text changes so quickly it's hard to see. It goes from "Scan now" to "scanning" and back to "scan now" in ~half a second or so.
  14. I would like to try and reproduce this, can you tell em what model of printer you have eddyk? I know it's Lexmark something - but what model? I doubt they all use the same driver. Thanks RobT
  15. Thanks for the new tool rlarjsdn122, Immunet's expected behavior for demo and test "benign malware" is to block it from running, alert, and quarantine it. This is standard behavior across the AV industry. The same goes for the Eicar test file, and a vanquish test rootkit. That being said, we should be able to do better than the Alert name: "Win.Dropper.Generic::mash.rt.sbx.vioc"  to at least indicate it's the knowbe4 test file. I'll escalate this internally with our sig dev team and see if we can at least get it appropriately named.
  16. Sorry to say but i will stay with windows defender for a while! Have a nice day
  17. Thanks Ritchie. The point is that there is a major problem with this version. It seems that it doesnt saves the options in settings properly, but i believe that there is a conflict with immunet and clamav. Stopping wifi it still seems to be scanning, but also it doesnt stop scanning when it starts. Update to clamav doesnt work. I am going to reinstall the old version, as this one seems to be buggy. I work in a laptop tsblet and I want to use only immunet cloud scanning as it has not much power. Also, sometimes with no intrenet i might need clamav, so it is important to work nice and smoothly.
  18. Yes I would be very thankful to have that help. Can you send those to me directly via email? info@champion.org? If not I will check back in. Thank you again for your help. Would love to find a simple solution. Very puzzling to me. Merle
  19. If you would like to participate Merle, there is the Verbose Tray Notifications Setting you can enable (this feature is for troubleshooting/diagnostic purposes) for both machines and then send us a Support Diagnostic Tool Report for both. If you enable the VTN feature you will start getting some different pop-up messages from Immunet that you're not use to seeing. Immunet's log files will increase in size, disk I/O, CPU & RAM usage may increase at times too. This behavior is normal when this setting is enabled. I can give you detailed instructions on how to accomplish that if you give it a go and/or have any questions. For anyone else who reads this thread "do not enable" the Verbose Tray Notifications feature unless instructed to do so. Regards, Ritchie...
  20. I have gone over and over it. I cannot see anything different. Both are using Win 10. It has never shown the proxy as detected.
  21. Interesting fix you thought of Aris! I hope the devs take note of your efforts and look into this. Although it's not advocated that users, under normal circumstances, mess with Immunet's registry keys. Actually it is recommended that one or two of the Program Files folders for the newest older builds you used not be deleted for possible future troubleshooting/bug fix purposes. If you know what you're doing and are an intermediate or advanced computer user then using Windows regedit shouldn't be a problem but I can't recommend a novice computer user try this method. Delete the wrong registry keys and maybe your OS won't even work anymore. Even for advanced computer users it's still not a bad idea to create a manual System Restore Point before using regedit, just in case!!! Happy New Year to you too bro! Cheers, Ritchie...
  22. Hi Merle, That is rather strange! Does both machines use the same Operating System & the same security setup? Is there anything different that you can think of between the two machines? Why the UI is not detecting your proxy service is troubling though. That should be detected automatically by Immunet! This could be a bug with the software unfortunately.
  23. Happy New Year! And a pray for the fires all over the world, especially Australia, to stop! Finally, I did it again! To remove this error 503 you need to make a clean uninstall of Immunet first and then reinstall it! Uninstall, clear all data. After restarting, delete folders of immunet on program files and data. After, running regedit.exe, search for "immunet" delete these keys and subkeys... (I deleted some root keys also (where I see that it is only for immunet). Then reinstall! I didn't try it without registry cleaning (only reinstall after uninstalling) but you can try it first (just to not mess up with registry) Happy new 2020
  24. Ritchie, Thank you so much for your quick reply. I had those sites and ips all added to the proxy server. I am still having trouble with one machine and the other is fine. Any ideas? Here is the symptoms and what i have tried: 1. I believe both machines are set up very similar. The same vs security and connecting to the internet as far as i can see. 2. Both have to use the proxy to get out to webpages and do so successfully. I have checked proxy in the network settings, checked with netsh commands and they all seem correct. 3. Both machines when i look at the Immunet Proxy settings say no proxy detected. Again the one works fine through the proxy and both machines are fine on proxy and internet. 4. For the computer that is not working, i get a cannot connect to the server error (error 0). 5. If I shut down the router rules that block https, the machine will update and stay updated it appears (even with rules turned back on) until it is restarted, then gives the error. 6. I have tried installing, reinstalling, etc. Do you have any suggestions to try? Thanks, Merle
  25. Thanks for the explanation for what the software does novirus. I could see where that could be a very useful tool for IT or security professionals! Immunet does block "known strains" of ransomware. It's the brand new, emerging forms of ransomware that can be problematic for users until new malware definitions are created to block it. Congratulations btw novirus! Since you now have over 10 posts you are no longer a Newbie, instead you are the "newest official Member to the Immunet community!"
  26. i was trying if immunet blocks ransomware but i use chrome add on like norton malwarebytes ,they prevent web page to open anyway
  27. RanSim is a tool that simulates the behavior of ransomware. The purpose of RanSim is to check if a workstation is well-protected with endpoint security software which would be able to detect and prevent real ransomware attacks. It also allows you to see if this software is incorrectly blocking files by running "false positive" scenarios. You can optionally select specific files you'd like to test to see how they would be affected by the ransomware simulations. ............................................maybe similar to cisco/talos amp,network protection
  28. I personally am quite curious about what exactly this software does? If it a tool to teach future cyber security technicians how to recognize suspicious/malicious code that would be a great thing! There actually is a growing shortage of trained cyber security personal worldwide. This doesn't bode well for the average computer user as malware is sure to become more complex & prevalent as well because of this.
  1. Load more activity
  • Create New...