Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 11/01/2020 in Posts

  1. 2 points
    Hmm, restore from quarantine seems fine now. I suspect this might just be related to system load. If the system is under stress when an attempt is made to restore from quarantine, it probably takes slightly too long for the GUI to communicate properly with the Immunet service, so the GUI assumes that the service isn't running, and/or the operation has failed. Intermittent error are the worst to diagnose and fix!
  2. 1 point
    Wow! I can't think of anything else for you to try qwerty123, I'm at a loss. Sorry I couldn't help ya bro! I would normally recommend that you submit another FP report to the devs but the FP reporting URL seems to be non-functional at this time which comes as no surprise to me given the current circumstances. With no technical support on this site anymore and other on-going issues (such as the FP URL not working & the continuing EX0 server error messages with this site to name a few) I know I'm starting to get quite perplexed as to why Immunet was/is being so neglected for so many months now. I know there's a pandemic going on but other AV company's don't seem to have problems providing expert technical support for it's users in spite of that fact. Must be that this software is a "extremely low" priory with Cisco right now. If things don't improve soon I don't think I will want to remain involved with this project. That's how frustrated I'm becoming! "I don't want to attempt to support, which I'm increasingly starting to believe is, just glorified abandonware for much longer!" Everyone has only so much patience before it's expended. Seeing software that once had such great potential (and still does actually) that I've been personally involved with for well over 10 years go by the wayside really sucks! Ritchie...
  3. 1 point
    I wish a support person would/could add some insight into this issue. Adding the entire games' C:\Program Files (x86)\ folder directory to the exclusion list should have worked. Unless... Immunet does have additional behavioral blocking capabilities too so maybe that's the issue. Immunet thinks that the games' executable is possibly "unknown malicious code" trying to execute on your system would be my extrapolation. Mmm, try adding another exclusion for the file path of the executable file that's being shown with the warning dialog box. That is: C:\Program Files (x86)\Path of Exile\PathOfExile_X64.exe (great idea to add the screen-grab btw!). Also, try turning off "Blocking Mode" in Settings too. Regards, Ritchie...
  4. 1 point
    If you created a C:\Program Files Exclusion for the game that should have worked! No mistakes can be made with spelling, spaces, etc... associated with the file path or the exclusion won't work. If you manually typed in the file path the first time around try using the Exclusion's "Browse" feature this time. Also, try excluding the game's "entire Program Files folder" if you didn't last time. Here's how... Open Settings -> scroll down to Add New Exclusion & click on that -> click on the Browse button -> find the correct Program Files folder and click on the folder itself -> click on Add Exclusion -> click Apply -> click Close. You can delete the old exclusion after you create the new one. I hope this info helps qwerty123 Best wishes, Ritchie...
  5. 1 point
    I found a way to manually update clamav (from http://www.clamwin.com/content/view/58/27/), by creating a folder [C:\Users\All Users\.clamwin\db] then put daily.cvd and main.cvd into the folder. After that immunet main view will show updated version number at next launch. I am not sure if this was the root cause in my case but 2 issues I found: By default my C:\Users\All Users\ folder is inaccessible. I had to change the security permission by removing all users deny all permission. Creating folder starting with "." requires use of command prompt. However this does not enable auto update, albeit settings is, I still have to download the files myself. The immunet updater show downloading daily.cvd (7%, 15%, 22%) then always fails, saying 'unable to install updates, please try again later.'
  6. 1 point
    Well, isn't that strange! Sorry zom but I would recommend that matt use Revo Uninstaller instead since I've never heard of or used BCUninstaller. I've personally used Revo Uninstaller with very good results in the past with uninstalling troublesome programs. Revo can in fact find orphaned registry keys, left over folders and files too if you use the Advanced scan setting. The free version will work great with 32bit systems but I would recommend you choose the "fully functional free trial" of the Pro version if you have a 64bit system as it better supports those platforms. https://www.revouninstaller.com/revo-uninstaller-free-download/ If you've never used Revo Uninstaller before there are some great tutorial videos (even by the developers themselves) on YouTube you can view prior to using the software. Just to be on the safe side it's not a bad idea to create a manual "System Restore Point" first in case you accidentally delete something you shouldn't have (like a OS system file or folder). I would recommend you enter "Safe Mode without Networking" before uninstalling with Revo Uninstaller. Some earlier versions of Win 10, Microsoft (in it's infinite wisdom) made accessing Safe Mode a more dawn out affair so let me know if you run into any difficulty there. Also, please read the thread I added to the other Issues/Defects topic you posted regarding what to do next with the reinstall. Cheers, Ritchie...
  7. 1 point
    Here is something I would recommend you try. First uninstall the old build first. When asked by the uninstaller if you plan to reinstall Immunet again choose the "NO" option and proceed with the remainder of the uninstall. Then download this bootstrapper installer package & run it. https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe This will install the newest build of Immunet. You will have to reconfigure your settings to way you had them & add any custom exclusions & automatic scan(s) you may have been using again. Please note: Some users have reported issues with updating the ClamAV module after installation with build 7.3.2 unfortunately. I hope this info helps. Regards, Ritchie...
  8. 1 point
    Glad I could help out qwerty123. If you encounter any other conflicts between Immunet & the game or mouse apps let me know. Best wishes, Ritchie...
  9. 1 point
    Dr. Franken...: What a filthy job. Igor: Could be worse. Dr. Franken...: How? Igor: Could be raining.
  10. 1 point
    Hi qwerty123, Have you tried to add a custom Exclusion rule for the autohotkey app(s) with Immunet? If not, give that a try and see if that fixes the issue. Just make sure you exclude the correct file path(s) for the app(s).
  11. 1 point
    Don't forget to delete the files lastupd and update.log (a lastupd file can make trouble). During tests, I always rename the cvd files to see if fresh cvd's are being downloaded. FrankenImmunet, sounds good. FrankenImmunet with IgorCloud.
  12. 1 point
    Did you overwrite the old files in the folder %programfiles%\Immunet\clamav\[version] ??? Immunet use the old engine if you create a new folder with the new version of the engine in %programfiles%\Immunet\clamav\. This folder is set in the configuration files of Immunet and you cant edit this cofiguration file about protection functions of Immunet. (If you edit the file, Immunet cant start and stop protection od the system) So you have to stop the Immunet service and overwrite the old files i. e. in ...\Immunet\clamav\0.102.1.76 Start the Immunet service and try again the update 2-3 times. This is not a Problem or Bug. ClamAV doesent Update the CVD Files if Engine is outdated. This is not a bug, it is a security feature. The update Button in Immunet only check for a Update of Immunet it self and runs freshclam.exe (from ClamAV) to update the CVD files. Thats all. So if the Engine is outdated freshclam.exe cancel the update. You can check this also if you run freshclam.exe in CMD.
  13. 1 point
    Hello Ritchie, the machine that started working experienced multiple failures updating the database after this first initial update - and then I think might have subsequently updated successfully. --- As an additional test...: I have tried Immunet on a second machine and nothing works to make the ClamAV module update on the second machine: I tried editing freshclam.conf to change the timeouts to much larger values. Update still fails. I tried booting from GNU/Linux and manually copying recent (a couple of days old) clamav cvd files to Immunet\clamav\[version] folder. Update seems to have been attempted once and failed. No further updates are attempted when clicking "update" in the Immunet GUI. I tried uncompressing the latest windows 64-bit clamav portable zip file from the ClamAV official website, overwriting the files in Immunet's %programfiles%\Immunet\clamav\[version] folder. No updates are attempted when clicking "update" in the Immunet GUI. I'm not sure what the difference is between the two machines. They're both 64-bit Windows 10 and Immunet was a fresh install (i.e. any previous installation had been removed with the "save settings: no" option). There is a log file in Immunet's ClamAV dir, which indicates that the ClamAV engine itself loads into memory, but I've not found any log file detailing what happens during an update attempt. It's a shame, as ClamAV can actually have a really good detection rate if you supplement it with the Securiteinfo and Sane Security custom databases. While attempting to diagnose it, I'm reluctant to customise my installation beyond anything required for the diagnostic effort, though.
  14. 1 point
    I am guessing you didn't read my post? I said that the link https://www.immunet.com/false_positive shows an error when posting it, from what I have heard it has been broken for months now. Guess the Devs can't keep up with all the bugs, not sure how many there are working on Immunet?
  15. 1 point
    It seems like there might be another issue in build 7.3.2, although I think it's an exacerbation of a long-standing one. I was running a full scan as a test in 7.3.2 and a few items (all false-positives so far) have been quarantined. Attempting to restore from quarantine results in "Restore from quarantine failed. Check agent is online". The agent is definitely online because I can still run more scans and quarantine (well, permanently lose) even more items. The unfortunate thing is, once a restoration attempt has failed once, Immunet won't let you even try to restore the item from quarantine again. This means that any files that have been quarantined and not restored are lost forever (subject to having adequate backups). This was always an intermittent (but rare issue) in Immunet, but in this latest build, it has happened on all but 1 of the detections in my initial test scan. This is why the "ask me" option in the settings should ask the question *before* quarantining, not after like it currently does.
  16. 1 point
    Would be nice to have false positive reporter in the Immunet program possibly in quarantine maybe in new UI update?
  17. 1 point
    Wow, that's strange! I've just reinstalled Immunet (I had uninstalled it, selecting "no", so that all data and settings would be deleted). The first thing it did was update the ClamAV databases successfully! I hope this was just a temporary glitch. Fingers crossed it's now fixed...
  18. 1 point
    Sorry to have been the harbinger of doom! I agree with lavamagma in that it is probably some sort of timeout issue. A while back I started experiencing update timeouts with both Freshclam and the "clamav-unofficial-sigs" scripts on my GNU/Linux boxes. It was basically caused by a time-out value that was too low in freshclam.conf (or wget/curl's default settings, in the case of the unofficial signatures script). Once the database had grown to a certain size, it was impossible to download it quickly-enough for the entire file to be complete before the timeout was reached. This was initially noticeable with the unofficial signatures script, because the SecuriteInfo "old" database is extremely large (~300MB), and SecuriteInfo restricts download-speeds for free users to circa 384KB/s. I believe a change to the default freshclam.conf fixed this in one of the recent versions. I suspect that you won't see this issue if you've already downloaded all the ClamAV databases once, because subsequent updates only require downloading the latest .cld patches. One way to test this would be to manually download the ClamAV databases from the web site, stop Immunet's service, copy them to Immunet's ClamAV dir, and then restart Immunet. Another option, if Immunet honours freshclam.conf settings, is to look to see if freshclam.conf is present in the folder, and set the ConnectTimeout and ReceiveTimeout settings to something like 300 (5 minutes) and 3600 (1 hour) respectively. I may have a quick look at these two options when I am next back in Windows.
  19. 1 point
    Hello all We are happy to announce a new release of Immunet: Version 7.3.2! This latest version of Immunet provides the same great protection against malware and viruses as before, but also includes some new features, enhancements and bug fixes as below. Changes in 7.3.2 New: Exploit Prevention engine with Script Control support Bugfixes/Enhancements Improvements to endpoint threat activity detection engine Increased the number of process exclusions honoured by the Connector to 500. Improved stability of local UI notifications. Addressed an issue where System Process Protection exclusions would not work for processes that start before the Connector. Changed Connector driver altitudes to officially registered altitudes. Removed Connector-related events and logs from a computer when the Connector is uninstalled Addressed issues with file exclusions. General performance and stability improvements for Exploit Prevention engine Fix for the vulnerability described in CVE-2019-0708. Fixed Exploit Prevention engine compatibility issues with the following applications: APTA Connect MS PowerPoint 2016/2013 FSLogix Internet Explorer and different plugins CIG ACG MS Office Appv applications Visual Studio debugger Vizient and Open Text IRM Black Knight You can get the new installer from here https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe Expected upgrade behaviour for Immunet users: * Upgrades from Connector versions < 7.0.0 to 7.0.0+ require a reboot to complete * Upgrades from Connector versions 7.0.0+ to any higher version do not require a reboot to complete If you are running an older version of Immunet, you should be able to upgrade via the 'Update Now' button in the UI. If you don't see the update in your UI we recommend uninstalling Immunet and reinstalling the version downloaded from http://www.immunet.com/index
  20. 1 point
    What a "great idea" for Immunet users to voice their likes & dislikes Barbara! I completed the survey although, if chosen, I wouldn't be able to participate in the video conference since my computer has no web cam. "I would 'strongly urge any & all Immunet users' to complete this survey!" It really does only take a few minutes & that will give the devs much more insight into what Immunet users want in a new build. Best wishes, Ritchie...
  21. 1 point
    Hello all, We are happy to announce a new release of Immunet: Version 7.3.0! This latest version of Immunet provides the same great protection against malware and viruses as before but also includes some new features, enhancements and bug fixes as below. Changes in 7.3.0 New & Enhancements: New endpoint threat activity detection engine New Immunet UI cloud connect status message replacing cloud stats message Bug Fixes: Connector cloud registration issue fix related to long network interface names Fixed an issue related to support package Mitigating fixes related to no-reboot upgrade and uninstall failures Immunet Installer bug fixes Other bug fixes You can get the new installer from here https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe Expected upgrade behaviour for Immunet users: Upgrades from Connector versions < 7.0.0 to 7.0.0+ require a reboot to complete Upgrades from Connector versions 7.0.0+ to any higher version do not require a reboot to complete Looking forward to your participation in using our new detection engine and some help in cases of upgrade reboot failures issues, if encountered any. We would appreciate it if you can reach out to us via support forum with Support logs as soon as you see upgrade failing or upgrade asking for a reboot on upgrade. If you are running an older version of Immunet, you should be able to upgrade via the 'Update Now' button in the UI. If you don't see the update in your UI we recommend uninstalling Immunet and reinstalling the version downloaded from http://www.immunet.com/index
  22. 1 point
    Hello all, We are happy to announce a new release of Immunet: Version 7.2.8! This latest version of Immunet provides the same great protection against malware and viruses as before but also includes some new features, enchantments and bug fixes as below. Changes in 7.2.8 New & Enhancements: Added support for the Windows 10 November 2019 Update (version 1909) Added support for Windows 10 20H1 (Version 2004) (RTM Preview build: 19041) Improved visibility and enhanced protection against script-based attacks System Process Protection Improvements Improved Malicious Activity Protection engine to no longer detect on Google Chrome Stability Improvements in the Exploit Prevention engine Installer improvements to handle NoReboot upgrades and uninstall Stability Improvements in the Immunet SelfProtect driver Bug Fixes: Resolved Windows Connector service freeze issue on startup, under certain circumstances Improved the Windows connector process of gathering BIOS serial number, when needed, to properly detect hardware changes for registration with AMP Cloud Fixed a crash that could be encountered on shutdown Addressed issue where Windows Connector would fail to upgrade when installed alongside BitDefender AV Made stability improvements in the Connector installer Fixed an issue where ClamAV was taking a long time in scanning PDF files resulting into longer high CPU usage Updated ClamAV to 0.102.1, including changes related to the vulnerability described in CVE-2019-15961 Fixed an Exploit Prevention engine issue that could cause Google Chrome v78 and later to crash or display a renderer code integrity error This version also addresses the following vulnerabilities: CVE-2019-1010305 CVE-2019-12625 CVE-2019-12900 You can get the new installer from here https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe Expected upgrade behaviour for Immunet users: * Upgrades from Connector versions < 7.0.0 to 7.0.0+ require a reboot to complete * Upgrades from Connector versions 7.0.0+ to any higher version do not require a reboot to complete Looking forward to your participation and help in cases of upgrade reboot failures issues, if encountered any. We would appreciate it if you can reach out to us via support forum with Support logs as soon as you see upgrade failing or upgrade asking for a reboot on upgrade. If you are running an older version of Immunet, you should be able to upgrade via the 'Update Now' button in the UI. If you don't see the update in your UI we recommend uninstalling Immunet and reinstalling the version downloaded from http://www.immunet.com/index
  23. 1 point
    Yet another false positive during a Photoshop update. Between the quarantines of Windows updates, the log files filling up drives until 0 space is left, extreme CPU hogging and latest updates always being crap (making me always wait months before updating as others work through the crap and fixes are released) it is not worth it any more. It may actually be easier to deal with viruses. Can anyone recommend a good free alternative for active scanning? I usually also keep Malwarebytes on my computer and it's always been good at catching malware, but I don't like using it for active scanning.
  24. 1 point
    Fixed on the latest version until eventually it comes back. Every version I've ever used has ended up at high CPU utilization for long periods of time (just for sitting idle on active scan, not doing any actual scans), 90% to the point I have to kill it. Debugging is not enabled (and I never enable it). The log file thing was just an older issue I was describing. I don't think I will go to any future version but I recommend that the false positive thing happens way too often. Do reach-out to major vendors like Microsoft & Adobe and see if they are willing to do testing on your newer versions before they get rolled out. I am sure they are just as keen to not have a 3rd party AV kill their users' installs as much as you. My conclusion is that I have spent a significant amount of time dealing with Immunet issues that actually getting a virus would take less time to deal with. It should be a set-it-and-forget it type of thing.
×
×
  • Create New...