Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 07/06/2019 in all areas

  1. 3 points
    Hello all, We are happy to announce a new release of Immunet: Version 7.0.0! This latest version of Immunet provides the same great protection against malware and viruses as before, but also includes Credo and AMSI. Credo is a ML engine that allows endpoint connector to extract feature print of a PE file and send to the cloud to see whether the file is malware or not. ScriptID engine allows AMP connector to analyze scripts prior to execution. It is based on the Windows Antimalware Scan Interface (AMSI). In 7.0.0 version of connector only PowerShell scripts are analyzed. You can get the new installer here. https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe If you are running an older version of Immunet, you should be able to upgrade via the 'Update Now' button in the UI. If you don't see the update in your UI we recommend uninstalling Immunet and reinstalling the version downloaded from http://www.immunet.com/index Changes in 7.0.0 Improvements and updates: New Credo engine New ScriptID engine for AMSI Query improvements in Immunet Protect driver Improvement in preforming Immunet registration Improvements in Connectivity test tool Curl version update ImmunetSCMS service now handle crash reporting Driver updates to support No Reboot upgrades New certificate for the ELAM driver Improvements on the Malicious Activity Protection (MAP) to reduce false positive Fixes: Stability Improvements in the Immunet Protect driver Stability Improvements in the SPP Stability Improvement on Immunet Protect shutdown Stability Improvements in the Exploit prevention
  2. 2 points
    Oh yes Ritchie, you are doing an excellent job.
  3. 2 points
    You made a great Job here Ritchie, you help a lot this community. Perhaps cisco doesn't have someone managing support of immunet. It seems when they have a free time they visit here to see what is going on.
  4. 2 points
    Hello all, We are happy to announce a new release of Immunet: Version 7.3.0! This latest version of Immunet provides the same great protection against malware and viruses as before but also includes some new features, enhancements and bug fixes as below. Changes in 7.3.0 New & Enhancements: New endpoint threat activity detection engine New Immunet UI cloud connect status message replacing cloud stats message Bug Fixes: Connector cloud registration issue fix related to long network interface names Fixed an issue related to support package Mitigating fixes related to no-reboot upgrade and uninstall failures Immunet Installer bug fixes Other bug fixes You can get the new installer from here https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe Expected upgrade behaviour for Immunet users: Upgrades from Connector versions < 7.0.0 to 7.0.0+ require a reboot to complete Upgrades from Connector versions 7.0.0+ to any higher version do not require a reboot to complete Looking forward to your participation in using our new detection engine and some help in cases of upgrade reboot failures issues, if encountered any. We would appreciate it if you can reach out to us via support forum with Support logs as soon as you see upgrade failing or upgrade asking for a reboot on upgrade. If you are running an older version of Immunet, you should be able to upgrade via the 'Update Now' button in the UI. If you don't see the update in your UI we recommend uninstalling Immunet and reinstalling the version downloaded from http://www.immunet.com/index
  5. 2 points
    Hey all, For a more "generic" way to start/stop Immunet, you can do the following (possibly only works in Windows 10, I haven't tried on earlier versions * ) : Stopping Immunet From the command line: wmic service where "name like 'Immunet%'" call stopservice or from a batch file: wmic service where "name like 'Immunet%%'" call stopservice (Re-)Starting Immunet From the command line: wmic service where "name like 'Immunet%'" call startservice or from a batch file: wmic service where "name like 'Immunet%%'" call startservice The advantage of these is you don't need to know what version of Immunet you're using, so you don't need to work out the new service name after upgrades or edit any scripts you have. I have a custom script that downloads some of the Securiteinfo, Sanesecurity and RFXN custom databases, stops Immunet, copies them to Immunet's "ClamAV" dir, and restarts Immunet. By identifying the "newest" ClamAV dir and using the more-generic way of stopping the service, my script doesn't need editing every time Immunet upgrades. For my case, this increases Immunet's static file detection rate from about ~75% to >95%. I originally worked this out a while ago because I did a couple of upgrades where the Immunet service changed name from something like "ImmunetProtect" to "Immunet 6.0.4" --- * I don't know much about Windows as I've been primarily a Unix/Solaris/GNU-Linux user for both work and play since the late 1990s. I only maintain a Windows installation for the tuning software that allows me to flash custom maps to my car's ECU.
  6. 2 points
    Hi 4tygrit i've the same update problem with the main.cvd file in a other post. To update immunet i've download ClamAV Portable (doant forget to get Updates in ClamAV). Stop the Immunet Service Delete in "C:\Program Files\Immunet\clamav\0.1......" the file main.cvd and daily.cvd copy the main.cld and daily.cvd files from "...\PortableApps\ClamWinPortable\Data\db" to "C:\Program Files\Immunet\clamav\0.1......" Start the Immunet Service again
  7. 2 points
    I'd like to report that the 7.2.8 upgrade through the UI took place with no problems. No reboot necessary! Great job on that guys! I did have to create a new allow rule with my firewall for sfc.exe but that's not uncommon behavior when a new build is installed. Some impressive changes have been made! A personal thanks to nirmeshptl for including a detailed change log with this announcement! Something I've been suggesting in the past when a new build is publicly rolled out. Best wishes, Ritchie...
  8. 2 points
    Interesting video you uploaded Valnat! Thanks for sharing. As the video demonstrates Immunet has some suburb efficacy! Much better than Microsoft's Defender AV! As you mentioned Immunet can be used as a stand-alone AV solution but it is recommended you use the ClamAV module if used in that manner. If Immunet is used as a companion AV to another compatible "paid product" it's best if the ClamAV module and updates for it remain disabled. This will reduce the amount of system resources being used. Also, don't forget to create exclusion rules for the Program Files folders for both AV's. This can go a long way in avoiding possible conflicts between the two AV's. Regards, Ritchie... P.S. I moved this topic to the General forum section since that's a better place for it.
  9. 2 points
    Hello Damokles and thank you for your interest in Immunet, Not sure what you mean by making a complete list. Immunet originally was strictly just a cloud based AV when it was first introduced. The draw back to that was Immunet had to have a constant internet connection for cloud based lookups during normal operation & during a scan. Also there was no off-line scanning capabilities. After the introduction of the open-sourced signature based ClamAV into the program that not only added an additional layer of off-line protection but also added the ability to run scans even if no internet connection is present as it works as a traditional downloaded malware definition signature based AV. You can use just the scalable multi-threaded ClamAV scripting code http://www.clamav.net/ as an automatic or on-demand AV scanner & a email gateway scanner for instance. ClamAV does not have a UI in the traditional sense since everything is handled through Command Line scripts. Of course Immunet provides a traditional UI to users without the need for advanced technical skills to configure or use since ClamAV's scripts are integrated into Immunet's program code via the ClamAV module. Immunet can be used as a "stand-alone" AV solution. If used in this manner it is recommended that the ClamAV module & updates for it be enabled. If Immunet is used as a companion AV to a compatible paid product it is recommended that the ClamAV module remain disabled. This improves the amount of system resources being used. Immunet will work with Defender. Using them both should provide good malware protection for the average user. In fact Immunet has, by default, an exclusion for Defender for improved compatibility. If using Immunet with Defender I would consider "not disabling" the ClamAV module for the reasons described below. Adding an exclusion/exception rule to Defender for Immunet's Program Files folder is also very highly recommended. That way they recognize each other as safe programs and goes a long way in avoiding possible future conflicts. If I "had to choose" one or the other I would definitely go with Immunet over Defender. Microsoft even admits that Defender is meant for users that don't have or don't want to use a different AV solution. Although some improvements have been made with newer builds Defender still is not a stellar anti-malware program as it provides basic protection. The Plus version of Immunet is no longer available. Immunet Protect Free is just like the name implies, it's totally free for individual/home or private network use and for "non-profit" charitable or educational organizations! Immunet is not licensed for any "for profit" business, service, organization or product. If it's found that Immunet is being used in such a manner no support will be offered. This information is included in the End User License Agreement (EULA) when first installing Immunet. We recommend that any for-profit entities use Immunet's paid Enterprise version called AMP for Endpoints. https://www.cisco.com/c/en/us/products/collateral/security/fireamp-endpoints/datasheet-c78-733181.html I hope this answers your questions. Regards, Ritchie...
  10. 2 points
    Hello all, We are happy to announce a new release of Immunet: Version 7.0.2! This latest version of Immunet provides the same great protection against malware and viruses as before, but also includes NoReboot upgrade beta. The Immunet Windows Connector often requires a reboot to complete the upgrade. This can be problematic for end users who have to time reboots, if they are in middle of critical updates or working on some important project, in order to upgrade the Connector, raising barriers to upgrading more regularly. This feature is to remove the requirement for reboots when upgrading the Windows Connector for good. Expected upgrade behaviour for Immunet users: * Upgrades from Connector versions < 7.0.0 to 7.0.0+ require a reboot to complete * Upgrades from Connector versions 7.0.0+ to any higher version do not require a reboot to complete Looking forward for your participation and help in cases of upgrade reboot failures issues, if encountered any. We would appreciate if you can reach out to us via support forum with Support logs as soon as you see upgrade failing or upgrade asking for reboot on upgrade. You can get the new installer here. https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe If you are running an older version of Immunet, you should be able to upgrade via the 'Update Now' button in the UI. If you don't see the update in your UI we recommend uninstalling Immunet and reinstalling the version downloaded from http://www.immunet.com/index Changes in 7.0.2 Improvements and updates: No Reboot upgrades No Reboot uninstalls New kernel logs for Connector upgrades and uninstalls Installer improvements to handle NoReboot upgrades and uninstall Fixes: Stability Improvements in the Immunet SelfProtect driver Fixed reference leak in asynchronous kernel exclusions Stability Improvements on Immunet Protect driver
  11. 2 points
    Yup, this is the right place for your questions. Sorry, Immunet doesn't offer spam or phishing protection, Interestingly , older versions of Immunet could scan local Outlook.pst email databases for malicious email attachments, but we shelved this feature for a couple reasons: 1) the average user moved to cloud email services (gmail, Hotmail, outlook.com / etc), most of which provide absolutely minimal span and phishing protection, making local emal scanning redundant 2) Microsoft changed their outlook.pst format and libraries a couple times resulting in Immunet failing to quarantine just the attachment from within the outlook.pst database file; and instead quarantined the entire email database.
  12. 2 points
    Ritchie, As soon and you mentioned AMP I fully remembered that I selected YES on both of those systems. I uninstalled Immunet and selected NO, rebooted and all is good now!! I agree that I will stay with AMP, but this is a GREAT free product for home users. Grant
  13. 2 points
    I've sent it to Clam so guess we'll see what they say. Thanks for your help!
  14. 2 points
    I would venture to guess that the ClamAV module is scanning files at the same time as they're being created by Visual Studio. Try creating a custom Immunet Exclusion rule for Visual Studio's entire Program Files folder in Settings. Then turn ClamAV back on, restart your computer and see if the same behavior persists. You can also directly contact the ClamAV developers to inform them of this issue if you wish. https://www.clamav.net/contact Best wishes, Ritchie...
  15. 1 point
    Ritchie - I've added the three products to the firewall allow rules - no change. Rebooted, the device, double checked to make sure the firewall rules were still in place - they were. The application keeps telling me I need to update and there's no update available.
  16. 1 point
    Immunet causes a RESULT_CODE_KILLED error in chrome 81-83, occurs randomly on some pages with YouTube. Disabling extensions does not help, only removing immunet fixes the problem. In the browser, on the chrome: // conflicts # R tab ETP Protecto Morphisec Information Security 2014 Ltd v4. 5EAAD359b6000 BR C :\ program files \ immunet \ exprev \ protector32.dll description link https://textslashplain.com/2019/09/27/aw-snap-every-tab-crashes/
  17. 1 point
    failed after a week
  18. 1 point
    Well... A full server restart later with newer update installed. *NO CHANGE* Next steps: 1) Removing Immunet, 2) Restarting server, 3) Run registry cleaner (ccleaner), 4) Delete registry links and folder links to Immunet manually myself, 5) And do a fresh install. I'll be back!
  19. 1 point
    Here the solution i found last hour. Immunet need to update to new version of clamav, clamav stop updating database files with old ClamAv version.
  20. 1 point
    This Problem is a error of Immunet and not a server Problem. The ClamAV 0.102.1 provided by Immunet is outdated and the current version is 0.102.3. This is also reportet by C:\Program Files\Immunet\clamav\0.102.1.76\freshclam.exe and freshclam.exe cancel the update after the download of the first "cvd" it get. ClamAV do that to prevent using a old engine with new Database files. Freshclam.exe have problems to download and also cant update complete downloaded files. Solution 1 Download clamav-0.102.3-win-x64-portable.zip from https://www.clamav.net/downloads#otherversions Stop the Immunet Service --> net stop ImmunetProtect_7.2.8 Delete old Database files bytecode.c*, daily.c*, main.c*, lastupd and update.log Extract the files to C:\Program Files\Immunet\clamav\0.102.1.76 Start the Immunet Service --> net start ImmunetProtect_7.2.8 Start Immunet, Click on Update Now and wait a moment (if Update does not start repead it after a min.) The download location is configuratet in the file freshclam.conf, if you need to use a other mirror change it in this file. Solution 2 Immunet need a Update to new ClamAV version 0.102.3.x What a disgrace from Immunet
  21. 1 point
    Hi 4tygrit, You're not the only one experiencing update problems with Immunet presently. After folks upgraded to version 7.2.8 the UI cloud stats no longer displayed correctly and also there's reports of Immunet not letting updates to be installed. Your guess is as good as mine as to why these issues are not being looked into in a timely manner! The admin. Rob T. was helping out on the forum but he's been M.I.A. for more than a month now. There's only so much I can do being the moderator for this site. These issues need to be looked into on the server side of things. Something I can't do. "It's really starting to bum me out that support for Immunet is seemingly being completely neglected at this time to be perfectly honest with you!" Regards, Ritchie...
  22. 1 point
    Personally, I've never seen the cloud stat issue go unresolved this long after a new build is released. Now users are reporting update issues too. Are these related or what? "Hello, is there anybody out there!!!"
  23. 1 point
    Hi, Can we please add an option to prompt the user if Cisco Orbital and osquery should be installed and/or enabled, before this happens? Maybe at installation time then as an option in the "Scan Settings" ? From Cisco: https://orbital.amp.cisco.com/help/what-is-orbital/ " Cisco Orbital is a service that uses Osquery to provide you and your applications with information about your hosts. Osquery exposes an entire operating system as a relational database that you can query with SQL to gather information about the host. Orbital can be used by both Cisco customers and their applications to query their computers wherever Orbital has been deployed. " Orbital, in the context of a privately owned endpoint, is a very intrusive tool and should not be enabled by default. Thank you.
  24. 1 point
    I'm sorry to say that the Orbital code can't be disabled or deleted once it's installed. It's now an integral part of how Immunet's protection works for you. Not everyone gets the Orbital code actually. I never got the code installed on my PC. A person gets the Orbital code if Immunet detects one or more security weaknesses with your Operating System. That fills the gap for those possible vulnerabilities so to speak. Interesting idea to let the user decide if he/she wants to use it though. You could start a new topic in the "Ideas" section of the forum regarding the subject. That's not a bad idea! Regards, Ritchie...
  25. 1 point
    I used Immunet alongside Sophos Home for maybe a year on a Windows 10 rig. It was probably the most stable and quick combination I've ever used - and that was with the ClamAV engine enabled as well! They never clashed once, even on files they could both detect. For ages I never bothered adding each to the other's exclusion list, and they played fine together. I eventually added each one's "program files" folders to the other's exclusion-list, when Sophos eventually got a false positive on one of Immunet's temporary files (I had ClamAV enabled). I think I also had to add another Sophos folder (somewhere inside "c:\programdata") to Immunet's exclusions. The combo was great and never gave me an issue once. Speed was similar to running just Windows Defender. The only way I could get quicker performance was to turn off ClamAV or switch to running just Kaspersky or F-Secure on its own.
  26. 1 point
    op, Can you tell us what version of immunet & operating system your seeing this on and share a link to where you got your copy of privazar that's fp'ing? I tried privzar v3.0.96.1 Released : 06 April 2020 (both the Pe and installer versions) on win 10_X86&X64 and I can't reproduce your FP. Cheers, RobT
  27. 1 point
    Has anyone else been getting a certificate error/warning when attempting to visit these forums? I've checked my computer's clock and tried visiting with GNU Icecat (Firefox ESR), regular Firefox, and Vivaldi (based on Chromium). Warning message every time. I haven't tried regular Google Chrome but suspect users of that browser won't have any issue connecting, because last time I paid any attention to anything G, Chrome still wasn't checking the validity of HTTPS certificates (this might seem convenient because all websites "just work", but in reality is a very bad thing for your security). This situation might have changed, but as I have not used anything G for a very long time, I cannot check. If it helps webmasters with any diagnostics, I use "HTTPS everywhere" from EFF.
  28. 1 point
    Thanks for calling it out Zom, our forum cert is defiantly expired. A new one is on the way but I don't have an ETA fr it yet. Cheers, RobT
  29. 1 point
    That's kinda what I want. And I agree 100%
  30. 1 point
    Hi, I just have some free time to play with UI concepts - so I came up with these artistic prototypes. What do You Guys think? Any thoughts? My goal was to keep current functionality -> development, not a revolution. Regards, Marcin Full View: https://imgur.com/a/im7fywl
  31. 1 point
    I wholeheartedly agree. The standard Immunet UI actually looks pretty good and has aged rather well. It's also very easy to understand and use, right from the moment you first ever use the program. The only real area where it starts to show its age is on high resolution screens, where it either appears very small or scales poorly. It was better suited to the days of 800x600 or 1024x768. Maybe all it needs is a very slight cosmetic revamp, and the addition of scaling/HiDPI capability, with the general layout left largely untouched. Like others here, I really don't like the trend for "modern" UI. It's flat, boring, looks dated to begin with, and has no visual appeal whatsoever. It's like the whole metaphor of a "button" that you "press" has gone out of the window, and designers got lazy and just drew harsh-edged rectangles in Paintbrush. I remember DosShell and the MS Windows 1.x-2.x series being more ornate than W10. Even the standard X11 TWM is, and that's older than me! I still think the prettiest and nicest looking user interface for desktop PCs was KDE3 with the Keramik widgets and window-decorations, and Crystal icon theme. That was extremely 3D! The nearest Windows equivalent would probably be Windows XP Luna. Both still look good today even in a VM on modern hardware - although I think the best looking Windows interface by far (and easiest to use) is the 9x/ME/NT/2000 interface. Again, those buttons etc. still look good for some programs, even at high res.
  32. 1 point
    Ritchie I went and loaded Firefox on another drive so the warning would come up. I'll just uninstall it. I couldn't find it once I went past it on other drive with Firefox. If I'm getting it so are others. My clock is correct.
  33. 1 point
    Sorry to hear you had a bad experience with Immunet. Did you create an exclusion rule for Malwarebytes entire Program Files folder with Immunet & create a exclusion rule for Immunet with MB? That can go a long way in avoiding possible conflicts when running Immunet as a companion AV to another product. Like you mentioned, it could also be that your older computer just doesn't have the system resources needed. Especially if it's older SDRAM or DDR memory modules 3 gigs of RAM really isn't that much memory these days as software increasingly becomes more complex requiring more RAM & CPU cycles. I seen this happen to a friend of mine a number of years back. He was using an older rig with Win XP installed. After upgrading to a newer version of Immunet at that time he discovered that his old computer would just shut down after boot-up because "all available SDRAM memory was being used up!" I had to help him uninstall Immunet by using Safe Mode. Immunet no longer supports Windows XP since version 5 was first rolled out. I'm sure you're also aware that Microsoft no longer supports Windows 7 with security updates, bug fixes and system upgrades. That means as time goes by your computer will become more vulnerable to malware, viruses and hackers. Maybe it is time to consider getting a newer rig briab. Regards, Ritchie...
  34. 1 point
    Hey guys, "I too wish something can be done to end these 503 error messages that users are still encountering once & for all!" I can see why someone might get a little frustrated as this issue seemingly continues to go unresolved unfortunately. It makes me wonder if Immunet's update server is being overloaded with requests at times causing this error. Does Immunet need a faster/improved update server that can handle more traffic? CAVU, Rob or myself will send you a PM regarding your old log in credentials if they can be retrieved.
  35. 1 point
    Well this morning it decided to work. The last scan button was yellow (for not doing a scan within 24 hours?) so I did a flash scan.After that was complete I tried to schedule a scan again and it let me.
  36. 1 point
    JUICE JACK payload loaded through using public charging stations in airports ,malls phones and tablets and maybe few laptops that allow USB charging once connected payload steals information via USB connection (usually USB ports have cables already provided) STAY SAFE CAREFUL USING public USB stations use your own charger connected to power plugs thieves dont stop
  37. 1 point
    It was the first PC I built so details are a little fuzzy, but whatever the typical setup is. So surely connected to the MB via SATA. C drive is a SSD (Immunet is installed here) D drive is a regular HD
  38. 1 point
    You nailed it, it's not working on my D drive. Files on my C drive Context Menu Scan just fine. Since I have a workaround I can't be arsed to reinstall, if that turns out to be the only solution.
  39. 1 point
    Happy New Year! And a pray for the fires all over the world, especially Australia, to stop! Finally, I did it again! To remove this error 503 you need to make a clean uninstall of Immunet first and then reinstall it! Uninstall, clear all data. After restarting, delete folders of immunet on program files and data. After, running regedit.exe, search for "immunet" delete these keys and subkeys... (I deleted some root keys also (where I see that it is only for immunet). Then reinstall! I didn't try it without registry cleaning (only reinstall after uninstalling) but you can try it first (just to not mess up with registry) Happy new 2020
  40. 1 point
    RanSim is a tool that simulates the behavior of ransomware. The purpose of RanSim is to check if a workstation is well-protected with endpoint security software which would be able to detect and prevent real ransomware attacks. It also allows you to see if this software is incorrectly blocking files by running "false positive" scenarios. You can optionally select specific files you'd like to test to see how they would be affected by the ransomware simulations. ............................................maybe similar to cisco/talos amp,network protection
  41. 1 point
    Will be nice can protect the program with password so cannot be edited or deactivated by other PC users.
  42. 1 point
    To include the ability to lock the UI with a password is not a bad idea in my view! If the computer is used by multiple people (especially if kids are present) in the household that could prove to be beneficial. Actually Immunet's enterprise version called Amp for Endpoints uses an on-line console instead of a traditional UI. This ensures that no unauthorized personal can make any changes unless one knows the user name & password to the console.
  43. 1 point
    only from what I just read on https://blog.virustotal.com/2019/10/virustotal-bitdefender-theta.html tldr; Theta is bitDefenders automated malware analysis engine. all AVav companies, including Immunet, have a few. Some are better than others, but newer ones are always prone to FP's.
  44. 1 point
    I am a new User and have no idea if this is helpful but just in case... I could not download the installer. It kept telling me there was an internet problem. So I saw this thread and tried the links posted above. Couldn't reach the https://sourcefire-apps.s3.amazonaws.com link. So after some investigating, I found out it was a Mozilla/Firefox problem. I changed my default browser in Windows to IE and boom, it worked. Hope this helps someone.
  45. 1 point
    You may be interested to know that Windows Defender is detecting some immunet temp files as Trojan: JS/Foretype.A!ml This started happening 2 days ago, and has happened daily to me since. Their "more info" link, if useful: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Trojan%3aJS%2fForetype.A!ml&threatid=2147724342&enterprise=0 Edit: Uh, pasting images to your forum is terrible, they lose a ton of quality in the process, practically unreadable. Here: https://imgur.com/15VhZ3Y
  46. 1 point
    @Rob.Turner I can confirm that I can either see text or get a download prompt for every one of those links supplied. @ritchie58 Don't worry, I of course still allow Windows updates on my internet-connected machine. I have Pro so am fortunately able to defer any non-security updates for up to a year, which I recommend everyone should do before their PC gets bricked. It gives Microsoft a good chance at fixing the worst of their problems before their "improvements" reach your machine - unless the next broken update they release without testing just happens to be a security one... As a side note, When your Windows 7 reaches end-of-life, one option would be to just have a dual-boot scenario: Switch to GNU/Linux for anything that requires the internet, and keep your unsupported Win7 installation as-is, unpatched, for any obscure software you might still need to run occasionally, but can't get on GNU/Linux. You'd just need to keep the Windows 7 installation offline, for instance by disabling your network interfaces in the device-manager, or unplugging your network cables. I'm aware there's a learning-curve, it's a matter of personal taste, and It's not possible for everyone, but I'm about 90% of the way there. I used to dual-boot and value both OSs for their respective qualities, but I'm rapidly getting to the point where I just need to get the work done and Windows now gets in the way of that for me.
  47. 1 point
    Hello Ritchie, yes still having the same issue. I get the exact same error message, but the ClamAV databases still update as if there's no problem. I also still get cloud detections when I scan my malware archive. I think this issue is simply related to Immunet checking for a new Immunet version. Cloud detection and database updates seem to be unaffected.
  48. 1 point
    There is another option of using the Verbose Tray Notifications setting. Ordinarily this feature is best left off but perhaps you may find it useful. Click on the Notification Settings tab in Settings and turn "on" Verbose Tray Notifications, don't forget to click Apply too.. You will start getting alerts for every file Immunet encounters this way. Be forewarned, there will be many of them.
  49. 1 point
    Immunet doesn't have any know issues running in virtualized environments and has been thoroughly tested in vmware workstation, vmware server and virtual box. and once even in Microsoft's cloud. Complaints we've gotten about running in visualized environments usually stem from unrealistic expectations of performance on non-dedicated hardware (i.e. cloud hardware thats randomly shared with strangers (e.g. the free trial and budget tier's of google, amazon and Microsoft clouds). There is just too high a chance someone like me is sharing hardware time and already pushing the machine to it' s limits (see paragraph below:) To set some hardware expectations, I test Immunet on a local desktop running dual xenon e506 2.13Ghz CPU's +12 gb ram (ouch), and 2 independent scsi 1TB drives ( one dedicated to my os & apps, the other dedicated to vmware images) and it easily simultaneously powers my win10 working desktop (chrome, waterfox, and IE browsers, email, visual studio, and an Android Virtual device) plus 3 copies of immunet running on vmware workstation images for win7x32, win7x64, & xpx32. It can also power an additional win 10x64, but at this point the images start to chug ( I think disk bandwidth is the bottleneck). I can easily run this same level of compute (dektop + 4 images) + an additional win10_x64 image on a single more modern Intel i-core 7 + 64gb of ram and 2 sata disks (one flash drive for the OS & apps an a 1tb 7200 rpm disk for the images). Getting back to your original problem, yochenhsieh you nailed it figuring out clamAV, I've seen similar stats with my benchmarking too. The clam av engine loads it's full virus definitions signature set into memory: which takes from 100 to 600mb. add to that the clam scanning engine and virus definitions updater and clam alone can in a worst case scenario use in the the 700mb of memory range. Currently we have extra experimental blue keep preventative signatures out for a worm we're expecting that are inflating the usual virus definitions set size. You can try updating the clam av definitions set via the update button in the gui and running a full scan overnight. That might get you a smaller more concise set of definitions that'll take less memory and get you over the initial performance hump of building the local cache up.
  50. 1 point
    Sorry for the delay in responding & thanks for the added info. What it sounds like to me is that your copy of Immunet has some corrupted .db files if it's not remembering the previous settings configuration. I would suggest you try and do a clean uninstall. First uninstall Immunet, when asked by the uninstaller if you plan to reinstall Immunet again choose the "NO" option, this will delete all .db history files. Then reinstall Immunet but you will have to reconfigure the Settings and add any custom Exclusions you were using again. Let us know if this corrects the issue. I was given a free one year license for AMP a while back just to check it out myself so I am familiar with the software. It can be configured for home/personal use too. Having to use an on-line console to effect changes instead of a traditional UI did take a bit of getting use to I remember. This is a security feature since no unauthorized personal can make any changes to the software without the proper log in credentials to the console. Although not free like Immunet, AMP for Endpoints really is the better choice if you're using a multiple endpoint server environment for the simple fact that you can customize this software to your specific needs. Also with AMP you have the option of using the TETRA detection engine (which was part of the no longer available Immunet Plus). Originally based on Bitdefender's detection engine this now highly customized engine can sniff out usually hard to detect malware like root-kits, keyloggers, encrypted Trojan downloaders, etc... One more nice thing with AMP (compared to Immunet) is that you can configure it to automatically scan all in-coming email data packets for malware. A still prevalent attack vector. Compared to AMP, Immunet doesn't have no way near the customization options. I would suggest you stick with using AMP for Endpoints at least with your server! Something else I should mention is that Immunet is not licensed to be used in any "for profit" business, service, product or organization. If it's discovered Immunet is being used in this manner no further support will be offered. This info is included in the End User License Agreement (EULA) when you first install Immunet. Best wishes, Ritchie...
×
×
  • Create New...