Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 07/23/2018 in all areas

  1. 3 points
    Hello all, We are happy to announce a new release of Immunet: Version 6.3.0! This latest version of Immunet provides the same great protection against malware and viruses as before, but also includes Improved detection coverage Windows 10 RedStone 6 support Update ClamAV to version 0.101.2 Improved status in Windows Security Center Bug fix to exploit prevention engine Immunet installer now handles all legal windows characters that can be in a Windows file path for default install Fixes to mitigate high CPU/Memory issue some users are seeing on Windows 10 during Windows updates. As always, you can get the new installer at https://www.immunet.com. We strongly recommend existing Immunet user to upgrade to v6.3.0 and start taking advantage of new improvements. If you are running an older version of Immunet, you should be able to upgrade via the 'Update Now' button in the UI. If you don't see the update in your UI we recommend uninstalling Immunet and reinstalling the version downloaded from https://www.immunet.com If you do encounter problems with the new version of Immunet Protect, please let us know via forums at http://support.immunet.com Thank you for your continued support! The Immunet Protect Team
  2. 2 points
    I would venture to guess that the ClamAV module is scanning files at the same time as they're being created by Visual Studio. Try creating a custom Immunet Exclusion rule for Visual Studio's entire Program Files folder in Settings. Then turn ClamAV back on, restart your computer and see if the same behavior persists. You can also directly contact the ClamAV developers to inform them of this issue if you wish. https://www.clamav.net/contact Best wishes, Ritchie...
  3. 2 points
    Hi all, The newest 6.3.0.10988 build of Immunet has a new running process called cscm. Microsoft made some improvements as to how antivirus solutions can better protect their software from unauthorized intrusion. It's a fact that some malware has the capacity to disable the installed AV, usually through unauthorized code-injection methods. This added security protocol will make it much harder for malware to disable Immunet. For anyone that wants to read this Windows Dev Center article (thanks Wookiee) regarding this added security protocol click on this link. https://docs.microsoft.com/en-us/windows/desktop/services/protecting-anti-malware-services- Regards, Ritchie...
  4. 2 points
    Try a restart of your PC and also press several times the update button!
  5. 2 points
    First of all that is an "out-dated build" of Immunet (seen it, this vid is old). The current version is 6.2.4.10819. This video has absolutely no current validity since it doesn't relate to the newest build. Secondly, there have also been some recent infrastructure changes that will help in defeating the spread of such malware more aggressively within the Immunet cloud community.
  6. 2 points
    You can try to upload the two files on Virustotal and check the results from different AVs https://www.virustotal.com/#/home/upload
  7. 2 points
    I am running Windows 7 Pro on an older desk top and during the last few days have been getting a Virus detected and quarantined message on virtually every application that I use. I have been using some of these sights for 10 plus years and never had this issue previously. It persists even when I switch from Firefox to Chrome. I just ran a full scan of the entire computer and get reports of no virus found and have verified that the latest update is installed (as of 2/2/19). When I go to manually initialize Immunet, I see a note that the computer has never been scanned and is not secure even when I have just run a full scan. A typical warning is that f_0001f3 has been detected as Clam.Txt.Trojan.Generic-6840302-0. Quarantine was successful. I even got a message that Firefox Installer was a Trojan. This is very annoying and I would like some suggestions to resolve this issue. Nelson
  8. 2 points
    confirmed, is defiantly a Clam false positive. Thanks to everyone who reported this. we're reprod it internally and are working on a fix. In the mean time, if you turn off the clam AV engine in Immunet's settings that'll prevent the constant FP notifications and still keep your computer protected with the immunet cloud engine. We'll notify the thread to turn clam back on as soon as the fp is fixed.
  9. 2 points
    it might be an issue with a signature, I am looking into it.
  10. 2 points
    it looks like you are using clamav, not immunet. ClamAV gives you the ability to run commands- immunet does not. As far as multi-threaded scans in ClamAV, you could just do a clamd scan with multithreaded- should work
  11. 2 points
    Why not brother.. You can download Avast offline installer from here and Know how to uninstall avast step by step here.. The step by step guide also has a link to the avast removal tool
  12. 2 points
    Hello everyone, I see a lot of future in this software, its interface is destined to "the end", compared to other interfaces today ... But instead of just talking, I made a new design for Immunet AntiVirus .. .I only did the basic part, in case I get you back, I can go back to work on the interface and finish for a new look to the software. Here are the images: I look forward to the feedback from the developers, and also from the community. Att: Lucas Lks
  13. 1 point
  14. 1 point
    Hi Bitsomper, I'm sure you've read the previous threads to this topic so the devs are definitely aware of the situation. Unfortunately the newest 6.3.0.10988 build did not address this known issue. Thanks for adding this thread! Maybe the devs will see this issue is still causing problems for users and "eventually" do something about it. Immunet really needs to incorporate a way to upscale the UI for 4k screens! That is a obviously needed upgrade, that seems to be continually overlooked, that should be implemented with some new code in some future build. The sooner the better in my opinion.
  15. 1 point
    Instead of downloading an online installer, try the same with the offline installer. You can download it here. Also, ClamAV detects a lot of false positives, so no need to worry.
  16. 1 point
    Problem solved. I used Immunet installer (found in the \Temp folder) in a Windows 10 virtual machine, then I monitored the uninstaller process handlers while I used Revo Uninstaller. Then I erased (on my real, affected PC) all of the files the Uninstaller modified/erased (Cleanup agent included) and that Revo had to erase too (I used a Linux LiveCD as some files/registry entries were blocked). It looks like Immunet uses Cisco's AMP, (Self Protect, Policy files...) and all of those files are kind of hidden and well protected. After all that was done, Immunet installed correctly. If someone's having this problem, please don't do as I did, as this process is very, very risky and Windows will most certainly get damaged. Just disable your antivirus before installing KB4503293 update. It seems like this problem could happen with any antivirus, but Immunet has no Removal Tool and so the only fix is to reinstall (a system restore point won't do the trick) Windows. Anyway, this is a really unique problem so I don't think someone will ever run into this issue where Windows removes Immunet files (and uninstallers). Still, Cisco should offer a Removal Tool to avoid these situations. Thanks for all the help you've given to me, ritchie58.
  17. 1 point
    Sorry to hear Revo wasn't much help to you Chame. Usually that software is great at dealing with uninstalling stubborn programs or finding left over files from a botched uninstall. Since no other user, thus far, has reported the same issue I believe this to be an isolated, anomalous occurrence. I think it really wasn't a good idea at all to just start manually deleting stuff, especially in the registry. Do you use any type of system imaging or did you, by any chance, create a bootable Win 10 emergency recovery CD or USB device that will write over any corrupted Windows Operating System files or re-install any missing ones? If not, I'm at a loss as to what to try next. Maybe it might be that you'll have to re-format your OS unfortunately.
  18. 1 point
    First of all for those that do not know what a VPN is here is a brief explanation of what it does. A VPN, or Virtual Private Network, allows you to create a secure connection using encryption protocols to another network over the Internet. VPNs can be used to access region-restricted websites, shield your browsing activity from hackers on public Wi-Fi, and much more. These days VPNs are "really" popular, but not for the reasons they were originally created. They originally were just a way to connect business networks together using encryption protocols over the internet or allow you to securely access a business network from home. VPNs essentially forward all your network traffic to an encrypted network, which is where the benefits, like accessing local network resources remotely and bypassing Internet censorship, come from. Why would I need a VPN service? Thanks to the Trump administration Congress passed legislation in Dec. of 2017 that allows your Internet Service Provider (ISP) to share or sell your browser history to third-party entities. Also, a VPN makes on-line shopping, banking or any site where sensitive data is required to be submitted much more secure since all internet activity is encrypted within the VPN service. I know that including a VPN service would be a costly endeavor since new code would have to be written and infrastructure changes would have to be enacted. For this reason I propose that a new Plus (paid) version be created to include an encrypted, entirely secure VPN service. Just an idea. Cheers, Ritchie...
  19. 1 point
    It's a hell wonderful idea! I promise I will share this great news when new Immunet will be in use with all my friends and tell them what to do to be secure and safe. You are really cool, guys! Are you going to create several VPN servers or only one?
  20. 1 point
    Initially, my Immunet had the auto quarantine option activated and it quarantined a lot of my executables from program files folder including IDMan.exe and some others like the vipsocks executable. I have no complaints against that - ClamAV's security features might be too good. What bugged me though is the quarantine's UI design. Some of the executables, detected from the "Appdata/Roaming" folders were leftovers from installations and I wanted to batch delete them. Alas, I couldn't do it. Also, there wasn't any option to add an exclusion as well for a particular file in quarantine itself while restoring a false positive. Same goes for deletion - I couldn't use my keyboard to multi - delete files. And its a pain to select 10 files by clicking on each of them and deleting them one by one. Workaround - Its true that the Immunet folder C:\Program Files\Immunet\Quarantine contains the quarantined files, but at least the GUI should prompt to open that folder so that one can batch delete at least if not batch restore.
  21. 1 point
    I have sent the System Diagnostic Tool to support@immunet.com, with the email subject “Bug when I scroll down File History"
  22. 1 point
    Thank you Richie a VPN in Immunet is a great suggestion, and thanks Cyrille for the +1 and being willing to pay for it. I've escalated the suggestion and can only wait and see what comes of it.
  23. 1 point
    Thanks for the positive feedback cyrille, appreciate that! Since more and more people do on-line shopping, bill payments & banking I see a great future with the progression & improvement of VPN technology. Why not Immunet jumping on the band wagon too, so to speak, and perhaps stay in the forefront of this technology. It could even prove be a money maker for Cisco if a viably secure "Immunet Plus VPN" version could be developed & deployed and enough people bought 1,2 ,3 or 5 year licenses!
  24. 1 point
    The difference between http and https is that with https any server page requests from your computer are automatically encrypted then decrypted by your browser using Hypertext Transfer over Secure Sockets Layer protocol. This means that any data sent to the server is encrypted so log in data, for instance, is much more secure from unauthorized access. There are plenty of http sites on the web still but more and more of them are switching to the https protocol as time goes by. If you are on a http site just be careful what personal information you divulge because hackers can more easily infiltrate and steal personal information from non-encrypted sites. That's why I was so glad to see this site "finally" start using the https protocol. Something I was advocating for in the past.
  25. 1 point
    it only happens if you use f-secure products with Immunet.
  26. 1 point
    The problem with most rootkits is that they generally use some sort of advanced encryption method which usually makes 'em hard to detect let alone access & read. So it wouldn't surprise me if HexaPro was unable to submit any SHA256 or MD5 checksum(s) hash tag(s). Besides Immunet it never hurts to have an additional on-demand rootkit scanner at your disposal! Speaking of such... Malwarebytes has a new beta "CMD based on-demand rootkit scanner" available that looks rather promising. They're also looking for beta testers with (preferably) virtual test rigs for anyone that's into that sort of thing. As with any beta software please read the legal Disclaimer documentation carefully before use. Not 100% sure if it's compatible with Server 2008 R2 however. https://www.malwarebytes.com/antirootkit/
  27. 1 point
    trying to download ccleaner554 and immunet blocks it and says its a trojan but not always the same!
  28. 1 point
    Thank you very much for reporting this Jon. I've successfully reproduced it, and at this point my only advice is to steer clear of win 10 1809. as far as I can MS pulled it after release due to driver incompatibilities and potentially deleting user data when upgrading from previous versions. I was able to obtain a 1809 iso through MSDN and it ended up bootlooping during install of both home& pro win 10 versions (installing to vmware workstation). I had to use a workaround just to complete the OS install: https://luyentap.blogspot.com/2017/10/windows-installation-cannot-proceed.html. After that I was able to install Immunet and repro your bug.
  29. 1 point
    Six months later and we're still on the Windows 7 era GUI
  30. 1 point
    I'm receiving the same message when loading Gmail in firefox flagging a cache file as "Txt.Trojan.Generic-6840302-0". I also have a number of anti-spam anti tracking and security plugins installed. It's possible one of them is doing something Immunet doesn't like. ABP, Ghostery, uBlock Origin, https everywhere, canvas defender, privacy badger, firefox multi-account containers and lastpass. I uploaded the cache sample to virus total. The ClamAV engine was the only one to flag this as a trojan. The content is a compressed GZ stream with the following code: this.A2A=this.A2A||{};(function(_){var window=this; try{ var aa,ba,ca,da,ea,fa,ha,ia,ja,ka,la,ma,na,ua,va,wa,xa,ya,za,Ba,Da,Ea,Ia,p,Ja,Ka,Na,Oa,Pa,Qa,Ra,Sa,Ta,Va,Wa,eb,fb,gb,hb,ib,jb,kb,mb,lb,nb,ob,pb,q,t,v,qb,rb,sb,tb,ub,vb,wb,yb,zb,Cb,Ab,Bb,Db,Eb,Fb,x,z;aa=function(a){for(var b=a.length;0<=--b;)a=0};ba=function(a,b,c,d,e){this.te=a;this.Jf=b;this.If=c;this.Ff=d;this.lg=e;this.Nd=a&&a.length};ca=function(a,b){this.zd=a;this.xb=0;this.Wa=b};da=function(a,b){a.T[a.B++]=b&255;a.T[a.B++]=b>>>8&2 Source: https://www.virustotal.com/en/file/6570a85c33d467f10e52bddc31575c4329ca1a6ae9641c4321690a8ae65e41c5/analysis/1549184011/ I've submitted it to clamAV as a false positive.
  31. 1 point
    Richie is correct - the internet connection icon is a standard windows thing. the Bing image search told your browser to show an image from neilrosenthl.com and your browser went to grab it from 104.27.175.64. According to https://dnslytics.com/ip/104.27.175.64 that ip is hosting 290 domains/websites. likely one of them at one point was hosting something malicious. Though currently neilrosental.com appears to be safe. Looks like a false positive to me. Sorry, our bad on that one. I do have one concern here though. It's common to first notice the internet connection icon after having a random router/modem reboot. I The internet stops working, so you go to your network connections to check your ip/network status and while your poking around the internet connection icon appears out of nowhere when the router/modem comes back online. There are lots of good reasons for a router to reboot itself, but it should be noted that not all vpn connections can survive a router reboot. Some can, some will notify you the vpn closed unexpectedly, and some will just fail silently and your internet activity will automatically re-route over non encrypted public internet. Thanks, RobT
  32. 1 point
    Immunet is undergoing major changes. For a long time, the AMP infrastructure and Immunet infrastructure have been the same. But, we are changing that now to separate the customers of AMP and Immunet into their own cloud infrastructures. As of right now, any Immunet user who is not on version 6.2.0 is on the old infrastructure and will need to upgrade to the latest version as soon as possible. We plan on decommissioning the old infrastructure (that means any versions prior to 6.2.0) on Feb. 4, 2019. What does this mean? This means that all users who aren’t already, need to be on version 6.2.0. If you are on 6.2.0 now, you will not see any changes and do not need to worry. If you are on the older version, you need to upgrade immediately. If you do not upgrade before Feb. 4, you may experience service interruptions and may not be able to upgrade Immunet or receive protection. What happens if you do not upgrade before the decommission? You will need to uninstall and reinstall the software once the old infrastructure is decommissioned. We urge everyone on a version prior to 6.2.0 to upgrade Immediately. If you have any questions or concerns, please contact us via the support forums or posting below.
  33. 1 point
    What is your Immunet version? It should look like this: The copy fail should be fixed in the later versions of Immunet. Though, sometimes it happens because it is not handling a odd character in the BIOs name such as a tilde key, or something similar. You could attempt to boot into safemode and try that, but if it is the bios name triggering the copyfail, then that wouldn't work without a bios change.
  34. 1 point
    Yeah, Rich is correct- Immunet doesn't out-source or do anything like that.
  35. 1 point
    Immunet doesn't use any out-sourced URL connections. Instead Immunet Protect uses it's own dedicated servers for the ETHOS & SPERO cloud look-ups and for the ClamAV module's definition signature updates. So the answer to your question is no, these URL's are not related to Immunet.
  36. 1 point
    Apologies for resurrecting a thread after a few weeks, but I think I've had this same issue with another program, and it's not a signature detection. Your mp3 batch tag operation triggered Immunet's rudimentary ransomware protection, so the operation was stopped and the program terminated; however the lack of a signature detection resulted in the program being blocked but not quarantined. It makes sense, if you think about it. What does ransomware do? It locates any document files it can find, and goes through them sequentially. One by one, each file is opened, changes are written, the file is closed, and the next file is opened... What did your mp3 tagging tool do? Go through a folder of data files (mp3s), and one by one, open each file, write a change to it, close it and progress to the next! So in summary, the program's behaviour was blocked, but nothing was probably quarantined.
  37. 1 point
    Hello pufig, first of all it is very, very important to make sure that what you're attempting to restore is a False Positive and not actually genuine malware. One great way to do this is to check the file with VirusTotal.com's database first. https://www.virustotal.com/#/home/upload After you are "absolutely certain" that the file is not malicious you can click on the History tab -> to the right of View By click on the little downward pointing arrow -> this will open a little drop down menu and click on Quarantined File History -> find the file in question from the list, click on it and choose the "Restore" option. This automatically moves the file from Quarantine to the Exclusion list where it will no longer be scanned.
  38. 1 point
  39. 1 point
    Immunet is undergoing major changes. For a long time, the AMP infrastructure and Immunet infrastructure have been the same. But, we are changing that now to separate the customers of AMP and Immunet into their own cloud infrastructures. As of right now, any Immunet user who is not on version 6.2.0 is on the old infrastructure and will need to upgrade to the latest version as soon as possible. We plan on decommissioning the old infrastructure (that means any versions prior to 6.2.0) on Feb. 4, 2019. What does this mean? This means that all users who aren’t already, need to be on version 6.2.0. If you are on 6.2.0 now, you will not see any changes and do not need to worry. If you are on the older version, you need to upgrade immediately. If you do not upgrade before Feb. 4, you may experience service interruptions and may not be able to upgrade Immunet or receive protection. What happens if you do not upgrade before the decommission? You will need to uninstall and reinstall the software once the old infrastructure is decommissioned. We urge everyone on a version prior to 6.2.0 to upgrade Immediately. If you have any questions or concerns, please contact us via the support forums or posting below.
  40. 1 point
    Yes, it will have the same level of protection
  41. 1 point
    I just renamed an album's worth of files using the program, and Immunet didn't get triggered, so the exceptions must be working like they should.
  42. 1 point
    You can open up command prompt as admin and run a "net stop <servicename>" then "net start <servicename> you can do a "net start" to see what is currently running. You can also just reboot and it should start the service again. Not sure why you got that error, maybe lack of internet connection or something like that.
  43. 1 point
    Okay.. Thank you so much for your help Rekhathakur..
  44. 1 point
    The cloud stats message, shouldn't have anything to do with you having the latest signatures. It should not leave you unprotected. You will need to make sure you are running the same signature set on both versions.
  45. 1 point
    If you can obtain the files, I can do a comparison, but these would all be signature based. Signatures are what 'find' the malware / ransomware etc. The signatures aren't going to change version by version from 6.0.8 to 6.2, unless the malware itself is changed (or there was an issue with the signature in the first place, to which we push updated signatures out). I am not disbelieving you, But without knowing the exact file, the exact signature- this is a lot of 'he said', 'she said'. There was a few issues with some signatures about a week ago, in regards to detecting certain files, as malicious when they weren't, which were corrected. I would need the malware file(s), to conduct any test to see the following: 1) IF something has changed between versions (signature versions or software versions) 2) what signature(s) are being detected Though, nothing should of changed (other than the signatures possibly and I don't know that without the sample malware file(s)).
  46. 1 point
    We don't have anything to decrypt your data if a ransomware attack happens. We look for more malware and things like that. You might want to turn 'blocking' on if it isn't already in the immunet settings though. That could help. There should be ransomware specific softwares that could have key(s). The .krab file is a grancrab, which signatures DO exist for detecting but Immunet and clamav does NOT decrypt it. Below is a NON CISCO tool, use at your own risk. https://www.nomoreransom.org/uploads/GANDCRAB RANSOMWARE DECRYPTION TOOL.pdf
  47. 1 point
    Hello all, We are happy to announce a new release of Immunet: Version 6.2.0! This latest version of Immunet provides the same great protection against malware and viruses as before, but also includes Malicious Activity Protection (MAP) engine for detecting ransomware, System process protection detection notifications, Connector UI improvement, Performance improvements, Support for Windows Server 2016 and other bug fixes. As always, you can get the new installer at https://www.immunet.com. We strongly recommend existing Immunet user to upgrade to v6.2.0 and start taking advantage of new features and improvements. If you are running an older version of Immunet, you should be able to upgrade via the 'Update Now' button in the UI. If you don't see the update in your UI, you can always download the latest installer from https://www.immunet.com and execute it to get the upgrade. If you do encounter problems with the new version of Immunet Protect, please let us know via forums at http://support.immunet.com Thank you for your continued support! The Immunet Protect Team
  48. 1 point
    We are aware of the issue and should be releasing a fix 'soon'
  49. 1 point
    I will talk to the dev's about this issue. (it's the first I have heard of it) But I am sure they have been made aware, either way- I created a bug ticket for it and will do some testing etc.
  50. 1 point
    Hi Art, what version of Win 10 are you using? In the mean time here's a few things you can look into. Make sure there isn't a program you use that may interfere with Immunet's installation such as your firewall of choice, another AV, sandboxing software, behavior blocker, etc... Since Immunet uses a bootstrapper installer an "uninterrupted internet connection" is also required when the files are being downloaded & during installation. You could also try a new installer package in case the one you downloaded got corrupted some how. Here's a link to download the newest installer. https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe Best wishes, Ritchie...
×
×
  • Create New...