Jump to content

Rob.Turner

Administrators
  • Content Count

    281
  • Joined

  • Last visited

  • Days Won

    21

Rob.Turner last won the day on November 29 2019

Rob.Turner had the most liked content!

Community Reputation

54 Excellent

About Rob.Turner

  • Rank
    Advanced Member

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Interesting bug, I reached out to Cyberfunk for a support dump but off the top of my head there are 2 reasons Immunet might ho this message I'll star with what is probably the most important thing to you - unfortunately no, once Immunet has deleted a file from quarantine there is no easy way to recover it. that said I can think of 3possible ways to end up showing this message: -Immune auto deletes quarantined files after 30 days to save disk space, the reasoning being it was a legitimate malware detection and you don't want that ile hanging around your computer , and if you didn't resre the file within 30 days you probably didn't care about it anyway. However Immune handles these cases and t displays a different UI dialog than the screenshot one you posted. - some other aAV program (or space conscious well meaning user) manually deleted the file form c:\programfiles\immunet\quarantine. - the file in question was detected in memory and quarantined before it hit the disk, (i.e. whatever program that was about to create the file was terminated before the file could be saved Does "USA,Europe" look like a legitimate filename or path you might have creatd or saved to at some point?
  2. IN 7.0.2.1454 you'll only see a popup detection message if anything malicious is actually detected. So nO news is good news. If you open the main immunet dialog on screen and then right click -> scan a directory with a lot of files in it: the "Scan now" button in the main Immunet dialog will change to just "Scanning" while the scan is in progress. And if you click on it at this time it'll open up the scan progress window. This also happens when you scan just a single file but often the button text changes so quickly it's hard to see. It goes from "Scan now" to "scanning" and back to "scan now" in ~half a second or so.
  3. I would like to try and reproduce this, can you tell em what model of printer you have eddyk? I know it's Lexmark something - but what model? I doubt they all use the same driver. Thanks RobT
  4. Thanks for the new tool rlarjsdn122, Immunet's expected behavior for demo and test "benign malware" is to block it from running, alert, and quarantine it. This is standard behavior across the AV industry. The same goes for the Eicar test file, and a vanquish test rootkit. That being said, we should be able to do better than the Alert name: "Win.Dropper.Generic::mash.rt.sbx.vioc"  to at least indicate it's the knowbe4 test file. I'll escalate this internally with our sig dev team and see if we can at least get it appropriately named.
  5. +2 for rlarjsdn122 for DM'ing me a Second bug - blank help boxes oh hover over the on question marks on non-English language operating systems.
  6. Woot, Reproduced your bug on a Japanese Language Win8x32 first try (it was the only alternate language os I had available) Thanks again for reporting this rlarjsdn122. Your bug has been logged and sent to our developers for a fix, In the mean time, although the Toast popup message is blank, the history dialog does show the full file path and virus detection name. Sadly this is happening for both clean and malicious files, I think it's your just that your seeing it much more often with verbose notifications turned on.
  7. Thanks for reporting this rlarjsdn122, this is a great bug. Can you check the detailed history and see if there is a filename displayed there? Also, is there any chance you're seeing the empty alarm-box appear when you open a specific file or program, or browse to a specific website?Does it seem to appear randomly? The most likely thing that could be happening is Immunet is alerting on a clean file with a Korean wide-character filename that can't be displayed properly in the alert box, so instead nothing is displayed at all. Trying to reproduce. any more info you can provide would be helpful. Cheers, RobT
  8. Rob.Turner

    UI Concepts

    Wow, thanks Marcin, these are awesome. Am passing them around Immunet's office now and everyone is blown away.
  9. sorry, there's no way to print Immunet scan history short of manually opening HIstory dialog and printing that as screenshot. It's not what you asked for but is as close as Immunet can do - The Summary dialog will give you a count of files detected as clean & malicious for the last 30 days at a time.But again, a screenshot is the closest you'll get to that being printable
  10. only from what I just read on https://blog.virustotal.com/2019/10/virustotal-bitdefender-theta.html tldr; Theta is bitDefenders automated malware analysis engine. all AVav companies, including Immunet, have a few. Some are better than others, but newer ones are always prone to FP's.
  11. Great FP Analysis BellGamin, I came to all the same points you did. I'm m submitting this to our internal virus analysis team for further review , only because it's a perfect trojan, and it's a smaller /lesser known/used app (that being said I do remember using a taskbar tweaker back in the windows XP days. Now I use classic start menu, though I do note taskbar tweaker has more features than classic start menu, and all it's features work - another point in favor of it being a FP That being said, there has been a growing trend of hacking source code access to older indy projects, injecting malware into them. And I want to make sure that isn't the case here as I vaguely remember using taskbar tweaker back in the windows XP days. Now I use Classic start menu, And it doe swht I ned but I also note taskbar tweaker has more features;
  12. start -> control panel -> add remove programs (or just programs in win8 and win10) -> Immunet -> uninstall.
  13. Thanks bellgamin, The devs here appreciate your kind words. In answer to #1 y clam is included so there is a local AV engine in case the Immunet Cloud can't be reached, or if internet speeds r lagging the local Clam Engine can sometimes result be faster than the cloud engine. #2 Immunet offers the option of disabling clam to put the power in the hands of th user so they can set up Immunet in the way that bests suits them. #3 Great Idea - It's been added to our list of potential enhancements. Will let you know on this thread if iwe decide to implement it. Thanks, RobT
×
×
  • Create New...