Jump to content

ritchie58

Moderators
  • Content Count

    2,278
  • Joined

  • Last visited

  • Days Won

    174

ritchie58 last won the day on December 3 2019

ritchie58 had the most liked content!

Community Reputation

393 Excellent

About ritchie58

  • Rank
    Staff Member

Profile Information

  • Gender
    Male
  • Location
    : Earth
  • Interests
    End-User Computer Security

Recent Profile Visitors

1,785 profile views
  1. Thanks for the additional information Nightwielder. I did some research and I couldn't find any documentation concerning any compatibility testing for Sophos Advanced Endpoint AV with Immunet. So that could be the problem, Immunet & this version of Sophos AV might not be compatible. However with that being said, did you create custom Exclusion rules with Immunet for Sophos & Malwarebytes entire "Program Files folders?" If not, give that a try. Also create exclusion/exception/allow rules for Immunet's entire "Program Files folder" with the other AV's. This can significantly help with compatibility/conflict issues when running Immunet as a companion AV. Not a bad idea to create Program Files folder exclusion/exception/allow rules between Sohpos & Malwarebytes too! Another thing you could try (since you already have a rather robust layered security setup) is just use the ETHOS & SPERO cloud detection engines and disable the ClamAV module and updates for it to see if that improves Immunet's CPU usage. If creating mutual exclusion rules or changing the settings doesn't seem to help there is another option at your disposal. Immunet does have an "enterprise version" called AMP for Endpoints! AMP stands for Advanced Malware Protection. Although not free like Immunet AMP is reasonably priced, highly configurable to your specific needs, is easily deployed to multiple networked endpoints and can work with your existing security software. https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html Best wishes, Ritchie...
  2. Hi Nigthtwielder, A little more detailed information might be helpful! What is your Operating System & what apps seem affected?
  3. I was partly correct, sorry about the confusion. Some older builds of Win 10 does allow you to run both AV's! In Windows 10, version 1703 and later, the Windows Defender app is part of the Windows Security Center. Settings that were previously part of the Windows Defender client and main Windows Settings have been combined and moved to the new app, which is installed by default as part of Windows 10, version 1703 and newer builds. Once Defender was integrated into Windows Security Center it will be disabled if another AV is installed. For more info regarding this integration here is a Microsoft knowledge base article. https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus
  4. What is the file name that keeps getting quarantined? If you could make a screenshot of Immunet's Details dialog box that might prove to be helpful. Here's how. Open the UI -> click on the underlined word Quarantine located below & to the right of the History tab -> locate the file in question in Details and create a screenshot of that data and we can take a look at that. It might be a simple matter of just creating a custom Exclusion rule to keep this from happening in the future, if nothing malicious is going on, but let's see what the file is first. Regards, Ritchie...
  5. Hi Mark, If you're using an older Operating System other than Windows 10 then Defender will automatically disable itself if you install another anti-virus. I don't know of a solution to keep Defender enabled if that's the case. Don't forget that Immunet is designed to be a companion AV to most major player's AV products. So that does give you alternative options besides using Defender. With my copy of Immunet I run it alongside of Panda Dome Pro as an example. If you decide to go with another AV product & Immunet It's best if you create exclusion, exception, allow rules for "both" AV's "Program Files" folders! This can go a long way in preventing possible present/future conflicts. Cheers, Ritchie...
  6. I've got a Data Block USB Charging Adapter distributed by Talos (a company also owned by Cisco). It does resemble a conventional flash drive. Many charging cables also double as a data transfer cable. This can be helpful when transferring files from your mobile device to a computer, or vice a versa, but this feature can be harmful if you are connecting to a public charging station or unsecured computer leaving your device at risk of viruses and stolen data. It works by restricting the data transfer ability and only allows the cable to charge your device.
  7. The restore failed response you mentioned zombunny2 can happen if the file in question was a quarantined third-party software "temp" file that gets automatically deleted by the program once it's closed. So in that situation there is no longer a file to restore. Personally I have "Ask Me" enabled for both Quarantine Behavior settings so I can be the one to decide what to do. I think most technically savvy computer users could get away with using these Ask Me settings but I would recommend a novice computer user leave the default automatic settings enabled.
  8. I was told that most likely it's caused by the updater not being able to properly connect to the server because of something the user has installed that's blocking or interfering with that process. However, with the continuing complaints regarding this 503 error issue I'm not so sure that's what's transpiring myself either. I would suggest you send the Admin. Rob. Turner a PM and personally voice your issue to him that way. Just click on the Message button to send Rob a PM. https://support.immunet.com/profile/1703-robturner/ BTW, I do remember you as an old-school member! Not trying to change the subject but why didn't you log into your previous forum account instead of creating a new one? Did you have difficulties/problems trying to access it? If so, or if it's a matter of just not remembering the proper log in credentials give me a PM and I can look into that for you. Best wishes, Ritchie...
  9. Good point novirus! Simply using a public USB port charging station can be used as an attack vector to access one's laptop computer, tablet or smartphone or even execute arbitrary code if the charging provider has malicious intent or the system has been hacked into! These public charging stations are becoming increasingly more popular & cropping up in more places like you mentioned novirus. Like airports, shopping malls, bus terminals, restaurants, bars, etc...
  10. I have no qualms with the average Chinese citizen. I'm sure they're hard working people trying to keep a roof over their heads and food on the table for their family like everyone else in the world. It's the Chinese government and the decisions it makes that I see is the real problem if it allows (or turns a blind eye to) this type of internet activity. Cheers, Ritchie...
  11. Hello cyber_funk, I find it distressing you ran into this situation myself. I could see where replacing 40 terabytes of data would be a time consuming process indeed! That's a plethora of code! Something I do on a regular basis and endorse. Always, always, ALWAYS back up critical data externally if possible just in case!
  12. Hello User, Actually the reason why you're having difficulties is very simple. Immunet does not support and is not compatible with Apple Macintosh computers using the MacOS platform. These are the Microsoft Windows platforms that Immunet supports. Windows 7, 8, 8.1, 10, Server 2008 R2, Server 2012 and Server 2016. There have been ideas/discussions of developing a Mac compatible version of Immunet in the past but that idea never really went anywhere unfortunately. There are some other great free AV's that are Mac compatible. Here's a Digital Trends article that will show you arguably the best 6 different free AV's for MacOS that you can choose from. https://www.digitaltrends.com/computing/best-free-antivirus-software-for-mac/ Regards, Ritchie...
  13. Here is an article by Ashley Shaffer, a correspondent for USA Today that outlines how the Chinese military was responsible for the 2017 hack of over 145 million Americans personal information when they infiltrated Equifax's servers. Read on. WASHINGTON – Four members of the Chinese People's Liberation Army have been charged with hacking into the computer systems of the credit reporting agency Equifax in 2017, which Attorney General William Barr called a "deliberate and sweeping intrusion" that compromised private data of 145 million Americans. The suspects were members of the PLA's 54th Research Institute, according to a nine-count federal indictment unsealed Monday. Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei were charged with three counts of conspiracy to commit computer fraud, conspiracy to commit economic espionage and conspiracy to commit wire fraud. "The scale of the theft was staggering," Barr said. "The theft not only caused significant financial damage to Equifax, but invaded the privacy of many millions of Americans, and imposed substantial costs and burdens on them as they had to take measures to protect against identity theft." FBI Deputy Director David Bowdich described the intrusion as the largest instance of state-sponsored theft in U.S. history. "This is not the end of our investigation," Bowdich said. "To all who seek to disrupt the safety, security and confidence of the global citizenry in this digitally connected world, this is a day of reckoning." The Chinese army identified a flaw in Equifax's security system, executed a plan of attack to penetrate the system and devised a scheme to cover their tracks on their way out, according to the indictment. From about May through July 2017, hackers obtained names, birth dates and Social Security numbers of 145 million Americans, and driver's license numbers for at least 10 million Americans, prosecutors allege. "In a single breach, the PLA obtained sensitive personally identifiable information for nearly half of all American citizens," prosecutors wrote. How it happened: Chinese military hackers identified flaw in Equifax's security and exploited it Hackers also stole credit card numbers and other personal information for 200,000 Americans and personal information for nearly a million citizens of the United Kingdom and Canada, the indictment says. Equifax has agreed to pay up to $700 million to settle federal and state investigations into how it handled the data breach. The settlement includes $425 million to help consumers affected by the breach and a restitution fund with at least $380.5 million allotted to consumer compensation. The fund will also include an additional $125 million if the initial funds run out. Equifax breach settlement: Wednesday is last day to file a claim for free credit monitoring or money The Equifax theft is among several high-profile breaches of American databases, including the U.S. Office of Personnel Management, Marriott hotels and Anthem health insurance company. "About 80% of economic espionage prosecutions have implicated the Chinese government, and about 60% of all trade secret theft cases in recent years involved some connection to China," Barr said. The Justice Department and the FBI have been investigating individuals for alleged theft of trade secrets and economic espionage as part of its China Initiative, launched in 2018 in response to government agencies' findings about China's practice of acquiring intellectual property and technology from other countries. Last week, FBI Director Christopher Wray said the communist power’s theft of technology and trade secrets is the “greatest long-term threat to our economic vitality." Wray said the Chinese government will use any means necessary to “steal their way up the economic ladder at our expense'' by penetrating information technology systems, aerospace, agriculture, defense and research programs, and broad swaths of academia. The FBI has 1,000 open investigations into suspected Chinese economic espionage and technology theft, he said. Last month, the Justice Department charged a Harvard University professor for allegedly lying about money he received from the Chinese government. Charles Lieber, chair of the Department of Chemistry and Chemical Biology at Harvard, made false statements about work he did for a program run by the Chinese government that seeks to lure American talent to China, according to the Justice Department. On Monday, Sen. Ben Sasse, R-Neb., a member of the Intelligence Committee, said the threat does not end with the charges in the Equifax case. "The Chinese Communist Party will leave no stone unturned in its effort to steal and exploit American data," Sasse said. "These indictments are good news, but we've got to do more to protect Americans' data from Chinese Communist Party influence operations." Sen. Mark Warner, D-Va., vice chairman of the Intelligence Committee, lamented that the Trump administration's trade deal with China, signed last month, did not reference the kind of espionage outlined in the Monday's court papers. "For years, the Chinese government has targeted Western commercial firms," Warner said. "It is disappointing that despite a lot of rhetoric, President Trump’s recent agreement with China does nothing to address this specific issue. This is my addition: So what's China going to to do with all of that information? Who knows, but they could use it to blackmail or extort American citizens into resorting to espionage against their own country is one plausible possibility. With the corona-virus disaster still unfolding I'm sure they have more pressing things on their agenda now instead of stealing private American citizens personal data for their own nefarious purposes! It's also no surprise that most of the world's hacking activity and malicious spam comes from China! What a great thing to be notorious for, right? Regards, Ritchie...
  14. We do support Windows Server 2008 R2. Like I mentioned in the previous thread this can be caused by a software conflict. Make sure your firewall or other security software you may be using isn't blocking, interfering or conflicting with any of Immunet's processes. Something you need to look into.
  15. Hi Gary, sorry to hear about your current predicament! I would assume you already tried a previous System Restore point with no luck. Have you tried to run Immunet in Safe Mode yet? If not, enter "Safe Mode with Networking" and run a Full Scan of all your drives on your machine. If running Immunet in Safe Mode produces no positive results may I suggest you try Emsisoft Emergency Kit. These free series of tools are great at cleaning an already infected machine. https://www.emsisoft.com/en/home/emergencykit/ Some types of malware won't let you successfully download or install any new anti-malware software. So you may need to use a friend or relative's computer to download Emsisoft Emergency Kit. Then make sure you update the software and then upload it to a USB flash drive. After entering "Safe Mode without Networking" on your machine plug in the USB device and run the scanning tools. There are some great tutorial videos on YouTube you can view prior to using the software too! Just type in Emsisoft Emergency Kit in YouTube's search bar. I always keep a current copy of EEK on a USB device myself just in case. If none of these things are successful there a few other things to try but, worst case scenario, you may have to format your Operating System again. I hope your machine came with the original OS install disk, you may eventually need it. If you need any further assistance or instructions feel free to add an additional thread to this topic. Best wishes, Ritchie...
×
×
  • Create New...