Jump to content

ritchie58

Moderators
  • Content Count

    2,154
  • Joined

  • Last visited

  • Days Won

    170

ritchie58 last won the day on August 1

ritchie58 had the most liked content!

Community Reputation

387 Excellent

About ritchie58

  • Rank
    Staff Member

Profile Information

  • Gender
    Male
  • Location
    : Earth
  • Interests
    End-User Computer Security

Recent Profile Visitors

1,278 profile views
  1. I do have some questions. Is this new Orbital code associated with the folks at IronOrbit & their Orbital Security software? Since you did mention that version 6.5.0 is a beta build, I have to assume that this is a open to the general public beta testing program that's being implemented, is that correct? If any code is included with Immunet that makes it's efficacy that much better is definitely a good thing, that's if it doesn't impact system resources to a negative degree. Also, a "complete change log" would be very beneficial. Just wondering if the most recent issue with scans not completing with some users were looked into & (hopefully) rectified. Best wishes, Ritchie...
  2. These occurrences are very similar to (if not the same issue) to this previous topic. https://support.immunet.com/topic/4584-last-scan-never/?tab=comments#comment-15890 Obviously this issue goes unresolved since it has been already reported. This is something the devs need to (further?) investigate in my opinion.
  3. Immunet should remember the date and what type of scan was performed and you shouldn't see a yellow warning on the UI. This can be caused by a connectivity issue or perhaps some corrupted history files. Could you open the UI, first click on the History tab then next to "View By" click on the little downward pointing arrow. This will open a small drop down menu, choose Scan History and see if your scan has been remembered there. Let us know if it's not present in this list as well.
  4. Hello Pedro, I would suggest you send the Administrator bcouncil a Private Message and perhaps she can further assist you in this matter. Here's a link to her Profile page. Just click on the Message button to send her a PM. https://support.immunet.com/profile/33373-bcouncil/
  5. What is your Operating System and what version of Immunet are you using? Are all the scan options (Flash Scan or a Custom Scan) not functioning as well?
  6. Great idea to include some screenshots qwerty123, much appreciated! Those are defiantly ClamAV update files being quarantined. Have you created an exclusion rule for Immunet's "entire Program Files folder" with Windows Defender yet? If not, give that a try. If you're using Win 10 & you're not sure how to create custom exclusion rules with WD here's a URL that may be helpful. https://www.windowscentral.com/how-exclude-files-and-folders-windows-defender-antivirus-scans
  7. Hello EmanuelJac, One of our most knowledgeable Administrators, Rob. Turner, just commented on why ClamAV might temporarily cause system resources to increase, here's what he had to say on the subject. The clam av engine loads it's full virus definitions signature set into memory: which takes from 100 to 600mb. add to that the clam scanning engine and virus definitions updater and clam alone can in a worst case scenario use in the the 700mb of memory range. Currently we have extra experimental blue keep preventative signatures out for a worm we're expecting that are inflating the usual virus definitions set size. You can try updating the clam av definitions set via the update button in the gui and running a full scan overnight. That might get you a smaller more concise set of definitions that'll take less memory and get you over the initial performance hump of building the local cache up.
  8. Glad I could help! Immunet is a great product in my view too considering it's been developed to be used as a companion AV to a good number of major player's products. That gives users an added layer of protection if they so desire! I have it running compatible & stable (ClamAV module disabled) as a companion AV alongside Panda Dome Pro at this time as an example. If Immunet is to be used as a stand-alone AV then it is recommended that the ClamAV module & updates for it be enabled. If Immunet is used as a companion AV to a paid AV product it is also recommended that you turn off the ClamAV module.
  9. Sorry for the delay in responding & thanks for the added info. What it sounds like to me is that your copy of Immunet has some corrupted .db files if it's not remembering the previous settings configuration. I would suggest you try and do a clean uninstall. First uninstall Immunet, when asked by the uninstaller if you plan to reinstall Immunet again choose the "NO" option, this will delete all .db history files. Then reinstall Immunet but you will have to reconfigure the Settings and add any custom Exclusions you were using again. Let us know if this corrects the issue. I was given a free one year license for AMP a while back just to check it out myself so I am familiar with the software. It can be configured for home/personal use too. Having to use an on-line console to effect changes instead of a traditional UI did take a bit of getting use to I remember. This is a security feature since no unauthorized personal can make any changes to the software without the proper log in credentials to the console. Although not free like Immunet, AMP for Endpoints really is the better choice if you're using a multiple endpoint server environment for the simple fact that you can customize this software to your specific needs. Also with AMP you have the option of using the TETRA detection engine (which was part of the no longer available Immunet Plus). Originally based on Bitdefender's detection engine this now highly customized engine can sniff out usually hard to detect malware like root-kits, keyloggers, encrypted Trojan downloaders, etc... One more nice thing with AMP (compared to Immunet) is that you can configure it to automatically scan all in-coming email data packets for malware. A still prevalent attack vector. Compared to AMP, Immunet doesn't have no way near the customization options. I would suggest you stick with using AMP for Endpoints at least with your server! Something else I should mention is that Immunet is not licensed to be used in any "for profit" business, service, product or organization. If it's discovered Immunet is being used in this manner no further support will be offered. This info is included in the End User License Agreement (EULA) when you first install Immunet. Best wishes, Ritchie...
  10. You're rather vague as to what your issue is. Is there a problem with the Settings remaining enabled, is that correct? A more detailed description (and some screenshots if possible) of what your encountering could be very helpful. Also what is your Operating System & what version of Immunet are you currently using.
  11. Cool, thanks for taking the time to report this to the ClamAV team! Much appreciated Macbeth!
  12. Mmm. That is rather strange if it wasn't a temp file! Some exe's can & do create their own temp files but I'm not entirely sure now if that's the case here though. Have you reported this FP to the URL links I provided? If not it would be greatly appreciated if you can do that. If you want to use the program now and do encounter any problems with Adobe Reader I would suggest you create a custom Exclusion rule with Immunet for C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe. Cheers, Ritchie...
  13. Hello Macbeth & welcome to the forum, upon doing some research myself with VirusTotal I'm also inclined to believe that is a False Positive from the ClamAV module. The reason for a failed quarantine response is usually due to the fact that the file in question was actually a temp file that no longer exists. We do have a dedicated site to report False Positives here. http://www.immunet.com/false_positive If you wish you could also report this directly to the ClamAV development team here. http://www.clamav.net/contact Aside from the FP is Adobe Reader functioning ok for you at this time? Regards, Ritchie... P.S. - I'm not saying this is what's currently going on here but Adobe has had issues in the past with it's software products containing zero-day vulnerabilities that hackers could exploit to their advantage, especially with their Adobe Flash software. Just thought I'd mention that historical fact.
  14. The Verbose Tray Notification feature should only be enabled when instructed by an Admin or Dev. It's used for debugging & troubleshooting purposes only and should ordinarily remain disabled. Unless you actually like getting a plethora of pop-ups! When enabled it will show you "all the files" that Immunet has encountered including legitimate Windows & third-party program files. These are files that are already installed on your system. I hope this clarifies things for you.
  15. We have had some recent issues reported by a few users where the ClamAV module is causing excessive system resource usage. This can be caused if you have a program that does a lot of disk reading & writing (I/O). That's why I inquired about that because all that's needed to fix this is the correct custom Exclusion rule being created with Immunet for the program. Instead of completely uninstalling Immunet why don't you disable the ClamAV module & updates for it in Settings to see if that's what's causing the issue. Leave the ETHOS & SPERRO cloud detection engines enabled though. That might be worth a shot I think. Let me know if that helps. Best wishes, Ritchie...
×
×
  • Create New...