Jump to content

ritchie58

Moderators
  • Content Count

    2,342
  • Joined

  • Last visited

  • Days Won

    183

Everything posted by ritchie58

  1. Thanks for the additional input jdurand. I'm also suspicious that the two issues are related as more users report the same thing. Is it just a server issue or could there be some sort of of bug with version 7.2.8? I wish an admin or dev could look into this/these issue(s) soon!
  2. I here what you're saying. It was quite the debacle when the NSA's EternalBlue project was leaked. Not long after that the WannaCry ransomware emerged using a Zero-Day Vulnerability in Windows Operating Systems back in 2017. Unfortunately this code still exists on the dark web and can be easily modified to produce new ransomware variants by hackers to this day.
  3. There's even been recent reports of hackers targeting hospitals & medical facilities associated with covid-19 research (and not just in this country), attempting to or succeeding in, infecting there servers with ransomware. "That's about as low as you can go in my opinion considering that there's a world-wide pandemic still going on!" "What a bunch of heartless, self-centered, greedy 'SCUMBAG CRIMINALS' they must be!" That does really p*ss me off as it should any law-abiding citizen.
  4. Thanks for reconfirming that this cloud stat issue will not affect Immunet's efficacy novirus. For me, why it's taking so long for this minor bug to be fixed is increasingly perplexing!
  5. Personally, I've never seen the cloud stat issue go unresolved this long after a new build is released. Now users are reporting update issues too. Are these related or what? "Hello, is there anybody out there!!!"
  6. Thanks for the additional feedback guys. Much appreciated! Yeah, I also think there's something else going on as far as this recent update issue is concerned! If it's associated with the (still unresolved) issue with the cloud stats not being displayed correctly since the release of version 7.2.8 is a "troubling hypothesis!" I guess one can't rule that coloration out at this time given the current circumstances. I wish a dev or admin could shed some light on this/these issue(s) too! Best wishes, Ritchie...
  7. By my own observation, it's not unheard of for the Immunet servers to become temporarily congested with traffic on rare occasions. Try waiting a day and then see if the same behavior persists would be my advise at this time. Regards, Ritchie...
  8. There was a paid version of Immunet called Immunet Plus that included the TETRA module that's only now available with AMP for Endpoints which is Immunet's enterprise version btw. I haven't heard of a new paid version being developed to be honest with you. I did offer the idea of including a secure VPN service with a new paid version of Immunet a while back. With the popularity of VPN services I still think that's not a bad idea!
  9. Some forum users pointed out that the quarantine/suspicious file behavior settings have either been eliminated from the UI or are not being displayed (a bug?) Personally speaking I like to be able to decide for myself what to do when a file is quarantined using the "Ask Me" setting. I find that rather disconcerting that these options are no longer present! Also, any ETA as to when the Cloud Stats server issue will be fixed?
  10. Wow! You guys are right! The UI settings for the quarantine or suspicious file behavior has indeed disappeared for this 7.2.8 build! I have no clue why that's not present or have been eliminated from the settings. Is it a code change to the program or just some sort of bug? "Either way I don't find that very cool either!!!" That's something an admin or dev will have to answer as to why this decision was made to eliminate those settings (or if it's just a bug with this build that needs fixed). Those settings definitely need to be returned to users! I had those settings set to "Ask Me" in the last build myself too.
  11. I do hope this minor server glitch can be fixed ASAP though. I would just like to reiterate what nirmeshptl & myself mentioned above. This does not affect or diminish Immunet's efficacy. ETHOS and SPERO cloud lookups & ClamAV def updates will still take place.
  12. Hi john, I wouldn't recommend you try to change any of Immunet's file paths. That could have detrimental effects with the software. On this new build I only had to create a new allow rule with my firewall for sfc.exe. Like I said in the last Announcement post that it's not that uncommon to have to create a new allow rule or two with your firewall when a new build is installed. Personally I don't find that a big hassle but I can see where some folks might find that a little disconcerting. Cheers, Ritchie...
  13. Thanks for your astute observation gogos888! When I updated to the newest version last night I didn't even notice that was occurring myself until you pointed it out! I've seen this happen before when a new build is rolled out. It's just a temporary server issue that needs to be looked into & fixed. Rest assured that this minor issue doesn't affect the protection that Immunet provides users. It only has to do with how the stats currently are being displayed with the UI. Regards, Ritchie...
  14. I'd like to report that the 7.2.8 upgrade through the UI took place with no problems. No reboot necessary! Great job on that guys! I did have to create a new allow rule with my firewall for sfc.exe but that's not uncommon behavior when a new build is installed. Some impressive changes have been made! A personal thanks to nirmeshptl for including a detailed change log with this announcement! Something I've been suggesting in the past when a new build is publicly rolled out. Best wishes, Ritchie...
  15. The detection signifies a "Potentially Unwanted Application" possibly containing Adware/Spyware. Besttoolbars is an application where custom toolbars can be developed for primarily IE & Firefox. Unfortunately this application also can be used to include malicious code to the toolbar browser extension. If your positive that your toolbar is not malicious you could use Immunet's "Restore" feature for the files. Personally speaking, I'd rather saw my own leg off with a dull butter knife than 'use any third-party toolbar' with my browser, lol! That's how much I trust or need 'em. Cheers, Ritchie...
  16. It will be rather difficult to assist you further without knowing the affected file names, the program in question & the malware detection name(s). That's like trying to repair something in complete darkness. A rather difficult endeavor! I didn't say that was the issue with you but that "sometimes" a temp file can be the cause of a failed Quarantine Restore. If you don't want to post this info here you can send me a Private Message with the requested data. That's an option at your disposal.
  17. I'm sorry to say that the Orbital code can't be disabled or deleted once it's installed. It's now an integral part of how Immunet's protection works for you. Not everyone gets the Orbital code actually. I never got the code installed on my PC. A person gets the Orbital code if Immunet detects one or more security weaknesses with your Operating System. That fills the gap for those possible vulnerabilities so to speak. Interesting idea to let the user decide if he/she wants to use it though. You could start a new topic in the "Ideas" section of the forum regarding the subject. That's not a bad idea! Regards, Ritchie...
  18. Hi bkiller10, Have you tried to use the Quarantine Restore feature for the script? If successfully restored from Quarantine that will automatically move the file to the Exclusion list so it will no longer be scanned. I would also suggest you report this as a False Positive to the Immunet devs and since it's also a ClamAV detection to contact the ClamAV support folks at these URL's Immunet Support: https://www.immunet.com/false_positive ClamAV Support: https://www.clamav.net/reports/fp
  19. What was the software program that caused the quarantine responses? Also, what is the malware detection names of the 5 files in question? When Immunet quarantines a file it is indeed encrypted which makes it inaccessible by conventional means. Sometimes if a file can't be restored it could be a temp file created by the software but has been deleted once the program was stopped.
  20. I would be the first one to admit Immunet is not the perfect software for everyone. Any security software developer will tell you it's impossible to code a program that will work with every conceivable configuration a person might use with their computer or the installed third-party software programs. We do encourage folks that use Immunet to report any behavior they find troubling. For instance, if one encounters what they think is a False Positive that can be reported at this URL. https://www.immunet.com/false_positive Immunet also has troubleshooting/debugging abilities by using the Verbose Tray Notifications feature and sending in a Support Diagnostic Tool report for the devs to look at. Like anything else in life it's so easy to sit there and complain about things and do nothing about it. Instead why not participate to try and make the product that much better! That's all I have to say about Yodabug's thread to this topic.
  21. That's great you also want to do some testing of Sophos too Scats! I still strongly recommend you add those exclusions to both AV's Donavyn. That really can go a long way in avoiding "possible future conflicts!" I have Monitor Program Start disabled for similar reasons too. If enabled that setting can slow down an .exe from launching. I use a few other security/monitoring apps besides my firewall & AV's. I noticed that having Monitor Program Start enabled would sometimes interfere with these apps from launching properly (or not at all) at boot-up. No problem if this setting is disabled. I have an idea for you guys! If you haven't done so already, why not try some different types of scans with Immunet (Flash, Custom, Full) to see how the performance & resources are affected while pared with Sophos Home Plus. Not a bad idea to run some scans with Sophos too for comparison. Just an idea but that would give you a more comprehensive test in my opinion. Cheers, Ritchie...
  22. Hi Scats, Speaking of low-power systems there are some devices, such as notebook & tablet computers, that have very minimal CPU/RAM system resources may not be able to efficiently run Immunet. It is recommended that ClamAV be turned off if using a paid product but that is entirely up to the user of course. Like I mentioned if ClamAV is not hogging up to much resources then why not use it. You have 32 gigs of RAM with your rig? Wow! "You could run multi-threaded 3D rendering, CAD and other intensive applications that require tons of memory, very cool!" Regards, Ritchie... P.S. - I've built a few rigs from the ground up over the years myself.
  23. Hello Donavyn and thank you for your interest in Immunet! As you mentioned Sophos Home Plus is not listed as an AV package that has been "officially tested" for compatibility. However there's many AV's that were never tested but are still considered unofficially compatible. Just because an AV is not listed officially or unofficially compatible doesn't mean it's necessarily "not" compatible. I personally have Immunet running as a companion AV to Panda Dome Pro for instance. That AV is not listed either but they work great together. Immunet & Panda were the first two "cloud based" AV's to ever be developed btw! I strongly recommend you do create a custom Exclusion rule with Immunet for Sopho's "entire Program Files folder" and create a exclusion/exception/allow rule with Sophos for Immunet's "entire Program Files folder" as well. This can greatly decrease the likelihood of conflicts occurring between the two AV's. One other thing, since you're running a paid product along side of Immunet you might want to consider not using the ClamAV module and updates for it. That has always been the recommendation when using a paid AV product with Immunet. That's the way I have Immunet configured to run with Panda Dome Pro, I use just the ETHOS & SPERO cloud engines. That can (sometimes significantly) improve upon system performance & resources being utilized since ClamAV is a bit redundant in that type of layered AV security setup anyway. Then again, since you are testing you could experiment if you want to see how much additional CPU/RAM usage occurs with and without ClamAV enabled. If ClamAV proves to be acceptable then I don't see the harm with continuing to use it as it will provide an additional layer of security. I hope this info helps and it would be great if you can let us know how your testing went! Best wishes & stay healthy, Ritchie...
  24. OK, I get what you're saying. I have a list of Domains & IP addresses that Immunet can sometimes use but that's a new one for me! Sorry about the confusion! Instead of a dedicated Windows process (sfc.exe, iptray.exe, cscm.exe & freshclam.exe) this must be a new Domain or IP address that Immunet is using for DNS lookups. Unfortunately the direct IP addresses Immunet connects to aren’t necessarily long lived. They're generally only used in the case of DNS lookups failing continuously. I would suggest you wait a day or two to see if the issue persists and if it does perhaps some troubleshooting might be called for. Would you be up for something like that?
  25. Hello MacDaddy, Amp for Endpoints is Immunet's enterprise version but this forum is for Immunet Protect Free only. I would suggest you instead contact the support team for AMP regarding your issue. Here's a URL where you can contact AMP's support. https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html Best wishes, Ritchie...
×
×
  • Create New...