Jump to content

ritchie58

Moderators
  • Content Count

    2,260
  • Joined

  • Last visited

  • Days Won

    174

Everything posted by ritchie58

  1. Hello again qwerty123, A uninstall & reinstall is not a fix-all solution for everything of course, lol! I just wanted to make sure your copy of Immunet wasn't corrupted some how. Is your D:\ drive physically connected to your motherboard via SATA cable or is it an external drive connected to a FireWire or USB port? Hi Rob, Perhaps I should have been more articulate. If you scan a folder with enough files using the right-click Context Menu Scanner the elapsed time will be displayed but it reverts back to 0:00 after the scan has completed. The elapsed time shouldn't just disappear like that after the scan is done In my opinion. I still consider this a not mission critical "minor bug" that I hope can be fixed in a future build. Cheers, Ritchie...
  2. Hi Spatha, If you're sure your copy of the software is not malicious (you can use VirusTotal to check to make sure https://www.virustotal.com/gui/home/upload) I would suggest you also report that as a False Positive like I advised wintonson at our FP reporting site. https://www.immunet.com/false_positive You can still use the software if you create a custom exclusion rule with Immunet as I described in my last thread to this topic. Cheers, Ritchie...
  3. Hi zombunny2, Glad to hear you fixed the issue you were encountering! Sorry to hear you had to go through so much stuff to achieve that though. My personal opinion is that Immunet needs a comprehensive removal tool developed, that will work with the newest builds, to clean all traces of the software just in case. Cheers, Ritchie...
  4. Hi novirus, Do you have samples of these possible exploits/malware? If so, here are instructions on how & where to send them to. We don't want forum members posting actual malware samples here on this site (for the security of other members) but we do have a malware sample submission site using this email address: submit@samples.immunet.com Before sending the samples put them all in a folder, compress the folder using a program like 7zip or WinRAR and use a password to encrypt it, add that as an attachment to the email. As the email header type: Virus Samples, so the tech immediately knows what it is. Include a description of the type of malware it is and any other pertinent data you can think of in the email, just don't forget to include the password so the folder can be unpacked. Regards, Ritchie...
  5. The U.S. Army has issued a public statement saying that some American citizens are receiving fake draft notices in the form of text messages via smartphone. That they report to the nearest recruiting station for training & deployment to Iran. Army officials issued a statement, saying, "U.S. Army Recruiting Command has received multiple calls and emails about these fake text messages and wants to ensure Americans understand these texts are false and were not initiated by this command or the U.S. Army." There hasn't been any compulsory military service obligation since shortly after the Vietnam war ended. The U.S. military is comprised of strictly voluntary members since 1973. The messages don't seem to appear to target one particular age group or gender. Some childern's phones have actually even been targeted! If you get one of these fake texts, Mallory Vergara with the Better Business Bureau warns people not to click on anything. “As soon as you click that information, they can hack into your phone, get your email, address, social, whatever information that you have on your phone," Vergara said. So if you're unlucky enough to get one of these bogus text messages just delete it. Don't click on any attachments or links that may be included in the text message. Here is a image what the fake text message may look like.
  6. Sorry for the delay in responding. I came down with that darn flu virus that's goin' around. I was down for the count for a few days, wishing someone would just put me out of my misery, lol! Instead of using your personal email it would be more convenient if we use the forum's Private Message feature. Just click on the little envelope icon on the upper right-hand side of the page after logging in to view or send a PM. It's that easy. I'll send you a PM on how to start the diagnostic procedure and where & who to send the data to. Regards, Ritchie... Edit: PM sent!
  7. If you would like to participate Merle, there is the Verbose Tray Notifications Setting you can enable (this feature is for troubleshooting/diagnostic purposes) for both machines and then send us a Support Diagnostic Tool Report for both. If you enable the VTN feature you will start getting some different pop-up messages from Immunet that you're not use to seeing. Immunet's log files will increase in size, disk I/O, CPU & RAM usage may increase at times too. This behavior is normal when this setting is enabled. I can give you detailed instructions on how to accomplish that if you give it a go and/or have any questions. For anyone else who reads this thread "do not enable" the Verbose Tray Notifications feature unless instructed to do so. Regards, Ritchie...
  8. Interesting fix you thought of Aris! I hope the devs take note of your efforts and look into this. Although it's not advocated that users, under normal circumstances, mess with Immunet's registry keys. Actually it is recommended that one or two of the Program Files folders for the newest older builds you used not be deleted for possible future troubleshooting/bug fix purposes. If you know what you're doing and are an intermediate or advanced computer user then using Windows regedit shouldn't be a problem but I can't recommend a novice computer user try this method. Delete the wrong registry keys and maybe your OS won't even work anymore. Even for advanced computer users it's still not a bad idea to create a manual System Restore Point before using regedit, just in case!!! Happy New Year to you too bro! Cheers, Ritchie...
  9. Hi Merle, That is rather strange! Does both machines use the same Operating System & the same security setup? Is there anything different that you can think of between the two machines? Why the UI is not detecting your proxy service is troubling though. That should be detected automatically by Immunet! This could be a bug with the software unfortunately.
  10. Thanks for the explanation for what the software does novirus. I could see where that could be a very useful tool for IT or security professionals! Immunet does block "known strains" of ransomware. It's the brand new, emerging forms of ransomware that can be problematic for users until new malware definitions are created to block it. Congratulations btw novirus! Since you now have over 10 posts you are no longer a Newbie, instead you are the "newest official Member to the Immunet community!"
  11. I personally am quite curious about what exactly this software does? If it a tool to teach future cyber security technicians how to recognize suspicious/malicious code that would be a great thing! There actually is a growing shortage of trained cyber security personal worldwide. This doesn't bode well for the average computer user as malware is sure to become more complex & prevalent as well because of this.
  12. Immunet's False Positive reporting site is the best place to submit this type of data as it will be analyzed much quicker for authenticity than if you report it here. Then the program can be whitelisted if it's deemed the code is not malicious in nature. Did you have some sort of difficulties submitting the data at that link? Regards, Ritchie...
  13. Here is a list of Domains and URL's used by Immunet. Most of them use ports 80 & 443. These Domains mostly use port 443/SSL, but may fall back to 80/HTTP, and also occasionally use 32137 TCP & UDP. 50.16.57.96 50.16.120.26 50.16.122.1 50.16.157.87 67.202.39.9 174.129.187.1 184.72.79.33 184.72.92.143 update.immunet.com cloud-consumer-asn.immunet.com cloud-nfm.immunet.com fmd.immunet.com submit.immunet.com console.amp.cisco.com https://crash.immunet.com cloud-consumer-est.immunet.com https://consumer-event.immunet.com https://consumer-mgmt.immunet.com https://policy.amp.cisco.com public-cloud.immunet.com ws.immunet.com http://www.immunet.com/ http://support.immunet.com/ https://enterprise-m....sourcefire.com current.cvd.win.clamav.net is accessed via a DNS query (port 53), and returns the IP of the nearest least busy ClamAV definitions server. Keep an eye on the up to date icon in the bottom right of Immunet’s interface and if it’s not a green check-mark click update now and if it still doesn’t change to a green check-mark after the update finishes then likely Immunet can’t reach the appropriate ClamAV definitions sever. Unfortunately the direct IP addresses Immunet connects to aren’t necessarily long lived and can’t reliably be whitelisted. They're generally only used in the case of DNS lookups failing continuously.
  14. Hi Chad71, Are you using the ClamAV module enabled? There have been past occurrences where ClamAV was using excessive CPU usage with older builds. As an experiment temporarily disable the ClamAV module and updates for it and see if that lowers the CPU cycles to an acceptable level. Leave the ETHOS & SPERO cloud engines enabled so you don't loose that protection. If the UI doesn't display the correct scan history that possibly could be a connectivity issue. Make sure that no other security app you are using, including your firewall, isn't interfering with or blocking Immunet's processes. These processes are iptray.exe, sfc.exe and cscm.exe. When ClamAV is enabled Immunet also uses freshclam.exe. Glad to hear you're familiar with Immunet's Enterprise version, AMP for Endpoints! Ya know, AMP can be configured for individual/home/private network use too. I used it for a year just to check out the software myself with my home desktop a while back. Just pointing out an alternative at your disposal. Happy New Year! Ritchie...
  15. This 503 error has nothing to do with your Operating System or your ISP's modem DeLi. It's an error associated with Immunet's update server.
  16. I can think of another question. Are the files that seem to not be able to initiate a Context Menu Scan located in a different drive other than your OS C:\ drive?
  17. Hello qwerty123, I just checked the right-click Context Menu Scanner and it seems to work just fine for my copy of Immunet. I scanned my Firefox add-on settings backup folder and some of the individual files in the folder with no problem (see images). There is a "minor bug" with the Context Menu Scanner though. It doesn't display the elapsed time it took for the scan to complete. That bug has been around for some time. Have you tried to do a clean uninstall & reinstall to see if that corrects the issue? If not, give that a try. When asked by the uninstaller if you plan to install Immunet again choose the "NO" option and proceed with the remainder of the uninstall. After reinstalling you will have to reconfigure the Settings to what you had and re-add any Exclusions you may have been using. Let us know if a reinstall doesn't correct the issue. We may have to dig a little deeper to see what's going on. Regards, Ritchie...
  18. If you think Immunet may be the cause of this I would recommend you check if those .exe files have been quarantined. First open the UI -> click on the underlined word Quarantine just below & to the right of the History tab -> if you find the .exe files have been quarantined in the right side Details dialog box click on the file and click on the "Restore" option -> click Apply -> click Close. Follow the same procedure for the other .exe file if present. This will automatically move the files to the Exclusion list and will no longer be scanned. If Immunet isn't the problem check your firewall or any other security apps you may be using to make sure the files aren't being blocked by that software. Another thing to check is make sure the Print Spooler Service is set to "Automatic" in Services. Some printers require this setting. If you're not sure how that's done shoot me a Private Message and I can give you detailed instructions on how to access & adjust this Windows Service. I will need to know what your OS is first though. If you still encounter issues after checking these things I would suggest you contact Lexmark support at this link for further assistance. http://support.lexmark.com/index?page=productSelection&channel=supportAndDownloads&locale=en&userlocale=EN_US Merry Christmas, Ritchie...
  19. The Immunet team would like to wish everyone a "Merry Christmas" & a "Happy New Year!"
  20. Hey dallas7! First of all I'd like to wish you & yours a very Merry Christmas! Sorry to hear that this issue goes unresolved for you and others my friend. I tried to push this issue up the ladder but I'm sorry to say I still haven't heard when/if this is being looked into. I'm as perplexed as you are! I would have to agree with you there, I also believe that Immunet is not getting nearly the attention or R&D it once did unfortunately. I wish I could be proven wrong on that but the facts kind of speak for themselves as things currently stand I guess. Best wishes, Ritchie...
  21. Like I mentioned in the last thread to this topic, to my knowledge, variable wildcard temp exclusions are not supported at this time. You can create custom Exclusion rule(s) for most any software if you use the correct file path(s). Unless it's a file extension the Exclusion would have to start with a drive letter such as C:/.
  22. Hello Hernan, I'm sorry to say that Immunet does not support the use of Command Line scripting. You could, in Settings, just turn off the ClamAV module when your server is at it's most active to reduce system resources being used. Then enable it afterwards. You wouldn't loose all protection as long as you keep the ETHOS & SPERO cloud engines enabled. That is a less than ideal workaround, having to turn on & off the ClamAV module in my opinion though. The cloud engines should normally remain enabled regardless what other settings you use or don't use. You do have another option of using just ClamAV's open-sourced scripting code instead of Immunet. ClamAV does use Command Line scripts to configure & use. Here's a link to their home page if you would like to check out the software for yourself. Maybe that might better suit your needs. https://www.clamav.net/ Why your system resources are so high when ClamAV is enabled is troubling. You are using the newest 7.0.2 version right? Best wishes, Ritchie...
  23. I don't believe Immunet has, as yet, added any new code with the 7.0.2 build to be able to create wildcard %TEMP% exclusions for UNC share folders unfortunately.
  24. When Windows 7 was first introduced Microsoft promised that support would continue for 10 years. They are continuing to meet that commitment until Jan. 14th 2020 when support will end on that date. What that means is Microsoft will no longer provide technical support, software updates, enhancements or security updates or fixes after Jan. 14th, 2020. Your computer will still function after that date but if you continue to use the Operating System it will become more vulnerable to viruses, malware and hackers as time goes by. Microsoft is recommending that any Win 7 user switch over to Win 10 before the scheduled end of support date. For IT professionals: Microsoft will offer paid Windows 7 Extended Security Updates (ESU) through January 2023. The Windows 7 ESU will be sold on a per-device basis and the price will increase each year. Windows 7 ESUs will be available to all Windows 7 Professional and Windows 7 Enterprise customers in Volume Licensing, with a discount to customers with Windows software assurance, Windows 10 Enterprise or Windows 10 Education subscriptions. In addition, Office 365 ProPlus will be supported on devices with active Windows 7 Extended Security Updates (ESU) through January 2023. This means that customers who purchase the Windows 7 ESU will be able to continue to run Office 365 ProPlus.
  25. Speaking of porch pirates, I heard that a growing number of law enforcement agencies across the country are using bait packages & civilian volunteers that contain tracking bugs to help combat this increasing criminal activity. Using GPS or cell phone pings they can track the package down & and arrest the culprits!
×
×
  • Create New...