Jump to content

Wookiee

Members
  • Content Count

    281
  • Joined

  • Last visited

  • Days Won

    23

Everything posted by Wookiee

  1. I believe it should auto update if the computer is on, if not- then you will need to manually launch it.
  2. Is there a reason you stay on XP? WIndows XP is end of life, and honestly, it's not the best to stay on an operating system that isn't going to be updated anymore. You should consider an upgrade. https://www.microsoft.com/en-us/windowsforbusiness/end-of-xp-support
  3. Your cloud stats should be fixed for 6.0.8 and 6.2 users. You should no longer see '0 people protected' or any variation of that. If you have questions, let me know.
  4. Sorry, it's just a API call that isn't working that pulls the stats. It's just a sentence, that isn't pulling that stats correctly. It doesn't affect anything
  5. The print statement is simply a print statement. It does NOT affect the protection.
  6. I would use ClamAV probably. though, it still might choke the processor on large scans
  7. Hey Larry! Not maintaining an antivirus software seems silly. I don't know why they didn't maintain it. We, at Immunet and ClamAV update it often. As far as speeds go, ClamWin is our engine but not maintained by us. ClamAV is maintained by us as well.
  8. It's just a bug, no one is not protected. This doesn't change the way Immunet works, or it's detection
  9. Can you send me the quarantined file ? So, I can run some tests via a private message? I can see if I can get it working. Though, the cloud option being '0' shouldn't matter because signatures are what protect / find files to which are quarantined. The virus definitions are updated a few times a day (similar to ClamAVs). I would say if , you updated on both systems for the signatures. It would both technically contain the latest
  10. The cloud stats message, shouldn't have anything to do with you having the latest signatures. It should not leave you unprotected. You will need to make sure you are running the same signature set on both versions.
  11. If you can obtain the files, I can do a comparison, but these would all be signature based. Signatures are what 'find' the malware / ransomware etc. The signatures aren't going to change version by version from 6.0.8 to 6.2, unless the malware itself is changed (or there was an issue with the signature in the first place, to which we push updated signatures out). I am not disbelieving you, But without knowing the exact file, the exact signature- this is a lot of 'he said', 'she said'. There was a few issues with some signatures about a week ago, in regards to detecting certain files, as malicious when they weren't, which were corrected. I would need the malware file(s), to conduct any test to see the following: 1) IF something has changed between versions (signature versions or software versions) 2) what signature(s) are being detected Though, nothing should of changed (other than the signatures possibly and I don't know that without the sample malware file(s)).
  12. That could simply be a signature issue, what file(s) of malware are you running against? Have you submitted FPs? Is ClamAV enabled or disabled? Are you mirroring the settings of 6.2 and 6.0.8?
  13. The message is just not updating. You aren't unprotected.
  14. This was due to a signature that was corrected. Update your signatures
  15. This is known, and is being worked on by the dev's to correct
  16. Yes, the 0 cloud users is being looked into by the dev's- it is working for some- not everyone
  17. The process blocking has been a part of Immunet for sometime, just the notifications for it are new.
  18. The reason a fresh install works where as an upgrade doesn't for the 0 cloud users is because NEW installs goes to a newer cloud env, that eventually everyone will be pushed to. Upgrades don't. It's something we plan on fixing.
  19. Not a problem! It's what I expected, a bios name issue. Glad it's working
  20. We don't have anything to decrypt your data if a ransomware attack happens. We look for more malware and things like that. You might want to turn 'blocking' on if it isn't already in the immunet settings though. That could help. There should be ransomware specific softwares that could have key(s). The .krab file is a grancrab, which signatures DO exist for detecting but Immunet and clamav does NOT decrypt it. Below is a NON CISCO tool, use at your own risk. https://www.nomoreransom.org/uploads/GANDCRAB RANSOMWARE DECRYPTION TOOL.pdf
  21. There is a few issues fixed with the new release, you could try 6.2.0 and see if it fixes the crashing. We had an issue with a bios name, that was corrected in 6.2 that would cause these issues
  22. The process blocked, try turning the 'blocking' option off. we notify and block the process which try to access protected processes ( Winlogon.exe ,lsass.exe, etc.). Once the SPP rule is triggered, the notification is reported on couple of conditions and one them is when “process is not clean and not signed. “
×
×
  • Create New...