Jump to content


Immunet Insiders
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by bellgamin

  1. This thread is ~6+ years old, and Immunet is still going strong -- as demonstrated by the recent issuance of version 7.0, followed shortly thereafter by update 7.0.2. What next, I wonder? Maybe add a non-signature-based component such as an anti-execution/whitelisting ability. perhaps?
  2. Duhhh... I actually like the current GUI. Go figure.
  3. THIS FAQ page of Immunet's website is grossly outdated as pertains to the paragraph and table that follow after the heading, "Immunet Protect Free is _ _ companion anti-virus, what other anti-virus packages can it run beside?" That portion of the FAQ pertains to a very old & obsolete beta of Immunet. This outdated info can be misleading to visitors to Immunet's website. For example, misinterpretation of that obsolete content caused it to be wrongly cited in Post #9 in a thread about Immunet at Wilders Security Forum. I recommend it be updated or deleted.
  4. Using Immunet (abbreviated herein as "I-net"), I checked the Steam.exe* file that you attached to your post #1. I-net reported that file as clean. I then downloaded the Steam installer from HERE and installed Steam on my Virtual Machine. After installation, I checked the newly-installed Steam.exe file. Its SHA256* is identical to your file's SHA256. I-net also reported that newly-installed Steam.exe file as clean (to be expected, because it is identical to your Steam.exe file). I then had I-net check the entire Steam file folder (lots of files in that folder). I-net said the folder's entire contents are clean. I then started Steam, registered an account, and loaded a free game. I-net never made a peep. On my computer, for one, the Steam folder and the file, Steam.exe, check as clean according to Immunet. Of course, my Steam folder does not contain the same settings & game histories that your folder contains. If Immunet continues to flag Steam, you may need to do a right-click Immunet scan of individual files in your Steam folder. *Steam.exe's SHA256: 0BDA997391C06BCE6B70DB30808136427C83F972D6D48C3554C2A042EFF09224
  5. 10Q for the VT blog link. Verrry interesting! BitDefender (BD) is one of the better antiviruses but tends to be buggy at times and has a fairly heavy footprint.
  6. 10Q for the additional info, Rob. Your course of follow-up action is quite prudent -- it further grows my confidence in Immunet. By the way, I found it interesting that BitDefender was among the many scanners that gave the file a clean bill of health, whereas BitDefender Theta said it's malware. I had never before heard of BD's Theta fork. Do you know anything about it?
  7. Virus Total (VT) is an excellent tool for checking any given file for possible malware. All that's required is to upload the file to VT's website, and it will be scanned by more than 35 scanners including but not limited to Kaspersky, BitDefender, Avira, Avast, Windows Defender, ESET/NOD32, Panda, Ikarus, and many other major Antivirus scanners. Here are 2 choices of methods for uploading a file to VT: 1) Choice #1: Load the file that you want scanned, directly to VT's website at HERE. That site will present you with a small form. Simply click on "Choose File" in the center of the form, and it will take you to your own computer so that you can select the file that you want VT to scan. Almost instantly, after you upload your file, VT will present you with a table of results, listing all of the scanners, and what each of them concluded concerning the file you uploaded. 2) Choice #2: Install an uploader onto your computer. You can get it HERE*. Once this uploader is installed, you can right-click a file and the resultant Explorer Context Menu will include a "Send to Virus Total" option. Simply left-click on that option and the selected file will be uploaded to VT for scanning. The finding of each & every one of VT's many scanners will be displayed online for you. * File Size ~140kb *CHECKSUM -- SHA256: 0918FA4B22D3E212A13FA449A5A7B5C3EC97759DD87DB6D281F387B1570E13C9
  8. 10Q to the nth, RobT. I do hope #3 gets implemented. Aloha from Hawaii, bellgamin
  9. I submitted the file to VirusTotal. Three scanners found the file was infected as follows: BitDefender Theta -- Gen:NN.ZexaCO3.31176.dq0@ayV5l0ii McAfee-GW-Edition -- BehavesLike.Win32.Dropper.tc Ikarus -- Trojan.Crypt NOTE: Virus Total uses ~35 independent antivirus scanners. Of these only 3 scanners (as listed above) reported the file as being infected. I also ran scans with my 2 on-board scanners (Zemana AntiMalware, & HitmanPro). Both scanners reported the file is clean. MY CONCLUSION: I believe this file is a False Positive (FP) because: 1) Only a very small minority of scanners flagged the file as infected. The great majority of scanners reported it as okay. 2) This file does a lot of tweaks to Windows settings that are not usually tweakable by an average user. Thus, its behavioral capabilities somewhat resemble capabilities of certain types of malware. This may account for the few *infected flags* that were raised. 3) You have used this app for a long time and (I assume) you have not encountered any of the usual evidences of computer infection. Bottom Line: Personally, I would clear this file from Immunet's Quarantine and use it. But that's me, and not you. You have to decide for yourself.
  10. I got a flag just after I installed Immunet. The flag told me that I needed to restart the Immunet service. It is rare for a service-type problem to arise, but it's nice to have the tools readily at hand for dealing with those issues. Here are 2 such tools: 1) Windows own built-in services manager: Hit Windows key+R (gets you an entry box) then type "services.msc" (without the quotes) into the entry box. Poof! There's the Windows services manager. 2) ServiWin Service Manager: Goto HERE to read about & download Serviwin. It's FREE! It's the one I use and love.
  11. cscm is also present as of version 7 -- an excellent safeguard with a fairly small footprint.
  12. Immunet's's memory usage on my Win7 laptop is presently 59mb. I do not use Clam. Instead I use HitmanPro (HMP), which is strictly on-demand, using zero RAM & CPU except when actually doing a scan. HMP's sigs & heuristics are totally cloud-based (zero RAM usage). I'm not plugging HMP -- there are several such on-demand scanners that are quite good. I am simply explaining why I disabled Clam. YMMV -- to each his (or her) own.
  13. Because of version 7's excellent improvements to Immunet, I am once again a user and fan of this AV. I have a few comments concerning Immunet's Clam component: 1) I *think* Clam is included with Immunet primarily to enable a user to do a scan without needing an internet connection... correct??? 2) Some folks (I am one of them) do not need Clam because they use some other on-demand AV scanner (such as HitmanPro, McAfee Stinger, Dr.Web CureIt, Emsisoft EEK, & Trend Micro Housecall). I *suppose* this is the reason why Immunet's GUI offers the option of disabling Clam... correct??? 3) However, although Clam can be disabled by using the GUI, Clam is nevertheless resident on one's computer, unnecessarily taking up disk space. It would be nice if the option to NOT use Clam were instead included as an option in Immunet's install routine, so that it would not be loaded onto one's computer at all. By the way, my favorite computer loves immunet because it is VERY easy on RAM & CPU, and it scans really really fast. A beautiful job of programming! Aloha from Hawaii, bellgamin
  14. These processes are incredibly easy on cpu usage. In just over 24 hours of my computer's overall run time since last reboot, the combined total of A-E's 2 running processes is less than 2 seconds. Question: I guess A-E's processes aren't very busy except when I am surfing the web. Correct? I did that right after I installed A-E. So far Immunet plays very nicely with all my securitys apps. Grrreat AV!!!
  15. Brave? No. Foolhardy? Yessss! I d/l MBAE just now & will install it after I clone my C drive. (BTW -- I am a long-time paid user of MBAM. I like it a lot, except that it is bloody slow in loading its GUI.) Thanks muchly for the heads-up re MBAE.
  16. Ritchie - I forget to mention that my router also has a hard-wired firewall. Thus my security layers consist of: (1) 2 firewalls: 1 soft & 1 hard. (2) I clone my total C drive weekly to an external drive. I can revert back as much as 3 months previous, if needed to get a clean XP. (3) Further, I use drop my rights for my browser & my email client. (4) I use pop-peeper -- text only -- no HTML -- for email. (5) Immunet. (6) Private Firewall. (7) HIPS (a behavior blocker on steroids). (8) Antiexecutable (only white-listed executables can run). (8) My "sensitive" files are encrypted. (9) I run an integrity checker for "key" system files & registry items at least every 2 or 3 days. (10) My internet connection is hard-wired, not wireless. In your opinion: Q-1: Does all that security stuff make a sufficient difference? Q-2: Would it further close the door if I surfed the net via a sandbox? In case you haven't noticed, I grossly detest the idea of learning another OS. Plus, I would probably have to replace my 1998-vintage computer. Bother! ~~~~~~~~~~~~~~~~~~~~~~~~~~~ P.S -- Even if XP develops a security hole, won't the bad guys have to gain entrance to my computer via the internet? If so, won't they have to wriggle past my 2 firewalls? Further, even if someone gets in, what's to lose? All my vital files are encrypted. P.P.S -- Yes, I probably have too much security. It's because (1) I'm paranoid. (2) Security is fun. P.P.P.S Believe it or not, all that security uses very little cpu. My system idle averages 98.4- 99.5% of cpu time.
  17. I won't forsake XP yet. I fully expect that my security programs (Immunet, Private FW/HIPS, Lower-My-Rights, & EXP Radar Pro antiexecutable) will maintain my XP's virginity.
  18. It is also a prime example of why Panda products are a tad too unreliable for an IT to install on the net he administers -- that is, if he values his job.
  19. An antivirus killer is most often the payload of a trojan. If my AV program allows a trojan to gain entry & execute, then my AV DESERVES to die. R.I.P.
  20. Apples & oranges. Hitman runs on-demand (NOT real-time) whereas Immunet runs real-time. Prevx is cloud-based AND runs real-time. Immunet and Prevx play VERY nicely together. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ As to Kingsoft -- it is VERY weak, both reactively & proactively. See tests HERE and HERE (d/l Nov PDF). Ergo . . . Kingsoft:Immunet :: Yugo:Mercedes
  21. In my experience, Immunet's uninstall routine works quite effectively. With all of OP's many years of computer experience, I am surprised that he evidently doesn't make system drive images before trialing major software. However I DO sympathize with his unique but frustrating experience.
  22. An engines-related question: If I am running Immunet Pro while I am ONLINE, and during that time I run a full scan, which engine(s) will do the scanning? Tetra only? Or all engines? Or all engines OTHER THAN Tetra?
  23. Thanks for the prompt & informative reply. I become increasingly favorable toward Immunet, largely due to you, Orlando, and this continuingly improved forum. As to user-crafted sigs, I doubt if many of us will be making sigs for advanced malware such as polymorphics, whereby the virus sig changes pretty much every time, AFAIK. However, time will tell. I mainly look for Immunet to manifest more progress in the detection of polymorphs and in dealing with zero-day. To me, these factors are one of the main things that nowadays delineates between AVs as to their relative protective power for dealing with the latest trends in malware.
  24. Is there any special meaning to the "W32" part of these titles? Or is it just a name? Improvement #5 points to ClamAV. In all the many tests of antivirus apps that I have seen, wherein ClamAV was included, it never did all that great. Ergo, please help me to have a little better understanding of your enthusiasm for this aspect of Immunet's pending improvements.
  25. AFAIK Languy is a Mod or Admin for Comodo's forum. Ergo, I am ambivalent with regard to his objectivity and competence as a tester, & I have some doubts concerning both the size & objectivity of his samples. IMO, it was absurd for Languy to test a suite (Comodo) against pure AVs. Comodo is a security suite composed of firewall+AV+HIPS+sandbox. Strip Comodo down to ONLY its antivirus component and it will no longer be a top-tier proactive solution. I partly base this comment on those rare time when Comodo has submitted itself to professional testing. For instance, take a look at Virus Bulletin (VB) RAP test chart. RAP measures antivirus apps as to their reactive and proactive detection abilities when pitted against the most recent malware that has emerged around the world. As you will note from the results chart posted by VB, Comodo AV finished far back in the pack, with just over 60% reactive detection & less than 55% proactive detection. Most other AVs finished well above 90% reactive & 70% or better proactive. For another one of those rare times when Comodo has actually submitted itself to professional testing, take a look at Virus Bulletin's (VB) results for Apr - Oct 2010. Take notice that Comodo Antivirus (not the suite) abstained from VB tests in Feb, Apr, June, & Aug 2010. Then, when Comodo evidently decided to participate in VB's Oct 2010 test, Comodo failed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Bottom line: The measure of a test's validity does not reside in whether or not someone agrees or disagrees with the results. Neither does a test's validity reside in its entertainment value as a video drama. To the contrary, the real validity of any given test resides in the professionalism & competence of the tester, the statistical significance & objectivity of the malware database, and (importantly) the tester's absolute independence from any & all of the software he is reporting on. IMO, the amateur video skits on Youtube might be fun to watch at times, but they have scant value for assessing the relative strengths & weaknesses of security software.
  • Create New...