Jump to content
bigdawg

update fails on new install

Recommended Posts

I just installed Immunet today and tried to do an update but although the downloading appears to go well it fails the update.

Is there a problem with the cloud servers?

SG

Share this post


Link to post
Share on other sites

Hi SG,

There's no issues with the cloud servers to my knowledge. Could it be that you have some other security product installed that may be blocking or interfering with Immunet's processes? This includes an additional installed AV, behavior blocker or sandboxing software or even your own firewall perhaps.

Here are the processes that need 'unencumbered internet access' for Immunet to function properly, cscm.exe - iptray.exe - sfc.exe.

If you find that none of these processes are being blocked then I would suggest you try a clean uninstall & reinstall of Immunet in case something went wrong during the install process.  

When asked by the uninstaller if you plan to reinstall Immunet again choose the 'NO' option and proceed with the remainder of the uninstall. This will delete all the history .db files but you will have to reconfigure your settings to the way you had them and add any custom exclusions you may have been using again.

Click on this link to get the newest 7.4.0.20274 installer package downloaded & run that after uninstalling. https://download.immunet.com/binaries/immunet/bin/ImmunetSetup.exe

Let me know if you continue to have problems updating after exploring these suggestions.

Best wishes, Ritchie...

Share this post


Link to post
Share on other sites

Thanks for the info. I will be sure to look at my other AV and firewall products to see if I can determine if they are indeed blocking the update.

Hopefully, I can uncover the issue.

Share this post


Link to post
Share on other sites

Turns out it was Zone Alarm Firewall program.

I couldn't find any where in the program that it was blocking anything. Of course I might not know what to look for, but I just paused Zone Alarm and the installation went through just fine.

If you or anyone at Immunet have any suggestions on how to tweak ZA to behave, would be appreciated.

Thanks for the help. It pointed me in the right direction.

Share this post


Link to post
Share on other sites

I actually used ZoneAlarm Firewall for a time back a few OS's & years ago. I switched to Comodo Firewall (minus the AV module) because it was much lighter on system resources being utilized (CPU & RAM usage). ZA was a little notorious for it's high system footprint at times back in that day. 

Here's some info I dug up on the web you might find useful to create custom allow rules for ZA if they apply for the build you're using hopefully.

In the FIREWALL tab, click Settings for the Application Control category.

The Application Control panel shows the Current Settings and the History.

Click View Programs.

The Application Control Settings window opens and shows the View Programs panel.

Click Add.

The Add Program window opens.

Select the executable file of the program you want to add to the list.

Click Open.

The Add Program window closes, and the program appears in the list. By default, after you add a program to the list, its SmartDefense setting is Auto, and all the other settings are Ask.

Also, here's an informative link from ZA's official web page that explains how your firewall works & how to make changes if need be. https://www.zonealarm.com/learning-center/firewall/

Not a bad idea to create a custom Exclusion rule for ZA's 'entire Program Files folder' with Immunet. That could help with possible future conflicts occurring between Immunet & ZA too.

Cheers, Ritchie...

Share this post


Link to post
Share on other sites

ritchie58

Thanks for the research.

Yes I was aware of these settings and tried to add the files you mentioned, but ZA refused to allow me to. Thinking that there must be a special way to do it in ZA was the reason for my post.

I've decided that I'd had enough of ZA. (I'd had other issues in the past), I just uninstalled it completely and installed a new and different Firewall program.

So far everything is working well with Immunet.

Thanks again for your expert help.

SG

  • Thanks 1

Share this post


Link to post
Share on other sites

I have the same failure - The ClamAV module downloads the database update and then finishes saying it failed to apply the update.

This is when performing a manual update via the GUI - no indication is given that it fails when automatic updates are tried, so I have no idea how long this has been going on.

This is on any machine I use or administer for friends/family, with Immunet present. Nothing seems to be blocking Immunet updating (e.g. firewalls or other security software). I suspect updates have been silently failing on many users' systems for a long time.

Seems to make no difference whether Immunet is the only security solution on the system, or whether it is run in tandem with others (obviously with each included in the others' exclusion lists).

As an experiment, I downloaded ClamAV for Windows, and freshclam was able to update with no problem, so it's not a connectivity issue between Immunet/my machine and the ClamAV servers. In fact, from the way the error occurs, it seems to be that the problem is with Immunet actually applying the downloaded update! Maybe Immunet is preventing all writes (including its own) to its program directory?

Share this post


Link to post
Share on other sites

Hey zom,

"Oh no, not again!" I was really hoping that the issues with ClamAV would have been fixed 'this time' with the new 7.4.0 build roll-out but what you reported it doesn't look that way!

Might I suggest you post an additional thread to the newest 7.4.0 Announcements topic here.https://support.immunet.com/topic/11395-new-release-immunet-740/

You might have a better chance of the developer that posted the topic to read your recent findings there instead of elsewhere on the forum. Add all the relevant data to the thread that you can think of.  Worth a try I think.

Share this post


Link to post
Share on other sites

Hey Ritchie,

Thanks for the suggestion. I did wonder whether I should have created a new topic or just done a "me too" on this one. Sorry I can't post on the announcement topic you link to. Maybe I need to have reached a certain number of posts or reputation before being allowed to post there or something.

I seem to remember last time I had this issue, installing via Chocolatey seemed to work at least temporarily. I may try another re-install and will post back if it works.

It would be in Cicsco's interests to either fix bugs in Immunet and monitor the forums more closely, or just kill Immunet off completely, once and for all. I have actually been steering my company and others away from considering AMP because of Immunet's relentless bugs, as the two solutions share common code. That in itself is no big loss to Cisco, but if I'm doing that, many others may possibly be doing that too.

Share this post


Link to post
Share on other sites

Ok, my bad! Sorry about the lapse in memory! The topic is pinned so that means only admins, devs or myself have the proper permission to post there. I'll add another thread there myself regarding your recent findings! Maybe not tonight but I'll get 'er done!

As you pointed out it does seem to me too that Cisco has made the Immunet project an extremely low priority with (no doubt) minimal funding. You can't actually call it abandonware though since new builds are rolled-out from time to time, so it's still getting 'some' development.

As far as responding to users support issues there have been 'no technical input' from any admins or devs since early April of last year when the admin RobT abandoned ship.

It's just been little ol' me for over 10 months doing what I can to fill in as a support person. So in that regard I'm just as frustrated as you are zom. Believe me I've contemplated just leaving the project on more than one occasion.

Being the forum's moderator for a number of years I can tell that Immunet's user base has already significantly diminished just by the amount of traffic the forum gets now. 

Especially before the Plus (paid) version of Immunet was completely scrapped in favor of developing an enterprise version of Immunet called FireAMP Connector (now called AMP for Endpoints) this forum was actually quite busy & interactive between users, admins, devs & mods. Besides myself there actually was more than one moderator for this site in the past!

Oh, the good ol' days!

If you too decide to leave the project I would like to say that, by your posts, I've always found you an intelligent & articulate fellow. If no one else, I've appreciated your input on the forum bro! You've got 14 'likes' which makes your community reputation good. Who do you think gave you most of those? I'll give you three guesses & the first two don't count, lol!

Best wishes, Ritchie...

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...