Immunet clarification

[Messiah]

Hello, I'm new to Immunet and I wish to ask some questions. What's the difference between Ethos and the option of sending files of interest to Immunet for analysis (from Miscellaneous Settings). How do they work? And to what extents either of them affect privacy and safety?

What happens if I were to disable one of them or both? Would I still receive the complete protection?

[ritchie58]

ETHOS is one of two cloud based detection engines that Immunet uses. The difference is the cloud based engines will be looking for known malware signatures. The cloud engines also have learning heuristic capabilities that can detect possibly malicious activity and react to the possible threat in real time.

If you decide to send files to Immunet with the 'Send files to Immunet for analysis' setting enabled means that any unknown or possibly suspicious file that Immunet encounters will be uploaded for further investigation.

Of course it's up to you if you wish to use this feature but keep in mind that no user identifiable information is included in any uploaded file so your privacy is assured.

It is highly recommended that both the ETHOS & SPERO cloud engines always remain enabled with Immunet.

I hope that answers your questions.
Cheers, Ritchie...

[Messiah]

Thank you very much Ritchie! It's good that only unknown or suspicious files are sent while keeping privacy.

And if it's okay I wish to ask another question. What good AV is good to use with Immunet currently? I tried to download the Comodo AV+Firewall but was met with troubles from both my Immunet av and browsers that see the setup file as harmful. I was told then that Comodo is not that good now and it was better to just use Windows defender in this case. Any thoughts on that?

[ritchie58]

It depends what build of (I'm assuming you use) Win 10 you have weather you can use Defender or not. Newer builds of Win 10 will automatically disable Defender if you install another AV solution. Microsoft even admits that Defender is only meant for users that don't have or don't want to use a good third-party AV anyways. I've never used Defender myself as it's not a robust AV compared to some free AV products even! This has been proven once again by 'recent' AV Comparatives testing.

Most of the major player's AV products are compatible with Immunet. Such as AVG, Avira, AVAST, Norton, McAfee, Trend Micro, Kaspersky & others. If you look at the Immunet's Exclusion list a number of AV's are already excluded by default. Personally I have Immunet paired with Panda Dome Pro.

It is a great idea if you use Immunet as a companion AV to create an exclusion/exception/allow rule for 'Immunet's entire Program Files folder' for the other AV. If the other AV you choose is not listed with Immunet's Exclusion list then also create a custom Exclusion rule for the other AV's entire Program Files folder as well.

This really can go a long way at avoiding possible future conflicts or problems between both AV's. They should recognize each other as safe programs. 

Also, if you do use Immunet as a companion AV to another product it is recommended that you disable the ClamAV module & updates for it and just use the cloud engines instead. This will (sometimes significantly) decrease system resources being used by Immunet.

Best wishes, Ritchie...
P.S. - I'm not completely unfamiliar with Comodo. Back in the day I used just the Firewall & Defense+ modules minus the AV module enabled for some older builds of Windows.

I quit using Comodo back then because it was increasingly becoming a resource hog (bloatware).

[Messiah]

I see, well thank's again Ritchie (you got such a good name that I feel like mentioning it everytime). Also I'm using Win8.1, I'm going to check what's better for me from the AVS you advised me with and do comparisons.

Best regards,

[zombunny2]

I have found Immunet to play nicely with Sophos home free in the past. It worked with no exclusions added to either; however to be on the safe side, I excluded Sophos's "program files" and "programdata" folders in Immunet, and Immunet's (Program Files\Immunet, Program Files\Cisco\Immunet, Programdata\Immunet, Programdata\Cisco\Immunet) in Sophos.

I also tried Immunet with Kaspersky home free and I seem to remember it worked OK but did require each being added to the other's exclusions list to be stable.

On my Windows box, I currently use it in tandem with both F-Secure AV and Malwarebytes Premium with no issues (because Malwarebytes itself is also a "companion AV"). To ensure this will work with no problems, I enter each program and add the other two solutions' "Program Files" and "Programdata" folders as exclusions. You'd think it would drag it down but it works fine on a circa-2011 machine with 4GB RAM and a mechanical hard disk drive. That said, I don't use Windows much nowadays as am almost completely a full-time Linux user. The solution is probably overkill, especially for my limited usage, but it's a Windows box, it's the low-hanging fruit that all opportunistic crackers and social-engineering scammers go for. It's the weak point from which all my documents could get trashed or accounts compromised. I figure even it it's overkill, a year's protection from the two paid-for solutions still costs less than a single tank of fuel for your car.

[ritchie58]

Thanks for the additional input Zom!

Your absolutely right there once again! Hackers & malware authors will normally target the most used worldwide platforms as that gives them a better chance at success.

For that reason I have never relied on just one app to keep me safe, instead using a layered approach to my security set-up.

It sounds like you have a decent layered security set-up when you're not using Linux Zom!

I too don't mind paying for a product if it has desirable merits. That's why I'm currently using Panda Dome Pro as my primary AV as it has a built in VPN service & excellent efficacy against ransomware.

I added a topic in the 'Ideas' section of the forum a while back to include a secure VPN service with a new 'paid' version of Immunet. I still think that would be a great idea as that could be a possible money-maker for Cisco because VPN services are quite popular these days!  

A bit of product loyalty maybe as years ago I was already a voluntary alpha/beta tester using a VM for Panda Cloud AV as it was called back then, this is before I ever heard of Immunet to be honest. 

That's what got my attention when I first discovered Immunet! "Cool!" Another new cloud based AV I can Investigate. The rest is history I guess, lol!

In a way I feel almost privileged to be able to be on the ground floor when "the first two cloud based AV solutions on the planet" were still in it's infancy & "to be part of that development!"

Your friend, Ritchie...

[Messiah]

Forgive me for the late answer zombunny2, unlike what you said I think the security you put on your windows machine is completely fine and legitimate. Better be safe than sorry, as windows is the prime target of hackers.

As for myself, on my Windows I decided to go for Immunet + Avast/Kaspersky (in turn one month each) At first I wanted to go for Bitdefender but it's trying to force the uninstallation of Ummunet with no-compromise. I thought of installing Bitdefender first then exclude Immunet if it's possible, but I was a bit against it after some research as many people seems to say that there is an incompatibility from Bitdefender side, so maybe for later.

For a firewall, I'm going to try both Comodo firewall (best available now but have some bad points concerning pop-ups & adware) and Tinywall (currently using).
As for the finishing touch, ProtonVPN, 9Quad dns, Brave browser with extensions such as Brave shield, Duckduckgo Privacy Essentials, uBlock origin, and I'm considering some in-demand scanning software for malwares and spywares like HitmanPro.

I think that's what you can call overdoing, but I personally think it's alright. We only need to go through this once and you can rest easy with a peace of mind afterward. Also learning new stuff is fun and useful.

 

[ritchie58]

Thanks for the heads-up on Bitdefender Messiah! I guess I won't be endorsing that AV with Immunet users! I've heard of that before, some AV's will prompt you to delete the currently installed AV app & there's a reason for that.

Security experts actually agree that normally running two AV apps simultaneously can cause unforeseen problems. But that's where Immunet is different, it has been designed to be an additional security layer to your existing security set-up. Sometimes all that's needed is just an exclusion or two created to make everything compatible if need be.

You are running a number of security apps! The trick to using multiple security apps is finding ones that are (of course) compatible with each other or can made to be & don't use up excessive system resources when running together.

I do use a few security/privacy extensions for my browser of choice too. Currently I use No-Script, Browser Protect, Ghostery, Adblock Plus & Cookie AutoDelete.

Cheers, Ritchie...