Jump to content

Immunet Community Cloud

sweidre

By sweidre,
in Malware Detections

Recommended Posts

sweidre Newbie

sweidre

Posted
Posted

Hi,

 

If another in the system tray resident shield as Anti-Virus, Anti-Malware, Firewall, AntiLogger etc. block, clean, or quarantine a malware, will then this malware be also noticed by the Immunet Protect for reporting to the Immunet Community Cloud?:wub:'

 

Cheers,

sweidre

Link to comment
Share on other sites
sweidre Newbie

sweidre

Posted
  • Author
Posted

Hi,

 

If another in the system tray resident shield as Anti-Virus, Anti-Malware, Firewall, AntiLogger etc. block, clean, or quarantine a malware, will then this malware be also noticed by the Immunet Protect for reporting to the Immunet Community Cloud?:wub:'

 

Cheers,

sweidre

 

Hi again, hereby I reply to own question, because nobody has yet replied to my question, due to:

1. Nobody is not able to reply to it correctly, or

2. The question is not understood

 

If #2 applies, I will hereby reformulate my question a bit:

 

Besides Immunet FREE, I have in the system tray the following online shields: NOD32 Anti-Virus, Malwarebyres Anti-Malware, Emsisoft Anti-Malware, Zemana Antilogger, WinPatrol, and Task Catcher.

Of course, not all shields will detect a parasit (virus or malware) at the very same time! One of the shields will detect the parasit first!

 

If Immunet FREE will detect the parasit first, I take it for granted, that Immunet FREE will report and contribute it to the Immunet Community Cloud!

But if one of the other online shields will detect the parasit first and block, clean, or quarantine it, will then Immunet FREE be capable to report and contribute this parasit to the Immunet Community Cloud?

 

Cheers,

sweidre

Link to comment
Share on other sites
xarc Newbie

xarc

Posted
Posted

I guess not ... if NOD32 detect one malware and this malware it's not in Immunet database, then NOD32 must pass to Immunet the signature of this malware and I don't think NOD32 will report to Immunet this.

Just a supposition,

Link to comment
Share on other sites
sweidre Newbie

sweidre

Posted
  • Author
Posted

I guess not ... if NOD32 detect one malware and this malware it's not in Immunet database, then NOD32 must pass to Immunet the signature of this malware and I don't think NOD32 will report to Immunet this.

Just a supposition,

 

Hi Bogdan,

I agree, with you! I doubt also, that NOD32 will pass its found malware info to Immunet! This means, that if we have many malware shields in addition to Immunet, the possibility that Immunet get info of a malware found is very small! So, to have Immunet alongside another Anti-Virus is not so good, if we think of increasing the amount of threats, that we are protected from in the Immunet cloud! An increase of the amount of Immunet members will not increase the number of threats, that we are protected from, if the new members place Immunet together with an existing Anti-Virus software.

 

If we uninstall the other Anti-Virus software and only rely upon Immunet, the situation should be completely different! Then Immunet will hopefully catch the malware and of course report it to the "cloud"! On the other hand, I do not personally rely completely on Immunet, because it seems to me, that Immunet is not yet completely developed in all aspects yet! I want to see an inpartial review of Immunet compared with other well-known AV softwares first by testing the different AV softwares how they recognize and handle different virus and malwares!

 

Cheers,

sweidre

Link to comment
Share on other sites
Guest orlando

Guest orlando

Posted
Posted

Hi Bogdan,

I agree, with you! I doubt also, that NOD32 will pass its found malware info to Immunet! This means, that if we have many malware shields in addition to Immunet, the possibility that Immunet get info of a malware found is very small! So, to have Immunet alongside another Anti-Virus is not so good, if we think of increasing the amount of threats, that we are protected from in the Immunet cloud! An increase of the amount of Immunet members will not increase the number of threats, that we are protected from, if the new members place Immunet together with an existing Anti-Virus software.

 

If we uninstall the other Anti-Virus software and only rely upon Immunet, the situation should be completely different! Then Immunet will hopefully catch the malware and of course report it to the "cloud"! On the other hand, I do not personally rely completely on Immunet, because it seems to me, that Immunet is not yet completely developed in all aspects yet! I want to see an inpartial review of Immunet compared with other well-known AV softwares first by testing the different AV softwares how they recognize and handle different virus and malwares!

 

Cheers,

sweidre

 

Instead It's contrary: When another antivirus detects malware that is not relevant Immunet is added to the community when a different product finds a virus. I am sure of what I say because I read it while translating Immunet in Italian, an explanation explaining the issue.

 

Orlando

Link to comment
Share on other sites
millard@immunet.com Newbie

millard@immunet.com

Posted
Posted

It depends on the order in the stack (specifically I believe it's the filter driver Altitudes that determine this) of who sees the file first.

 

With Blocking Mode on, if Immunet Protect sees the file before any other AV, then it can mark it malicious and prevent another from seeing it. If it's not sure the file is malicious, it can send it to the cloud for further analysis, but allow the another AV to still detect and convict the file. If Immunet is not the first to see it, then another AV who may miss the detection will allow Immunet to still perform detection or send it to the cloud.

 

With Blocking Mode off, then things get a little different. If Immunet Protect is in front, the file is still written to disk which gives another AV a chance to detect it and we have a race condition of who is going to mark it malicious and quarantine the file. A separate AV can still stop us from detecting if they see the first.

 

Right now, it's NOT a bad thing to run Free with an additional AV.

Link to comment
Share on other sites
Guest orlando

Guest orlando

Posted
Posted

It depends on the order in the stack (specifically I believe it's the filter driver Altitudes that determine this) of who sees the file first.

 

With Blocking Mode on, if Immunet Protect sees the file before any other AV, then it can mark it malicious and prevent another from seeing it. If it's not sure the file is malicious, it can send it to the cloud for further analysis, but allow the another AV to still detect and convict the file. If Immunet is not the first to see it, then another AV who may miss the detection will allow Immunet to still perform detection or send it to the cloud.

 

With Blocking Mode off, then things get a little different. If Immunet Protect is in front, the file is still written to disk which gives another AV a chance to detect it and we have a race condition of who is going to mark it malicious and quarantine the file. A separate AV can still stop us from detecting if they see the first.

 

Right now, it's NOT a bad thing to run Free with an additional AV.

 

So to help more Immunet the "blocking mode" should be disabled? So if another antivirus detects a virus Immunet places it in the cloud.

 

Orlando

Link to comment
Share on other sites
Guest orlando

Guest orlando

Posted
Posted

Actually, it's better to have Blocking turned on. It gives us more time to look at the file, but there is a small performance hit so we have it turned off by default.

 

Okok I had already done a long time to hold on, I only had some problems with the translation of your previous topic.

 

Orlando

Link to comment
Share on other sites
xarc Newbie

xarc

Posted
Posted

It depends on the order in the stack (specifically I believe it's the filter driver Altitudes that determine this) of who sees the file first.

 

With Blocking Mode on, if Immunet Protect sees the file before any other AV, then it can mark it malicious and prevent another from seeing it. If it's not sure the file is malicious, it can send it to the cloud for further analysis, but allow the another AV to still detect and convict the file. If Immunet is not the first to see it, then another AV who may miss the detection will allow Immunet to still perform detection or send it to the cloud.

 

With Blocking Mode off, then things get a little different. If Immunet Protect is in front, the file is still written to disk which gives another AV a chance to detect it and we have a race condition of who is going to mark it malicious and quarantine the file. A separate AV can still stop us from detecting if they see the first.

 

Right now, it's NOT a bad thing to run Free with an additional AV.

 

No is not a bad thing with Free edition ... but can be "cheated" the others AV scanning ahead of them ? :ph34r:

Link to comment
Share on other sites
  • 4 weeks later...

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...