m0unds Posted August 22, 2010 Report Share Posted August 22, 2010 i submitted this in a ticket on the 5th, but never heard back -- i've been finding that immunet (ui) communicates a bad path for detections of objects in %userprofile% - for windows 7/vista, it still uses the conventional XP C:\documents and settings\etc\etc as the path for a detection in the profile directory. related: after it detected a fp (which i've already submitted) it's since been detecting the same exact file over and over in a weird recursive fashion. 1. detected and quarantined the fp, i added it to exclusions but didn't unquarantine it because it wasn't a big deal (part of a realtek installer, detection name is blank) 2. same detection again, as BIT24C8.tmp in the %userprofile%\Temp directory. quarantined again. 3. scheduled scan ran again, detected it in %userprofile%\%userprofile% (which, related to my first issue shows up as c:\documents and settings\username\application data\application data) and on subsequent detections, it's shown up as such: c:\documents and settings\username\application data\application data\application data\application data\application data\application data\application data\application data\application data\Temp\BIT24C8.tmp etc etc, with each additional "application data" folder matching up with each scan and detection of that "infected" file. Link to comment Share on other sites More sharing options...
m0unds Posted August 22, 2010 Author Report Share Posted August 22, 2010 i've attached a screenshot of the recursion thing i described (apopch.exe being the fp i submitted and the tmp files being created after the detected file has been quarantined, and the *.zip file being where it found apopch.exe to begin with.) Link to comment Share on other sites More sharing options...
Guest orlando Posted August 22, 2010 Report Share Posted August 22, 2010 This is a problem that I also have, what happens on Windows Vista and 7, and has no definite solution, it is a system problem and not anti-virus products, as most run into this problem, Microsoft has not yet posted a solution. However I found a solution made from the makers of AVG for our probem (is in Italian, is not likely to help). And 'here: the http://www.avg-antivirus.it/support/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=199 you can translate with google translator, but I still have this problem as a step in the guide is not me possible (my problem, see if you've got you too). I hope this helps. Let me know, Regards, Orlando Link to comment Share on other sites More sharing options...
m0unds Posted August 22, 2010 Author Report Share Posted August 22, 2010 it seems like immunet's scanning into the legacy path and isn't aware of junction points present there (symlink from documents and settings to users, or however it's implemented) it's still in need of some sort of workaround. the immunet client hung up on scanning the directory yesterday and scanned for 7 hours with 2 million files scanned before i stopped it. regarding that workaround, it's not applicable in my case as the permissions are set to default (deny list folder/read data) Link to comment Share on other sites More sharing options...
Guest orlando Posted August 22, 2010 Report Share Posted August 22, 2010 it seems like immunet's scanning into the legacy path and isn't aware of junction points present there (symlink from documents and settings to users, or however it's implemented) it's still in need of some sort of workaround. the immunet client hung up on scanning the directory yesterday and scanned for 7 hours with 2 million files scanned before i stopped it. regarding that workaround, it's not applicable in my case as the permissions are set to default (deny list folder/read data) My same problem, I fear that there isn't a solution, I turned on the internet for months looking for one. Orlando Link to comment Share on other sites More sharing options...
m0unds Posted August 22, 2010 Author Report Share Posted August 22, 2010 My same problem, I fear that there is a solution, I turned on the internet for months looking for one. Orlando well, i've used lots of different security software in testing for work (vista & w7 environment) and this sort of recursion cascade hasn't occured with any of the other suites or standalone products i've tried (including kaspersky, norton, mcafee, comodo, prevx, vipre, etc) so it's just a matter of figuring out how to keep the scanning agent from doing it. i bet they'll figure something out. Link to comment Share on other sites More sharing options...
Guest orlando Posted August 23, 2010 Report Share Posted August 23, 2010 well, i've used lots of different security software in testing for work (vista & w7 environment) and this sort of recursion cascade hasn't occured with any of the other suites or standalone products i've tried (including kaspersky, norton, mcafee, comodo, prevx, vipre, etc) so it's just a matter of figuring out how to keep the scanning agent from doing it. i bet they'll figure something out. In my tests on this problem, many security software run into this problem (I mention no names) including Immunet. Sometimes too many cleaner found this error and continue indefinitely (I do not names). Regards, Orlando Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.