J9B10 Posted August 31, 2022 Report Share Posted August 31, 2022 I want to test the cryptocurrency miner (SRBMiner-MULTI.exe), but Immunet makes the decision to block it. Immunet Alert: "Behavioral Protection detected malicious acttvty [Cryptocurrency Miner]. Remediation was unsuccessful." The internal virus code does not appear to use the virus code in the virus name white list. I have already whitelisted the miner's folder, and still the blockage continues. I realize that Immunet is not in user control. Immunet is a great antivirus, but the fact that it's not in the user's control is a horrible thorn in the side. Whitelist configuration does not obey user configuration. Immunet needs to be corrected to obey the user. I'm advanced in technology, so I know what I'm doing. I don't need an antivirus to make the decision for me. The "ASK ME" function should ask before making a decision, not make a hasty decision and then notify you later. Please fix this! Link to comment Share on other sites More sharing options...
ritchie58 Posted August 31, 2022 Report Share Posted August 31, 2022 Hi J, I did some research on the web & came across a few sites that said that the executable could be possibly malicious & contain a Trojan virus. Here are the web site URL's I ran across that stated that if you'd like to view them yourself. https://threatinfo.net/files/srbminer-multi.exe-8d5f4df31fc7318aad06afd9a1e817be https://www.reddit.com/r/MoneroMining/comments/8ftoc9/beware_srbminer_amd_miner_is_possibly_a_virus/ I know what you're saying about Immunet blocking processes or executables without the users' consent or input sometimes. I had a similar incident occur just recently with the CCleaner app. I too would like to decide for myself if an application or process needs quarantined or blocked beforehand. Your welcome to submit a new topic in the 'Ideas' section of the forum regarding this subject. Regards, Ritchie... Link to comment Share on other sites More sharing options...
ritchie58 Posted September 1, 2022 Report Share Posted September 1, 2022 Here's a few options that I thought of this evening that you may be interested in performing J9B10. Why not submit that .exe file for analysis with VirusTotal. After examining the file VirusTotal will tell you if any other AV vendor(s) is/are flagging the file as malicious.https://www.virustotal.com/gui/home/upload Also, once you're confident that this truly is a False Positive with Immunet you can submit a False Positive report directly to the devs at this URL.https://www.immunet.com/false_positive Cheers, Ritchie... Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now