Master_Kaina Posted September 10, 2016 Report Share Posted September 10, 2016 Hello, Perhaps I should have posted here instead? Please refer to my Immunet Security Advisory post in this forum. In a nutshell, the ImmunetSetup-5.0.0.exe installation file is flagged as a virus.win32.sality.at as well as the current downloadable upgrade file ImmunetSetup.exe . . . My research shows this is an EXTREMELY DANGEROUS file infector! Please advise . . . I have not uninstalled Immunet yet in hopes that this is a false positive, but I may do so anyway just in case. My old Immunet 3 installation file does not get flagged by any scanners so I may resort back to that. Thank you in advance for replying to my concerns! Sincerely, Mike P.S. Ok so this post is allowing files to be attached (the post I made in the Security Advisory forum did not). Below are screenshots (however it would not allow me to attach the two infected Immunet 5 setup files in question, reading "Error You aren't permitted to upload this kind of file"). Here is the most recent: Link to comment Share on other sites More sharing options...
ritchie58 Posted September 12, 2016 Report Share Posted September 12, 2016 "If a security company issued malicious installers they certainly wouldn't be in business for very long!" Obviously these are false positives Kaina. That's one of the main reasons why we rely on a boot-strapper installer for Immunet and don't normally issue off-line installers. Off-line installers can be changed by a hacker or other nefarious entity to include malicious code.Cheers, Ritchie... Link to comment Share on other sites More sharing options...
Master_Kaina Posted September 12, 2016 Author Report Share Posted September 12, 2016 "If a security company issued malicious installers they certainly wouldn't be in business for very long!" Obviously these are false positives Kaina. That's one of the main reasons why we rely on a boot-strapper installer for Immunet and don't normally issue off-line installers. Off-line installers can be changed by a hacker or other nefarious entity to include malicious code. Cheers, Ritchie... Thanks for your reply Ritchie, Not saying Immunet is purposely issuing "malicious installers" as you say, far from it. This of course is not to be taken for granted though, we both know that there are indeed "security" companies who have bundled unwanted components into their antivirus software (or worse). I like Immunet as a lightweight second layer of protection and I enjoy doing my part in allowing it to collect my data in order to benefit others in the community (and I don't mind contributing to Immunet's profits by doing so). I of course presumed these must be "false positives" which is I way I posted here rather than shredding the files, posting to outside blogs on a rampage to boycott Immunet but I don't get why the Immunet 5 installer(s) are setup differently than the most recent Immunet 3 installer before it. Just seems to me that non-expert power users such as myself would have more peace of mind not having to worry about any positives rather than having to decide whether or not to risk it. Why was the Immunet 5 installer created in such a way that it flags potential positives from scans rather than just keeping with the same as the Immunet 3 installer which is safe according to every scan? What's different about Immunet 5 which is causing this? I'm back to using Immunet 3 . . . The reminder pop-up I keep getting again to show Immunet 5 is available is fine, that's what made me upgrade to begin with, but why can't it just upgrade via an update rather than forcing the user to download a false positive installer? I'm obviously not a professional programmer but it seems strange to risk positives of any kind . . . Just seems logical to make the upgrade in a way so that there are no positives! Thanks again Ritchie! -Mike Link to comment Share on other sites More sharing options...
ritchie58 Posted September 13, 2016 Report Share Posted September 13, 2016 Hi Mike, I certainly understand your concerns about the false positives. I find that rather disconcerting myself and would also like an explanation as to why the installer is being flagged as malicious. That would have to come from someone in the development department. You're also right about software vendors bundling other products into their installers these days. Most do it for the extra revenue it creates. If installing new software one has to be careful what one clicks on during the install process or you may end up with stuff you didn't want. Best wishes, Ritchie... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.