qwerty123 Posted August 4, 2019 Report Share Posted August 4, 2019 (edited) You may be interested to know that Windows Defender is detecting some immunet temp files as Trojan: JS/Foretype.A!ml This started happening 2 days ago, and has happened daily to me since. Their "more info" link, if useful: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Trojan%3aJS%2fForetype.A!ml&threatid=2147724342&enterprise=0 Edit: Uh, pasting images to your forum is terrible, they lose a ton of quality in the process, practically unreadable. Here: https://imgur.com/15VhZ3Y Edited August 4, 2019 by qwerty123 1 Link to comment Share on other sites More sharing options...
ritchie58 Posted August 5, 2019 Report Share Posted August 5, 2019 Great idea to include some screenshots qwerty123, much appreciated! Those are defiantly ClamAV update files being quarantined. Have you created an exclusion rule for Immunet's "entire Program Files folder" with Windows Defender yet? If not, give that a try. If you're using Win 10 & you're not sure how to create custom exclusion rules with WD here's a URL that may be helpful. https://www.windowscentral.com/how-exclude-files-and-folders-windows-defender-antivirus-scans Link to comment Share on other sites More sharing options...
ebloch Posted October 1, 2019 Report Share Posted October 1, 2019 (edited) I would like to know the folder location that Immunet uses for quarantined files so that I can add that folder as an exclusion for other scan programs. Win 7 64bit Immunet 6.5.0 The reason is that I run an unattended overnight batch doing back ups and other housekeeping and then on different nights runs scans using Immunet, Windows Defender, or AdAware. I would like to place each scanners quarantine folder as an exclusion in the other scanners. Edited October 1, 2019 by ebloch system problem Link to comment Share on other sites More sharing options...
ritchie58 Posted October 1, 2019 Report Share Posted October 1, 2019 Hello ebloch, Actually it has always been recommended that you create a exception/exclusion/allow rule for Immunet's "entire Program Files folder" with any compatible security software you run along side of Immunet. Doing this will, of course, also keep the quarantine files from being scanned by your other programs. Also, you should create an Exclusion rule with Immunet for the entire Program Files folder for AdAware, Windows Defender is excluded by default. Adding these exclusion rules to all the programs involved can really help to avoid any current or future conflicts! Cheers, Ritchie... Link to comment Share on other sites More sharing options...
ebloch Posted October 1, 2019 Report Share Posted October 1, 2019 I understand what you are suggesting but if a "bad operator" installs Immunet on his machine he knows this info and should be able to then deposit his payload someplace in that folder and it is then safe from scanning. That is also the problem Nirsoft and any other program that uses "hacking" like programs. For Nirsoft's programs I installed them on a USB stick and only placed the few apps I call from my batch on my HD and add them as exclusions. Link to comment Share on other sites More sharing options...
ritchie58 Posted October 1, 2019 Report Share Posted October 1, 2019 The quarantined file directory really shouldn't be manipulated in any way. That could cause undesirable consequences! Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now