Results 1 to 7 of 7
  1. #1
    2 Star Lounger
    Join Date
    Oct 2009
    Location
    Shoreline, Washington, USA
    Posts
    147
    Thanks
    0
    Thanked 1 Time in 1 Post



    PERIMETER SCAN

    Novel antivirus product works in the cloud


    By Ryan Russell

    I've been hearing about a new community-centric AV program that purports to use your social network to fight malware.

    The free version I looked at has some intriguing features, such as the ability to run along side other AV programs, but the community part seems something of a stretch.

    The full text of this column is posted at WindowsSecrets.com/2010/07/22/07 (paid content, opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.
    Last edited by revia; 2011-01-19 at 15:48.

  2. #2
    Lounger LilBambi's Avatar
    Join Date
    Dec 2009
    Location
    Virginia, USA
    Posts
    26
    Thanks
    1
    Thanked 1 Time in 1 Post
    Hi Ryan,

    This Immunet sounds very much like PrevX when they first started.
    Fran Parker, AKA Bambi, Linux User #183283, Ubuntu User #11114, CNI Radio
    BambisMusings, Tumblr, Twitter, Malware Complaints - Stand Up and be Counted!
    I cannot undertake to lay my finger on that article of the Constitution which grant[s] a right to Congress of expending, on objects of benevolence, the money of their constituents.
    --James Madison, 1794

  3. #3
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    First, let me note that in all my years of using Windows XP Pro on my old laptop, the only times I had to completely reinstall Windows were when I used Prevx CSI. The damned thing was not compatible with Zone Alarm Firewall, and killed Windows to the point where it could not even boot into Safe Mode. So much for on line scanners.

    If Immunet is anything like Threatfire, it is not a Native 64-bit program. I worry that this means it cannot do as good a job of protecting 64-bit Windows as a true Native 64-bit security program.

    As for a lack of rootkit scanning, I do not count this against a cloud-based AV product or service. Rootkits are best detected and removed when not connected to the Internet, due to their tendency to download additional malware when you are trying to remove them. And these infections often block your access to the AV vendors' web sites and servers anyway, so cloud-AV is not good for dealing with rootkits in any event. Threatfire does block many rootkits before they can become installed, and that is where it may offer a degree of protection not yet found in Immunet.

    Overall, as a secondary AV product, I like the idea of Immunet. And for those who never remember to update their AV products, this type of service is certainly better than an out of date desktop AV product. Let's keep watching this product and see where it ends up.
    -- Bob Primak --

  4. #4
    Lounger LilBambi's Avatar
    Join Date
    Dec 2009
    Location
    Virginia, USA
    Posts
    26
    Thanks
    1
    Thanked 1 Time in 1 Post
    I stopped using PrevX when they moved to the PrevX CSI model but others have used the free version with no ill effects and many used ZoneAlarm Free too.

    Still I am sure there are others who have had a problem with it. It was getting too hoggy for me. But you are right, it does great with prevention on rootkit installation.

    I like the idea of Immunet too. Certainly bears watching for sure. Great idea.
    Fran Parker, AKA Bambi, Linux User #183283, Ubuntu User #11114, CNI Radio
    BambisMusings, Tumblr, Twitter, Malware Complaints - Stand Up and be Counted!
    I cannot undertake to lay my finger on that article of the Constitution which grant[s] a right to Congress of expending, on objects of benevolence, the money of their constituents.
    --James Madison, 1794

  5. #5
    New Lounger
    Join Date
    Jan 2010
    Location
    Emeryville, California, USA
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I didn't know anything about PrevX, I'll look it over, thanks.

    It's worth noting that Zone Alarm is NOT on Immunet's compatible list, and has had problems at least in the past. Here's the Google cache of the KB article, I can't get the page to load at the moment:
    http://webcache.googleusercontent.co...&ct=clnk&gl=us

    I did not look into what Immunet does with 32/64-bit drivers. In fact, I didn't look into how it hooks and scans at all. If there's interest, I can follow up on that.

    At lot of malware will kill AV programs. If I had to guess, I'd say Immunet probably is enjoying a little obscurity right now, compared to other AV products. In terms of malware spotting it and shutting it down, anyway.

  6. #6
    New Lounger
    Join Date
    Oct 2003
    Location
    Lima, Ohio, USA
    Posts
    11
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Ryan asked for feedback - hope this is the right place: after reading about Immunet, I installed it & ran a full scan = no threats. The next morning it had found 2 "threats", both in an external drive used only for backups. One was in Display Fusion setup files (which I have used for about a year) & the other was from a recently downloaded program Free Studio/DVD VideoSoft. I am assuming these are false positives ... but how do I know for sure? I use MS Security Essentials as my main AV. I run Win7 64 bit OS.

  7. #7
    New Lounger
    Join Date
    Jan 2010
    Location
    Emeryville, California, USA
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hey mblankenship, yes, this is where I was looking for feedback, thanks!

    My favorite tactic to measure malware (shot of actually disassembling it myself) is to submit to virustotal.com and see what all the AV programs have to say about it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •