number007 Posted March 5, 2012 Report Share Posted March 5, 2012 If you are getting alerts for "Clam.Heuristics.SWF.SuspectImage.Eas", it's likely a false positive. You can fix this by doing the following: - Open a terminal: Start->Run-> "cmd" - Type "sc stop ImmunetProtect" to stop Immunet from running - Go to C:\Program Files\Immunet\clamav - Delete daily.cvd and daily.cld (if present) - Go back to your terminal and type "sc start ImmunetProtect" to restart Immunet - In Immunet's control panel, go to "Settings" and make sure that "Allow Definition Updates" is turned on under "ClamAV Detection Engine" That's it. Link to comment Share on other sites More sharing options...
ritchie58 Posted March 6, 2012 Report Share Posted March 6, 2012 Hello number007, that's an interesting workaround. What was the security software that was causing the false positive? You could report the FP to that vendor. Perhaps they can "Whitelist" ClamAV's signatures. An easier and much simpler way to correct this type of FP would be to put Immunet's Program Files folder in your other security software's Exclusion or Safe Programs List. It's also a good idea to put whatever security/antimalware Program Files folder(s) you may have in Immunet's Exclusion List as well. When they're mutually excluded like this they should recognize each other as safe programs. That way you don't need to delete ClamAV's definition update signatures or turn Immunet off & on using CMD prompts. Those signatures are also necessary to maintain Immunet's off-line scanning capability. Regards, Ritchie... Link to comment Share on other sites More sharing options...
JasonR Posted March 15, 2012 Report Share Posted March 15, 2012 Thanks number007 for the information and welcome to the forum. The issue you described was indeed a false positive caused by a previous ClamAV definition update. This has since been remedied and updating to the latest definitions for the ClamAV detection engine solves the issue. Jason If you are getting alerts for "Clam.Heuristics.SWF.SuspectImage.Eas", it's likely a false positive. You can fix this by doing the following: - Open a terminal: Start->Run-> "cmd" - Type "sc stop ImmunetProtect" to stop Immunet from running - Go to C:\Program Files\Immunet\clamav - Delete daily.cvd and daily.cld (if present) - Go back to your terminal and type "sc start ImmunetProtect" to restart Immunet - In Immunet's control panel, go to "Settings" and make sure that "Allow Definition Updates" is turned on under "ClamAV Detection Engine" That's it. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.