Jump to content

Clam.heuristics.swf.suspectimage.eas


number007

Recommended Posts

If you are getting alerts for "Clam.Heuristics.SWF.SuspectImage.Eas", it's likely a false positive. You can fix this by doing the following:

 

- Open a terminal: Start->Run-> "cmd"

- Type "sc stop ImmunetProtect" to stop Immunet from running

- Go to C:\Program Files\Immunet\clamav

- Delete daily.cvd and daily.cld (if present)

- Go back to your terminal and type "sc start ImmunetProtect" to restart Immunet

- In Immunet's control panel, go to "Settings" and make sure that "Allow Definition Updates" is turned on under "ClamAV Detection Engine"

 

 

That's it.

Link to comment
Share on other sites

Hello number007, that's an interesting workaround. What was the security software that was causing the false positive? You could report the FP to that vendor. Perhaps they can "Whitelist" ClamAV's signatures. An easier and much simpler way to correct this type of FP would be to put Immunet's Program Files folder in your other security software's Exclusion or Safe Programs List. It's also a good idea to put whatever security/antimalware Program Files folder(s) you may have in Immunet's Exclusion List as well. When they're mutually excluded like this they should recognize each other as safe programs. That way you don't need to delete ClamAV's definition update signatures or turn Immunet off & on using CMD prompts. Those signatures are also necessary to maintain Immunet's off-line scanning capability. Regards, Ritchie...

Link to comment
Share on other sites

  • 2 weeks later...

Thanks number007 for the information and welcome to the forum. The issue you described was indeed a false positive caused by a previous ClamAV definition update. This has since been remedied and updating to the latest definitions for the ClamAV detection engine solves the issue.

 

Jason

If you are getting alerts for "Clam.Heuristics.SWF.SuspectImage.Eas", it's likely a false positive. You can fix this by doing the following:

 

- Open a terminal: Start->Run-> "cmd"

- Type "sc stop ImmunetProtect" to stop Immunet from running

- Go to C:\Program Files\Immunet\clamav

- Delete daily.cvd and daily.cld (if present)

- Go back to your terminal and type "sc start ImmunetProtect" to restart Immunet

- In Immunet's control panel, go to "Settings" and make sure that "Allow Definition Updates" is turned on under "ClamAV Detection Engine"

 

 

That's it.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...