Windows related question: Which AV would you trust?
GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Windows related question: Which AV would you trust?
I need to know if certain files are clean (it's a .zip file containing other windows related files). I scanned the zip with Clamav under Linux (through the ClamTK interface), and got a warning about some about some PUA.something (Potentially Unwanted Application; can't copy the exact warning atm since I'm not in my PC right now, but will do it when I get home). Then I booted a Windows XP VM, scanned the .zip with Malwarebytes (the free version), AVGfree and SpybotSD, and all of them told me the file was clean. I did a web search about the warning returned by ClamTK and found some threads in other forums -even in the Clamav forum, IIRC- where people claimed this is a fake positive due to Clamav detecting some type of packers (I think this is the word they used) that are present in some type of malware, but that can be present in clean files too.
So, after this explanation of the problem, which AV would you trust in this case? I've read that Malwarebytes is really good at detecting malware, so I'm thinking this might indeed be a fake positive, but still would like to hear other people's opinion on this.
If it is under 32 MB you can test it with VirusTotal, which will test the file with a whole bunch of different scanners.
Other than that, if only ClamAV claims to have found malware I would think that it really is a false positive.
Well I checked the file and got 2 positives and 30 negatives. ESET-NOD32 says it's a variant of Win32/Packed.VProtect.C, and Sophos says it's a Sus/UnkPacker. Even Clamav on VirusTotal says it's clean,and the Clamav Database was updated the July the 20th. BTW, the warning returned by ClamTK is PUA.Win32.Packer.PrivateExeProte-10.
I think I'm going to take the slight risk and use these files.
Going back to your subject line, I have used AVG Free for a number of years and it has served me well. They will make several attempts to sell their for-pay product before you actually reach the AVG Free download link.
I used to use F-Prot and also think highly of them, but they did away with their "free for home use" version. McAfee and Norton are far too clunky for my taste.
Malwarebytes is highly regarded by the denizens of alt.comp.virus. The free version is strictly an on demand scanner.
Yeah, I always use a combination of SpybotSD and AVGFree (the real free edition) and they both have worked good for me. Though I haven't used Malwarebytes too much, looks like a powerful AV too. As for Avast, I haven't used it yet.
Although I try not to get malware on Windows (the installed one, not the VM) I don't care too much either since almost the only thing I use it for is to play games, when I happen to play.
Wow '30 negatives and 2 positives'. I had no idea there were so many AV in there. BTW how much time did the entire analysis take? Whatever the time frame it, it definately is maddening.
I'm not sure how long did it take, but I think it was not too lonlg since I left it uploading the file for a few minutes and when I came back it had already uploaded it and scanned it. Anyway, it's an useful site, for cases like this.
Originally Posted by John VV
avg free version is good for XP
and so is ClamAV
clam has found things that Norton AV missed ( or allows - some "spyware / tracking softwere" Norton ALLOWS)
just run clam from a linux machine
What about AVGFree on Windows 7? Does it work fine there too? (I ask because I have a laptop with Win7 and AVGFree in it, so I'd like to know)
If they offer it, I'd have similar confidence to the XP version.
But that was also when I last used it. I don't do (local) mail on any version of Windoze these days.
I think it's the same version (I was wondering if it behaved the same on both Windows versions; I guess it does). As for mail, I don't use any email client on Windows and only download attachments (from the browser) when I'm completely sure they're safe.
Originally Posted by frankbell
In my experience, yes.
My Win 7 computer came with Avast on it. It seemed to work fine, but the level of nagging was unacceptably high. That's the main reason I ditched it.
I know what you mean, these programs that prompt you every 5 minutes for everything can be a real pain. That's the reason why I stopped using 3rd party firewalls on Windows. Now I only use Windows' own firewall and configure it to block everything. I don't browse the net too often from my windows installs, anyway (except when I'm at work).