Avast! virus scanner

Great, this has a GTK-based GUI scanner, as well as a commandline scanner. Avast! is a commercial product, but free for personal use. It requires a license key to use, which is sent via email.

Here is the project Linux-edition home:
http://www.avast.com/linux-home-edition

Here is a review, comparing virus scanners for Linux:
http://www.tuxradar.com/content/get-best-virus-scanner-linux

I have created a PET. This does not have the signature file. At first startup, it will ask for the license key, and has a button to go to the web page to obtain the key. Once that is provided, the program then sees that there is no signature file and offers to download it -- it is big, 44MB.

When I first did this download of the signature file, the program spat out an error message then quit:

An error occurred in Avast! engine: invalid argument

However, I found the solution here:
http://www.facebook.com/topic.php?uid=38282497425&topic=14021

I inserted this code into /usr/lib/avast4workstation/bin/wrapper-script.sh:

SHMMAX=`sysctl -n kernel.shmmax`
[ $SHMMAX -lt 128000000 ] && sysctl -w kernel.shmmax=128000000

Avast! PET (2.5MB, 2.7MB):
http://distro.ibiblio.org/quirky/pet_packages-common/avast-1.3.0-puppy.pet
http://distro.ibiblio.org/quirky/pet_packages-common/avast_NLS-1.3.0-puppy.pet

---

Comments

Avast


Avast av bug
Username: 8-bit
"I assume you have not tried the Update button yet. I did and update would fail. The solution to this is to edit /proc/sys/kernel/shmmax and change the value there to 128000000. But since you have made Avast available in a PET, I thought I would pass that along. This is in version 1.3.0 and I do not know if it effects other versions.

learning to read
Username: 8-bit
"I passed right over your fix for the error when reading your announcement on Avast. But I never edited the script like you did and instead, edited shmmax directly. I had read a review of linux antivirus packages and fprot failed to find viruses that Avast found so I installed Avast.

Avast
Username: Sage
"Ah yes, I remember it well from my former incarnation with my glazing escapades. Avast was regularly maligned as barely above scam status in many reviews. Plenty of spivs in the anti-virus games, one of the worst being Norton! Only ever got infected three times in a couple of decades with 3.1 & 98. The first via a email from a trade client which I intercepted immediately, a second when overly curious about promises of magic SW for free on a rogue site and more recently ~5yrs ago by a trojan of unknown origin. The first one was a very long time ago and a vigorous complaint led to five star treatment for many years by the company responsible, the second and third were easily detected and dealt with. Notwithstanding, it would be much more difficult for punters to manage their systems in any Linux distro as it is infinitely more complex in structure and digestible documentation written for users is almost absent. For ordinary folk sometimes there is merit in oversimplification, even bad coding - it's all there before your very eyes, warts and all! Avast? No thanks.

Virus found
Username: lobster
"here are my avast adventures . . . http://www.murga-linux.com/puppy/viewtopic.php?p=567118#567118 Just found another virus . . .

Cut out /sys
Username: BarryK
"Lobster, I see from your snapshot that Avast is locking up in /sys. ozsouth has the solution, exclude /sys. I would think also that you should exclude /proc. One would think think that Avast by default should be setup to exclude those. I wonder if I could put that into the PET?

more of the same
Username: Charles_Xavier
"Sage, Check your keyboard. Scarcely a day passes that something moronic doesn't escape from that thing. Might want to have it checked.

eh yes please . . .
Username: lobster
"[i]One would think think that Avast by default should be setup to exclude those. I wonder if I could put that into the PET?[/i] Hope so. 6 PH viruses, one Windows virus(when I did not even use it) and a system lock up, not even a complete scan - all before breakfast, is too much for me . . .

"6 PH viruses, one Windows virus(when I did not even use it) and a system lock up, not even a complete scan "
Username: Sage
"False positives, irrelevant listings, etc etc - can't say I didn't warn you! There are companies making $$$m offering 'dozers 'free on-line scans', finding non-existent malware and selling dud virus checkers on the back of it. Some of these spivs are so wide, their purchased detectors actually install malware! It's all recorded on the Interweb if you can sort the dross from the facts. Fortunately, not everyone is as ignorant as Charles_Xavier.

Stop Process to kill trojans
Username: cthisbear
"Avast >> is known 4 false positives. But if you have had viruses in Windows, you would do best to run the latest versions of RKill >> to stop processes by bleepingcomputer. They have good guides on their site. http://www.bleepingcomputer.com/download/anti-virus/rkill """" Hitman Pro...which gives you a one time free fix...and it scans over the net... http://www.surfright.nl/en ::::::: and use Malwarebytes Free Antimalware. http://www.malwarebytes.org/products/malwarebytes_free """"""""""" Rogue Killer Heavy duty Stop Trojan Processes running if >> rkill won't http://tigzy.geekstogo.com/Tools/RogueKiller.exe http://www.geekstogo.com/forum/files/file/413-roguekiller/ http://www.sur-la-toile.com/RogueKiller/ """"""" Kaspersky TDS Killer http://support.kaspersky.com/faq/?qid=208280684 http://support.kaspersky.com/downloads/utils/tdsskiller.zip """""""'' Combo Fix...use with care http://www.bleepingcomputer.com/combofix/how-to-use-combofix Majorgeeks... which has often mentioned a Puppy release has excellent downloads. http://majorgeeks.com/ Anti-Spyware http://majorgeeks.com/downloads31.html Anti-Virus http://majorgeeks.com/downloads29.html Chris.

Virus scam
Username: lobster
"Thanks guys Chris have put your links here http://puppylinux.org/wikka/VirusScam May try some of your solutions. Many thanks. Sage Avast seems to have grayed out/locked whilst still using CPU time. It is almost like a virus . . . Maybe as courtesy service for the Windows user . . . for Linux users it is curing a problem they do not have with a solution that does not work. Thanks to Barry for the reminder of Windowing hell (Puppy has rescued me from it) . . . some will find a use for Avast pet

Virii and malware
Username: Sage
"It was told to me that only a few immature kiddies bother with virii these days and most of those are based on patterns from yesteryear. For 419ers determined to relieve you of your hard earned, the last thing they want to do is disable your conduit to them! Apart from which, in 'dozey PCs virii can be cleansed via the registry (oh yes, it's still there in 7). Trojans, worms and the like want to clone you into the Host, rip off your address book and steal your passwords. A whole new coding regime pertains in Unix & derivatives which is neither within the capabilities of most crooks nor is the audience sufficient (yet!) to make it worthwhile developing for - and felons are lazy, by definition. At present, the criminal fraternity is concentrating on the mobile market; Nokia is about to hand them a glittering prize along with Samsung Omnia 7 owners. Stay smart is still the best maxim.

AV for Linux
Username: happypuppy
"Best AV scanner for Linux: The good old AntiVir commandline scanner is still the best IMO. Use this guide: http://www.murga-linux.com/puppy/viewtopic.php?t=32156 with the following changes: Step 5: Don't download the (outdated) key from the link in the forum thread. Get the latest key from here instead: http://dlce.antivir.com/down/windows/hbedv.key Step 6: Instead of using the generic -s switch, use a long, custom series of switches to maximise the detection rate/efficiency of the scanner. Run "./antivir --help" for more details. Alternatives: You can also use the superior cloud-based virus scanner VirusTotal: http://www.virustotal.com to scan individual files for Windoze viruses and malware. Happy cleaning :D

Viruses and monkeys
Username: happypuppy
"The correct plural is VIRUSES, not virii. and BTW, SeaMonkey 2.4 is out :)

The correct plural is VIRUSES, not virii.
Username: Sage
"Yes, I know that, but: a)it doesn't sound right with -es b)it sounds like another Americanisation c)Latin doesn't always defer to the Greek origin - it all depends...

exclusions
Username: 8-bit
"In my case, I just got through with a "full system scan" using Avast. Before I did the scan, I excluded "/sys, /proc, and /mnt". In excluding /mnt, I was trying to get away from scanning files twice. I should have left /mnt though and instead added /initrd/mnt. Anyway, after the scan, no infections were found. But it took a while as all of the /initrd/mnt locations were scanned and maybe that is duplication in scanning files.

Tags: puppy