State of virus scanners on Linux?

Chat about Linux in general
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
User avatar
xenopeek
Level 25
Level 25
Posts: 29459
Joined: Wed Jul 06, 2011 3:58 am

State of virus scanners on Linux?

Post by xenopeek »

As virus scanners are coming up from time to time as a topic, I thought to give the free ones I could find a try to get some impressions. I chose to try them on Linux Mint 13 MATE 64 bit. Except for ClamAV and LMD I was unable to get any working, so I'm clearly disappointed and had expected less problems on a Ubuntu derivative distro. Did I make some errors, or miss some free virus scanners? Wondering about the experiences of others here.

And I'm hoping we can make this topic not about whether virus scanners are needed or not :) Defence in depth makes sense to me and I do share files with Windows systems.

Avast!
Downloaded the deb file from from http://www.avast.com/linux-home-edition. After installation visited http://www.avast.com/i_kat_207.php?lang=ENG for the mandatory (but free) registration for a 1 year license. After receiving the license key by email, ran avast from the terminal as from the GUI it wouldn't open. Entered the license key.

Running avast then fails with the following error:

Code: Select all

/usr/bin/avast: 178: /usr/bin/avast: /usr/lib/avast4workstation/bin/avast: not found
Running avastgui also fails, with the following error:

Code: Select all

/usr/bin/avastgui: 178: /usr/bin/avastgui: /usr/lib/avast4workstation/bin/avastgui: not found
Running avast-update works, but not much use without the other two...

Conclusion: fail :(

AVG
Downloaded the deb file from from http://free.avg.com/download.tpl-stdfull.prd-alf. It fails to install with the following error:

Code: Select all

Selecting previously unselected package avg2012flx.
(Reading database ... 152223 files and directories currently installed.)
Unpacking avg2012flx (from .../avg2012flx-r1793-a5062.i386.deb) ...
Setting up avg2012flx (2012.1793) ...
Installing 'avgd' service initscripts...
Registering 'avgd' service to runlevels...
 Adding system startup for /etc/init.d/avgd ...
   /etc/rc0.d/K20avgd -> ../init.d/avgd
   /etc/rc1.d/K20avgd -> ../init.d/avgd
   /etc/rc6.d/K20avgd -> ../init.d/avgd
   /etc/rc2.d/S20avgd -> ../init.d/avgd
   /etc/rc3.d/S20avgd -> ../init.d/avgd
   /etc/rc4.d/S20avgd -> ../init.d/avgd
   /etc/rc5.d/S20avgd -> ../init.d/avgd
Registering with license: LUWKJ-KBRC4-AABPT-QNJNP-DO9QI-M4FKI
/usr/bin/avgctl: 17: exec: /opt/avg/av/bin/avgctl: not found
dpkg: error processing avg2012flx (--install):
 subprocess installed post-installation script returned error exit status 127
Processing triggers for man-db ...
Errors were encountered while processing:
 avg2012flx
Conclusion: fail :(

Avira
Downloaded the "Avira Free Unix/Linux" from http://www.avira.com/en/download/produc ... -antivirus. Extracted the files and ran "sudo ./install" as given in the instructions. It fails to install with the following error:

Code: Select all

It is not possible to install AVIRA AntiVir Workstation (UNIX), because your system platform is not supported.
Conclusion: fail :(

BitDefender
While various websites are sharing you can download a free edition of BitDefender at http://www.bitdefender.com/business/ant ... nices.html, I could not find a free edition. Only a trial edition.

Conclusion: no longer free :(

ClamAV
Can easily be installed with a front-end by installing clamtk, as in:

Code: Select all

sudo apt-get install clamtk
Conclusion: while it works, the front-end takes a bit of getting used to as it isn't very user friendly IMHO. One of the reasons for me to try other free virus scanners.

F-Prot
A free edition of F-Prot can be downloaded at http://www.f-prot.com/download/home_use ... linux.html. But I couldn't find a 64 bit edition, only a 32 bit editon.

Conclusion: no support for 64 bit systems :(

Linux Malware Detect (LMD)
LMD is a malware scanner for Linux for the threats faced in shared hosted environments. A tarball can be downloaded from http://www.rfxn.com/projects/linux-malware-detect/, and is easily installed.

Conclusions: while it works, it isn't really meant for desktop use. If you run Linux in a shared hosted environment it is certainly something to explore! (If you have a Linux server hosted by somebody else, and unless you know the difference, assume it is in a shared environment.)
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Image
/dev/urandom

Re: State of virus scanners on Linux?

Post by /dev/urandom »

According to your logs, it seems that most of them "only work" on openSUSE, Fedora, Ubuntu or something and already fail when only one path is different or something. If I were you, I would simply file a bug report. :)
User avatar
xenopeek
Level 25
Level 25
Posts: 29459
Joined: Wed Jul 06, 2011 3:58 am

Re: State of virus scanners on Linux?

Post by xenopeek »

I'd be happy to do that, but I find it surprising so many fail to work with a Ubuntu derivative. While Linux Mint adds to Ubuntu, it doesn't change paths for Ubuntu provided files. Hence my disappointment.
Image
/dev/urandom

Re: State of virus scanners on Linux?

Post by /dev/urandom »

Do they work on Ubuntu then?
User avatar
xenopeek
Level 25
Level 25
Posts: 29459
Joined: Wed Jul 06, 2011 3:58 am

Re: State of virus scanners on Linux?

Post by xenopeek »

AVG gives the same error on Ubuntu 12.04. Avast! might work on Ubuntu, but it would surprise me. Even so, with BitDefender not being free any longer, F-Prot and apparently Avira not supporting 64 bit, having only Avast! as an option besides ClamAV is slim pickings.
Image
/dev/urandom

Re: State of virus scanners on Linux?

Post by /dev/urandom »

According to the internet (here) the trial version of BitDefender has some button to claim a free key?
marko_s

Re: State of virus scanners on Linux?

Post by marko_s »

Just tried Avast myself, and I have to say I am not impressed :(

I use 64-bit system, and the downloaded .deb is... 32-bit. Okay, installed it anyway, it might still work...

Got the free registration key, put it in before I could even open the program, the program opens... and it is just ugly, like something out of the 1990's :shock: A dull grey window that doesn't entirely fit my Linux Mint 13 screen and cannot be resized :lol:

Tried to update the virus signatures (which were from 2009, like the program itself), and... it crashes. Now it won't even restart. Maybe after I restart the computer? Haven't bothered to do that yet.

Yeah, at least Clamav works, and it really seems to be the only option left what comes to anti-virus software on Linux :? Then again, there still isn't much use for a virus scanner on Linux *fingers crossed* :)

EDIT 1:

Bitdefender was actually a pretty nice program last time I used it. Too bad to hear that it isn't free for home use anymore - on the website there was only talk about "trial version" - whatever that means in this case - do you have to pay for it after a while? Is it still free for home use? What's the deal? They used to have the repositories somewhere, but I couldn't locate them anywhere on the site (which is extremely hard to navigate anyway). :?

EDIT 2:

I removed the Avast package from my computer, I really have no interest messing with it now. It could be that the problem was that it was a 32-bit package on a 64-bit system. I remember trying Avast on a 32-bit Ubuntu sme years ago, and it looked better and if I remember correctly it also actually worked. But it is clear that the Linux version hasn't been updated at least since 2009. So yeah, no Avast :roll:
Klaw117

Re: State of virus scanners on Linux?

Post by Klaw117 »

The link below will give you a free license for BitDefender after filling out the information. You'll be mailed a key to use and judging by what BitDefender says, it should be good for a year before you have to re-apply for a free license key.

http://www.bitdefender.com/site/Product ... erLicense/
User avatar
xenopeek
Level 25
Level 25
Posts: 29459
Joined: Wed Jul 06, 2011 3:58 am

Re: State of virus scanners on Linux?

Post by xenopeek »

BitDefender looked promising for a few minutes, and the GUI is actually quite nice. They have a repository of deb and rpm packages, so you can easily install it with a few commands and also keep your program up to date automatically. Awesome! You can install it with:

Code: Select all

wget http://download.bitdefender.com/repos/deb/bd.key.asc -O - 2>/dev/null | sudo apt-key add -
sudo apt-add-repository 'deb http://download.bitdefender.com/repos/deb/ bitdefender non-free'
sudo apt-get update
sudo apt-get install bitdefender-scanner-gui bitdefender-common
After installation, there is no menu entry but you can launch it with:

Code: Select all

bdgui
or the console version with:

Code: Select all

bdscan
As shared in the comments earlier, you have a 30 day trial but the GUI includes a link to get a 1 year free license. After updating the virus signatures, trying to scan results in a:

Code: Select all

Segmentation fault
Scanning from the console has the same result.

Conclusion: fail :(
Image
marko_s

Re: State of virus scanners on Linux?

Post by marko_s »

It might be that these virus scanners just won't work on a 64-bit systems too well?
eanfrid

Re: State of virus scanners on Linux?

Post by eanfrid »

It is quite surprising. I was still using Bitdefender last year on my 64bit desktop (pure-Debian Testing) and it was running ok :shock: Since then and because BD is not free and not open-source I switched again to clamav only, which is growing better and better as time goes on. I will try again on a VM :?

Edit: if you go for live-media, there is http://download.bitdefender.com/rescue_cd/2013/ (Ubuntu) and http://www.avg.com/us-en/avg-rescue-cd-download (Debian)

Edit2: I forgot http://www.freedrweb.com/livecd/ but it runs on a Gentoo and is more oriented toward Windows scan/rescue.
Last edited by eanfrid on Sat Jul 21, 2012 12:35 pm, edited 5 times in total.
Klaw117

Re: State of virus scanners on Linux?

Post by Klaw117 »

I ran into the Segmentation Fault error as well. However, there is a way around it using a few terminal commands. I'll edit this once I find them again.

EDIT: There are two solutions to this. The first is to use these commands:

Code: Select all

sudo rm /opt/BitDefender-scanner/var/lib/scan/bdcore.so

Code: Select all

sudo ln -s /opt/BitDefender-scanner/var/lib/scan/bdcore.so.linux-x86_64 /opt/BitDefender-scanner/var/lib/scan/bdcore.so
People on other forums stated that these two commands alone work. However, there was a second solution and since I wasn't sure which one to use, I decided to use both. The second solution is to use these two commands:

Code: Select all

sudo -i

Code: Select all

cat /opt/BitDefender-scanner/var/lib/scan/versions.dat.* |awk '/bdcore.so.linux/{print $3}'|while read bdcore_so;do touch /opt/BitDefender-scanner/var/lib/scan/$bdcore_so;bdscan --update;ln -s /opt/BitDefender-scanner/var/lib/scan/$bdcore_so /opt/BitDefender-scanner/var/lib/scan/bdcore.so;done
For some reason, putting sudo before cat /opt... didn't allow the command to run as a superuser, which required me to VERY BRIEFLY use the root account. If you know how to make the cat /opt... command run as a superuser without sudo -i, then use what you know instead since it will probably be safer.

In my case, I used the first solution before using the second solution because I believe I read something saying that the second solution would not work unless bdcore.so was removed first, which I believe the first solution accomplishes with the rm /opt... command. I may be wrong though - my knowledge of Linux is still very basic.

I found the solutions here...:
http://forum.bitdefender.com/index.php?showtopic=30005

...and an explanation for the error here:
http://unices.bitdefender.com/2011/11/0 ... or-unices/
User avatar
xenopeek
Level 25
Level 25
Posts: 29459
Joined: Wed Jul 06, 2011 3:58 am

Re: State of virus scanners on Linux?

Post by xenopeek »

Thanks Klaw117, I haven't tried that yet but it looks promising. Still, it does underwrite my concern about the state of virus scanners on Linux. They seem to be not well supported, or at least not working out-of-the-box on Ubuntu or its derivatives. Given the user base of Ubuntu I would expect virus scanners for home users to be much better supported on it.

So for now, I'll agree with eanfrid and be happy to recommend ClamAV to users asking about a virus scanner on Linux. Seems to be little point in recommending any of the other solutions to average users.
Image
Klaw117

Re: State of virus scanners on Linux?

Post by Klaw117 »

Just thought I'd throw this in. I don't really understand your error with avast!, but I read the post below that may help you out. It helped me get avast! working for me.

http://ubuntuforums.org/showpost.php?p= ... ostcount=5

Oddly enough, I didn't need to force avast! on my 64-bit machine. It seemed to work right after installing and applying the fix above. It might have been because I already installed the 32-bit libraries for my AMD driver. I switched over to avast! from BitDefender after reading that avast! had better detection rates and had automatic updates.
tancrackers

Re: State of virus scanners on Linux?

Post by tancrackers »

Kaspersky also has a program for Linux. It's mainly for email and servers.
ESET Nod32 has a fantastic full antivirus (paid) for Linux.
Bitdefender's on-demand scanner no longer works for me ever since gnome 3.x
nomko

Re: State of virus scanners on Linux?

Post by nomko »

The discussion of using an anti-virus tool goes on for many years now. When I started using Linux in 2007, the discussion was already going on. I think there are a few situations for using or not using an anti-virus tool under Linux:
- Standalone Linux system with a wired/wireless connection to the internet
- Linux system integrated in a network which also has Windows systems integrated and with a wired/wireless connection to the internet
- None of above
Then there’s the situation which we all deal with, namely sharing files with Windows-users.

Keep in mind that any file which contains a virus, Linux stores that file with the virus included! The use of different filesystems (Ext3/Ext4 or NTFS) has no effect on the virus itself. The source code of the virus will not be modified or what so ever. The only difference is that Windows viruses will never work on Linux systems due to the major difference in the operating system architecture. The only variation on this statement is, when Windows programs are indeed installed on Linux systems by means of tools like WINE or VirtualBox. Then the Windows virus will do have impact, but only on the Windows programs and not on Linux.

If we take the first situation of the standalone system with only a connection to the internet then an anti-virus tool would be not needed. Unless the user shares files with a Windows-user through the internet, an anti-virus tool would be of assistance. But then the question will rise if we, as Linux users, are responsible for the safety and security of the system of a Windows-user. Meaning, do we need to scan the files we send to the Windows-user for viruses? Yes and no. Yes, to prevent that computer viruses can spread out and no, it is the full responsibility of each individual computer user to secure its own system well.

If we take the second situation of a network in which Linux as well Windows systems are integrated, yes, then we do need an anti-virus tool to avoid unwanted infection of any Windows system through the Linux systems. This situation makes it clear that anti-virus tools installed on Linux systems are very useful. No further explanation required here.

It is clear to say that a Linux system which is not connected to the internet or a network really doesn’t need an anti-virus tool. Unless it is used to share files with a Windows-user ofcourse.

Overseeing my opinion, I can only conclude that the use of an anti-virus tool is only required when the Linux-user is sharing files with a Windows-user. Whether this is done a network connection, through the internet of by using memory cards, USB sticks, CD’s or DVD’s, when a Linux-user shares an infected file with a Windows-user, the Windows system will be infected with that virus which is not noticed by the Linux-user.

Are we, as Linux-users, responsible for the security of the system of a Windows-user? No, we are not! But we can help Windows-users of not getting infected by scanning the files first before we share it with Windows-users. See this as being polite to Windows-users.

But then again, we can make the decision ourselves if we want to use an anti-virus tool or not.
marko_s

Re: State of virus scanners on Linux?

Post by marko_s »

<- Exactly what nomko said.

I think the virus scanner situation in Linux will get a boost only if Linux becomes a much more popular platform for home desktop use. That would probably bring up more viruses and malware directed specifically at Linux systems, hence the bigger need for more up-to-date virus scanners.

So maybe the present situation should be thought of as good - virus scanners in Linux systems are haphazard because the threat level from viruses and malware is so much more low than in Windows systems :mrgreen:
User avatar
Pierre
Level 21
Level 21
Posts: 13182
Joined: Fri Sep 05, 2008 5:33 am
Location: Perth, AU.

Re: State of virus scanners on Linux?

Post by Pierre »

BitDefender
While various websites are sharing you can download a free edition of BitDefender at http://www.bitdefender.com/business/ant ... nices.html, I could not find a free edition. Only a trial edition.

Conclusion: no longer free :(
I've been using this for - years :)

the "trial" is renewed annually - by re-applying for a new 'key' - takes about 30s
It is used for home/personal use - ever since it was installed on Mint from a DEB file.
it's on two dual boot PCs - Mint/XP - so it is used to 'check the XP' partition - not to check the linux partition . . .
Works - Just Fine.
Image
Please edit your original post title to include [SOLVED] - when your problem is solved!
and DO LOOK at those Unanswered Topics - - you may be able to answer some!.
AbdRahim

Re: State of virus scanners on Linux?

Post by AbdRahim »

Bit Defender works in Ubuntu, but crashes in Mint 14. None of the fixes worked here. :(
Skara Brae

Re: State of virus scanners on Linux?

Post by Skara Brae »

I am not going to install a virus scanner, because Windows users (which I am, too, for the record) are too "careless".

As a Windows user, I am not careless. (Well, usually I am not :P But if I ever get a virus, then I will blame only myself.)

At my Windows computers, I have had a virus scanner only once - Panda Antivirus - for a year (may have been 2), and I have had a virus only once: it destroyed a dozen or so files (mp3's, clips, Office documents). Now and then I do a few online virus scans in Windows. They never find anything. (How trustworthy are such online scans?)
Locked

Return to “Chat about Linux”