[ale] Free, trustworthy, anti-virus software

krwatson at cc.gatech.edu krwatson at cc.gatech.edu
Wed Jul 21 08:44:27 EDT 2010 

> -----Original Message-----
> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of
> Michael B. Trausch
> Sent: Tuesday, July 20, 2010 22:33
> To: Atlanta Linux Enthusiasts - Yes! We run Linux!
> Subject: Re: [ale] Free, trustworthy, anti-virus software
> 
> On Tue, 2010-07-20 at 14:11 -0400, krwatson at cc.gatech.edu wrote:
> > I recently ran into my first problem. I have an external hard drive
> > that I keep all my security utilities on. There are a number of the
> > utilities that are considered malware by virtually all anti-virus
> > vendors which means they keep deleting them. The solution is to set an
> > exclusion for the external hard.
> >
> > The problem is the latest version of F-Prot will not let you exclude
> > an entire drive. Even Microsoft Security Essentials will let me
> > exclude an entire drive.
> >
> > Sigh :(  I will have to find another solution.
> 
> Uhm, so the question needs to be asked: what sort of utilities are
> (apparently falsely) flagged as malware?  Is there no way to contact these
> vendors and have them fix their software, or no way to put such utilities
> in a single folder and have your F-Prot ignore just that one single
> folder?
> 
> I'd be pretty leery about bypassing any folders on a scan, unless I were
> keeping a suite of viruses, malware, and etc., for who-knows-what reason.
> Just my own 2¢, of course.
> 
> 	--- Mike

I work in information security and some of the tools I have are considered malware. Here are a few examples: several of the Foundstone utilites, the Windows password changer which I use to get back into systems where they have lost the password, my ICAR test file, and of course actual malware.

I have also had instances where an anti-virus update comes out and they delete utilities that they had no problem with for years and then when the next update comes out they ignore them again. I chalk this up to random false positives. E-Policy Orchestrator (EPO) is the most aggressive offender so far. The first time I installed it resulted in dozens of deleted utilities.

keith

-- 

Keith R. Watson                        Georgia Institute of Technology
Systems Support Specialist IV          College of Computing
keith.watson at cc.gatech.edu             801 Atlantic Drive NW
(404) 385-7401                         Atlanta, GA 30332-0280

More information about the Ale mailing list