Closed anon-private closed 6 years ago
dave-theunsub
commented
6 years ago Hi,
Please provide a little more detail. If you're using an old version of Kubuntu, you should try installing the "legacy" version. If it's recent you should be able to install the "non-legacy" version.
Are you getting an error message of some kind?
Also, no, ClamAV is typically an "on-demand" scanner.
respectfully Dave M
anon-private
commented
6 years ago Hello, I have been told that clamav and clamtk are not useful in the kubuntu environment. I would welcome your comments regarding the usefulness of the anti-virus programme in a kubuntu environment. I am primary concerned with the safety and security of my machine. Thanks
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Saturday, 23 December 2017, 16:34:51 GMT, Dave M <notifications@github.com> wrote: Hi,
Please provide a little more detail. If you're using an old version of Kubuntu, you should try installing the "legacy" version. If it's recent you should be able to install the "non-legacy" version.
Are you getting an error message of some kind?
Also, no, ClamAV is typically an "on-demand" scanner.
respectfully Dave M
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Hi,
Good but tough question. It's partially true with the following caveats:
The only reason I added things like "select a directory" and automated scans was because that's what users expected in an antivirus. It was only supposed to be for scanning files you're receiving or prior to sending.
To summarize, it's useful as a tool, but also incorporate other security strategies like:
Hope this helps! Let me know if you have other questions.
respectfully Dave M
anon-private
commented
6 years ago Hello, You seem to be saying that clamav and clamtk are not needed in kubuntu, other than for scanning files to be sent to others who use Windows systems. If this is so, then I intend to remove clamav and clamtk from my system. If I have misunderstood you. let me know. I assume that my repository has clam to install only for the purpose mentioned above.
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Sunday, 24 December 2017, 06:36:05 GMT, Dave M <notifications@github.com> wrote: Hi,
Good but tough question. It's partially true with the following caveats:
The only reason I added things like "select a directory" and automated scans was because that's what users expected in an antivirus. It was only supposed to be for scanning files you're receiving or prior to sending.
To summarize, it's useful as a tool, but also incorporate other security strategies like:
Hope this helps! Let me know if you have other questions.
respectfully Dave M
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Hi,
I'm only saying it's another tool that can be used in your defensive plan. If, how, when, and why you use it is up to you. Some people like to use it because it's easy to right-click a file or directory and quickly scan it. And that's fine. Others don't feel they need it. That's fine too. The good thing is that you take security seriously.
Hope this helps.
respectfully Dave M
anon-private
commented
6 years ago I don't think that I can right click and scan a file in my version of clam I was surprised at the size of the huge file that contains the signatures. I am obviously underestimating the threats. But these threats are essentially for Windows users to worry about. Best wishes
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Sunday, 24 December 2017, 14:38:17 GMT, Dave M <notifications@github.com> wrote: Hi,
I'm only saying it's another tool that can be used in your defensive plan. If, how, when, and why you use it is up to you. Some people like to use it because it's easy to right-click a file or directory and quickly scan it. And that's fine. Others don't feel they need it. That's fine too. The good thing is that you take security seriously.
Hope this helps.
respectfully Dave M
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
anon-private
commented
6 years ago I forgot to ask. Is clam designed to detect viruses and malware written for Linux systems
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Sunday, 24 December 2017, 14:38:17 GMT, Dave M <notifications@github.com> wrote: Hi,
I'm only saying it's another tool that can be used in your defensive plan. If, how, when, and why you use it is up to you. Some people like to use it because it's easy to right-click a file or directory and quickly scan it. And that's fine. Others don't feel they need it. That's fine too. The good thing is that you take security seriously.
Hope this helps.
respectfully Dave M
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago There are addons that can be downloaded from the home page here.
There are signatures for Linux malware. Running sigtool --list-sigs |grep -i linux will list some, but not all, of them.
respectfully Dave M
anon-private
commented
6 years ago I believe that my system uses KDE 4 (kubuntu 14.04). Which addon download would be the most appropriate. When I type freshclam into the terminal am I upgrading the signatures from the kubuntu repository, or from a clam repository? I assume that they overwrite the existing file.
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Sunday, 24 December 2017, 14:54:12 GMT, Dave M <notifications@github.com> wrote: There are addons that can be downloaded from the home page here.
There are signatures for Linux malware. Running sigtool --list-sigs |grep -i linux will list some, but not all, of them.
respectfully Dave M
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
anon-private
commented
6 years ago I see them. I find the terminology confusing. They all end in Linux, but most begin with win. Only two begin with Unix
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Sunday, 24 December 2017, 14:54:12 GMT, Dave M <notifications@github.com> wrote: There are addons that can be downloaded from the home page here.
There are signatures for Linux malware. Running sigtool --list-sigs |grep -i linux will list some, but not all, of them.
respectfully Dave M
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago I assume clamtk-kde would be best, assuming you use only KDE.
Signatures come from ClamAV, not from a repository. I don't name them. :)
respectfully Dave M
anon-private
commented
6 years ago Thank you Happy Christmas
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Sunday, 24 December 2017, 15:16:42 GMT, Dave M <notifications@github.com> wrote: I assume clamtk-kde would be best, assuming you use only KDE.
Signatures come from ClamAV, not from a repository. I don't name them. :)
respectfully Dave M
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
anon-private
commented
6 years ago I downloaded the Debian file Unfortunately, I do not have the dependencies for the installation
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Sunday, 24 December 2017, 15:16:42 GMT, Dave M <notifications@github.com> wrote: I assume clamtk-kde would be best, assuming you use only KDE.
Signatures come from ClamAV, not from a repository. I don't name them. :)
respectfully Dave M
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
anon-private
commented
6 years ago I have just installed some updates from the repository at kubuntu. One of the updates was clamtk. My system warned me that this package has not been verified. I have installed it, but thought that you might consider verification. All the best
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Sunday, 24 December 2017, 15:16:42 GMT, Dave M <notifications@github.com> wrote: I assume clamtk-kde would be best, assuming you use only KDE.
Signatures come from ClamAV, not from a repository. I don't name them. :)
respectfully Dave M
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Hi,
See if sudo apt-get -f install does the trick with dependencies.
The warning is because it was not officially built in the repos. You can still check if it's digitally signed by me by following these instructions. Scroll down to the "integrity" portion.
anon-private
commented
6 years ago I see Building dependency tree Reading state information... Done E: Unable to locate package clamtk-kde_0.18-1_all.deb E: Couldn't find any package by regex 'clamtk-kde_0.18-1_all.deb'
The package is in my Downloads folderThe command was executed from this folder
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Monday, 25 December 2017, 08:59:56 GMT, Dave M <notifications@github.com> wrote: Hi,
See if sudo apt-get -f install does the trick with dependencies.
The warning is because it was not officially built in the repos. You can still check if it's digitally signed by me by following these instructions. Scroll down to the "integrity" portion.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Oh, okay, sorry - I misunderstood.
Do sudo dpkg -i clamtk-kde_0.18-1_all.deb if you're in that directory.
anon-private
commented
6 years ago I see Selecting previously unselected package clamtk-kde. (Reading database ... 179914 files and directories currently installed.) Preparing to unpack clamtk-kde_0.18-1_all.deb ... Unpacking clamtk-kde (0.18-1) ... dpkg: dependency problems prevent configuration of clamtk-kde: clamtk-kde depends on clamtk (>= 5.00); however: Version of clamtk on system is 4.45-1.
dpkg: error processing package clamtk-kde (--install): dependency problems - leaving unconfigured Processing triggers for man-db (2.6.7.1-1ubuntu1) ... Errors were encountered while processing: clamtk-kde
Looks like I am out of luck
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Monday, 25 December 2017, 12:12:18 GMT, Dave M <notifications@github.com> wrote: Oh, okay, sorry - I misunderstood.
Do sudo dpkg -i clamtk-kde_0.18-1_all.deb if you're in that directory.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Hi,
You didn't install the updated version of clamtk as stated here.
anon-private
commented
6 years ago I have GUI version 4.45 installed. Do you mean that I should install the legacy version 5.25_1.legacy? I note that my repository can update, but will it revert the legacy version to 4.45? Thanks
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Monday, 25 December 2017, 13:02:03 GMT, Dave M <notifications@github.com> wrote: Hi,
You didn't install the updated version of clamtk as stated here.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Legacy is only for older Debian/Ubuntu systems. Try the non-legacy first.
anon-private
commented
6 years ago I believe that I have installed the non-legacy 5.25-1. But the clamtk interface is still showing the previous version. I may need to reboot the machine. In addition, on clicking the Debian file to install, six other files needed to be installed. I believe that these files have also been installed Would you expect a reboot to be necessary to effect the changes?
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Monday, 25 December 2017, 16:43:31 GMT, Dave M <notifications@github.com> wrote: Legacy is only for older Debian/Ubuntu systems. Try the non-legacy first.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
anon-private
commented
6 years ago I installed the non-legacy version of clamtk and when I click on the clam icon the programme starts but then fails - no messages, it just exits.
The only thing that I can think of to do is to uninstal clamtk using the repository, and then re-install it from the repo. What do you think? Thanks
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Monday, 25 December 2017, 16:43:31 GMT, Dave M <notifications@github.com> wrote: Legacy is only for older Debian/Ubuntu systems. Try the non-legacy first.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
anon-private
commented
6 years ago Additional info. From the command line clamtk Icon 'gtk-new' not present in theme at /usr/share/perl5/ClamTk/GUI.pm line 284.
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Monday, 25 December 2017, 16:43:31 GMT, Dave M <notifications@github.com> wrote: Legacy is only for older Debian/Ubuntu systems. Try the non-legacy first.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Yes, it means the theme you're using lacks an icon used in clamtk. If you try another theme, it should work.
anon-private
commented
6 years ago Thank you. Before I decide to change the theme is there a real advantage to using clamtk ver. 5 over the version in the kubuntu repo. If not, I will likely remove the current clam and return to the repo version. Best wishes.
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Tuesday, 26 December 2017, 07:45:13 GMT, Dave M <notifications@github.com> wrote: Yes, it means the theme you're using lacks an icon used in clamtk. If you try another theme, it should work.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
anon-private
commented
6 years ago I decided to keep my theme. The repo clamtk has provided a graphical interface
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Tuesday, 26 December 2017, 07:45:13 GMT, Dave M <notifications@github.com> wrote: Yes, it means the theme you're using lacks an icon used in clamtk. If you try another theme, it should work.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
anon-private
commented
6 years ago Out of interest, how often do you update the virus signature file
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Tuesday, 26 December 2017, 07:45:13 GMT, Dave M <notifications@github.com> wrote: Yes, it means the theme you're using lacks an icon used in clamtk. If you try another theme, it should work.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago The signature file can be controlled by ClamAV (not me) or the user (also not me). Some OSs (like Debian) automatically run an update script for you, while others do not. You can toggle these within the program.
Also, be careful using anything but the 5.xx series. The old version is no longer maintained. I recommend trying this first:
sudo apt-get install gnome-icon-theme-full
and then trying to run 5.25 again.
anon-private
commented
6 years ago I now have 5.25 installed. I am due to test the programme
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Tuesday, 26 December 2017, 13:44:05 GMT, Dave M <notifications@github.com> wrote: The signature file can be controlled by ClamAV (not me) or the user (also not me). Some OSs (like Debian) automatically run an update script for you, while others do not. You can toggle these within the program.
Also, be careful using anything but the 5.xx series. The old version is no longer maintained. I recommend trying this first:
sudo apt-get install gnome-icon-theme-full
and then trying to run 5.25 again.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
anon-private
commented
6 years ago A few questions Other than the Home folder, what other folders should I scan? I note that my AV sig is installed number 24166. How do I know that I have the latest update? I should receive updates automatically, but I should be able to check. Thanks
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Tuesday, 26 December 2017, 13:44:05 GMT, Dave M <notifications@github.com> wrote: The signature file can be controlled by ClamAV (not me) or the user (also not me). Some OSs (like Debian) automatically run an update script for you, while others do not. You can toggle these within the program.
Also, be careful using anything but the 5.xx series. The old version is no longer maintained. I recommend trying this first:
sudo apt-get install gnome-icon-theme-full
and then trying to run 5.25 again.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago I think the home folder should suffice, and that in most cases a full system scan unnecessary. In addition to file scanning and scanning the home drive, use rkhunter or chkrootkit for checking the rest of the system.
ClamTk will let you know if you're behind on sigs. I agree a number like 24166 is not intuitive; I'm just going along with ClamAV's numbering system. But you will get a warning if there's an issue.
anon-private
commented
6 years ago Thank you. Am I right in thinking that automatic checking for updates will significantly slow my system, and that it best for me to handle updates manually. I only have 1 GB RAM and a slow processor.
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Thursday, 28 December 2017, 10:25:45 GMT, Dave M <notifications@github.com> wrote: I think the home folder should suffice, and that in most cases a full system scan unnecessary. In addition to file scanning and scanning the home drive, use rkhunter or chkrootkit for checking the rest of the system.
ClamTk will let you know if you're behind on sigs. I agree a number like 24166 is not intuitive; I'm just going along with ClamAV's numbering system. But you will get a warning if there's an issue.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Honestly, I'm not sure. I wouldn't think it's too intensive, but updating manually sounds like a good way to start.
anon-private
commented
6 years ago Thank you. I have installed rkhunter and chkrootkit. I can't see them in my dropdown menus. Are they command line applications?
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Thursday, 28 December 2017, 10:25:45 GMT, Dave M <notifications@github.com> wrote: I think the home folder should suffice, and that in most cases a full system scan unnecessary. In addition to file scanning and scanning the home drive, use rkhunter or chkrootkit for checking the rest of the system.
ClamTk will let you know if you're behind on sigs. I agree a number like 24166 is not intuitive; I'm just going along with ClamAV's numbering system. But you will get a warning if there's an issue.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago I believe they are, yes. Worth it, though. To get you started, try this:
rkhunter --propupdrkhunter --updaterkhunter -c --skThose should update it, and then check the system.
anon-private
commented
6 years ago Thank you for the commands. I have checked the manual. Regarding propupd. Evidently, it fills the file properties database. But, fills it with what? Regarding rkhunter -c --skI assume that -c means check. but sk? Did you run rkhunter as sudo rkhunter?
Have you found a good support forum for rkhunter. I get the impression that this programme is only poorly supported. Best wishes for the New Year
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Thursday, 28 December 2017, 15:20:05 GMT, Dave M <notifications@github.com> wrote: I believe they are, yes. Worth it, though. To get you started, try this:
Those should update it, and then check the system.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Hi,
--sk means skip-keypress. Normally it checks a few things and waits for you to hit the spacebar to continue. --sk does away with that.
I'm not sure about support. I'll give it a look.
anon-private
commented
6 years ago Thank you Happy New Year I know that this is not your speciality. But when I run rkhunter from the utilities menu of kubuntu, using the following command line, konsole --noclose -e sudo rkhunter -c -sk && bash. The programme runs, but at the end does not return the command prompt. Any thoughts? I did try removing noclose.
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Sunday, 31 December 2017, 16:38:20 GMT, Dave M <notifications@github.com> wrote: Hi,
--sk means skip-keypress. Normally it checks a few things and waits for you to hit the spacebar to continue. --sk does away with that.
I'm not sure about support. I'll give it a look.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago I'm not an Ubuntu expert, but do you need to run things like that? Can you just open konsole and type sudo rkhunter -c -sk?
anon-private
commented
6 years ago I can run the programme straight for the command line. I have introduced the programmes into the GUI simply for convenience. Best wishes.
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Monday, 1 January 2018, 08:16:07 GMT, Dave M <notifications@github.com> wrote: I'm not an Ubuntu expert, but do you need to run things like that? Can you just open konsole and type sudo rkhunter -c -sk?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Oh, OK, sorry, I'm not familiar with that. Learn something every day. :)
If this issue is resolved, please close it, and open another issue if something comes up. Or post again, if there's something related.
Thanks, Dave M
anon-private
commented
6 years ago Thank you for the excellent communication.
Best wishes
anon-private
commented
6 years ago Ref. Clamtk and clamav
Hello Dave I have just scanned what I thought was my home directory. The programme scanned about 12,000 files. Can you tell me the best way to scan the home directory? After this scan, PUA HTML.TROJAN.CRYPT-347 was seen as a threat. I have quarantined this file. IT looks like it is an unwanted application, rather than anything dangerous - What do you think? Best wishes.
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Monday, 1 January 2018, 08:16:07 GMT, Dave M <notifications@github.com> wrote: I'm not an Ubuntu expert, but do you need to run things like that? Can you just open konsole and type sudo rkhunter -c -sk?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Hi, You are correct - it's marked as "PUA" - potentially unwanted application. It's not definitely a threat - it just depends on the context.
You can submit files for additional analysis to Virustotal with the Analysis button or through its website: https://virustotal.com Just do not ever submit personal files - just files you aren't sure about whether they're a threat or not.
I generally recommend disabling PUA scanning within the preferences because it can be very misleading.
You can read more about PUAs here: http://wikipedia.org/wiki/Potentially_unwanted_program
anon-private
commented
6 years ago Thank you. I get the impression that I don't need to worry about PUA's. I can't locate the Preferences button to indicate that PUA's can be ignored!
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Friday, 12 January 2018, 09:44:16 GMT, Dave M <notifications@github.com> wrote: Hi, You are correct - it's marked as "PUA" - potentially unwanted application. It's not definitely a threat - it just depends on the context.
You can submit files for additional analysis to Virustotal with the Analysis button or through its website: https://virustotal.com Just do not ever submit personal files - just files you aren't sure about whether they're a threat or not.
I generally recommend disabling PUA scanning within the preferences because it can be very misleading.
You can read more about PUAs here: http://wikipedia.org/wiki/Potentially_unwanted_program
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub, or mute the thread.
anon-private
commented
6 years ago Thank you for the link. Having read the page. I am wondering if PUA scanning should be allowed because some PUA's could be harzardous. What do you think
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Friday, 12 January 2018, 09:44:16 GMT, Dave M <notifications@github.com> wrote: Hi, You are correct - it's marked as "PUA" - potentially unwanted application. It's not definitely a threat - it just depends on the context.
You can submit files for additional analysis to Virustotal with the Analysis button or through its website: https://virustotal.com Just do not ever submit personal files - just files you aren't sure about whether they're a threat or not.
I generally recommend disabling PUA scanning within the preferences because it can be very misleading.
You can read more about PUAs here: http://wikipedia.org/wiki/Potentially_unwanted_program
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago Well, really it's all about context. A tool can be great when you have it, but when used against you, it would be unwanted. Like a weapon - useful for defending yourself; not so nice when used against you. :)
I recommend disabling it. If you keep it enabled, just keep in mind that you shouldn't necessarily panic when things show up. You can enable or disable it in the Settings.
anon-private
commented
6 years ago Hello, I did not understand your first paragraph, but I have now disabled scanning for PUA's in the Settings. Should all the other options be kept enabled? Best wishes.
This message is private and confidential and must be read by the intended recipient only.
It should not be forwarded, copied, transmitted, or discussed, without my written permission.
If you are not the intended recipient, delete this message, and, report the matter to me.
On Saturday, 13 January 2018, 12:25:52 GMT, Dave M <notifications@github.com> wrote: Well, really it's all about context. A tool can be great when you have it, but when used against you, it would be unwanted. Like a weapon - useful for defending yourself; not so nice when used against you. :)
I recommend disabling it. If you keep it enabled, just keep in mind that you shouldn't necessarily panic when things show up. You can enable or disable it in the Settings.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub, or mute the thread.
dave-theunsub
commented
6 years ago The other options are fine either way. Leaving them enabled should work for you.
I am using an old version from the kubuntu repo. Tried installing the latest version from the website. It would not install
Had to re-install the old version
I don't know if the signatures automatically update from the repo
Does clamav run in the background and scan live