Open MandiYang opened 3 years ago
Hi @MandiYang ,
respectfully,
Dave M
I was scanning a file, and the version 6.06 didn't work either. This has happend before.
Hi @MandiYang ,
Let's try this: open a terminal window, and type "clamtk" (no quotes). Then try the scan you were doing before. If any messages show up in the terminal window, please post them back here.
respectfully,
Dave M
It came no output from clamtk
when typing it on terminal.
Hi @MandiYang ,
What type of file is it? Does it happen any other time with any other files?
respectfully,
Dave M
Yes, it did happend to other files
Do you want a screen shot?
Sure! Also, has this ALWAYS happened, or did it start with a particular version or date?
respectfully,
Dave M
Yes, it always happend.
Screenshot:
Hi @MandiYang ,
Do you have time to try out a debugging version? It'll be the same thing you're using now but will have a lot of print statements to show what's going on. I can't duplicate it on my end, so this may be the only way to do it. I can send you a new version shortly if you are.
respectfully,
Dave M
Yes, I can try it and show the output of clamav. Thank's
Here you go: https://app.box.com/s/we9nq0nt9pjzs24hyhqwe7sr13h14tnq
Do not type any of the quotes for the commands.
It's going to print out a lot in the terminal window. Please copy and paste into an email (preferably) to me: dave.nerd@gmail . Do at least a quick skim through the content to ensure there's nothing in there you don't want me to see. Let me know if you have questions.
respectfully, Dave M
How do I set the perl path to like /home/mandi/perl5/lib/perl5/x86_64-linux-gnu-thread-multi?
Hi @MandiYang ,
In a program, you would use "use lib '/home/mandi/perl5/etc/etc'". I'm just wondering because I saw it in the logfile; maybe I'm misreading it.
I still haven't found anything yet...
respectfully, Dave M
Yes, you read right.
Output of clamtk1.log after installing clamtk 6.07 and scanned one file and one directory. clamtk1.log
Taking a look - thanks!
respectfully, Dave M
clamtk 6.08 output of clamtk
(not clamtk-debug) when scanning file:
LOG **: Name com.canonical.AppMenu.Registrar does not exist on the session bus
clamscan version = >102.4<
clamtk 6.09 output of clamtk(not clamtk-debug) when scanning file:
LOG **: Name com.canonical.AppMenu.Registrar does not exist on the session bus
remote tk version = >6.09<
clamscan version = >102.4<
Ok, here's something that might help. Can you create a new, temporary user, log in as that user, and try running it?
respectfully, Dave M
It happend the same thing as in my user, the problem might be that clamav is slow at scanning files.
Have you tried running clamscan to compare? Let me know if I can help with that.
respectfully, Dave M
First scan: /home/mandi/examples.desktop: OK ----------- SCAN SUMMARY ----------- Known viruses: 12724963 Engine version: 0.102.4 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.01 MB Data read: 0.01 MB (ratio 1.50:1) Time: 37.520 sec (0 m 37 s)
Second scan: /home/mandi/examples.desktop: OK
----------- SCAN SUMMARY ----------- Known viruses: 12724963 Engine version: 0.102.4 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.01 MB Data read: 0.01 MB (ratio 1.50:1) Time: 31.536 sec (0 m 31 s)
Signatures:
badmacro.ndb hackingteam.hsb securiteinfoascii.hdb blurl.ndb javascript.ndb securiteinfo.hdb bytecode.cld junk.ndb securiteinfohtml.hdb daily.cld jurlbl.ndb securiteinfo.ign2 foxhole_all.cdb main.cvd securiteinfoold.hdb foxhole_all.ndb malwarehash.hsb securiteinfopdf.hdb foxhole_filename.cdb phish.ndb shelter.ldb foxhole_generic.cdb rogue.hdb sigwhitelist.ign2 foxhole_js.cdb sanesecurity.ftm spamattach.hdb foxhole_js.ndb scam.ndb spamimg.hdb foxhole_mail.cdb securiteinfoandroid.hdb spam_marketing.ndb
CLAMTK scan pretty slow and force quit window appeared.
That does seem pretty slow - over 30 seconds for one file. I did a scan of one file:
clamscan -r ~/tmp/ LibClamAV Warning: ** LibClamAV Warning: The virus database is older than 7 days! LibClamAV Warning: Please update it as soon as possible. LibClamAV Warning: ** LibClamAV Warning: Detected duplicate databases /var/lib/clamav/bytecode.cvd and /var/lib/clamav/bytecode.cld, please manually remove one of them /abyss/dave/tmp/eicar.com: {HEX}EICAR.TEST.3.UNOFFICIAL FOUND
----------- SCAN SUMMARY ----------- Known viruses: 8788331 Engine version: 0.103.1 Scanned directories: 1 Scanned files: 1 Infected files: 1 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 12.793 sec (0 m 12 s) Start Date: 2021:03:06 09:22:06 End Date: 2021:03:06 09:22:18
I have pretty much signatures, if I remove some of them maybe it will reduce the scan time and solve the problem.
I don't know if I'd recommend removing signatures as the solution... I'll keep thinking on it.
I mean remove the custom signartures maybe solve it, examples of custom signatures: badmacro.ndb hackingteam.hsb securiteinfoascii.hdb blurl.ndb javascript.ndb securiteinfo.hdb
Temporarily moving them out sounds like a good test.
yeah :)
First scan: /home/mandi/examples.desktop: OK
----------- SCAN SUMMARY ----------- Known viruses: 8507798 Engine version: 0.102.4 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.01 MB Data read: 0.01 MB (ratio 1.50:1) Time: 22.339 sec (0 m 22 s)
second scan:
/home/mandi/examples.desktop: OK
----------- SCAN SUMMARY ----------- Known viruses: 8507798 Engine version: 0.102.4 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.01 MB Data read: 0.01 MB (ratio 1.50:1) Time: 24.784 sec (0 m 24 s)
CLAMTK scan faster but force quit window still appears.
You may be right - it's taking so long that clamtk thinks the process is stuck. Does it eventually scan though?
Updating clamav to version 0.103.2 still doesn't help.
Hi @MandiYang ,
I'm not sure this has anything to do with clamav or clamtk; this seems more like a system or system configuration issue. What do you think?
respectfully,
Dave M
i have the same issues on Pop!_OS 21.10
@lizard-Szilard , please provide details. Also, follow the instructions from https://github.com/dave-theunsub/clamtk/issues/125#issuecomment-771506966 and let me know what happens.
after a few tries, mine started to work. (using Ubuntu 22.04.2 LTS.) However, a waiting screen while waiting clamav to work can solve this issue. what I mean is that instead of waiting the response from clamav, clamtk can say that "clamav is running" and that "clamtk is waiting for response from clamav", or something like that.
after a few tries, mine started to work. (using Ubuntu 22.04.2 LTS.) However, a waiting screen while waiting clamav to work can solve this issue. what I mean is that instead of waiting the response from clamav, clamtk can say that "clamav is running" and that "clamtk is waiting for response from clamav", or something like that.
Yeah, that would be more convenient.
Thanks for all the feedback. I am looking into it.
I think the best (or only) way to fix this is to switch to clamdscan, or at least have it as an option.
Prior to every scan, ClamAV loads all the signatures and this bogs things down. This doesn't happen with clamdscan. I tried removing the progressbar and related things but it doesn't change the delay/freeze that happens.
Will also have to decide if clamd should be a requirement with the rpms and debs so it's not a disruption and won't have to provide instructions on how to install it or why.
This issue still exists on Ubuntu 22.04.4 LTS - 64Bit
Same picture as posted in this comment: https://github.com/dave-theunsub/clamtk/issues/125#issuecomment-774260317
Clamtk says "Clamtk not responding" for a while and then the "Clamtk not responding" window dissapear and scan the file. I am using ubuntu 20.04