search

dave-theunsub / clamtk

An easy to use, light-weight, on-demand virus scanner for Linux systems
https://gitlab.com/dave_m/clamtk/wikis/home
Other
357 stars 46 forks source link

clamtk force quit #125

Open MandiYang opened 3 years ago

MandiYang commented 3 years ago

Clamtk says "Clamtk not responding" for a while and then the "Clamtk not responding" window dissapear and scan the file. I am using ubuntu 20.04

dave-theunsub commented 3 years ago

Hi @MandiYang ,

  1. Can you update to 6.06 and try again? https://gitlab.com/dave_m/clamtk/-/wikis/Home , follow the Downloads link, download clamtk deb file, and double-click
  2. Has this ever happened before?
  3. What were you doing when this happened? (e.g., scanning, trying to update, etc)

respectfully,
Dave M

MandiYang commented 3 years ago

I was scanning a file, and the version 6.06 didn't work either. This has happend before.

dave-theunsub commented 3 years ago

Hi @MandiYang ,

Let's try this: open a terminal window, and type "clamtk" (no quotes). Then try the scan you were doing before. If any messages show up in the terminal window, please post them back here.

respectfully,
Dave M

MandiYang commented 3 years ago

It came no output from clamtk when typing it on terminal.

dave-theunsub commented 3 years ago

Hi @MandiYang ,

What type of file is it? Does it happen any other time with any other files?

respectfully,
Dave M

MandiYang commented 3 years ago

Yes, it did happend to other files

MandiYang commented 3 years ago

Do you want a screen shot?

dave-theunsub commented 3 years ago

Sure! Also, has this ALWAYS happened, or did it start with a particular version or date?

respectfully,
Dave M

MandiYang commented 3 years ago

Yes, it always happend.

Screenshot: Screenshot from 2021-02-05 21-05-19

dave-theunsub commented 3 years ago

Hi @MandiYang ,

Do you have time to try out a debugging version? It'll be the same thing you're using now but will have a lot of print statements to show what's going on. I can't duplicate it on my end, so this may be the only way to do it. I can send you a new version shortly if you are.

respectfully,
Dave M

MandiYang commented 3 years ago

Yes, I can try it and show the output of clamav. Thank's

dave-theunsub commented 3 years ago

Here you go: https://app.box.com/s/we9nq0nt9pjzs24hyhqwe7sr13h14tnq

Do not type any of the quotes for the commands.

  1. Download (I'll assume to your ~/Downloads directory)
  2. Open terminal window
  3. type "cd ~/Downloads"
  4. type "tar xf clamtk-debug.tar.xz"
  5. type "cd clamtk-debug"
  6. type "./clamtk"

It's going to print out a lot in the terminal window. Please copy and paste into an email (preferably) to me: dave.nerd@gmail . Do at least a quick skim through the content to ensure there's nothing in there you don't want me to see. Let me know if you have questions.

respectfully, Dave M

MandiYang commented 3 years ago

How do I set the perl path to like /home/mandi/perl5/lib/perl5/x86_64-linux-gnu-thread-multi?

dave-theunsub commented 3 years ago

Hi @MandiYang ,

In a program, you would use "use lib '/home/mandi/perl5/etc/etc'". I'm just wondering because I saw it in the logfile; maybe I'm misreading it.

I still haven't found anything yet...

respectfully, Dave M

MandiYang commented 3 years ago

Yes, you read right.

clamtk.log

MandiYang commented 3 years ago

Output of clamtk1.log after installing clamtk 6.07 and scanned one file and one directory. clamtk1.log

dave-theunsub commented 3 years ago

Taking a look - thanks!

respectfully, Dave M

MandiYang commented 3 years ago

clamtk 6.08 output of clamtk(not clamtk-debug) when scanning file:

LOG **: Name com.canonical.AppMenu.Registrar does not exist on the session bus
clamscan version = >102.4<
MandiYang commented 3 years ago

clamtk 6.09 output of clamtk(not clamtk-debug) when scanning file:

LOG **: Name com.canonical.AppMenu.Registrar does not exist on the session bus
remote tk version = >6.09<
clamscan version = >102.4<
dave-theunsub commented 3 years ago

Ok, here's something that might help. Can you create a new, temporary user, log in as that user, and try running it?

respectfully, Dave M

MandiYang commented 3 years ago

It happend the same thing as in my user, the problem might be that clamav is slow at scanning files.

dave-theunsub commented 3 years ago

Have you tried running clamscan to compare? Let me know if I can help with that.

respectfully, Dave M

MandiYang commented 3 years ago

First scan: /home/mandi/examples.desktop: OK ----------- SCAN SUMMARY ----------- Known viruses: 12724963 Engine version: 0.102.4 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.01 MB Data read: 0.01 MB (ratio 1.50:1) Time: 37.520 sec (0 m 37 s)

Second scan: /home/mandi/examples.desktop: OK

----------- SCAN SUMMARY ----------- Known viruses: 12724963 Engine version: 0.102.4 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.01 MB Data read: 0.01 MB (ratio 1.50:1) Time: 31.536 sec (0 m 31 s)

Signatures:

badmacro.ndb hackingteam.hsb securiteinfoascii.hdb blurl.ndb javascript.ndb securiteinfo.hdb bytecode.cld junk.ndb securiteinfohtml.hdb daily.cld jurlbl.ndb securiteinfo.ign2 foxhole_all.cdb main.cvd securiteinfoold.hdb foxhole_all.ndb malwarehash.hsb securiteinfopdf.hdb foxhole_filename.cdb phish.ndb shelter.ldb foxhole_generic.cdb rogue.hdb sigwhitelist.ign2 foxhole_js.cdb sanesecurity.ftm spamattach.hdb foxhole_js.ndb scam.ndb spamimg.hdb foxhole_mail.cdb securiteinfoandroid.hdb spam_marketing.ndb

CLAMTK scan pretty slow and force quit window appeared.

dave-theunsub commented 3 years ago

That does seem pretty slow - over 30 seconds for one file. I did a scan of one file:

clamscan -r ~/tmp/ LibClamAV Warning: ** LibClamAV Warning: The virus database is older than 7 days! LibClamAV Warning: Please update it as soon as possible. LibClamAV Warning: ** LibClamAV Warning: Detected duplicate databases /var/lib/clamav/bytecode.cvd and /var/lib/clamav/bytecode.cld, please manually remove one of them /abyss/dave/tmp/eicar.com: {HEX}EICAR.TEST.3.UNOFFICIAL FOUND

----------- SCAN SUMMARY ----------- Known viruses: 8788331 Engine version: 0.103.1 Scanned directories: 1 Scanned files: 1 Infected files: 1 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 12.793 sec (0 m 12 s) Start Date: 2021:03:06 09:22:06 End Date: 2021:03:06 09:22:18

MandiYang commented 3 years ago

I have pretty much signatures, if I remove some of them maybe it will reduce the scan time and solve the problem.

dave-theunsub commented 3 years ago

I don't know if I'd recommend removing signatures as the solution... I'll keep thinking on it.

MandiYang commented 3 years ago

I mean remove the custom signartures maybe solve it, examples of custom signatures: badmacro.ndb hackingteam.hsb securiteinfoascii.hdb blurl.ndb javascript.ndb securiteinfo.hdb

dave-theunsub commented 3 years ago

Temporarily moving them out sounds like a good test.

MandiYang commented 3 years ago

yeah :)

MandiYang commented 3 years ago

After moving all custom signatures

First scan: /home/mandi/examples.desktop: OK

----------- SCAN SUMMARY ----------- Known viruses: 8507798 Engine version: 0.102.4 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.01 MB Data read: 0.01 MB (ratio 1.50:1) Time: 22.339 sec (0 m 22 s)

second scan:

/home/mandi/examples.desktop: OK

----------- SCAN SUMMARY ----------- Known viruses: 8507798 Engine version: 0.102.4 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.01 MB Data read: 0.01 MB (ratio 1.50:1) Time: 24.784 sec (0 m 24 s)

CLAMTK scan faster but force quit window still appears.

dave-theunsub commented 3 years ago

You may be right - it's taking so long that clamtk thinks the process is stuck. Does it eventually scan though?

MandiYang commented 3 years ago

Updating clamav to version 0.103.2 still doesn't help.

dave-theunsub commented 3 years ago

Hi @MandiYang ,

I'm not sure this has anything to do with clamav or clamtk; this seems more like a system or system configuration issue. What do you think?

respectfully,
Dave M

lizard-Szilard commented 2 years ago

i have the same issues on Pop!_OS 21.10

dave-theunsub commented 2 years ago

@lizard-Szilard , please provide details. Also, follow the instructions from https://github.com/dave-theunsub/clamtk/issues/125#issuecomment-771506966 and let me know what happens.

NJT145 commented 1 year ago

after a few tries, mine started to work. (using Ubuntu 22.04.2 LTS.) However, a waiting screen while waiting clamav to work can solve this issue. what I mean is that instead of waiting the response from clamav, clamtk can say that "clamav is running" and that "clamtk is waiting for response from clamav", or something like that.

MandiYang commented 1 year ago

after a few tries, mine started to work. (using Ubuntu 22.04.2 LTS.) However, a waiting screen while waiting clamav to work can solve this issue. what I mean is that instead of waiting the response from clamav, clamtk can say that "clamav is running" and that "clamtk is waiting for response from clamav", or something like that.

Yeah, that would be more convenient.

dave-theunsub commented 1 year ago

Thanks for all the feedback. I am looking into it.

dave-theunsub commented 1 year ago

I think the best (or only) way to fix this is to switch to clamdscan, or at least have it as an option.

Prior to every scan, ClamAV loads all the signatures and this bogs things down. This doesn't happen with clamdscan. I tried removing the progressbar and related things but it doesn't change the delay/freeze that happens.

Will also have to decide if clamd should be a requirement with the rpms and debs so it's not a disruption and won't have to provide instructions on how to install it or why.

JohnnyDevNull commented 5 months ago

This issue still exists on Ubuntu 22.04.4 LTS - 64Bit

Same picture as posted in this comment: https://github.com/dave-theunsub/clamtk/issues/125#issuecomment-774260317