Directories not scanning under Linux Mint 18 KDE [LiveUSB]

[WildS0ft]

OS Linux Mint 18 KDE 64-bit (LiveUSB) & System is fully updated with apt-get upgrade clamav 0.99.2 (from the repository) clamav-daemon 0.99.2 (from the repository) clamdscan 0.99.2 (from the repository) libclamunrar7 0.99-1 (from the repository) clamtk 5.22 from clamtk_5.22-1_all.deb & All settings activated

Issue: Scanning of most directories will result in 0 files scanned. However there's no problem with scanning single files. I'm not sure if you'd be willing to support a LiveUSB installation, not even sure if the issue lies with that to be honest. But I figured I'd report it anyway since I often use LiveUSB's. Not being able to scan the directories in /home/mint is the biggest problem.

Scan a directory

/bin - 0 files detected
/boot - 0 files detected
/cdrom - OK
/dev - No permission
/etc - 0 files detected
/home - 0 files detected
/lib - 0 files detected
/lib64 - 0 files detected
/media - OK
/mnt - Empty
/opt - 0 files detected
/proc - No permission
/rofs - OK
/root - No permission
/run - OK
/sbin - 0 files detected
/srv - Empty
/sys - No permission
/tmp - OK
/usr - 0 files detected
/var - 0 files detected

[dave-theunsub]

Hi,

Have you set Recursive scanning in the Settings box? Please ensure that's done and then try scanning again.

respectfully Dave M

[WildS0ft]

Hello =)

clamtk 5.22 from clamtk_5.22-1_all.deb & All settings activated

I just double checked. All the settings are ticked in ClamTk and scanning folders and subfolders presents no issue on the directories I listed above as OK

[dave-theunsub]

Hi,

To be honest, I can't remember having tried ClamTk on a live CD.

Ok, let's try this:

1. Open a terminal window (gnome-terminal or konsole or ...)
2. type "clamscan -r /" (no quotes, of course)

And let us know what happens then. This way, we can see if the problem is with the scanner or the GUI.

respectfully Dave M

[WildS0ft]

Thanks for helping.

I tested with clamscan -r /home/mint/Downloads/ in which there are several files and folders. No issues. All files and folders scanned. I also tested /bin and /usr to be sure and they also scanned without any problems.

EDIT: It even allowed me to scan in /dev /proc and /sys - However not all files were able to be scanned in these folders and I was able to scan /root with sudo.

I can also access /root with ClamTk in an elevated state, but again it gives me 0 files scanned and it still has no access to /dev /proc and /sys

[dave-theunsub]

Hmmmm... okay, let's try this: Open the terminal again, type "clamtk" (no quotes, of course), and try to scan. If there are any messages in the terminal, please paste them here. They may give us a clue as to what's going on.

respectfully Dave M

[WildS0ft]

It shows nothing at all. Either with or without sudo the terminal gives me no output whatsoever.

[dave-theunsub]

Ok, can you show me the output of

cat ~/.clamtk/prefs

? Obviously ensure there is nothing sensitive in there.

respectfully Dave M

[WildS0ft]

Here you go:

Thorough=1
GUICheck=1
Whitelist=
ScanHidden=1
Clickings=2
LastInfection=Never
TruncateLog=1
SizeLimit=1
Recursive=1
Mounted=0
DupeDB=1
HTTPProxy=0
Update=shared

[dave-theunsub]

Darn, that wasn't too helpful. Ok, I'll download a live CD and test it on my end. Hopefully I can get to it soon - if not, I can jump on it this weekend.

respectfully Dave M

[WildS0ft]

Thank you for taking the time and effort to look into this =)

In my first post you can see what I use and if it's to any help I create my LiveUSB's with Rufus under Windows, with the partition scheme setting to "GPT partition scheme for UEFI".

EDIT: Also /media/mint/ lists all the mounted hard drives, which in this case are Windows NTFS drives, but they are scannable. I got a little confused about what you write here - Is it not a good idea to scan NTFS drives with ClamAV or ClamTk?

[dave-theunsub]

I recommend not using ClamTk with anything related to Windows, including NTFS drives - solely because I haven't tested it. In fact, the problem might be that I added the switch "--cross-fs=no" when it's running. It will (or won't, as it were) "Scan files and directories on other filesystems". With clamscan, it's set to do it by default, whereas ClamTk is set to not do it by default.

So, you may have just figured out what the problem is.

respectfully Dave M

[WildS0ft]

I'm not following. ClamTk works on the NTFS drives, for both files and folders. They were never the issue.

[dave-theunsub]

I'm aware; I just meant I wouldn't trust it on Windows drives. Just thinking out loud. Anyway, I'll try a live CD and see what happens.

I also thought I replied to this an hour ago, but apparently I only replied to myself. :|

respectfully Dave M

[dave-theunsub]

I'm aware; I just meant I wouldn't trust it on Windows drives. Just thinking out loud. Anyway, I'll try a live CD and see what happens.

respectfully Dave M

On Wed, Oct 26, 2016 at 3:37 AM, WildS0ft notifications@github.com wrote:

I'm not following. ClamTk works on the NTFS drives, for both files and folders. They were never the issue.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/dave-theunsub/clamtk/issues/67#issuecomment-256284178, or mute the thread https://github.com/notifications/unsubscribe-auth/ABxM_m94WGBsHeQChzNW8wmRnxwpI_Y5ks5q3xFJgaJpZM4KbjJe .

respectfully Dave M 0x6ADA59DE

[WildS0ft]

I'm getting a little sidetracked here, sorry. But what is your worries regarding scanning NTFS drives with ClamTk and what is your opinion on scanning NTFS drives using the command line with ClamAV directly instead?

[dave-theunsub]

First, ClamTk/ClamAV don't get installed properly. They're supposed to get installed with antivirus dbs, but they don't... ClamTk just refuses to do anything, and ClamAV gives this error: "LibClamAV error: cli_loaddbdir(): No supported database files found ...". This is why, if you look at the ratings section in the install screen, so many people complain it doesn't work. After a "sudo freshclam -v", they were downloaded and installed.

Second, ClamTk is looking at the files kind of - but they're coming with "Excluded" so it's ignoring them. Like this: /home/mint/.bashrc: Excluded

So I commented that part out, so ClamTk wouldn't ignore those files. And it still did. :|

Honestly I have no idea what's going on yet. I'm still playing with it. I don't have much experience with live CDs. I'll report back after some more investigation. Weird.

respectfully Dave M

[dave-theunsub]

Ok, wait, I spoke too soon. I figured it out. I'll release 5.23 this weekend to fix it, but a quick fix is this:

1. Open up /usr/share/perl5/ClamTk/Scan.pm with a text editor (vim, nano, etc)
2. Scroll down to the line "$directive .= ' --cross-fs=no';
3. Put a "#" in front of it, like this:

   $directive .= ' --cross-fs=no'

4. Save the file and exit
5. Profit!

respectfully Dave M

[dave-theunsub]

Hi,

Can you confirm 5.23 fixes this? If so, please close. Otherwise, please let us know.

respectfully Dave M

[WildS0ft]

Yes, sorry. Meant to reply here sooner.

It seems to be working just fine now with version 5.23, thank you =)

[dave-theunsub]

Thank you for reporting the issue.

respectfully Dave M