---------- Forwarded message --------- From: Furkan Yücebaş <[email protected]> Date: Mon, Jun 10, 2019 at 5:55 PM Subject: Re: Clamav problems To: <[email protected]>, <[email protected]>
Anyone have a solution or thought on this ?? On Thu, May 30, 2019 at 10:04 PM Furkan Yücebaş <[email protected]> wrote: > > > ---------- Forwarded message --------- > From: Furkan Yücebaş <[email protected]> > Date: Thu, May 30, 2019 at 1:46 PM > Subject: Clamav problems > To: <[email protected]> > > > Hi there, > About a month ago, I installed clamav on my debian-based(jessie)linux > machine from jessie repository. > > *You can find first installed version (slow running one) > > root@ruhi:~# apt-cache policy clamav > clamav: > Kurulu: 0.101.2+dfsg-1 > Aday: 0.101.2+dfsg-1 > Sürüm çizelgesi: > *** 0.101.2+dfsg-1 500 > 500 http://http.kali.org/kali kali-rolling/main amd64 Packages > 500 http://ftp.de.debian.org/debian testing/main amd64 Packages > 100 /var/lib/dpkg/status > 0.100.0+dfsg-0+deb8u1 500 > 500 http://ftp.tr.debian.org/debian jessie/main amd64 Packages > root@ruhi:~# apt-cache policy clamdscan > clamdscan: > Kurulu: 0.101.2+dfsg-1 > Aday: 0.101.2+dfsg-1 > Sürüm çizelgesi: > *** 0.101.2+dfsg-1 500 > 500 http://http.kali.org/kali kali-rolling/main amd64 Packages > 500 http://ftp.de.debian.org/debian testing/main amd64 Packages > 100 /var/lib/dpkg/status > 0.100.0+dfsg-0+deb8u1 500 > 500 http://ftp.tr.debian.org/debian jessie/main amd64 Packages > > In this try, I had a very serious scanning time problem. > For 110 mb file (this is not encrypted file - normal exe), scanning time > is : 1 m 33s (below screenshot) > > [image: image.png] > > After that, I installed clamav from the source code that you share on your > web page (same version 0.101.2) > The problem of slowing has been solved, but now it seems that not running > stable and it is getting very fast results. I want to make sure the results > are correct or not. Also you can see that "clamdscan" couldn't find > infected files in my zip while "clamscan" could. Compressed files is > enabled in my conf file. > > To see scanning time : > > root@furkan:~/Downloads# du -sh clamtest2.zip > 8,7G clamtest2.zip > > root@furkan:~/Downloads/clamtest2# ls -la > toplam 9174376 > drwxr-xr-x 2 root root 4096 May 27 19:26 . > drwxr-xr-x 29 root root 20480 May 27 19:49 .. > -rw-r--r-- 1 root root 1951432704 Şub 20 08:55 > debian-live-9.8.0-amd64-xfce.iso > -rw-r--r-- 1 root root 68 Nis 29 01:53 eicar.com > -rw-r--r-- 1 root root 308 Nis 29 01:53 eicarcom2.zip > -rw-r--r-- 1 root root 184 May 27 18:55 eicar_com.zip > -rw-r--r-- 1 root root 873116238 Ara 23 18:29 > metasploitable-linux-2.0.0.zip > -rwxr-xr-x 1 root root 166729977 Ara 27 01:54 > metasploit-latest-linux-x64-installer.run > -rw-r--r-- 1 root root 317542415 Mar 4 01:08 OMNET_OS3_UAVSim-master.zip > -rw-r--r-- 1 root root 816301191 Ara 27 02:33 Rapid7Setup-Linux64.bin > -rw-r--r-- 1 root root 952795136 May 1 16:59 ssi-9.601-5.1.iso > -rw-r--r-- 1 root root 4168089600 Mar 18 02:41 tsurugi_lab_2018.1.iso > -rwxr-xr-x 1 root root 148464193 Ara 23 18:24 > VMware-Player-15.0.2-10952284.x86_64.bundle > > test : > > root@furkan:~/Downloads# clamdscan clamtest2/ > /root/Downloads/clamtest2/eicar_com.zip: Eicar-Test-Signature FOUND > /root/Downloads/clamtest2/eicar.com: Eicar-Test-Signature FOUND > /root/Downloads/clamtest2/eicarcom2.zip: Eicar-Test-Signature FOUND > > ----------- SCAN SUMMARY ----------- > Infected files: 3 > Time: 0.153 sec (0 m 0 s) > > root@furkan:~/Downloads# clamdscan clamtest2.zip > /root/Downloads/clamtest2.zip: OK > > ----------- SCAN SUMMARY ----------- > Infected files: 0 > Time: 0.000 sec (0 m 0 s) > > root@furkan:~/Downloads# clamdscan clamtest2/ > /root/Downloads/clamtest2/eicar_com.zip: Eicar-Test-Signature FOUND > /root/Downloads/clamtest2/eicar.com: Eicar-Test-Signature FOUND > /root/Downloads/clamtest2/eicarcom2.zip: Eicar-Test-Signature FOUND > > ----------- SCAN SUMMARY ----------- > Infected files: 3 > Time: 0.005 sec (0 m 0 s) > > root@furkan:~/Downloads# clamscan clamtest2/ > clamtest2/ssi-9.601-5.1.iso: OK > clamtest2/metasploitable-linux-2.0.0.zip: OK > clamtest2/tsurugi_lab_2018.1.iso: OK > clamtest2/eicarcom2.zip: Eicar-Test-Signature FOUND > clamtest2/metasploit-latest-linux-x64-installer.run: OK > clamtest2/debian-live-9.8.0-amd64-xfce.iso: OK > clamtest2/eicar_com.zip: Eicar-Test-Signature FOUND > clamtest2/OMNET_OS3_UAVSim-master.zip: OK > clamtest2/VMware-Player-15.0.2-10952284.x86_64.bundle: OK > clamtest2/Rapid7Setup-Linux64.bin: OK > clamtest2/eicar.com: Eicar-Test-Signature FOUND > > ----------- SCAN SUMMARY ----------- > Known viruses: 6139363 > Engine version: 0.101.2 > Scanned directories: 1 > Scanned files: 11 > Infected files: 3 > Data scanned: 0.00 MB > Data read: 8959.26 MB (ratio 0.00:1) > Time: 49.356 sec (0 m 49 s) > > root@furkan:~/Downloads# clamscan clamtest2.zip > clamtest2.zip: OK > > ----------- SCAN SUMMARY ----------- > Known viruses: 6139363 > Engine version: 0.101.2 > Scanned directories: 0 > Scanned files: 1 > Infected files: 0 > Data scanned: 0.00 MB > Data read: 8908.36 MB (ratio 0.00:1) > Time: 27.641 sec (0 m 27 s) > > Problems : > > 1) Clamav-daemon couldn't start properly. It starts working on my first > attempt and then seems to be disabled and I couldn't make service up. > 2) When I want to use "clamdscan" instead of "clamscan" always getting > "ERROR: Could not connect to clamd on LocalSocket > /var/run/clamav/clamd.ctl: No such file or directory" I can fix this to > restart service and make "freshclam" but when I couldn't service up > (issue1) I couldn't use clamdscan. > * All problems and conf files are attached > > I hope you can help to fix the issues. Thank you > Furkan > > > >
_______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
