Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. ClamAV>
  3. win32
[clamav-users] ScanOnAccess: ... (null) FOUND
clamav-users at lists
Mar 13, 2019, 9:40 AM
Post #1 of 2 (206 views)
Permalink
Hi,

I seem to be encountering the same issue someone described here:
https://www.mail-archive.com/clamav-users@lists.clamav.net/msg46022.html

For me the null-message arrived when switching to root:
ScanOnAccess: /root/.bash_history: (null) FOUND

I'm running on RHEL7 server, latest updates with versions:
clamd-0.101.1-1.el7.x86_64

The accompanying files (coming from clamav-data rpm):

-rw-r--r--. 1 clamupdate clamupdate 199693 Jan 10 06:14 bytecode.cvd
-rw-r--r--. 1 clamupdate clamupdate 53834626 Jan 10 06:14 daily.cvd
-rw-r--r--. 1 clamupdate clamupdate 117892267 Jan 9 2018 main.cvd

It seems the main.cvd is old, but I haven't run freshclam against this yet. Could that be the reason? Since it is an internal server, I first need to setup a proxy etc ... for freshclam to work.

With friendly regards,

Franky

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: [clamav-users] ScanOnAccess: ... (null) FOUND [ In reply to ]
clamav-users at lists
Mar 14, 2019, 6:35 AM
Post #2 of 2 (205 views)
Permalink
Hi Franky,

Updating your signature set shouldn't affect this, although it is good to keep up to date.
We never did track down the cause of the (null) FOUND issue.
We are presently working on migrating the on-access scanning code out of clamd and into a new, separate utility that will submit files to clamd to be scanned, much the way that clamdscan interacts with clamd. We will have to keep an eye out for this or similar issues when the new on-access tool is complete.

-Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.




?On 3/13/19, 12:41 PM, "clamav-users on behalf of Franky Van Liedekerke via clamav-users" <clamav-users-bounces@lists.clamav.net on behalf of clamav-users@lists.clamav.net> wrote:

Hi,

I seem to be encountering the same issue someone described here:
https://www.mail-archive.com/clamav-users@lists.clamav.net/msg46022.html

For me the null-message arrived when switching to root:
ScanOnAccess: /root/.bash_history: (null) FOUND

I'm running on RHEL7 server, latest updates with versions:
clamd-0.101.1-1.el7.x86_64

The accompanying files (coming from clamav-data rpm):

-rw-r--r--. 1 clamupdate clamupdate 199693 Jan 10 06:14 bytecode.cvd
-rw-r--r--. 1 clamupdate clamupdate 53834626 Jan 10 06:14 daily.cvd
-rw-r--r--. 1 clamupdate clamupdate 117892267 Jan 9 2018 main.cvd

It seems the main.cvd is old, but I haven't run freshclam against this yet. Could that be the reason? Since it is an internal server, I first need to setup a proxy etc ... for freshclam to work.

With friendly regards,

Franky

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal