clamav and freshclam update failures

[Jan]

Sorry Jan but I can't help with that one. I didn't get that error when I did it and I'm now at the extent of my knowledge.
My only suggestion is to remove clamav, delete all clamav related files and start with a fresh install of clamav as per Jerry's how to tutorial.
If you still get the above error after that then someone else will need to help out because I don't know the answer.

Thank you, Ridenotwalk, for all your efforts to help solve this one. 

I did follow your suggestion above to remove the clamav and reinstall as per Jerry's tutorial but still get the same message:

^Clamd was NOT notified: Can't connect to clamd through/var/run/clamav/clamd.ctl: No such file or directory.

[Jan]

Some years ago I had an issue with clamav on LXLE 12.04 not updating. It was down to permissions on the log file.

This was what I wrote at the time - don't know if it helps.

Noticed one issue - clamav cannot update sigs because the log file directory is missing.
If you run sudo freshclam you get error:-
Can't open /var/log/clamav/freshclam.log in append mode

As root I created /var/log/clamav, then:-
chown -R clamav:clamav /var/log/clamav

freshclam now updates sigs OK.

Thank you, robinc, for your reply when I first posted my issue with clamav and freshclam update failures. 

Given my current issue, ie., "^Clamd was NOT notified. Can't connect to clamd through /var/run/clamav/clamd.ctl:  No such file or directory.", I'm thinking that the solution that worked for you would not apply in my case.  I know very little about this subject matter, but thank you for taking the time to write and offer your suggestion.

[Jan]

The lock error = remove that log file, you may have cancelled/stopped a run - I tested on my old LL3.8 and mid scan cancelled tried update -- got locked error - rm commands ran, updated fine and a new scan ran..


I did get a notification it couldn't find a config file on initial 'freshclam' on 2nd run all up to date..


*use sudo and change directory to your home (I used 'yourusername')

Hi Firenice03, 

Thank you for your earlier response to my initial post. 

Given my current issue: ^Clamd was not installed.  Cant connect to clamd through /var/run/clamav/clamd.ctl:  No such file or directory. 

Do you think that your suggestion above would apply to my current issue?

[Jan]

 

^Clamd was not installed.  Cant connect to clamd through /var/run/clamav/clamd.ctl:  No such file or directory. 

I think I must be jinxed!  Despite a fresh installation of LL 4.8, I've still run into ALL the exact same problems and error messages as before.  I'm currently back at my last and most recent error message as described above.  I'm totally exhausted.  Does anyone have a solution to this?  Many thanks!

[firenice03]

1st = Make a Time Shift back up = you wont have to reinstall if it goes sideways - you can revert back...

Not sure of your install process...


Following this 'should' get you clamav installed
https://www.freecinema2022.gq/manual/tutor...atchtype=0


Its also what I added in a prior post..


Clamd - is probably the daemon - see the link; did you install both? ClamAV and ClamAV-daemon ??

Code:

sudo apt-get install clamav clamav-daemon

Try that or... just the clamd

Code:

sudo apt-get install clamav-daemon

[Jan]

Thanks for your reply, Firenice03,
Yes, I've done all of that exactly as you've written. 

[firenice03]

Thanks for your reply, Firenice03,
Yes, I've done all of that exactly as you've written. 

Whats the output when you try in a terminal ..

Code:

sudo apt-get install clamav-daemon

**UPDATE**
I reran a

Code:

sudo freshclam

..
I get a similar - Cant find or parse configuration file /etc/clamav/clamd.conf


Ran a 2nd time - no error...


Run sudo freshclam a 2nd time to see if error continues to report.
I checked - it in fact doesn't exist on mine - most all refer to freshclam...


I do appear to update although the error did occur once




*** Update 2 ***
I installed on my LL4.8 lappy.. I had the timeout issue on download - I tried changing timeouts - but eh - Easier to wget the file into the /var/lib/clamav directory... But anywho


Yup similar the 3.8 box Cant find or parse configuration file /etc/clamav/clamd.conf
A 2nd run (sudo freshclam) working fine..  Not sure why you're failing - I installed via the Help Manual line for line... 

[Jan]

Whats the output when you try in a terminal ..

Code:

sudo apt-get install clamav-daemon

**UPDATE**
I reran a

Code:

sudo freshclam

..
I get a similar - Cant find or parse configuration file /etc/clamav/clamd.conf

When I do the above I get the response that "clamav-daemon is already the newest version."

However, it then lists two packages that were automatically installed but are no longer needed.  These are:

libllvm8 linux-image-unsigned -4.15.0-72 generic
linux modules-4.15.0-72 generic

To remove them, its says use

sudo apt autoremove

I did that and then ran as you said

sudo freshclam

And, voila, it says the data base is up to date.  (Yay!!!)
Time to run the virus scan.  Following the tutorial exactly, I entered
sudo clamscan -r -i / | grep FOUND >> /home/the user name on my computer/virus-scan-report.txt
Next comes a long stream of Warnings! like:
LibClamAV Warnings: fmap_readpage: pread fail: asked for 4077 bytes to offset 19, got 0WARNING: Can't open file /sys/module/drm/ uevent: Permission denied.
There are more sys/module WARNINGS, too numerous to mention, but outcome is; Permission denied. 

I'm just letting this continue it's run, and will see if I get a virus scan report eventually,  but this sure doesn't look good right now.

[firenice03]

[member=5901]Jan[/member]
[size=1em]I think its ok... Look at some of those earlier links to the forum..[/size]
[size=1em]Where you can exclude... exclude /sys /proc & /dev maybe some thing like... [/size]
[size=1em]--exclude-dir=sys [/size]

[size=1em]Now the output will only show anything found.. grepping FOUND[/size]

[size=1em]You can test on a smaller directory.. say like pics/download or tmp something with some files...[/size]

[size=1em]clamscan flags -r recursive =looks in folders -i infected [/size]
[size=1em]Also -v verbos on screen[/size]

[size=1em]So test by clamscan -vri /home/user/Pictures or what have you..[/size]

[size=1em]It'll show scanning each file and a status at end, using grep FOUND doesn't display status (not matched)[/size]
[size=1em]But this will give an idea of what's happening [/size]

[Jan]

Good morning, firenice03,
I let the scan run its course and this is the message I received:
LibClamAV Warning:  cli_scanxz:decompress file size exceeds limits -only scanning 27262976 bytes
Not sure what to do next.  ClamAV still does not show up in my applications folder. 

To this point, I've installed LL4.8 as a dual boot with my old Windows 7 OS.  I'm thinking maybe the simplest solution would be a total scrub of both OSs just to completely get rid of LL and whatever is going on with it.  (Oh, and I did go back to an earlier Restore point that I'd made with Timeshift.  Still exact same result.)