Problem with ClamAV

bscho · 10-26-2019, 02:57 AM

My desktop using Linux Mint 19.2 cinnamon was slowing down so I thought I am being hacked so loaded clamav. When I did sudo freshclam this was the error message.

sudo freshclam
[sudo] password for me:
ERROR: /var/log/clamav/freshclam.log is locked by another process
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).

Clamav will not run either.

I installed a new Mint 19.2 on a new SSD and used a different internet connection over a mobile phone network to be sure I was using a different IP address.

The first thing I downloaded was ClamAV. It is exactly the same.

How can I find the process that has locked freshclam and stopped Clamav running?

Is there anything else I can do to check for virus or being hacked?

Thanks

captain_sensible · 10-26-2019, 05:44 AM

it doesn't necessarily mean you've been hacked; my guess is that clamav was already running either due to auto update or you otherwise invoked it . If that was the case that would explain already locked . Basically you can look into seeing what processes are
running , killing them and then running manually .

Tools to see if you have malware include rkhunter , chkrootkit

bscho · 10-26-2019, 06:09 AM

Quote:

Originally Posted by captain_sensible

it doesn't necessarily mean you've been hacked; my guess is that clamav was already running either due to auto update or you otherwise invoked it . If that was the case that would explain already locked . Basically you can look into seeing what processes are
running , killing them and then running manually .

No I had never run clamav on either of these hard drives so I suspect it has to do with 19.2 as it did work on earlier versions 18.3

Tools to see if you have malware include rkhunter , chkrootkit Thanks will try these.

jsbjsb001 · 10-26-2019, 06:22 AM

You can try the following command to see what program has /var/log/clamav/freshclam.log opened;

Code:

lsof | grep -i freshclam.log

bscho · 10-26-2019, 06:26 AM

Quote:

Originally Posted by jsbjsb001

You can try the following command to see what program has /var/log/clamav/freshclam.log opened;

Code:

lsof | grep -i freshclam.log

Tried that and had this error

lsof | grep -i freshclam.log
lsof: WARNING: can't stat() tracefs file system /sys/kernel/debug/tracing
Output information may be incomplete.

wpeckham · 10-26-2019, 07:03 AM

Quote:

Originally Posted by bscho

My desktop using Linux Mint 19.2 cinnamon was slowing down so I thought I am being hacked so loaded clamav. When I did sudo freshclam this was the error message.

sudo freshclam
[sudo] password for me:
ERROR: /var/log/clamav/freshclam.log is locked by another process
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).

Clamav will not run either.

I installed a new Mint 19.2 on a new SSD and used a different internet connection over a mobile phone network to be sure I was using a different IP address.

The first thing I downloaded was ClamAV. It is exactly the same.

How can I find the process that has locked freshclam and stopped Clamav running?

Is there anything else I can do to check for virus or being hacked?

Thanks

first step, make sure the log file exists and is writable.
If not, create that file.

bscho · 10-26-2019, 07:37 AM

Quote:

Originally Posted by wpeckham

first step, make sure the log file exists and is writable.
If not, create that file.

It is not write
able see my earlier posts