Paril Posted March 10, 2021 Report Share Posted March 10, 2021 (edited) Hi there. I'm new to using Immunet as a daily driver for antivirus, but I've run into a strange issue. For some reason, ClamAV's "freshclam.exe" has been slowly eating away at my bandwidth. It's used over 30 GB over a day - approximately 230 MB every 30 minutes. I tried it installed both in the regular installation directory (Program Files) and in root of a drive (E:\Immunet\) just in case it was a permissions issue, to no avail. If I try to run freshclam manually, I see the following note: Quote ERROR: Can't create temporary directory E:\Immunet\clamav\0.102.1.14\database\tmp Hint: The database directory must be writable for UID 0 or GID 0 ERROR: Initialization error! I don't know if it's related or not. I can't touch anything in the Immunet folder (as expected), so it's possible this is normal from attempting to launch it by hand. Then I tried to launch with a specific --datadir, just to rule out a permission issue: Quote E:\Immunet\clamav\0.102.1.14>freshclam --datadir=E:\ ClamAV update process started at Wed Mar 10 00:56:33 2021 daily database available for download (remote version: 26103) Time: 2.7s, ETA; 0.0s [=======================================>] 100.18MiB/100.18MiB WARNING: Mirror https://database.clamav.net is not synchronized. ERROR: Unexpected error when attempting to update database: daily WARNING: fc_update_databases: fc_update_database failed: Up-to-date (1) ERROR: Database update process failed: Up-to-date (1) ERROR: Update failed. So, while it does update here (100 MB), it then throws some unexpected error and deletes the tmp folder. It seems to retry this every 15 mins or so. If I enable --verbose --debug, this is all it adds to the log: Quote Time: 2.7s, ETA; 0.0s [=======================================>] 100.18MiB/100.18MiB * Connection #0 to host database.clamav.net left intact LibClamAV debug: Initialized devel-clamav-0.102.1-13-ga82161700 engine LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = 5abf3da8b864664c0c6f2faf057e392f LibClamAV debug: cli_versig: Decoded signature: 5abf3da8b864664c0c6f2faf057e392f LibClamAV debug: cli_versig: Digital signature is correct. LibClamAV debug: in cli_tgzload() LibClamAV debug: daily.info loaded LibClamAV debug: in cli_tgzload_cleanup() LibClamAV debug: in cli_tgzload() LibClamAV debug: in cli_tgzload_cleanup() LibClamAV debug: Cleaning up phishcheck LibClamAV debug: Phishcheck cleaned up WARNING: Mirror https://database.clamav.net is not synchronized. ERROR: Unexpected error when attempting to update database: daily WARNING: fc_update_databases: fc_update_database failed: Up-to-date (1) ERROR: Database update process failed: Up-to-date (1) ERROR: Update failed. Anything I could try for this? I also have no way of knowing if this is another permission issue (since I'm launching freshclam from within the clamav\<version>\ folder which I don't have permission to write to), but I don't know where I could see any logs of freshclam that Immunet launches. My clamav folder only has the version folder in it, and inside that folder there is all of the standard installation files alongside a "temp\clamtmp" folder tree with nothing in it. (EDIT: as a complete aside, while registering for this account, for some reason the email field for the Registration form started out as "email@example.com" for me.. I've never seen this email in my life, and it's not anywhere in my browser autofill, so I have no idea how that happened) Edited March 10, 2021 by Paril adding weird sign up info Link to comment Share on other sites More sharing options...
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now