[clamav-users] ScanOnAccess: ... (null) FOUND

Micah Snyder (micasnyd) micasnyd at cisco.com
Thu Mar 14 09:35:16 EDT 2019

Hi Franky,

Updating your signature set shouldn't affect this, although it is good to keep up to date.
We never did track down the cause of the (null) FOUND issue. 
We are presently working on migrating the on-access scanning code out of clamd and into a new, separate utility that will submit files to clamd to be scanned, much the way that clamdscan interacts with clamd.  We will have to keep an eye out for this or similar issues when the new on-access tool is complete.


Micah Snyder
ClamAV Development
Cisco Systems, Inc.

On 3/13/19, 12:41 PM, "clamav-users on behalf of Franky Van Liedekerke via clamav-users" <clamav-users-bounces at lists.clamav.net on behalf of clamav-users at lists.clamav.net> wrote:

    I seem to be encountering the same issue someone described here:
    For me the null-message arrived when switching to root:
    ScanOnAccess: /root/.bash_history: (null) FOUND
    I'm running on RHEL7 server, latest updates with versions:
    The accompanying files (coming from clamav-data rpm):
    -rw-r--r--. 1 clamupdate clamupdate    199693 Jan 10 06:14 bytecode.cvd
    -rw-r--r--. 1 clamupdate clamupdate  53834626 Jan 10 06:14 daily.cvd
    -rw-r--r--. 1 clamupdate clamupdate 117892267 Jan  9  2018 main.cvd
    It seems the main.cvd is old, but I haven't run freshclam against this yet. Could that be the reason? Since it is an internal server, I first need to setup a proxy etc ... for freshclam to work.
    With friendly regards,
    clamav-users mailing list
    clamav-users at lists.clamav.net
    Help us build a comprehensive ClamAV guide:

More information about the clamav-users mailing list