[Second mod to this post, going backwards, sorry:] Just reran avast on that one filesystem and it crashed again. This time, the FS has 139 MB free space -- is that enough? The file in question, this time, is just 1235 bytes. The virus was successfully moved to the chest, and avast logged that fact, but issued no other errors.
The only message was at the command line (root prompt):
/usr/bin/avastgui: line 115: 31608 Killed $AVAST_PREFIX/bin/$programname $*
Now I am thinking that perhaps there really is a problem beyond just disk space.
[Modified my post;Just discovered:] that the file system that file was on was out of space. That file system is not used for anything currently. I have made some space on that file system by removing some unneeded archive files, and now I will attempt to re-run avast.
Also, it may be of interest, or maybe not: When I was actually using this file area for my email, I had sent myself some EICAR test files to grill my email program I was using at the time (kmail with spamassassin and clamav). (The testsI performed back then were successful just in case anyone really cares!) But anyway, the file in question contains these EICAR viruses.
One more thing: The avast log file says it was error 202:
An error occured in avast! engine: 202
[Original post here:]
Was running Free avast! Linux Home Edition on KDE on Fedora Core 4 with all the FC4 updates. It had handled over 850,000 files last I looked, before it crashed. Other than a shell, it was the only desktop program running.
The program was merrily running along, occasionally alerting me to problem by email, for about 4 hours or so. Then, it popped a dialog box saying that it could not move a file to the chest. I clicked on the Details button, and it gave me the exact file. Here is the avast logfile entry:
Couldn't rename file /home/gladis/.kde/share/apps/kmail/mail/VIRUS/cur/1135057182.6174.vwlga/reg_pass-data.zip#841565092' to '/root/.avast/chest/000006'.
I studied this for a while, trying to determine why this file was so unusual, etc., but seeing the information was available in the logfile, decided to continue the scan and look at this later (the directory path involved is not an active account at this time, so no one will be accessing it).
I selected continue, the program resumed for a fraction of a second, then popped another dialog, for the (I think) same zip file. I hit continue again, and then avastgui crashed. I do note that the file in question really was moved or copied to the chest, where it is duly catalogued in the chest index. Avast sent me several emails for its findings, one for each virus type it found.
I also note that the file in question seems to have a timestamp of approximately the same time as the scan crashed; I have not touched files in that area in literally months, so there was no known manual intervention to have caused the timestamp. Perhaps avast touched or updated the modification time when it removed the virus? Not important, but it might be nice to save and restore the timestamp; some programs rely on file times for syncing data.
Incidentally, I did not see any messages in the linux system logs, but I may not know about all places avast sends messages.
If there is anything else I can furnish to help you debug this problem, please let me know.
Thank you,
Hal
BTW, seems like a nice tool for linux overall.
