On-Access Scanner Not Working

Discontinued Products Comodo Antivirus for Linux - CAVL
#1

I’ve installed Comodo Antivirus for Linux, and when I open the main window I have an error saying ‘Filesystem filter driver is not loaded’. When I click ‘Run diagnostics’, it says problems were found with the installation. I choose ‘yes’ to fix them, and a message appears saying 'The kernel module redirfs.ko appropriate for your current kernel version does not exist, please run /opt/COMODO/post_setup.sh to install it. Then run “/etc/init.d/cmdavd restart” command to restart your cmdavd service.

A second message, almost identical to the first is displayed after, but instead of ‘redirfs.ko’, it’s ‘avil.ko’

When I run the post_setup command, I get this output:

Then linux kernel source or linux kernel headers for your current kernel version 3.1.0-7.fc16.i686 can not be found.
Please install the kernel source or kernel headers for 3.1.0-7.fc16.i686, then run this script again.
make -C /lib/modules/uname -r/build M=/tmp/driver/redirfs modules
make: *** /lib/modules/3.1.0-7.fc16.i686/build: No such file or directory. Stop.
make: *** [all] Error 2
make -C /lib/modules/uname -r/build M=/tmp/driver/redirfs modules_install
make: *** /lib/modules/3.1.0-7.fc16.i686/build: No such file or directory. Stop.
make: *** [install] Error 2
FATAL: Module redirfs not found.

RedirFS kernel modules installation failed.

The cmdagent failed to stop! [FAILED]
The cmdagent started successfully! [ OK ]
The cmgdaemon stopped successfully! [ OK ]
The cmgdaemon started successfully! [ OK ]

COMODO Antivirus is successfully configured, you can start it from Menu or Desktop.

I then run ‘/etc/init.d/cmdavd restart’ which runs ok.

I’ve tried restarting my computer, which still does not resolve the matter.

I’m running Fedora 16, which I believe is supported.

Note: On the main Comodo Antivirus window, On Access is showing as ‘green’, which implies it’s active I guess, however when I download and run the EICAR test file, nothing is detected on-access (it is detected on an on-demand scan though).

How can I resolve this so on-access scanning works?

thanks,

Richard

#2

CAV does not have a web filter. So when you are donwloading a virus it will not see it. Only once the virus hits the hd or memory it will detect it. That is still early enough in the Comodo philosophy.

#3

I’m aware CAV does not have a web filter thats not the issue. The problem is with the on-access scanner. When the file is executed, it opens no problem, with no virus detected warning at all, and no mention of the incident showing on the main screen either.

#4

Sorry for missing you had tried to execute to eicar test file. Fedora 16 is supported as the release topic states

I am not much of a Linux user so I fired up Ubuntu 12.04 in VM Ware. I downloaded the eicar.com and when I tried to run it the AV alerted me about it.

I sent a pm to Comodo AV Linux people to come and take a look.

#5

Hi Richard,

In fact post_setup.sh compile driver source and then install compiled drivers. That is to say proper Linux kernel headers must exists in your current Linux.
To install kernel headers, please try the following steps:

  1. uname -r // get current kernel version
  2. use yum or apt-cache to search kernel-header, linux-kernel or kernel-devel
  3. install what you have searched according current kernel version.
  4. run post_setup.sh again.

Thanks,
Yanghua

#6

Hi Yanghua, thanks for your reply.
I’ve tried the above, and I’m still getting the error when I run post_setup.sh.

I’ve had a look into the ‘Redirfs’ program, and on their website it says ‘Redirfs is not working with 2.6.38 and newer kernels’. The kernel that comes with Fedora 16 is 3.1.0.7.fc16.i686

Could this be the problem? or has Comodo AV for Linux been tested on Fedora 16 and shown to be fully compatible?

thanks,

Richard

#7

Ok i am not best with gramar but here is how i did mine on Linux mint maya-mate.

#1.In Software Package manager Download Sqite Command line interface for sqlite.
#2. In Software package manager Download python-sqlite
Python interface to sqlite 2
#3.Run post_setup.sh in your file system /opt/Comodo/post_setup.sh

I hope this helps you guys alot most people getting a sqlite error.

#8

I’ve got the same problem: “'Filesystem filter driver is not loaded”.

ubuntu server 12.10 x64
comodo 1.1.268025-1 x64

Is solution still unavailable? ???

#9

Dear everyone.

I’ve got the same problem: “'Filesystem filter driver is not loaded”.
ubuntu server 12.10 x64
comodo 1.1.268025-1 x64

Please try this. But, it can’t be guaranteed.
I tested kernel 3.5.0, 3.6.11, 3.7.10 and 3.8.8 on Ubuntu 12.10(x64).
Please tell me result.

(1)
execute CAVL installer.

(2)
download driver.tar from http://www.bondoffamily-net.com/~kinta-chan/techknow/Linux/RedirFS/DownLoad.html

(3)
replace /opt/COMODO/driver.tar

(4)
execute post_setup.sh

#10

Additional-1…

When “Check for Updates” is executed, update driver.tar again before reboot.

#11

KINTA-JAPAN, thank you very much!
This fix has given good result for me too.

ubuntu server 12.10
comodo 1.0.239818-1
kernel 3.5.0-27

Looking forward to next cav release with this fix!

#12

Kinta Japan, thanks it worked for me.

#13

I have the same problem, but on Fedora 19. I’ve tried installing all the sqlite driver files, as well as replacing the driver.tar file. Nothing seems to work! I suspect the problem is with Redirfs. I’ve tried manually installing this file by downloading Redirfs directly from their website, however I get the same error when running the ‘make’ command.

Does anyone have any ideas how to solve this?

thanks,

Richard

#14

I’m pleased to say I’ve finally managed to get on-access scanning enabled on my Fedora 19 linux machine!

I tried everything I could to get this to work - I guess persistence pays!

For anyone else with the same problem, I suggest you install ‘gcc’. This is a compiler so when you run ‘/opt/COMODO/post_setup.sh’ the Redirfs installs correctly, which is the driver which Comodo AV uses for on-access scanning.

Here are some of the things I tried:

  1. Uninstall Comodo AV with command ‘rpm -ev CAV_LINUX’

  2. Install ‘gcc’ via Software Management tool / Apper.
    I didn’t know which ‘gcc’ to install so I installed three – ‘gcc – various compilers (C, C++, Objective C, Java)’, ‘gcc-c++’ and ‘libgcc’.

  3. Install Comodo Antivirus

  4. Downloaded the driver.tar file from http://www.bondoffamily-net.com/~kinta-chan/techknow/Linux/RedirFS/src/driver.tar and copied this file to /opt/COMODO/driver.tar overwriting the original.

  5. Run ‘/opt/COMODO/post_setup.sh’
    As this process runs, I noticed it doing much more and taking much longer than before as the required Redirfs modules were being installed.

After this process, I opened Comodo AV, which just said it needed updating, then needed a full system scan. After that the shield was green. I proceeded to download the EICAR test file to see if the on-access scanning was actually functioning, and it detected it right away!

#15

I have comodo working on Ubuntu 13.10 64Bit now. So I am happy.

I followed the 4 steps below that Kinta Japan mentioned. But I had to change the post-setup SH because it kept crashing on line 255 where it lists the 22 languages to bypass that step and select language 1033/option 8.

cheers,
Y.

#16

Hi,

I am running OpenSUSE 13.1 (amd64). My problem might be that the SUSE Comodo installation file is for the older 12.4 Suse. There’s nothing for SUSE 13.1 yet. The generic DEB one won’t install at all either. The 12.4 Comodo does install on 13.1, but, works intermittently, then fails completely after a few days.

The exact same issue everyone else is having is happening here as well. I was able to run the system driver load & diagnostic routine as instructed by COMODO. This allowed me to run Comodo’s updater and to do a full computer scan maybe 4 times. Now, it no longer works. It just gives me a “failed to update” message box. The system driver diagnostic routine in a terminal doesn’t do anything now either. I completely uninstalled COMODO and reinstalled it a few times - to see if I could get lucky and run it a few times as had happened a week ago. No luck. Also, totally stopping & re-starting it doesn’t work. I still get “failed to update” message box & then nothing.

I’m not a computer expert. I don’t have time to run scripts and command line for hours. I need this to work. Please refresh the installer package for OpenSUSE 13.1

Thanks. “Fiddie”.