I am not seeing any evidence of a duplicate database. It would appear that you have some event scheduled to update your definitions database around 3:14am. Probably no impact on your on-going scan at that time because there were no further updates at that time, but not certain. Normal practice would be to schedule a database update before a scheduled scan.
Lots of variables involved in determining how long a clamscan will require, especially when you say there are active Command Line users, but 8 hours does sound excessive. How long has this been going on? Look into updating ClamAV to 0.101.2. You are coming up on a year behind and there have been multiple security related patches since 0.100.1 <https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html <https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html>>. -Al- macOS ClamXAV User On Mon, May 20, 2019 at 05:08 PM, Clark Dunson via clamav-users wrote: > Hello; > > Running for 525 minutes at >90% CPU seems not good. Causes noticeable delay > in command line activity for all users. > > We've got this cronjob: > > 30 1 * * * /usr/bin/freshclam 2>&1 && /usr/bin/clamscan -o -i -r --quiet / | > mail -s "Clam AV Scan Results for $(hostname -s)" itd...@domain.com > <mailto:itd...@domain.com> > > on this Linux: > > # uname -a > Linux server.domain.com <http://server.domain.com/> 2.6.32-754.2.1.el6.x86_64 > #1 SMP Fri Jul 13 12:50:12 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux > > Clamscan appeared as the busiest process in top, 8 hours after launch: > > PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND > > 23043 root 20 0 765m 639m 2520 R 90.6 16.2 525:56.48 clamscan > > > 3071 mysql 20 0 2228m 50m 3552 S 2.3 1.3 4778:31 mysqld > > > 28772 apache 20 0 349m 17m 5652 S 1.7 0.4 0:16.38 httpd > > > > Producing these logs: > -------------------------------------- > ClamAV update process started at Sun May 19 01:30:01 2019 > WARNING: Your ClamAV installation is OUTDATED! > WARNING: Local version: 0.100.1 Recommended version: 0.101.2 > DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav > <https://www.clamav.net/documents/upgrading-clamav> > main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: > sigmgr) > Downloading daily-25454.cdiff [100%] > daily.cld updated (version: 25454, sigs: 1574664, f-level: 63, builder: > raynman) > bytecode.cld is up to date (version: 328, sigs: 94, f-level: 63, builder: neo) > [LibClamAV] Detected duplicate databases /var/lib/clamav/main.cvd and > /var/lib/clamav/main.cld, please manually remove one of them > Database updated (6141007 signatures) from db.local.clamav.net > <http://db.local.clamav.net/> (IP: 104.16.219.84) > -------------------------------------- > ClamAV update process started at Sun May 19 03:14:01 2019 > WARNING: Your ClamAV installation is OUTDATED! > WARNING: Local version: 0.100.1 Recommended version: 0.101.2 > DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav > <https://www.clamav.net/documents/upgrading-clamav> > main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: > sigmgr) > daily.cld is up to date (version: 25454, sigs: 1574664, f-level: 63, builder: > raynman) > bytecode.cld is up to date (version: 328, sigs: 94, f-level: 63, builder: neo) > > Any help would be greatly appreciated! > > Thank you - > > Clarkman
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
