Hi, it was indeed my wrong test. With clam*d*scan, result comes instant:
clamdscan scan335019041109350063746475.pdf.r00 /home/stefan/scan335019041109350063746475.pdf.r00: SecuriteInfo.com.Adware.Generic4.BBFB.UNOFFICIAL FOUND ----------- SCAN SUMMARY ----------- Infected files: 1 Time: *0.081 sec* (0 m 0 s) Thank you! Am Di., 30. Juli 2019 um 21:13 Uhr schrieb Reio Remma via clamav-users < clamav-users@lists.clamav.net>: > I suspect it's might be the same issue I had a few days back. > > Check out the thread "Clamd fails to start with daily.cvd". > > As suggested by user Axb: > > in file clamd.service > to section: > [Service] > add > TimeoutSec=900 > > restart clamd service > > I personally increased the limit to 300 seconds. :) > > I suspect systemd is killing the process because it goes over the timeout > threshold when loading the signatures. > > Good luck! > Reio > > > On 30.07.2019 21:58, Robert Kudyba wrote: > > rpm -qa clamav-milter > clamav-milter-0.101.2-2.fc30.x86_64 > rpm -qa clamd > clamd-0.101.2-2.fc30.x86_64 > > See some logs and statuses below. clamd takes up all of the CPU. clamd > does appear to start based on the ps command but you can see the status > shows no running; > > PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ > COMMAND > 26618 root 20 0 214188 207576 7996 R 99.0 0.4 0:10.76 clamd > > Tue Jul 30 14:30:17 2019 -> WARNING: No clamd server appears to be > available > Tue Jul 30 14:31:16 2019 -> Failed to establish a connection to clamd > Tue Jul 30 14:31:16 2019 -> Probe for slot 1 returned: failed > Tue Jul 30 14:31:16 2019 -> WARNING: No clamd server appears to be > available > Tue Jul 30 14:32:15 2019 -> Failed to establish a connection to clamd > Tue Jul 30 14:32:15 2019 -> Probe for slot 1 returned: failed > Tue Jul 30 14:32:15 2019 -> WARNING: No clamd server appears to be > available > > ps -auwx|grep clam > clamav 2538 0.0 0.0 18348 3156 ? Ss Jul29 0:00 > /usr/bin/freshclam -d -c 4 > clamav 24692 0.0 0.0 19852 10044 ? Ss 14:10 0:00 > /usr/lib/systemd/systemd --user > clamav 24697 0.0 0.0 181296 5200 ? S 14:10 0:00 (sd-pam) > clamav 24717 0.0 0.0 113064 3312 ? Ss 14:10 0:00 /bin/sh > -c [ -x /usr/local/sbin/clamav-unofficial-sigs.sh ] && /usr/bin/bash > /usr/local/sbin/clamav-unofficial-sigs.sh > /dev/null > clamav 24718 0.0 0.0 113848 3908 ? S 14:10 0:00 > /usr/bin/bash /usr/local/sbin/clamav-unofficial-sigs.sh > clamilt 26222 0.0 0.0 88488 588 ? Ssl 14:18 0:00 > /usr/sbin/clamav-milter -c /etc/mail/clamav-milter.conf > root 26227 99.6 0.5 263348 251924 ? Rs 14:18 0:20 > /usr/sbin/clamd -c /etc/clamd.d/scan.conf > clamav 26360 1.8 0.0 126316 12992 ? S 14:18 0:00 > /usr/bin/wget --no-check-certificate --quiet --connect-timeout=60 > --random-wait --tries=3 --timeout=180 > --output-document=/var/lib/clamav-unofficial-sigs/dbs-si/securiteinfo.hdb > https://www.securiteinfo.com/get/signatures/6651194e2baf9979742029c715d7dd90c94e25355ca57fdf22c81828f6fe7a3fc01bfbee6c9a20efa17559c52a04cc4aab1cbe6810596bb16afae8518a9400d1/securiteinfo.hdb\ > > systemctl status clamd@scan.service > * clamd@scan.service - Generic clamav scanner daemon > Loaded: loaded (/usr/lib/systemd/system/clamd@scan.service; enabled; > vendor preset: disabled) > Active: inactive (dead) since Mon 2019-07-29 13:24:11 EDT; 24h ago > Docs: man:clamd(8) > man:clamd.conf(5) > https://www.clamav.net/documents/ > > Jul 29 13:24:09 ourdomain.edu systemd[1]: > /usr/lib/systemd/system/clamd@scan.service:1: .include directives are > deprecated, and support for them will be removed in a future version of > systemd. Please use drop-in files instead. > Jul 29 13:24:11 ourdomain.edu systemd[1]: clamd@scan.service: Control > process exited, code=killed, status=15/TERM > Jul 29 13:24:11 ourdomain.edu systemd[1]: clamd@scan.service: Succeeded. > Jul 29 13:24:11 ourdomain.edu systemd[1]: Stopped Generic clamav scanner > daemon. > Jul 30 04:53:06 ourdomain.edu systemd[1]: > /usr/lib/systemd/system/clamd@scan.service:1: .include directives are > deprecated, and support for them will be removed in a future version of > systemd. Please use drop-in files instead. > Jul 30 11:13:50 ourdomain.edu systemd[1]: > /usr/lib/systemd/system/clamd@scan.service:1: .include directives are > deprecated, and support for them will be removed in a future version of > systemd. Please use drop-in files instead. > Jul 30 11:19:10 ourdomain.edu systemd[1]: > /usr/lib/systemd/system/clamd@scan.service:1: .include directives are > deprecated, and support for them will be removed in a future version of > systemd. Please use drop-in files instead. > Jul 30 14:05:05 ourdomain.edu systemd[1]: > /usr/lib/systemd/system/clamd@scan.service:1: .include directives are > deprecated, and support for them will be removed in a future version of > systemd. Please use drop-in files instead. > Jul 30 14:05:07 ourdomain.edu systemd[1]: > /usr/lib/systemd/system/clamd@scan.service:1: .include directives are > deprecated, and support for them will be removed in a future version of > systemd. Please use drop-in files instead. > Jul 30 14:05:08 ourdomain.edu systemd[1]: > /usr/lib/systemd/system/clamd@scan.service:1: .include directives are > deprecated, and support for them will be removed in a future version of > systemd. Please use drop-in files instead. > > systemctl status clamav-milter > * clamav-milter.service - Milter module for the Clam Antivirus scanner > Loaded: loaded (/usr/lib/systemd/system/clamav-milter.service; enabled; > vendor preset: disabled) > Active: active (running) since Mon 2019-07-29 13:23:46 EDT; 24h ago > Main PID: 4350 (clamav-milter) > Tasks: 3 (limit: 4915) > Memory: 2.6M > CGroup: /system.slice/clamav-milter.service > `-4350 /usr/sbin/clamav-milter -c /etc/mail/clamav-milter.conf > > Jul 29 13:23:45 ourserver systemd[1]: Starting Milter module for the Clam > Antivirus scanner... > Jul 29 13:23:46 ourserver systemd[1]: Started Milter module for the Clam > Antivirus scanner. > > Tue Jul 30 14:20:11 2019 -> +++ Started at Tue Jul 30 14:20:11 2019 > Tue Jul 30 14:20:11 2019 -> Received 0 file descriptor(s) from systemd. > Tue Jul 30 14:20:11 2019 -> clamd daemon 0.101.2 (OS: linux-gnu, ARCH: > x86_64, CPU: x86_64) > Tue Jul 30 14:20:11 2019 -> Log file size limited to 1048576 bytes. > Tue Jul 30 14:20:11 2019 -> Reading databases from /var/lib/clamav > Tue Jul 30 14:20:11 2019 -> Not loading PUA signatures. > Tue Jul 30 14:20:11 2019 -> Bytecode: Security mode set to "TrustSigned". > > The uncommented directives in /etc/clamd.d/scan.conf are: > LogFile /var/log/clamd.scan > LogTime yes > LogSyslog yes > DatabaseDirectory /var/lib/clamav > TCPSocket 3310 > TCPAddr 127.0.0.1 > > I had to disable it in sendmail where I had this in sendmail.mc: > INPUT_MAIL_FILTER(`clamav-milter', `S=inet:6666@127.0.0.1, F=, > T=S:4m;R:4m')dnl > > This all starting happening after a reboot. Any ideas what may be wrong? > > > _______________________________________________ > > clamav-users mailing > listclamav-users@lists.clamav.nethttps://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV > guide:https://github.com/vrtadmin/clamav-faq > http://www.clamav.net/contact.html#ml > > > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml >
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
