1. M

    SOLVED Clamav daemon vs Daily Scan

    Hello all, i would like to read your opinion about the use of cron.daily task on which clamscan -r -i --remove /home/$USER instead of running clamav daemon all the time. Will i miss any functionality that daemon offer while running and clamscan will not be able to? The reason that i conclude...
  2. leonep

    ClamScan Takes Too Long

    hi, the clan scan takes too much time. What do you advise me to do? I do not want to disable it because in my scenario i need it. how did you do it? change cpu? change antivirus? :) thanks ----------- SCAN SUMMARY ----------- Known viruses: 6462050 Engine version: 0.99.2 Scanned directories...
  3. B

    problem with uploading an eicar test file on the server

    Hi, I got a server with centos 7, Cpanel and WordPress CMS installed on it. I installed an antivirus provided with Cpanel (ClamAV). When I try to upload an Eicar file with a virus signature to test the server, the file is identified and it is not uploaded on the server (it's good). If I do...
  4. E

    SOLVED Clamav update question

    Hello, I have a cPanel version v68.0.33. I have the following installed via WHM -> Manage Plugins ClamAV 0.99.2 . The checkbox is 'ticked' for "Install and keep updated". In logs clam-update.log there is notification since Fri Jan 26 2018 ClamAV update process started at Fri Jan 26 01:54:56...
  5. R

    The service “clamd” appears to be down.

    I'm getting emails about this non stop. Service Name clamd Service Status failed Notification The service “clamd” appears to be down. Service Check Method The system’s command to check or to restart this service failed. Number of Restart Attempts 167 Service Check Raw Output (XID a25nrv) The...
  6. E

    Initiated new Clamav scan through cPanel. Results location?

    I initiated a new scan for an account through its cPanel interface but the web browser crashed at some point. When visiting the Virus scanner page again it doesn't show up anything. Are the results stored anywhere or do I have to rescan to see the infected files? The scan process took about 18...
  7. H

    SOLVED clamd filling /tmp directory

    Hello, There seems to be a problem with clamd on some of our servers. Our /tmp directories keep getting filled by the clamd file descriptors. There seem to be multiple bug reports on clamav's bugzilla: Bug 12014 – New definitions create too many open files on /tmp Currently I am trying to...
  8. V

    Clamav .99.2 vulnerabilities

    ClamAV® blog Few nasty remote code execution vulnerabilities, just came out today. ETA on when it will be updated in cpanel? If a user runs clamav from their cpanel at :2083, will it run as that user or as root?
  9. A

    CLAMD duplicate database?

    In logwatch I am seeing this: Starting clamd: LibClamAV Warning: Detected duplicate databases /usr/local/cpanel/3rdparty/share/clamav/main.cvd and /usr/local/cpanel/3rdparty/share/clamav/main.cld, please manually remove one of them Is there a recommended solution for this? i.e. Which is best...
  10. N

    Uninstalling clamd leaves entry in service status

    ClamAV Scanner install/uninstall are not work because Version no missing. Also if we do uninstall then still are not removed from Service Status page.
  11. F

    SOLVED clamav command line install

    How can I install ClamAV from the command line? Thank you.
  12. equens

    SOLVED ClamAV email question

    Hello, does ClamAV scan all incoming messages by default when ClamAV for cPanel is installed? Thanks! Equens.
  13. T

    ClamAV exclude file extension?

    hello guys, some of my clients have excel documents included macros and ClamAV gives false positive for this files. therefor emails could not deliver gives an error: 550 (Doc.Dropper.Agent-6342721-0) - Removed Link No Need Here - i want to know may i exclude excel files from ClamAV scanner?
  14. albatroz

    What tools are behind clamscan

    Recently used cpmalscan to scan a set of wordpress sites and it looks to be very handy so I was wondering what tools are behind them. Any idea?
  15. chanklish

    Using AV clamscan question

    hello i installed av clam and i can scan manually correctly but then i wanted to set a chron job for my domains i used this from the documentation : for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i...
  16. J

    SOLVED [CPANEL-20678] ClamAV freshclam and clamscan binaries are different versions.

    We got an email alert from a server that has had the ClamAV plugin installed for at least 5 years (and Manage Plugins' indicates it's properly installed): ClamAV freshclam and clamscan binaries are different versions. Install ClamAV within "Manage Plugins". We just updated to v.66.0.22 last...
  17. Samet Chan

    SOLVED /usr/local/cpanel/3rdparty/bin/freshclam --quiet --no-warnings

    I just got received of email here, ERROR: getpatch: Can't download daily-23736.cdiff from ERROR: getfile: Unknown response from (IP: ERROR: Can't download daily.cvd from It's very odd. I never heard this. This is...
  18. J

    Clamd won't start

    I have a VPS server and clamd used to fail and restart every once in a while. Yesterday in WHM, I was presented with a yellow banner telling me to restart for updates to take affect. I restarted and now my CLAMD won't restart. Here's the log shown on the screen after saving in Service...
  19. P

    Two processes of clamd

    Hello everyone, I've just noticed I have 2 processes of clamd running on my server after a reboot. (not same owner and command). I think it's recent, it was not like this few weeks ago. I sent the command "rpm -qa|grep clam" to check if I have 2 installation of clamd and I think it's the case...
  20. C

    Disable automatic scanning and blocking of file manager

    Hey guys, First post here, but have been playing the cpanel/whm game for a while as a hosting security admin. We recently had an issue that I can't for the life of me figure out where to correct/change... Let me describe the issue first' -Stock centos7 server running "release" whm. -Enable...