ClamAv Freshclam database not updateing

tufancap

Registered
Jun 5, 2020
3
0
1
sweden
cPanel Access Level
Root Administrator
Hi
I reviewed the forum and search engines for 4 days, but either the issues are old or I could not get results
luckily I saw that the / log / clam-update.log file did not receive new update messages after the 2nd of this month
-I reset my clamav
-I reset my cpanel
-I browsed the config files
-I tried to apply to the advice on the topics in the forum
-I deleted clamav, reset the system, and reinstalled.
-I waited maybe it's a general problem

but as a result there has not been a single update since the 2nd of this month.
spam and virus issue is the most sensitive issue for me, that's why I buy the paid clamav database, but it doesn't make sense since there is no update right now.
generic clamav commands don't work either. and not in the general clamav file layout. eg freshclam -v I guess because cpanel customizes clamav.

dear masters
Which way should I follow in this case? Where should I start, where should I look.
Your help will be very valuable to me.

Best regards


1- rpm -qa|grep clam
Code:
cpanel-clamav-0.101.5-5.cp1186.x86_64
cpanel-clamav-virusdefs-0.101.5-5.cp1186.x86_64
-----------------------------------------

2- locate freshclam
Code:
bash: locate: command not found
-----------------------------------------

3- service clamd status
Code:
[[email protected] ~]# service clamd status
Redirecting to /bin/systemctl status clamd.service
● clamd.service - clamd antivirus daemon
   Loaded: loaded (/etc/systemd/system/clamd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2020-09-08 05:29:10 +03; 11h ago
Main PID: 243286 (clamd)
   CGroup: /system.slice/clamd.service
           └─243286 /usr/local/cpanel/3rdparty/bin/clamd

Sep 08 17:02:14 srv.keb.net clamd[243286]: /var/spool/exim/scan/1kFeCM-001woc-EM/1kFeCM-001woc-EM.eml: OK
Sep 08 17:02:15 srv.keb.net clamd[243286]: /var/spool/exim/scan/1kFeCM-001wod-Ug/1kFeCM-001wod-Ug.eml: OK
Sep 08 17:02:34 srv.keb.net clamd[243286]: /var/spool/exim/scan/1kFeCf-001wpP-Tr/1kFeCf-001wpP-Tr.eml: OK
Sep 08 17:02:36 srv.keb.net clamd[243286]: /var/spool/exim/scan/1kFeCh-001wpV-Ry/1kFeCh-001wpV-Ry.eml: OK
Sep 08 17:02:41 srv.keb.net clamd[243286]: /var/spool/exim/scan/1kFeCm-001wpu-Qc/1kFeCm-001wpu-Qc.eml: OK
Sep 08 17:02:51 srv.keb.net clamd[243286]: /var/spool/exim/scan/1kFeCw-001wqF-Im/1kFeCw-001wqF-Im.eml: OK
Sep 08 17:03:22 srv.keb.net clamd[243286]: SelfCheck: Database status OK.
Sep 08 17:03:22 srv.keb.net clamd[243286]: /var/spool/exim/scan/1kFeDS-001wtM-4v/1kFeDS-001wtM-4v.eml: OK
Sep 08 17:03:24 srv.keb.net clamd[243286]: /var/spool/exim/scan/1kFeDU-001wtV-JC/1kFeDU-001wtV-JC.eml: OK
Sep 08 17:03:30 srv.keb.net clamd[243286]: /var/spool/exim/scan/1kFeDa-001wth-5U/1kFeDa-001wth-5U.eml: OK
-----------------------------------------

4- /scripts/restartsrv_clamd
Code:
Waiting for “clamd” to stop ………finished.

Waiting for “clamd” to start ……waiting for “clamd” to initialize ………finished.

Service Status
        clamd (/usr/local/cpanel/3rdparty/bin/clamd) is running as root with PID 466350 (systemd+/proc check method).

Startup Log
        Sep 08 17:08:53 srv.keb.net clamd[466350]: Mail files support enabled.
        Sep 08 17:08:53 srv.keb.net clamd[466350]: OLE2 support enabled.
        Sep 08 17:08:53 srv.keb.net clamd[466350]: PDF support enabled.
        Sep 08 17:08:53 srv.keb.net clamd[466350]: SWF support enabled.
        Sep 08 17:08:53 srv.keb.net clamd[466350]: HTML support enabled.
        Sep 08 17:08:53 srv.keb.net clamd[466350]: XMLDOCS support enabled.
        Sep 08 17:08:53 srv.keb.net clamd[466350]: HWP3 support enabled.
        Sep 08 17:08:53 srv.keb.net clamd[466350]: Heuristic: precedence enabled
        Sep 08 17:08:53 srv.keb.net clamd[466350]: Self checking every 600 seconds.
        Sep 08 17:08:56 srv.keb.net systemd[1]: Started clamd antivirus daemon.

Log Messages
        Sep  8 17:08:53 srv clamd[466350]: Self checking every 600 seconds.
        Sep  8 17:08:53 srv clamd[466350]: Heuristic: precedence enabled
        Sep  8 17:08:53 srv clamd[466350]: HWP3 support enabled.
        Sep  8 17:08:53 srv clamd[466350]: XMLDOCS support enabled.

clamd restarted successfully.
 
Last edited:

tufancap

Registered
Jun 5, 2020
3
0
1
sweden
cPanel Access Level
Root Administrator
I keep searching on the internet and trying to share new developments


- clamscan –-help

Code:
ERROR: Incorrect argument format for option LogFileMaxSize
LibClamAV Warning: Detected duplicate databases /usr/local/cpanel/3rdparty/share/clamav/bytecode.cld and /usr/local/cpanel/3rdparty/share/clamav/bytecode.cvd. The /usr/local/cpanel/3rdparty/share/clamav/bytecode.cld database is older and will not be loaded, you should manually remove it from the database directory.
–-help: No such file or directory
WARNING: –-help: Can't access file

----------- SCAN SUMMARY -----------
Known viruses: 9033019
Engine version: 0.101.5
Scanned directories: 0
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 31.725 sec (0 m 31 s)
I think there is a mistake here, I will continue to try and research. I will be glad if you share your ideas and experiences.
 

tufancap

Registered
Jun 5, 2020
3
0
1
sweden
cPanel Access Level
Root Administrator
problem solved

clamd.conf I turned off all the log features I enabled in the clamd.conf file


and a problem is gone


clamscan –-help
Code:
LibClamAV Warning: Detected duplicate databases /usr/local/cpanel/3rdparty/share/clamav/bytecode.cld and /usr/local/cpanel/3rdparty/share/clamav/bytecode.cvd. The /usr/local/cpanel/3rdparty/share/clamav/bytecode.cld database is older and will not be loaded, you should manually remove it from the database directory.
–-help: No such file or directory
WARNING: –-help: Can't access file

----------- SCAN SUMMARY -----------
Known viruses: 9033019
Engine version: 0.101.5
Scanned directories: 0
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 32.034 sec (0 m 32 s)


I deleted /usr/local/cpanel/3rdparty/share/clamav/bytecode.cld


clamscan –-help
Code:
–-help: No such file or directory
WARNING: –-help: Can't access file

----------- SCAN SUMMARY -----------
Known viruses: 9033019
Engine version: 0.101.5
Scanned directories: 0
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB


I used the freshclam -v command and started downloading the entire databaseo_O

It became clear that the fault was entirely my fault I think those who experience such errors should pay attention to config files
and this command worked so well in finding the error (clamscan ---help)
I hope that will be useful

best regards