ERROR: Malformed database - clamav

katmai

Well-Known Member
Mar 13, 2006
568
4
168
Brno, Czech Republic
clamd[11883]: LibClamAV Error: cli_loaddbdir(): error loading database /usr/local/cpanel/3rdparty/share/clamav/securitein

clamd[11883]: ERROR: Malformed database

systemd[1]: clamd.service: control process exited, code=exited status=1

hey guys
i am getting this on one centos7 box since about 24 hours now.

i removed the db files and redownloaded them with freshclam but the thing is still ongoing.
i also did an upcp --force but that didn't do anything either

anyone can give me any pointers?
 

twhiting9275

Well-Known Member
Sep 26, 2002
560
28
178
cPanel Access Level
Root Administrator
Twitter
Turns out that warning was from a specific file being outdated.
Code:
rm -rf /usr/local/cpanel/3rdparty/share/clamav/securiteinfo*.hdb
should fix this

Code:
more securiteinfooffice.hdb.bak
shows:
Code:
clamav.securiteinfo.com/securiteinfooffice.hdb has been removed

New up-to-date signatures are available for download

Please see the following link for more information :

[URL='https://www.securiteinfo.com/services/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml']Add 1.000.000 signatures to Clamav antivirus[/URL]
same with honeynet.hdb, you'll have to remove that as well.
Seems someone got tired of providing free virus definitions and decided to break everything for everyone
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,225
463
Hello :)

Were these databases added manually at some point in time? They do not exist on any of my test servers.

Thank you.
 

twhiting9275

Well-Known Member
Sep 26, 2002
560
28
178
cPanel Access Level
Root Administrator
Twitter
Hello :)

Were these databases added manually at some point in time? They do not exist on any of my test servers.

Thank you.
honeynet.hdb doesn't in my personal server, but on another one it did
securiteinfo did on both. Oddly enough, it was just affecting one server this way
Needless to say, removing these didn't harm the install at all. In fact, just the opposite, that got it working again.