June 21, 20224 yr On 6/18/2022 at 11:29 AM, Squid said: It's listed in the logs for the app. The script post much earlier should alert you as to which file(s) It does nothing. That's for you to decide what to do with it Sorry. I wasnt sure if the script notifies which files are detected as infected. I grabbed by script from somewhere on this forum a while back and it only stated I had an infected file with no other information regarding it. I did manually check the logs but didnt know what I was looking for as the logs also just reported it found a file but not where it was. Updated my script with the most recent iteration I saw posted. Thanks.
June 27, 20224 yr So about 10 mins into the scan I get this error. All disk spin down after this so I am pretty sure its not scanning anymore. Any ideas? LibClamAV Warning: Bytecode run timed out in interpreter after 5000 opcodes LibClamAV Warning: Bytecode 78 failed to run: CL_ETIMEOUT: Time limit reached
July 12, 20223 yr On 4/17/2022 at 1:54 AM, Masterwishx said: updated Helediron scan script for use with the shares that have space between ... i tried to put 'pc backups' ,pc\ backups or pc backups in FOLDERSWEEKLY, None of them work. any ideas how to put folder name with space correctly to get script to work?
July 12, 20223 yr On 7/12/2022 at 10:23 AM, gtishtar said: i tried to put 'pc backups' ,pc\ backups or pc backups in FOLDERSWEEKLY, None of them work. any ideas how to put folder name with space correctly to get script to work? Yes, use my updated script to use spaces in Shares Folders. script 17.1.24 Updated script for Exclude SubFolders. Also on https://github.com/masterwishx/Unraid-User-Scripts/tree/main/ClamAV Scan script # Set to Exclude Subfolders "yes/no". exclude_subfolders="yes" EXCLUDEDSUBFOLDERS=("Test" "Adobe Documents") Edited January 17, 20242 yr by Masterwishx
July 14, 20223 yr Author On 6/27/2022 at 2:34 PM, jmztaylor said: So about 10 mins into the scan I get this error. All disk spin down after this so I am pretty sure its not scanning anymore. Any ideas? LibClamAV Warning: Bytecode run timed out in interpreter after 5000 opcodes LibClamAV Warning: Bytecode 78 failed to run: CL_ETIMEOUT: Time limit reached From what I've experienced, it's usually due to permissions on the appdata folder for Clam. Try to run that aforementioned fix for perms and see if that helps.
July 14, 20223 yr Author On 6/18/2022 at 10:29 AM, Squid said: It's listed in the logs for the app. The script post much earlier should alert you as to which file(s) It does nothing. That's for you to decide what to do with it Squid is, of course, correct. You can check the documentation that I have provided on Docker Hub and pass those parameters via Post Arguments in the container config.
July 15, 20223 yr 16 hours ago, TQ said: From what I've experienced, it's usually due to permissions on the appdata folder for Clam. Try to run that aforementioned fix for perms and see if that helps. Nope that did nothing
July 15, 20223 yr Author Nope that did nothingHave you tried changing this?--bytecode-timeout=N - set bytecode timeout (in milliseconds)
July 15, 20223 yr 2 hours ago, TQ said: Have you tried changing this? --bytecode-timeout=N - set bytecode timeout (in milliseconds) Yeah I even put it at a ridiculous amount and disks will spin down after 15 mins so it means it just quit working altogether anyways.
July 16, 20223 yr Author 21 hours ago, jmztaylor said: Yeah I even put it at a ridiculous amount and disks will spin down after 15 mins so it means it just quit working altogether anyways. I just updated my container on my backup Unraid and ran it. Ran over 2 hours. Output. Freshclam updated the DB ClamAV 0.104.3/26603/Sat Jul 16 07:57:28 2022 Scanning /scan ----------- SCAN SUMMARY ----------- Known viruses: 8622360 Engine version: 0.104.3 Scanned directories: 674 Scanned files: 19907 Infected files: 0 Data scanned: 118466.76 MB Data read: 266611.65 MB (ratio 0.44:1) Time: 7262.284 sec (121 m 2 s) Start Date: 2022:07:16 15:03:23 End Date: 2022:07:16 17:04:25 2022-07-16T17:04:25+00:00 ClamAV scanning finished I think something is up with your permissions on those files.
August 1, 20223 yr Not quite sure what I could be doing wrong here...I just installed the ClamAV app, but when running it I get: 2022-08-01T03:21:54+00:00 ClamAV process starting Updating ClamAV scan DB Hint: The database directory must be writable for UID 100 or GID 101 An error occurred (freshclam returned with exit code '2') The Docker is pointed to /mnt/user/appdata/clamav/ for the ClamAV Signatures, and successfully created the folder during deployment. After deployment the /appdata/clamav folder is owned by nobody with permissions drwxr-xr-x I've also confirmed PGID and PUID are the same as all my other Docker containers which are working fine. What can I do to fix this so ClamAV can run?
August 1, 20223 yr 3 minutes ago, Aractor said: Not quite sure what I could be doing wrong here...I just installed the ClamAV app, but when running it I get: 2022-08-01T03:21:54+00:00 ClamAV process starting Updating ClamAV scan DB Hint: The database directory must be writable for UID 100 or GID 101 An error occurred (freshclam returned with exit code '2') The Docker is pointed to /mnt/user/appdata/clamav/ for the ClamAV Signatures, and successfully created the folder during deployment. After deployment the /appdata/clamav folder is owned by nobody with permissions drwxr-xr-x I've also confirmed PGID and PUID are the same as all my other Docker containers which are working fine. What can I do to fix this so ClamAV can run? Read a bit further back in the thread and found the solution mentioned, worked like a charm.
September 10, 20223 yr On 6/16/2019 at 4:57 PM, Squid said: Updated to include the infected file in the notification #!/usr/bin/php <? exec('/usr/local/emhttp/plugins/dynamix/scripts/notify -e "Antivirus Scan" -s "Antivirus Scan Started" -d "Antivirus Scan Started" -i "normal"'); exec('docker start ClamAV'); for ( ;; ) { $status = trim(exec("docker ps | grep ClamAV")); if ( ! $status ) break; sleep(60); } exec("docker logs ClamAV 2>/dev/null",$logs); foreach ($logs as $line) { $virus = explode(" ",$line); if (trim(end($virus)) == "FOUND" ) { $infected .= "$line\n"; } } if ( ! $infected ) $infected = "No infections found\n"; exec('/usr/local/emhttp/plugins/dynamix/scripts/notify -e "Antivirus Scan" -s "Antivirus Scan Finished" -d '.escapeshellarg($infected).' -i "normal"'); ?> script 689 B · 93 downloads I tinkered a bit with this script. The "original" quoted here, does a docker logs ClamAV which makes the script look at all logs, for all runs, ever (sort of). So if you actually had a virus, you'll end up alerting for that virus for all eternity, even tough you might have removed it. I updated the script to use: docker logs --since 23h ClamAV to just consider the latest 23 hours (or whatever you feel is reasonable). Personally I run the scan on a daily basis. My changes also modifies the severity level of the notification to 'alert' if a virus has been found. #!/usr/bin/php <? exec('/usr/local/emhttp/plugins/dynamix/scripts/notify -e "Antivirus Scan" -s "Antivirus Scan Started" -d "Antivirus Scan Started" -i "normal"'); exec('docker start ClamAV'); for ( ;; ) { $status = trim(exec("docker ps | grep ClamAV")); if ( ! $status ) break; sleep(60); } exec("docker logs --since 23h ClamAV 2>/dev/null",$logs); foreach ($logs as $line) { $virus = explode(" ",$line); if (trim(end($virus)) == "FOUND" ) { $infected .= "$line\n"; } } $level = "alert"; if ( ! $infected ) { $infected = "No infections found\n"; $level = "normal"; } exec('/usr/local/emhttp/plugins/dynamix/scripts/notify -e "Antivirus Scan" -s "Antivirus Scan Finished" -d '.escapeshellarg($infected).' -i '.escapeshellarg($level)); ?> Edited September 10, 20223 yr by FredrikJL
October 3, 20223 yr When I start up the container Freshclamd starts and then appears to hang. The log shows the following with the SelfCheck statement repeating every 10 minutes and not stopping. Starting Freshclamd ClamAV update process started at Sun Oct 2 14:57:04 2022 daily.cld database is up-to-date (version: 26677, sigs: 2006327, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) Sun Oct 2 15:07:38 2022 -> SelfCheck: Database status OK. Sun Oct 2 15:17:39 2022 -> SelfCheck: Database status OK. Sun Oct 2 15:27:40 2022 -> SelfCheck: Database status OK. Sun Oct 2 15:37:41 2022 -> SelfCheck: Database status OK. Running a ps shows the following two clam processes: 12 clamav 0:24 clamd --foreground 41 clamav 0:00 freshclam --checks=1 --daemon --foreground --stdout --user=clamav Any ideas on what is wrong?
November 5, 20223 yr I have the same issue any ideas as to the problem? Starting Freshclamd ClamAV update process started at Sun Oct 2 14:57:04 2022 daily.cld database is up-to-date (version: 26677, sigs: 2006327, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) Sun Oct 2 15:07:38 2022 -> SelfCheck: Database status OK. Sun Oct 2 15:17:39 2022 -> SelfCheck: Database status OK. Sun Oct 2 15:27:40 2022 -> SelfCheck: Database status OK. Sun Oct 2 15:37:41 2022 -> SelfCheck: Database status OK.
November 5, 20223 yr Author 32 minutes ago, mauriceatkinson@btconnect. said: I have the same issue any ideas as to the problem? Starting Freshclamd ClamAV update process started at Sun Oct 2 14:57:04 2022 daily.cld database is up-to-date (version: 26677, sigs: 2006327, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) Sun Oct 2 15:07:38 2022 -> SelfCheck: Database status OK. Sun Oct 2 15:17:39 2022 -> SelfCheck: Database status OK. Sun Oct 2 15:27:40 2022 -> SelfCheck: Database status OK. Sun Oct 2 15:37:41 2022 -> SelfCheck: Database status OK. I cannot reproduce. Here is my start up just moments ago... 2022-11-05T17:43:48+00:00 ClamAV process starting Updating ClamAV scan DB ClamAV update process started at Sat Nov 5 17:43:49 2022 daily database available for update (local version: 26706, remote version: 26711) Testing database: '/var/lib/clamav/tmp.e364402c7f/clamav-ee0a95b108d7db8f9cd5ab0ba1ab6c53.tmp-daily.cld' ... Database test passed. daily.cld updated (version: 26711, sigs: 2010014, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) WARNING: Clamd was NOT notified: Can't connect to clamd through /run/clamav/clamd.sock: No such file or directory Freshclam updated the DB ClamAV 0.104.3/26711/Sat Nov 5 07:49:31 2022 This almost seems as if there is a permission issue updating the c?d files. Try this: If that does not solve it, delete all contents of your ClamAV appdata folder and restart the container. /cc @SwampyShadow
December 28, 20223 yr Hi there, I installed the clamav docker with the default set up. When started it appears to update and then sit idle. Log shows Quote Starting Freshclamd Starting ClamAV Socket for clamd not found yet, retrying (0/1800) ...ClamAV update process started at Wed Dec 28 14:01:29 2022 daily.cvd database is up-to-date (version: 26764, sigs: 2014489, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) Socket for clamd not found yet, retrying (23/1800) ...Wed Dec 28 14:01:52 2022 -> Limits: Global time limit set to 120000 milliseconds. Wed Dec 28 14:01:52 2022 -> Limits: Global size limit set to 419430400 bytes. Wed Dec 28 14:01:52 2022 -> Limits: File size limit set to 104857600 bytes. Wed Dec 28 14:01:52 2022 -> Limits: Recursion level limit set to 17. Wed Dec 28 14:01:52 2022 -> Limits: Files limit set to 10000. Wed Dec 28 14:01:52 2022 -> Limits: MaxEmbeddedPE limit set to 41943040 bytes. Wed Dec 28 14:01:52 2022 -> Limits: MaxHTMLNormalize limit set to 41943040 bytes. Wed Dec 28 14:01:52 2022 -> Limits: MaxHTMLNoTags limit set to 8388608 bytes. Wed Dec 28 14:01:52 2022 -> Limits: MaxScriptNormalize limit set to 20971520 bytes. Wed Dec 28 14:01:52 2022 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes. Wed Dec 28 14:01:52 2022 -> Limits: MaxPartitions limit set to 50. Wed Dec 28 14:01:52 2022 -> Limits: MaxIconsPE limit set to 100. Wed Dec 28 14:01:52 2022 -> Limits: MaxRecHWP3 limit set to 16. Wed Dec 28 14:01:52 2022 -> Limits: PCREMatchLimit limit set to 100000. Wed Dec 28 14:01:52 2022 -> Limits: PCRERecMatchLimit limit set to 2000. Wed Dec 28 14:01:52 2022 -> Limits: PCREMaxFileSize limit set to 104857600. Wed Dec 28 14:01:52 2022 -> Archive support enabled. Wed Dec 28 14:01:52 2022 -> AlertExceedsMax heuristic detection disabled. Wed Dec 28 14:01:52 2022 -> Heuristic alerts enabled. Wed Dec 28 14:01:52 2022 -> Portable Executable support enabled. Wed Dec 28 14:01:52 2022 -> ELF support enabled. Wed Dec 28 14:01:52 2022 -> Mail files support enabled. Wed Dec 28 14:01:52 2022 -> OLE2 support enabled. Wed Dec 28 14:01:52 2022 -> PDF support enabled. Wed Dec 28 14:01:52 2022 -> SWF support enabled. Wed Dec 28 14:01:52 2022 -> HTML support enabled. Wed Dec 28 14:01:52 2022 -> XMLDOCS support enabled. Wed Dec 28 14:01:52 2022 -> HWP3 support enabled. Wed Dec 28 14:01:52 2022 -> Self checking every 600 seconds. Wed Dec 28 14:01:52 2022 -> Set stacksize to 1048576 socket found, clamd started. Wed Dec 28 14:12:31 2022 -> SelfCheck: Database status OK. scan folder : "/mnt/cache/downloads" appdata: "/mnt/cache/appdata/clamav/" UID 100 GUID 101 BRIDGE mode When I log in the docker I can manually start the scan with the "clamscan --recursive /scan" command. Any hint what is wrong here ? And why it is not automatically starting once I start the docker, is most appreciated. TIA Edited December 28, 20223 yr by unrateable
January 12, 20233 yr Is the "official" tagged version of ClamAV disfunctional compared to TQ's repo version? I installed the "Offical" one.. but it seems useless compared to what I've seen in this thread.
January 12, 20233 yr Author On 12/28/2022 at 7:11 AM, unrateable said: Hi there, I installed the clamav docker with the default set up. When started it appears to update and then sit idle. Log shows scan folder : "/mnt/cache/downloads" appdata: "/mnt/cache/appdata/clamav/" UID 100 GUID 101 BRIDGE mode When I log in the docker I can manually start the scan with the "clamscan --recursive /scan" command. Any hint what is wrong here ? And why it is not automatically starting once I start the docker, is most appreciated. TIA It would appear that this is not my container. I'm not notifying `clamd` due to it not being present in my build.
January 12, 20233 yr Author 10 hours ago, SLNetworks said: Is the "official" tagged version of ClamAV disfunctional compared to TQ's repo version? I installed the "Offical" one.. but it seems useless compared to what I've seen in this thread. Unfortunately, I'm not sure. I know this one works using the template in CA.
January 12, 20233 yr 21 minutes ago, TQ said: Unfortunately, I'm not sure. I know this one works using the template in CA. So neither of 'em have a webUI. What is to happen if it comes across an infected file?
January 12, 20233 yr Author 1 hour ago, SLNetworks said: So neither of 'em have a webUI. What is to happen if it comes across an infected file? That's really for you to decide. ClamAV has never had a webUI afaik. Take a look at all my documentation (from the first post) and you'll find the answers to your questions.
January 23, 20233 yr If I add "--max-filesize=200M --max-scansize=500M" to Post Arguments, my log is empty and I am unsure if it has done anything. If I add a -i, it fails with this in the log: clamd: illegal option -- i ERROR: Unknown option passed ERROR: Can't parse command line options These options also fail: -f /scan/appdata/clamav/clamavtargets.txt clamd: illegal option -- f ERROR: Unknown option passed ERROR: Can't parse command line options --file-list=/scan/appdata/clamav/clamavtargets.txt clamd: unrecognized option `--file-list=/scan/appdata/clamav/clamavtargets.txt' ERROR: Unknown option passed ERROR: Can't parse command line options I have to be missing something because there aren't other posts about this. What's going on?
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.