Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] ClamAV

Featured Replies

  • Author
On 5/11/2023 at 6:15 AM, bmartino1 said:

I've noticed that my logs are in UTC time. is there a way to get the alpine packaged installed for TZ data to pass and update the scan log to be in time zone time?
 

Reviewing this docker. for logs and time. https://serverfault.com/questions/683605/docker-container-time-timezone-will-not-reflect-changes I have found that the log is in UTC Time. Is there a way for me to add a custom script to run or to pass the TZ via environments to use local time for clam AV logging? I believe a package would have to be added to the alpine image to accomplish this.

-v /etc/localtime:/etc/localtime:ro
-v /etc/timezone:/etc/timezone:ro

 

Sure. I think that would be not too difficult. Feel free to open a PR if you have the time!

  • 1 month later...
  • Replies 336
  • Views 113.1k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • You would make another instance of the container.  Each instance scans whatever is specified

  • chmod -R u-x,go-rwx,go+u,ugo+X /mnt/cache/appdata/clamav chown -R nobody:users  /mnt/cache/appdata/clamav

Posted Images

What does these warn and error messages mean?

 

Quote
  1. LibClamAV Warning: Bytecode run timed out in interpreter after 205000 opcodes
    LibClamAV Warning: Bytecode 'BC.Pdf.Exploit.CVE_2017_2818-6399052-0.{}' (id: 76) failed to run: Exceeded time limit

 

and

 

Quote
  1. LibClamAV Error: cli_html_normalise: style chunk size underflow

 

  • Author

Googled these for ya. 

 

Bytecode run timed out in interpreter after 205000 opcodes

This indicates that ClamAV was running a bytecode signature and that it exceeded a time limit. Normally safe to ignore...

 

cli_html_normalize: style chunk size underflow

You can ignore the error message. It is a part of a safety bounds check that was added in a new feature in ClamAV 1.1.0. We did not expect that error message to occur within a normal file. The file causing the error message would be visible in the logs right after this message.

So is this an app that comes configured incorrectly, or just needing a lot of setup? The Support page and ReadMe both make it sound Plug & Play outside of selecting the folder to scan, and of course there are the script suggestions in this thread, but I have not been able to get that far as I cannot even get it to scan. I can manually change the permissions, but I feel like if that is a necessary step too get things working the app should either do it itself, or, if that is not possible, it should say it somewhere obvious.

 

ERROR: Failed to save freshclam.dat!
WARNING: Failed to create a new freshclam.dat!
ERROR: initialize: libfreshclam init failed.
ERROR: Initialization error!

2023-07-15T12:36:32+00:00 ClamAV process starting

Unpdating ClamAV scan DB

Hint: The database directory must be writable for UID 100 or GID 101

An error occurred (freshclam returned with exit code '2')


2023-07-15T12:36:39+00:00 ClamAV process starting

Unpdating ClamAV scan DB

Hint: The database directory must be writable for UID 100 or GID 101

An error occurred (freshclam returned with exit code '2')


2023-07-15T12:44:23+00:00 ClamAV process starting

Unpdating ClamAV scan DB

Hint: The database directory must be writable for UID 100 or GID 101

An error occurred (freshclam returned with exit code '2')

Edited by CuriousMind

  • Author
19 minutes ago, CuriousMind said:

So is this an app that comes configured incorrectly, or just needing a lot of setup? The Support page and ReadMe both make it sound Plug & Play outside of selecting the folder to scan, and of course there are the script suggestions in this thread, but I have not been able to get that far as I cannot even get it to scan. I can manually change the permissions, but I feel like if that is a necessary step too get things working the app should either do it itself, or, if that is not possible, it should say it somewhere obvious.

 

ERROR: Failed to save freshclam.dat!
WARNING: Failed to create a new freshclam.dat!
ERROR: initialize: libfreshclam init failed.
ERROR: Initialization error!

2023-07-15T12:36:32+00:00 ClamAV process starting

Unpdating ClamAV scan DB

Hint: The database directory must be writable for UID 100 or GID 101

An error occurred (freshclam returned with exit code '2')


2023-07-15T12:36:39+00:00 ClamAV process starting

Unpdating ClamAV scan DB

Hint: The database directory must be writable for UID 100 or GID 101

An error occurred (freshclam returned with exit code '2')


2023-07-15T12:44:23+00:00 ClamAV process starting

Unpdating ClamAV scan DB

Hint: The database directory must be writable for UID 100 or GID 101

An error occurred (freshclam returned with exit code '2')

 

FIxing it is simple. The permissions are incorrect. Passing the UID and GID should solve this problem.

If not, you can use the snippet below and this should solve the problem for you.

 

chmod -R u-x,go-rwx,go+u,ugo+X /mnt/cache/appdata/clamav && chown -R nobody:users /mnt/cache/appdata/clamav

 

Updating the xml file to include these details...

  • Author
On 5/11/2023 at 6:15 AM, bmartino1 said:

I've noticed that my logs are in UTC time. is there a way to get the alpine packaged installed for TZ data to pass and update the scan log to be in time zone time?
 

Reviewing this docker. for logs and time. https://serverfault.com/questions/683605/docker-container-time-timezone-will-not-reflect-changes I have found that the log is in UTC Time. Is there a way for me to add a custom script to run or to pass the TZ via environments to use local time for clam AV logging? I believe a package would have to be added to the alpine image to accomplish this.

-v /etc/localtime:/etc/localtime:ro
-v /etc/timezone:/etc/timezone:ro

 

Added tzdata in new build. LMK if that works.

@TQ I downloaded the latest update and the logs now match the system time.  Thank you!

Hey there everyone,

 

Was wondering if someone had sec to help me out?

 

I did a clean install of ClamAV recently, now the logs are showing that the container is stuck doing a self check? (Logs Attached)

 

Unraid Version: 6.12.2

 

Any and all help is appreciated

 

ClamAV Logs.txt

  • Author
6 hours ago, Germy_Lizard said:

Hey there everyone,

 

Was wondering if someone had sec to help me out?

 

I did a clean install of ClamAV recently, now the logs are showing that the container is stuck doing a self check? (Logs Attached)

 

Unraid Version: 6.12.2

 

Any and all help is appreciated

 

ClamAV Logs.txt 2.55 kB · 1 download

 

This doesnt look like the output from my container. I think some wires are crossed.

 

Socket for clamd not found yet, retrying (18/1800) ...Sat Jul 22 20:29:14 2023 -> Limits: Global time limit set to 120000 milliseconds.
Sat Jul 22 20:29:14 2023 -> Limits: Global size limit set to 419430400 bytes.
Sat Jul 22 20:29:14 2023 -> Limits: File size limit set to 104857600 bytes.
Sat Jul 22 20:29:14 2023 -> Limits: Recursion level limit set to 17.
Sat Jul 22 20:29:14 2023 -> Limits: Files limit set to 10000.
Sat Jul 22 20:29:14 2023 -> Limits: MaxEmbeddedPE limit set to 41943040 bytes.
Sat Jul 22 20:29:14 2023 -> Limits: MaxHTMLNormalize limit set to 41943040 bytes.
Sat Jul 22 20:29:14 2023 -> Limits: MaxHTMLNoTags limit set to 8388608 bytes.
Sat Jul 22 20:29:14 2023 -> Limits: MaxScriptNormalize limit set to 20971520 bytes.
Sat Jul 22 20:29:14 2023 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Sat Jul 22 20:29:14 2023 -> Limits: MaxPartitions limit set to 50.
Sat Jul 22 20:29:14 2023 -> Limits: MaxIconsPE limit set to 100.
Sat Jul 22 20:29:14 2023 -> Limits: MaxRecHWP3 limit set to 16.
Sat Jul 22 20:29:14 2023 -> Limits: PCREMatchLimit limit set to 100000.
Sat Jul 22 20:29:14 2023 -> Limits: PCRERecMatchLimit limit set to 2000.
Sat Jul 22 20:29:14 2023 -> Limits: PCREMaxFileSize limit set to 104857600.
Sat Jul 22 20:29:14 2023 -> Archive support enabled.
Sat Jul 22 20:29:14 2023 -> AlertExceedsMax heuristic detection disabled.
Sat Jul 22 20:29:14 2023 -> Heuristic alerts enabled.
Sat Jul 22 20:29:14 2023 -> Portable Executable support enabled.
Sat Jul 22 20:29:14 2023 -> ELF support enabled.
Sat Jul 22 20:29:14 2023 -> Mail files support enabled.
Sat Jul 22 20:29:14 2023 -> OLE2 support enabled.
Sat Jul 22 20:29:14 2023 -> PDF support enabled.
Sat Jul 22 20:29:14 2023 -> SWF support enabled.
Sat Jul 22 20:29:14 2023 -> HTML support enabled.
Sat Jul 22 20:29:14 2023 -> XMLDOCS support enabled.
Sat Jul 22 20:29:14 2023 -> HWP3 support enabled.
Sat Jul 22 20:29:14 2023 -> Self checking every 600 seconds.
Sat Jul 22 20:29:14 2023 -> Set stacksize to 1048576
socket found, clamd started.

 

My container does not use `clamd`, only Freshclam and Clamscan.

  • 4 weeks later...

For those of you that have setup the script to go with the ClamAV container but have noticed little to no activity coming from it when running  "Docker Stats" this may be the fix to your issue.

I don't believe that the container is setup to do a scan on startup so you may have to trigger it by adding this line to the scripts as seen below in the screen shot.

I have also figured out how to get multithreading working although be warned when using multi you may want to schedual it for when your not using your server as it can be quite CPU and RAM hungry.

 

Some thoughts for you before you proceed with multithreaded scans are to put a memory limit on your docker through extra parameters. 

Multi Thread:
exec('docker exec ClamAV sh -c "find /scan -type f -print0 | xargs -0 -P $(nproc) clamscan"');
image.thumb.png.d6df0d743af1f56eac2265e402f73424.png
image.thumb.png.10d5ae770781299c82d276c3fa2fb022.png


Single Thread:
exec('docker exec ClamAV sh -c "clamscan"');


image.thumb.png.6ce3467c3705c992a5a725db023c4da6.png

  • 2 weeks later...
On 6/16/2019 at 9:57 AM, Squid said:

Updated to include the infected file in the notification

#!/usr/bin/php
<?
exec('/usr/local/emhttp/plugins/dynamix/scripts/notify -e "Antivirus Scan" -s "Antivirus Scan Started" -d "Antivirus Scan Started" -i "normal"');
exec('docker start ClamAV');
for ( ;; ) {
  $status = trim(exec("docker ps | grep ClamAV"));
  if ( ! $status ) break;
  sleep(60);
}
exec("docker logs ClamAV 2>/dev/null",$logs);
foreach ($logs as $line) {
  $virus = explode(" ",$line);
  if (trim(end($virus)) == "FOUND" ) {
    $infected .= "$line\n";
  }
}

if ( ! $infected ) $infected = "No infections found\n";

exec('/usr/local/emhttp/plugins/dynamix/scripts/notify -e "Antivirus Scan" -s "Antivirus Scan Finished" -d '.escapeshellarg($infected).' -i "normal"');
?>

 

 

script 689 B · 138 downloads

Thanks for this script @Squid

 

I was wondering if there is a way to add in an email notification of the scan results?

6 minutes ago, Lonewolf147 said:

Thanks for this script @Squid

 

I was wondering if there is a way to add in an email notification of the scan results?

 

Have you set up notifications in unraid? There's one option to recieve email notifications from your server and the results from the clamav scan are included. 

Or do you want to recieve mail notifications only from your clamav scan and not from everything else?

13 minutes ago, Maginos said:

 

Have you set up notifications in unraid? There's one option to recieve email notifications from your server and the results from the clamav scan are included. 

Or do you want to recieve mail notifications only from your clamav scan and not from everything else?

I do have email notifications set up for Array Status. But I'd like to get an email for ClamAV only if possible.

On a different note, nothing seems to happen when I run ClamAV.  I set the scan folder to one that only has two files in it to be able to test this. I've both started it manually, and using the aforementioned script (along with IronBeardKnight's extra line). The app starts, and just sits there.  I tried waiting it out, starting it before I went to bed, but 8 hours later and it was still 'running'.  I pulled the logs for it and it shows:

Starting Freshclamd
Starting ClamAV
Socket for clamd not found yet, retrying (0/1800) ...ClamAV update process started at Tue Aug 29 11:47:19 2023
daily.cld database is up-to-date (version: 27015, sigs: 2040076, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Socket for clamd not found yet, retrying (17/1800) ...Tue Aug 29 11:47:36 2023 -> Limits: Global time limit set to 120000 milliseconds.
Tue Aug 29 11:47:36 2023 -> Limits: Global size limit set to 419430400 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: File size limit set to 104857600 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: Recursion level limit set to 17.
Tue Aug 29 11:47:36 2023 -> Limits: Files limit set to 10000.
Tue Aug 29 11:47:36 2023 -> Limits: MaxEmbeddedPE limit set to 41943040 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: MaxHTMLNormalize limit set to 41943040 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: MaxHTMLNoTags limit set to 8388608 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: MaxScriptNormalize limit set to 20971520 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: MaxPartitions limit set to 50.
Tue Aug 29 11:47:36 2023 -> Limits: MaxIconsPE limit set to 100.
Tue Aug 29 11:47:36 2023 -> Limits: MaxRecHWP3 limit set to 16.
Tue Aug 29 11:47:36 2023 -> Limits: PCREMatchLimit limit set to 100000.
Tue Aug 29 11:47:36 2023 -> Limits: PCRERecMatchLimit limit set to 2000.
Tue Aug 29 11:47:36 2023 -> Limits: PCREMaxFileSize limit set to 104857600.
Tue Aug 29 11:47:36 2023 -> Archive support enabled.
Tue Aug 29 11:47:36 2023 -> AlertExceedsMax heuristic detection disabled.
Tue Aug 29 11:47:36 2023 -> Heuristic alerts enabled.
Tue Aug 29 11:47:36 2023 -> Portable Executable support enabled.
Tue Aug 29 11:47:36 2023 -> ELF support enabled.
Tue Aug 29 11:47:36 2023 -> Mail files support enabled.
Tue Aug 29 11:47:36 2023 -> OLE2 support enabled.
Tue Aug 29 11:47:36 2023 -> PDF support enabled.
Tue Aug 29 11:47:36 2023 -> SWF support enabled.
Tue Aug 29 11:47:36 2023 -> HTML support enabled.
Tue Aug 29 11:47:36 2023 -> XMLDOCS support enabled.
Tue Aug 29 11:47:36 2023 -> HWP3 support enabled.
Tue Aug 29 11:47:36 2023 -> Self checking every 600 seconds.
Tue Aug 29 11:47:36 2023 -> Set stacksize to 1048576
socket found, clamd started.
Tue Aug 29 11:58:20 2023 -> SelfCheck: Database status OK.
Tue Aug 29 12:08:20 2023 -> SelfCheck: Database status OK.
Tue Aug 29 12:18:21 2023 -> SelfCheck: Database status OK.
Tue Aug 29 12:28:21 2023 -> SelfCheck: Database status OK.
.
.
.
Tue Aug 29 20:08:46 2023 -> SelfCheck: Database status OK.
Tue Aug 29 20:18:46 2023 -> SelfCheck: Database status OK.

 

If I run it via the script, the script never finishes. I have to manually abort.  Any ideas?

  • Author
1 hour ago, Lonewolf147 said:

On a different note, nothing seems to happen when I run ClamAV.  I set the scan folder to one that only has two files in it to be able to test this. I've both started it manually, and using the aforementioned script (along with IronBeardKnight's extra line). The app starts, and just sits there.  I tried waiting it out, starting it before I went to bed, but 8 hours later and it was still 'running'.  I pulled the logs for it and it shows:

Starting Freshclamd
Starting ClamAV
Socket for clamd not found yet, retrying (0/1800) ...ClamAV update process started at Tue Aug 29 11:47:19 2023
daily.cld database is up-to-date (version: 27015, sigs: 2040076, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Socket for clamd not found yet, retrying (17/1800) ...Tue Aug 29 11:47:36 2023 -> Limits: Global time limit set to 120000 milliseconds.
Tue Aug 29 11:47:36 2023 -> Limits: Global size limit set to 419430400 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: File size limit set to 104857600 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: Recursion level limit set to 17.
Tue Aug 29 11:47:36 2023 -> Limits: Files limit set to 10000.
Tue Aug 29 11:47:36 2023 -> Limits: MaxEmbeddedPE limit set to 41943040 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: MaxHTMLNormalize limit set to 41943040 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: MaxHTMLNoTags limit set to 8388608 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: MaxScriptNormalize limit set to 20971520 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Tue Aug 29 11:47:36 2023 -> Limits: MaxPartitions limit set to 50.
Tue Aug 29 11:47:36 2023 -> Limits: MaxIconsPE limit set to 100.
Tue Aug 29 11:47:36 2023 -> Limits: MaxRecHWP3 limit set to 16.
Tue Aug 29 11:47:36 2023 -> Limits: PCREMatchLimit limit set to 100000.
Tue Aug 29 11:47:36 2023 -> Limits: PCRERecMatchLimit limit set to 2000.
Tue Aug 29 11:47:36 2023 -> Limits: PCREMaxFileSize limit set to 104857600.
Tue Aug 29 11:47:36 2023 -> Archive support enabled.
Tue Aug 29 11:47:36 2023 -> AlertExceedsMax heuristic detection disabled.
Tue Aug 29 11:47:36 2023 -> Heuristic alerts enabled.
Tue Aug 29 11:47:36 2023 -> Portable Executable support enabled.
Tue Aug 29 11:47:36 2023 -> ELF support enabled.
Tue Aug 29 11:47:36 2023 -> Mail files support enabled.
Tue Aug 29 11:47:36 2023 -> OLE2 support enabled.
Tue Aug 29 11:47:36 2023 -> PDF support enabled.
Tue Aug 29 11:47:36 2023 -> SWF support enabled.
Tue Aug 29 11:47:36 2023 -> HTML support enabled.
Tue Aug 29 11:47:36 2023 -> XMLDOCS support enabled.
Tue Aug 29 11:47:36 2023 -> HWP3 support enabled.
Tue Aug 29 11:47:36 2023 -> Self checking every 600 seconds.
Tue Aug 29 11:47:36 2023 -> Set stacksize to 1048576
socket found, clamd started.
Tue Aug 29 11:58:20 2023 -> SelfCheck: Database status OK.
Tue Aug 29 12:08:20 2023 -> SelfCheck: Database status OK.
Tue Aug 29 12:18:21 2023 -> SelfCheck: Database status OK.
Tue Aug 29 12:28:21 2023 -> SelfCheck: Database status OK.
.
.
.
Tue Aug 29 20:08:46 2023 -> SelfCheck: Database status OK.
Tue Aug 29 20:18:46 2023 -> SelfCheck: Database status OK.

 

If I run it via the script, the script never finishes. I have to manually abort.  Any ideas?

 

Something tells me you are having the same issue as 

 

 

Can you do a `docker inspect ClamAV` and paste the contents? Sanitize to your level of paranoia.

8 hours ago, TQ said:

Can you do a `docker inspect ClamAV` and paste the contents? Sanitize to your level of paranoia.

Here you go. Does it matter if the app is running or not? This report is with it not started.

And yes, looks like I have the same issue as the other guy. Sorry, I didn't see that. I don't see a solution for them either though.

ClamAV-Inspect.txt

Edited by Lonewolf147

  • Author
10 hours ago, Lonewolf147 said:

Here you go. Does it matter if the app is running or not? This report is with it not started.

And yes, looks like I have the same issue as the other guy. Sorry, I didn't see that. I don't see a solution for them either though.

ClamAV-Inspect.txt 10.94 kB · 0 downloads

 

Same issue I believe. You are using the "Official" clamav image which includes clamd (the underlying daemon, which I do not have in my image).

So, I'm not sure what the issue is with that container, but if you pull mine, and install via CA, you should have a working clamscan.

3 hours ago, TQ said:

 

Same issue I believe. You are using the "Official" clamav image which includes clamd (the underlying daemon, which I do not have in my image).

So, I'm not sure what the issue is with that container, but if you pull mine, and install via CA, you should have a working clamscan.

 

That seemed to do it. Thanks!

 

  • 2 weeks later...
On 8/30/2023 at 6:47 PM, TQ said:

 

Same issue I believe. You are using the "Official" clamav image which includes clamd (the underlying daemon, which I do not have in my image).

So, I'm not sure what the issue is with that container, but if you pull mine, and install via CA, you should have a working clamscan.

 

The "offical" ClamAV from CA, owned by Exes, has the "support forum" link pointing to this forum post. I think he must have copied yours and forgot to update that aspect?

 

Anyway, I downloaded the offical one as well because it appeared to be more popular and was updated more recently. It does not appear to work how it states it should work and even though I was able to force it to scan with the command I could not figure out how to review the logs.

 

I'll give TQ's version a try as it is being properly supported. I feel like the other package needs to be reviewed and possibly removed if it's not setup correctly.

35 minutes ago, mournful-hive3872 said:

 

The "offical" ClamAV from CA, owned by Exes, has the "support forum" link pointing to this forum post. I think he must have copied yours and forgot to update that aspect?

 

Anyway, I downloaded the offical one as well because it appeared to be more popular and was updated more recently. It does not appear to work how it states it should work and even though I was able to force it to scan with the command I could not figure out how to review the logs.

 

I'll give TQ's version a try as it is being properly supported. I feel like the other package needs to be reviewed and possibly removed if it's not setup correctly.

 

This was me, I logged in with the wrong email address. TQ's template deployed and began scanning immediately as expected. For anyone who comes here from the ClamAV marked "offical" in CA I would recommend removing it and switching to the template owned by TQ.

  • Author

Updates today to squash CVEs and update ClamAV.

 

| Tag | ClamAV Version | Alpine Version |
| --- | --- | --- |
| latest | 1.1.2-r0 | 3 |
| edge | 1.2.0-r1 | Edge |

Edited by TQ

Any help for a newbie who ran this morning and get this, just installed and started with defaults ?

 

IMG_0300.jpeg

  • Author
5 hours ago, robti said:

Any help for a newbie who ran this morning and get this, just installed and started with defaults ?

 

IMG_0300.jpeg

 

I cleaned up the user script, just in case anyone is interested:
 

#!/usr/bin/php
<?
enum Severity: string {
    case NORMAL = 'normal';
    case WARNING = 'warning';
    case ALERT = 'alert';
}

function SendNotification(string $event, string $subject, string $description, Severity $importance)
{
    exec('/usr/local/emhttp/plugins/dynamix/scripts/notify -e ' . escapeshellarg($event) . ' -s ' . escapeshellarg($subject) . ' -d ' . escapeshellarg($description) . ' -i ' . escapeshellarg($importance->value) . '');
}

SendNotification("Antivirus Scan Started", "Antivirus Scan", "Antivirus Scan Started", Severity::NORMAL);

exec('docker start ClamAV');
exec('docker exec ClamAV sh -c "find /scan -type f -print0 | xargs -0 -P $(nproc) clamscan"');

for (;;) {
  if (!trim(exec("docker ps | grep ClamAV"))) break;
  sleep(10);
}

$logs = [];
exec("docker logs ClamAV 2>/dev/null", $logs);

$currentLogs = array_slice($logs, array_search('Scanning /scan', array_reverse($logs, true)), null, false);

$infected = [];
$reportSeverity = Severity::NORMAL;
foreach ($currentLogs as $line) {
    if (str_ends_with(trim($line), "FOUND")){
        $infected[] = str_replace(["/scan", " FOUND"], "",trim($line));
        $reportSeverity = Severity::ALERT;
    }
}

$infected = (count($infected) > 0) ? array_merge(["Infected files found:"], $infected) : ["No infected files found"];

SendNotification("Antivirus Scan Finished", "Antivirus Scan", implode("<br \>", $infected), $reportSeverity);
?>

 

Edited by Valkyrie

23 hours ago, Valkyrie said:

I cleaned up the user script, just in case anyone is interested:
 

 

Just copy/pasting this code into User Scripts I have an error right at the beginning

image.png.cc814576d065a651c1e7aacbdc7570ac.png

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.