[clamav-users] Ubuntu 16.04 - ClamAV with AMAVIS 100% CPU - very few Google results

Antonio Pavletich apavletich at gmail.com
Tue Mar 28 11:33:51 UTC 2017 

Hi,

I've used clam-av for for years but not kept up to date with the many
changes.

Since upgrading I'm found clamd is spiking and staying put at 100%.

I've deleted all files in /var/lib/clamav & re-ran freshclam only to have
the same issue occur on the next inbound email?
I followed the guide at
https://www.howtoforge.com/tutorial/perfect-server-ubuntu-16.04-with-apache-php-myqsl-pureftpd-bind-postfix-doveot-and-ispconfig/2/

If any other information is needed to aid in identifying this please let me
know.

Antonio

eg:

root at host:/var/lib/clamav# clamd -V
ClamAV 0.99.2/23244/Tue Mar 28 04:33:34 2017
root at host:/

top - 11:07:58 up 3 days,  3:49,  2 users,  load average: 2.96, 4.30, 2.19
Tasks: 195 total,   2 running, 193 sleeping,   0 stopped,   0 zombie
%Cpu(s):  1.0 us,  0.3 sy,  0.0 ni, 98.2 id,  0.5 wa,  0.0 hi,  0.0 si,
0.0 st
KiB Mem :  1014372 total,    11140 free,   836764 used,   166468 buff/cache
KiB Swap:        0 total,        0 free,        0 used.    67920 avail Mem

  PID USER      PR  NI    VIRT    RES    SHR S %CPU %MEM     TIME+
COMMAND
20406 clamav    20   0  574844 405512   3684 R 93.8 40.0   0:06.33
clamd
    1 root      20   0  185248   4296   2396 S  0.0  0.4   0:17.99
systemd
    2 root      20   0       0      0      0 S  0.0  0.0   0:00.00
kthreadd
    3 root      20   0       0      0      0 S  0.0  0.0   0:05.96
ksoftirqd/0

logs spew out repeats of the below continuously?

Tue Mar 28 11:20:19 2017 -> +++ Started at Tue Mar 28 11:20:19 2017
Tue Mar 28 11:20:19 2017 -> Received 1 file descriptor(s) from systemd.
Tue Mar 28 11:20:19 2017 -> clamd daemon 0.99.2 (OS: linux-gnu, ARCH:
x86_64, CPU: x86_64)
Tue Mar 28 11:20:19 2017 -> Running as user clamav (UID 117, GID 123)
Tue Mar 28 11:20:19 2017 -> Log file size limited to 1048576 bytes.
Tue Mar 28 11:20:19 2017 -> Reading databases from /var/lib/clamav
Tue Mar 28 11:20:19 2017 -> Not loading PUA signatures.
Tue Mar 28 11:20:19 2017 -> Bytecode: Security mode set to "TrustSigned".
Tue Mar 28 11:20:27 2017 -> +++ Started at Tue Mar 28 11:20:27 2017
Tue Mar 28 11:20:27 2017 -> Received 1 file descriptor(s) from systemd.
Tue Mar 28 11:20:27 2017 -> clamd daemon 0.99.2 (OS: linux-gnu, ARCH:
x86_64, CPU: x86_64)
Tue Mar 28 11:20:27 2017 -> Running as user clamav (UID 117, GID 123)
Tue Mar 28 11:20:27 2017 -> Log file size limited to 1048576 bytes.
Tue Mar 28 11:20:27 2017 -> Reading databases from /var/lib/clamav
Tue Mar 28 11:20:27 2017 -> Not loading PUA signatures.
Tue Mar 28 11:20:27 2017 -> Bytecode: Security mode set to "TrustSigned".
Tue Mar 28 11:20:33 2017 -> +++ Started at Tue Mar 28 11:20:33 2017
Tue Mar 28 11:20:33 2017 -> Received 1 file descriptor(s) from systemd.
Tue Mar 28 11:20:33 2017 -> clamd daemon 0.99.2 (OS: linux-gnu, ARCH:
x86_64, CPU: x86_64)
Tue Mar 28 11:20:33 2017 -> Running as user clamav (UID 117, GID 123)
Tue Mar 28 11:20:33 2017 -> Log file size limited to 1048576 bytes.
Tue Mar 28 11:20:33 2017 -> Reading databases from /var/lib/clamav
Tue Mar 28 11:20:33 2017 -> Not loading PUA signatures.
Tue Mar 28 11:20:33 2017 -> Bytecode: Security mode set to "TrustSigned".
Tue Mar 28 11:20:42 2017 -> +++ Started at Tue Mar 28 11:20:42 2017
Tue Mar 28 11:20:42 2017 -> Received 1 file descriptor(s) from systemd.
Tue Mar 28 11:20:42 2017 -> clamd daemon 0.99.2 (OS: linux-gnu, ARCH:
x86_64, CPU: x86_64)
Tue Mar 28 11:20:42 2017 -> Running as user clamav (UID 117, GID 123)
Tue Mar 28 11:20:42 2017 -> Log file size limited to 1048576 bytes.
Tue Mar 28 11:20:42 2017 -> Reading databases from /var/lib/clamav
Tue Mar 28 11:20:42 2017 -> Not loading PUA signatures.
Tue Mar 28 11:20:42 2017 -> Bytecode: Security mode set to "TrustSigned".
Tue Mar 28 11:20:52 2017 -> +++ Started at Tue Mar 28 11:20:52 2017
Tue Mar 28 11:20:52 2017 -> Received 1 file descriptor(s) from systemd.
Tue Mar 28 11:20:52 2017 -> clamd daemon 0.99.2 (OS: linux-gnu, ARCH:
x86_64, CPU: x86_64)
Tue Mar 28 11:20:52 2017 -> Running as user clamav (UID 117, GID 123)
Tue Mar 28 11:20:52 2017 -> Log file size limited to 1048576 bytes.
Tue Mar 28 11:20:52 2017 -> Reading databases from /var/lib/clamav
Tue Mar 28 11:20:52 2017 -> Not loading PUA signatures.
Tue Mar 28 11:20:52 2017 -> Bytecode: Security mode set to "TrustSigned".
Tue Mar 28 11:20:59 2017 -> +++ Started at Tue Mar 28 11:20:59 2017
Tue Mar 28 11:20:59 2017 -> Received 1 file descriptor(s) from systemd.
Tue Mar 28 11:20:59 2017 -> clamd daemon 0.99.2 (OS: linux-gnu, ARCH:
x86_64, CPU: x86_64)
Tue Mar 28 11:20:59 2017 -> Running as user clamav (UID 117, GID 123)
Tue Mar 28 11:20:59 2017 -> Log file size limited to 1048576 bytes.
Tue Mar 28 11:20:59 2017 -> Reading databases from /var/lib/clamav
Tue Mar 28 11:20:59 2017 -> Not loading PUA signatures.
Tue Mar 28 11:20:59 2017 -> Bytecode: Security mode set to "TrustSigned".
Tue Mar 28 11:21:07 2017 -> +++ Started at Tue Mar 28 11:21:07 2017

More information about the clamav-users mailing list