[clamav-users] clamd.exe becomes unresponsive

David Miller davesgoogliemail at gmail.com
Tue Aug 13 23:37:21 EDT 2019


Hi, All:

Good news update: Clamd.exe is running longer than ever so far...
nearly 12 hours.  I had just switched the SelfCheck value from the
default 600 to 1200 to see if that made a difference.  I also enabled
LogVerbose.  Those are the only 2 updates to the clamd.config.  One
other change I made is to call PING less often to see if clamd.exe is
still responsive.  Right now, it checks once per minute... previously,
it checked every 15 seconds. I don't believe this change had anything
to do with tonight's improved result because initially, I wasn't
calling PING at all - the PINGs were added as a result of the
unresponsiveness.  I'm optimistic, but still stumped.  I suspect the
change relates to the less frequent SelfCheck calls.
Thoughts/suggestions/etc. very appreciated!

Thanks,
-Dave

On Tue, Aug 13, 2019 at 1:15 PM David Miller <davesgoogliemail at gmail.com> wrote:
>
> Hello, All:
>
> clamav-0.101.2-win-x64-portable
> clamav-0.101.3-win-x64-portable
>
> After clamd.exe runs successfully for several hours, it becomes unresponsive.
> Hosted on 2 Windows 2016 Servers and a Windows 10 - all respond the same.
> Last log entry for clamd shows: "SelfCheck: Database status OK."  An example
> of the unresponsive timelines from one of the deployments is pasted below.
>
> Restarted                     Unresponsive:              Timespan:
> 8/10/19 01:30:30 a.m.   8/10/19 06:06:29 a.m.   4:35:59
> 8/10/19 06:06:30 a.m.   8/10/19 12:34:12 p.m.   6:27:42
> 8/10/19 12:34:13 p.m.   8/10/19 07:01:55 p.m.   5:32:18
> 8/10/19 07:01:56 p.m.   8/11/19 01:29:37 a.m.   5:32:19
> 8/11/19 01:29:38 a.m.   8/11/19 06:05:35 a.m.   4:35:57
> 8/11/19 06:05:37 a.m.   8/11/19 12:33:17 p.m.   6:27:40
> 8/11/19 12:33:19 p.m.   8/11/19 07:01:00 p.m.   5:32:19
> 8/11/19 07:01:01 p.m.   8/12/19 01:28:42 a.m.   6:27:41
>
> Clamd.exe remains responsive for the timespans listed above, but then
> becomes unresponsive and I have to kill the process and start a new
> instance of clamd.exe. (The outage time consistency is telling, but
> what it's telling I still don't know.) FWIW: I run freshclam once an hour,
> but it seems to have no impact on the unresponsiveness of clamd. Also, the
> clamd.exe becomes unresponsive whether or not there are files being
> scanned. I've tried a few .conf changes with no noticeable impact on the
> unresponsiveness. Any pointers/tools/suggestions are greatly appreciated.
>
> I've appended my current .conf results to this email.
>
> Thanks for your time & have a great day!
> -Dave,
>
>
> clamconf -n
>
> Checking configuration files in
> C:\MyStuff\Tools\ClamAv\clamav-0.101.3-win-x64-portable
>
> Config file: clamd.conf
> -----------------------
> LogFile = "C:\MyStuff\Tools\ClamAv\clamav-0.101.3-win-x64-portable\clamd.log"
> LogFileMaxSize = "2097152"
> LogTime = "yes"
> LogVerbose = "yes"
> TCPSocket = "3310"
> TCPAddr = "127.0.0.1"
> SendBufTimeout = "200"
> IdleTimeout = "60"
> SelfCheck = "1200"
>
> Config file: freshclam.conf
> ---------------------------
> LogFileMaxSize = "2097152"
> LogTime = "yes"
> UpdateLogFile =
> "C:\MyStuff\Tools\ClamAv\clamav-0.101.3-win-x64-portable\freshclam.log"
> DatabaseMirror = "database.clamav.net"
>
> clamav-milter.conf not found
>
> Software settings
> -----------------
> Version: 0.101.3
> Optional features supported: MEMPOOL AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 RAR JIT
>
> Database information
> --------------------
> Database directory:
> C:\MyStuff\Tools\ClamAv\clamav-0.101.3-win-x64-portable\database
> bytecode.cvd: version 330, sigs: 94, built on Wed Jul 17 08:11:08 2019
> daily.cld: version 25540, sigs: 1713558, built on Tue Aug 13 03:16:47 2019
> main.cvd: version 58, sigs: 4566249, built on Wed Jun  7 16:38:10 2017
> Total number of signatures: 6279901
>
> Platform information
> --------------------
> uname: Microsoft Windows 6.2 SP0.0 Build 9200
> OS: win32, ARCH: x86_64, CPU: x86_64
> zlib version: 1.2.11 (1.2.11), compile flags: 65
> Triple: x86_64-pc-win32
> CPU: i686, Little-endian
> platform id: 0x102566660800077c0100077c
>
> Build information
> -----------------
> Microsoft Visual C++: (0.7.124)
> Microsoft Visual C++ 1916
> sizeof(void*) = 8
> Engine flevel: 102, dconf: 102


More information about the clamav-users mailing list