So, we solved that clamd error, and here is the result now: Thu Mar 7 20:12:48 2024 -> +++ Started at Thu Mar 7 20:12:48 2024 Thu Mar 7 20:12:48 2024 -> Received 0 file descriptor(s) from systemd. Thu Mar 7 20:12:48 2024 -> clamd daemon 1.3.0 (OS: Linux, ARCH: x86_64, CPU: x86_64) Thu Mar 7 20:12:48 2024 -> Log file size limited to 2097152 bytes. Thu Mar 7 20:12:48 2024 -> Reading databases from /usr/local/share/clamav Thu Mar 7 20:12:48 2024 -> Not loading PUA signatures. Thu Mar 7 20:12:48 2024 -> Bytecode: Security mode set to "TrustSigned". Thu Mar 7 20:13:05 2024 -> Loaded 8686292 signatures. Thu Mar 7 20:13:08 2024 -> TCP: Bound to []:3310 Thu Mar 7 20:13:08 2024 -> TCP: Setting connection queue length to 200 Thu Mar 7 20:13:08 2024 -> TCP: Bound to []:3310 Thu Mar 7 20:13:08 2024 -> TCP: Setting connection queue length to 200 Thu Mar 7 20:13:08 2024 -> LOCAL: Unix socket file /var/run/clamav/clamd.ctl Thu Mar 7 20:13:08 2024 -> LOCAL: Setting connection queue length to 200 Thu Mar 7 20:13:08 2024 -> Limits: Global time limit set to 120000 milliseconds. Thu Mar 7 20:13:08 2024 -> Limits: Global size limit set to 419430400 bytes. Thu Mar 7 20:13:08 2024 -> Limits: File size limit set to 104857600 bytes. Thu Mar 7 20:13:08 2024 -> Limits: Recursion level limit set to 17. Thu Mar 7 20:13:08 2024 -> Limits: Files limit set to 10000. Thu Mar 7 20:13:08 2024 -> Limits: MaxEmbeddedPE limit set to 41943040 bytes. Thu Mar 7 20:13:08 2024 -> Limits: MaxHTMLNormalize limit set to 41943040 bytes. Thu Mar 7 20:13:08 2024 -> Limits: MaxHTMLNoTags limit set to 8388608 bytes. Thu Mar 7 20:13:08 2024 -> Limits: MaxScriptNormalize limit set to 20971520 bytes. Thu Mar 7 20:13:08 2024 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes. Thu Mar 7 20:13:08 2024 -> Limits: MaxPartitions limit set to 50. Thu Mar 7 20:13:08 2024 -> Limits: MaxIconsPE limit set to 100. Thu Mar 7 20:13:08 2024 -> Limits: MaxRecHWP3 limit set to 16. Thu Mar 7 20:13:08 2024 -> Limits: PCREMatchLimit limit set to 100000. Thu Mar 7 20:13:08 2024 -> Limits: PCRERecMatchLimit limit set to 2000. Thu Mar 7 20:13:08 2024 -> Limits: PCREMaxFileSize limit set to 104857600. Thu Mar 7 20:13:08 2024 -> Archive support enabled. Thu Mar 7 20:13:08 2024 -> AlertExceedsMax heuristic detection disabled. Thu Mar 7 20:13:08 2024 -> Heuristic alerts enabled. Thu Mar 7 20:13:08 2024 -> Portable Executable support enabled. Thu Mar 7 20:13:08 2024 -> ELF support enabled. Thu Mar 7 20:13:08 2024 -> Mail files support enabled. Thu Mar 7 20:13:08 2024 -> OLE2 support enabled. Thu Mar 7 20:13:08 2024 -> PDF support enabled. Thu Mar 7 20:13:08 2024 -> SWF support enabled. Thu Mar 7 20:13:08 2024 -> HTML support enabled. Thu Mar 7 20:13:08 2024 -> XMLDOCS support enabled. Thu Mar 7 20:13:08 2024 -> HWP3 support enabled. Thu Mar 7 20:13:08 2024 -> OneNote support enabled. Thu Mar 7 20:13:08 2024 -> Self checking every 600 seconds.
then we manually start a freshclam update (so, here you can see that old version number, so can it be that we need to delete the old DB first?): freshclam Thu Mar 7 20:17:04 2024 -> Current working dir is /usr/local/share/clamav/ Thu Mar 7 20:17:04 2024 -> Loaded freshclam.dat: Thu Mar 7 20:17:04 2024 -> version: 1 Thu Mar 7 20:17:04 2024 -> uuid: 4345256e-75d3-498a-8e9d-13234a103d4e Thu Mar 7 20:17:04 2024 -> ClamAV update process started at Thu Mar 7 20:17:04 2024 Thu Mar 7 20:17:04 2024 -> Current working dir is /usr/local/share/clamav/ Thu Mar 7 20:17:04 2024 -> Querying current.cvd.clamav.net Thu Mar 7 20:17:04 2024 -> TTL: 1428 Thu Mar 7 20:17:04 2024 -> fc_dns_query_update_info: Software version from DNS: 0.103.11 Thu Mar 7 20:17:04 2024 -> Current working dir is /usr/local/share/clamav/ Thu Mar 7 20:17:05 2024 -> check_for_new_database_version: Local copy of daily found: daily.cld. Thu Mar 7 20:17:05 2024 -> query_remote_database_version: daily.cvd version from DNS: 27207 Thu Mar 7 20:17:05 2024 -> daily.cld database is up-to-date (version: 27207, sigs: 2054437, f-level: 90, builder: raynman) Thu Mar 7 20:17:05 2024 -> fc_update_database: daily.cld already up-to-date. Thu Mar 7 20:17:05 2024 -> Current working dir is /usr/local/share/clamav/ Thu Mar 7 20:17:05 2024 -> check_for_new_database_version: Local copy of main found: main.cvd. Thu Mar 7 20:17:05 2024 -> query_remote_database_version: main.cvd version from DNS: 62 Thu Mar 7 20:17:05 2024 -> main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) Thu Mar 7 20:17:05 2024 -> fc_update_database: main.cvd already up-to-date. Thu Mar 7 20:17:05 2024 -> Current working dir is /usr/local/share/clamav/ Thu Mar 7 20:17:05 2024 -> check_for_new_database_version: Local copy of bytecode found: bytecode.cld. Thu Mar 7 20:17:05 2024 -> query_remote_database_version: bytecode.cvd version from DNS: 335 Thu Mar 7 20:17:05 2024 -> bytecode.cld database is up-to-date (version: 335, sigs: 86, f-level: 90, builder: raynman) Thu Mar 7 20:17:05 2024 -> fc_update_database: bytecode.cld already up-to-date. Norman > Am 07.03.2024 um 20:11 schrieb Norman Energy <[email protected]>: > > > Hi Matus, > > we used .deb package and on some system (arm64) we use the source code. > To be a > > That report was created by logwatch. > > We just wondering, why it is displaying that old version. > > However, as I write this mail, we checked the clamav.logs and found these > entries: > > Thu Mar 7 05:34:48 2024 -> ERROR: LOCAL: Socket file > /var/run/clamav/clamd.ctl could not be bound: No such file or directory > Thu Mar 7 05:34:48 2024 -> ERROR: Can't unlink the socket file > /var/run/clamav/clamd.ctl > Thu Mar 7 18:15:24 2024 -> ERROR: LOCAL: Could not create socket directory: > /var/run/clamav: Permission denied > Thu Mar 7 18:15:24 2024 -> ERROR: LOCAL: Socket file > /var/run/clamav/clamd.ctl could not be bound: No such file or directory > Thu Mar 7 18:15:24 2024 -> ERROR: Can't unlink the socket file > /var/run/clamav/clamd.ctl > > Which we will solve now. But we guess the error has nothing to do with that > old version displaying. > > mfg, > > Norman Wöske > >> Am 07.03.2024 um 19:47 schrieb Matus UHLAR - fantomas via clamav-users >> <[email protected]>: >> >>> >>>> On 07.03.24 15:29, energynorman--- via clamav-users wrote: >>>>> hope all of you are well. I have a more cosmetic question. We used the >>>>> last clam versions all above 1.03, but in our eMail report we still see: >>>>> Software version from DNS: 0.103.11 >> >> what is this "eMail report"? >> >> On 07.03.24 18:19, energynorman--- via clamav-users wrote: >>> Thanks for your answer. And, no we do not have any further version >>> installed. This happens on several systems. >>> >>> Therefore our question. >>> >>> Here is our research: >>> >>> >>> sudo dpkg -l | grep clam >>> ii clamav 1.3.0-1 amd64 ClamAV open source email, web, and >>> end-point anti-virus toolkit. >>> >>> sudo which clamd >>> /usr/local/sbin/clamd >> >> how did you install clamav? >> >> the dpkg version should be installed in /usr/ not /usr/local/ >> >> -- >> Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/ >> Warning: I wish NOT to receive e-mail advertising to this address. >> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. >> Spam is for losers who can't get business any other way. >> _______________________________________________ >> >> Manage your clamav-users mailing list subscription / unsubscribe: >> https://lists.clamav.net/mailman/listinfo/clamav-users >> >> >> Help us build a comprehensive ClamAV guide: >> https://github.com/Cisco-Talos/clamav-documentation >> >> https://docs.clamav.net/#mailing-lists-and-chat _______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
