Re: [clamav-users] Clamd.log ERROR: reload_th: Database load failed: Malformed
On 27/07/2021 18:54, G.W. Haywood via clamav-users wrote: Hi there, On Tue, 27 Jul 2021, Ashtec Cerenuela via clamav-users wrote: I've been monitoring the clamd.log for my email server this past few weeks and I've seen errors like this everyday. Sat Jul 24 19:28:27 2021 -> SelfCheck: Database modification detected. Forcing reload. Sat Jul 24 19:28:27 2021 -> Reading databases from C:\ProgramData\.clamwin\db Sat Jul 24 19:28:39 2021 -> ERROR: reload_th: Database load failed: Malformed database Are you sure that you're using an up-to-date clamd version? Clutching at straws here, perhaps when you upgraded the daemon wasn't restarted? ... ClamUpdateLog.txt says: ClamAV update process started at Sat Jul 24 19:19:00 2021 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.103.2 Recommended version: 0.103.3 Since you seem to be using ClamWin you will either have to live with these warnings or use the Windows version from upstream. Personally after what I've seen of ClamWin I'd steer clear of it. See comments in the list archives for example: https://lists.clamav.net/pipermail/clamav-users/2021-June/011286.html daily database available for update (local version: 26241, remote version: 26242) Testing database: 'C:\ProgramData\.clamwin\db\tmp.5c43b1ecb8\clamav-632317d6ea0ad37e91e81295e905073d.tmp-daily.cld' ... Database test passed. daily.cld updated (version: 26242, sigs: 1963537, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) Your update process seem to be working OK. Here's my freshclam log (on Linux!) for about that time, as you see the numbers all match: Sat Jul 24 20:21:55 2021 -> Received signal: wake up Sat Jul 24 20:21:55 2021 -> ClamAV update process started at Sat Jul 24 20:21:55 2021 Sat Jul 24 20:21:56 2021 -> daily.cld database is up-to-date (version: 26242, sigs: 1963537, f-level: 90, builder: raynman) Sat Jul 24 20:21:56 2021 -> main.cvd database is up-to-date (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr) Sat Jul 24 20:21:56 2021 -> bytecode.cld database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) Deleted daily.cld/main.cvd and downloaded with a new copy from clamwin website. After 24hrs of monitoring, the error occured again after the update. I'm not sure if this is normal or what. I'm not sure what's normal for ClamWin. Why not just use the official sources and CDN? In case it helps, if you check the MD5sum for the main database it should be 8192d77d0032163244c7323a80d5f228 and I wouldn't expect that file to change for quite some time since it's only very recently been updated. Wasn't ClamWin 0.103.2 a "fake" update where they only changed the version number? Or was that 0.103.3? Either way, Ged's advice to throw it away and use a proper ClamAV build for winderss is correct. Cheers, GaryB-) ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Clamd.log ERROR: reload_th: Database load failed: Malformed
Hi there, On Tue, 27 Jul 2021, Ashtec Cerenuela via clamav-users wrote: I've been monitoring the clamd.log for my email server this past few weeks and I've seen errors like this everyday. Sat Jul 24 19:28:27 2021 -> SelfCheck: Database modification detected. Forcing reload. Sat Jul 24 19:28:27 2021 -> Reading databases from C:\ProgramData\.clamwin\db Sat Jul 24 19:28:39 2021 -> ERROR: reload_th: Database load failed: Malformed database Are you sure that you're using an up-to-date clamd version? Clutching at straws here, perhaps when you upgraded the daemon wasn't restarted? ... ClamUpdateLog.txt says: ClamAV update process started at Sat Jul 24 19:19:00 2021 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.103.2 Recommended version: 0.103.3 Since you seem to be using ClamWin you will either have to live with these warnings or use the Windows version from upstream. Personally after what I've seen of ClamWin I'd steer clear of it. See comments in the list archives for example: https://lists.clamav.net/pipermail/clamav-users/2021-June/011286.html daily database available for update (local version: 26241, remote version: 26242) Testing database: 'C:\ProgramData\.clamwin\db\tmp.5c43b1ecb8\clamav-632317d6ea0ad37e91e81295e905073d.tmp-daily.cld' ... Database test passed. daily.cld updated (version: 26242, sigs: 1963537, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) Your update process seem to be working OK. Here's my freshclam log (on Linux!) for about that time, as you see the numbers all match: Sat Jul 24 20:21:55 2021 -> Received signal: wake up Sat Jul 24 20:21:55 2021 -> ClamAV update process started at Sat Jul 24 20:21:55 2021 Sat Jul 24 20:21:56 2021 -> daily.cld database is up-to-date (version: 26242, sigs: 1963537, f-level: 90, builder: raynman) Sat Jul 24 20:21:56 2021 -> main.cvd database is up-to-date (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr) Sat Jul 24 20:21:56 2021 -> bytecode.cld database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) Deleted daily.cld/main.cvd and downloaded with a new copy from clamwin website. After 24hrs of monitoring, the error occured again after the update. I'm not sure if this is normal or what. I'm not sure what's normal for ClamWin. Why not just use the official sources and CDN? In case it helps, if you check the MD5sum for the main database it should be 8192d77d0032163244c7323a80d5f228 and I wouldn't expect that file to change for quite some time since it's only very recently been updated. -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Clamd.log ERROR: reload_th: Database load failed: Malformed
Hi, I've been monitoring the clamd.log for my email server this past few weeks and I've seen errors like this everyday. Sat Jul 24 19:28:27 2021 -> SelfCheck: Database modification detected. Forcing reload. Sat Jul 24 19:28:27 2021 -> Reading databases from C:\ProgramData\.clamwin\db Sat Jul 24 19:28:39 2021 -> ERROR: reload_th: Database load failed: Malformed database Sat Jul 24 19:28:40 2021 -> WARNING: Database reload failed, keeping the previous instance Sat Jul 24 19:38:40 2021 -> SelfCheck: Database status OK. Sat Jul 24 19:48:40 2021 -> SelfCheck: Database status OK. ClamUpdateLog.txt says: ClamAV update process started at Sat Jul 24 19:19:00 2021 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.103.2 Recommended version: 0.103.3 DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav daily database available for update (local version: 26241, remote version: 26242) Testing database: 'C:\ProgramData\.clamwin\db\tmp.5c43b1ecb8\clamav-632317d6ea0ad37e91e81295e905073d.tmp-daily.cld' ... Database test passed. daily.cld updated (version: 26242, sigs: 1963537, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) -- ClamAV update process started at Sun Jul 25 16:36:47 2021 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.103.2 Recommended version: 0.103.3 DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav daily database available for update (local version: 26242, remote version: 26243) Testing database: 'C:\ProgramData\.clamwin\db\tmp.fb09daa860\clamav-7d3f7a7d0ecf2b67df3ef7ed1de0cc43.tmp-daily.cld' ... Database test passed. daily.cld updated (version: 26243, sigs: 1963769, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) Deleted daily.cld/main.cvd and downloaded with a new copy from clamwin website. After 24hrs of monitoring, the error occured again after the update. I'm not sure if this is normal or what. clamd.log Mon Jul 26 18:58:41 2021 -> SelfCheck: Database status OK. Mon Jul 26 19:08:42 2021 -> SelfCheck: Database status OK. Mon Jul 26 19:18:42 2021 -> SelfCheck: Database status OK. Mon Jul 26 19:28:42 2021 -> SelfCheck: Database modification detected. Forcing reload. Mon Jul 26 19:28:42 2021 -> Reading databases from C:\ProgramData\.clamwin\db Mon Jul 26 19:28:55 2021 -> ERROR: reload_th: Database load failed: Malformed database Mon Jul 26 19:28:56 2021 -> WARNING: Database reload failed, keeping the previous instance clamUpdate logClamAV update process started at Mon Jul 26 19:19:00 2021 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.103.2 Recommended version: 0.103.3 DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav daily database available for update (local version: 26243, remote version: 26244) Testing database: 'C:\ProgramData\.clamwin\db\tmp.d9f25da0b7\clamav-014be9f588f4d9ebe492edad93a97db3.tmp-daily.cld' ... Database test passed. daily.cld updated (version: 26244, sigs: 1964055, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
