Mailing List Archive

Dear,




This is happening because it takes time to load all the signatures.


Using clamdscan instead clamscan will probably giving you sub-second scan because all the signatures are already loaded into memory and it's just waiting for a scan.




Best regards,


Iulian




Get Outlook for Android







On Wed, Jul 31, 2019 at 1:09 AM +0300, "Stefan Bauer via clamav-users" <clamav-users@lists.clamav.net> wrote:










Hi folks,
root@mx1:~# clamscan scan335019041109350063746475.pdf.exe
scan335019041109350063746475.pdf.exe: SecuriteInfo.com.Adware.Generic4.BBFB.UNOFFICIAL FOUND

----------- SCAN SUMMARY -----------
Known viruses: 10454740
Engine version: 0.101.2
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.12 MB
Data read: 0.90 MB (ratio 0.14:1)
Time: 135.895 sec (2 m 15 s)
Why is this so slow? I see almost 100% cpu. But seriously on a 1MB file 2 mines? What could cause this high load? Can i speed this up a bit with kind of cache or something?
thank you! :)

> Why is this so slow? I see almost 100% cpu. But seriously on a 1MB file 2
> mines? What could cause this high load? Can i speed this up a bit with kind
> of cache or something?

Basically what Iulian said... When running 'clamscan' it takes a while
(especially if you have 3rd party rules) to load & parse them all into
memory.

A much more efficient way is to have the 'clamd' service running and
use 'clamdscan'. The only catch is user/file permissions as typically
clamd runs as its own user.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml