clamav error RSS Back to forum
Hello Maximiliano,
Could you send me the whole error message, please? I believe the "agent output" information is missing. Just double-click the relevant log record in the Log Viewer and see/copy the "Message" details.
Thank you!
@Daniel Novak (Vamsoft):
Thank you for the answer, Daniel.
Message External Agent "ClamAV for Windows" reported error (exit code 2, comment "ClamAV error"). Taking no action.
Details Filtering Point On Arrival
Event Class System Event
Severity Warning
Show Less Details...
Server
Event Source Microsoft® Exchange Server
HELO Domain (not available)
Message ID (not available)
Log Mode Verbose
Thank you for the additional details. Could you try to add the localhost IP 127.0.0.1 to the clamd.conf file (which can be found in the ClamAV directory) to see whether that solves the issue? Make sure to save the clamd.conf file after editing it, though. Unfortunately, the error message does not tell us much, but the error could be caused by a connectivity issue between clamdscan and the clamD service and this could fix it.
@Daniel Novak (Vamsoft):
Hello,Daniel! Thank you for the answer! I added the IP address to the clamd.conf file, and this error was fixed, but now a new error notification has appeared on the system.
Summary
An operation has failed unexpectedly - recommended to investigate this event.
Time 31 may 2018 г. 11:52:36 GMT+0600
Sender Email ;
Recipient Emails •
Related IP
Action (not available)
Email Subject test message
Message
Timeout waiting for External Agent "ClamAV for Windows" to finish.
@Maximiliano:
Hello Maximiliano,
Unless you see this error logged for each tested email, there is nothing to worry about, really. The message simply indicates that the ClamAV command line scanner failed to complete the scan of an .eml file within the timespan allowed in the ORF configuration (Blacklists > Clam AV for Windows > Run tab) - which can be normal.
However, if this is recurring issue, you should:
1) Make sure that the "Path to temporary files" path on the 'Blacklists > External Agents' page points to a directory that exists and(!) is excluded from any anti-virus filtering - otherwise the .eml file may be erased/locked before it could be scanned by ORF.
2) Try to increase the "Timeout" value set for ClamAV by 5-10 seconds to see if that solves the problem (ORF Administration Tool: External Agents > ClamAV for Windows (double-click) > Run tab > Timeout Control).
hmm. I got this error too.
I've added 127.0.0.1 to clamd.conf to fix it.
so it looks like this now
---
TCPSocket 3310
TCPAddr 127.0.0.1
MaxThreads 2
LogFile c:\Clamav\clamd.log
DatabaseDirectory c:\clamav\db
Just set this up and had to do the same, probably should be added to the install steps/tutorial.
It's come back again ... getting a lot of complaints that PDF attachments are getting corrupted as well.
I have the timeout set up to 35 Seconds and it is still doing it?? Any thoughts
I think you meant to reply to this one: https://vamsoft.com/forum/topic/802/clamav-timeouts
Hello!
I installed clamav, the services are started but in the error log :
External Agent "ClamAV for Windows" reported error (exit code 2, comment "ClamAV error"). Taking no action.
How do I fix it?