I was sending a file using ftp from one box to another. The file is a tar.gz. Size is 836kb. Yes kilobytes !

The ftp sending is stuck for nearly 20 minutes and clamav uses 1 core at 100% all that time.
Any idea why this happens ?
I was watching lately clamav work like crazy but I just found out why !

32582 root 20 0 425m 287m 6704 S 101.2 7.3 20:02.47 clamd

I finally had to kill manually the clamav proccess.

Any ideas ?

I keep having a great issue even after the update of the clamav a few days ago.

It takes forever to upload a small file through the ftp somethimes.
Example i am trying to send through ftp a 2mbyte .bz2 mysqldump from somewhere else and it gets stuck forever !!!

Generally clamav keeps being a p**n in the **s.

Could we disable the freshclam cron and everything from being scanned through clamav and once in a while manually run it to scan files stored in the hdd ???

Regards

I suspect there may be more to it than this.

We regularly upload video files that are 100Mb+ with no problems at all.

Obviously, a tar.gz would need to be unpacked twice before it could be scanned, which would not be the case for a video file.

ALSO, I expect there's a setting somewhere that says don't scan files that are more than X Mb in size, so maybe they aren't getting scanned at all.

But I really don't think a 2Mb ta.rgz file should tax Clamd at all.

Have you tried disabling the Google Safe Browsing rules, in case the increased memory overhead these add to clamd might be a possible cause? Obviously this is not ideal, but it is better than switching it off completely I suppose.

Nope thats not the thing. If I send a 40-50 mbyte tar.gz with normal files it passes through very fast.
But some files such as zipped databses make clamd consume the whole cpu for a heck of a long time !!!!

What do you see with clamdtop?