Using AV clamscan question
hello
i installed av clam and i can scan manually correctly but then i wanted to set a chron job for my domains
i used this from the documentation :
(i do not know how to edit this so i though it will work) but i received this error : /usr/local/cpanel/bin/jailshell: /root/infections: No such file or directory is this a sign that there is no infections or the directory is missing ?!
for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i 2>>/dev/null; done >> /root/infections&
(i do not know how to edit this so i though it will work) but i received this error : /usr/local/cpanel/bin/jailshell: /root/infections: No such file or directory is this a sign that there is no infections or the directory is missing ?!
-
but i received this error : /usr/local/cpanel/bin/jailshell: /root/infections: No such file or directory
Hello, You will need to add that cron job as "root" rather than as an account. To edit the root crontab, login via SSH as root and add it as a new line using the "crontab -e" command. Thank you.0 -
Hello, You will need to add that cron job as "root" rather than as an account. To edit the root crontab, login via SSH as root and add it as a new line using the "crontab -e" command. Thank you.
can i d it via gui in whm ? if not what is the entire command to be added from ssh ? thank you0 -
Hello, There are no native features that allow you to add root cron jobs via Web Host Manager. Here's the full command to use while logged in via SSH as "root": crontab -e
The following thread provides more information on this topic: Cron Job Thank you.0 -
Hello, There are no native features that allow you to add root cron jobs via Web Host Manager. Here's the full command to use while logged in via SSH as "root":
crontab -e
The following thread provides more information on this topic: Cron Job Thank you.
i have access to ssh but 1-he says to make a file and put this in it : #!/bin/bash for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i 2>>/dev/null; done >> /root/infections& how ?!0 -
Hello, Rather than setting up a custom bash script, you may simply want to add the following cron job when using the "crontab -e" command: 0 5 * * * /usr/local/cpanel/3rdparty/bin/clamscan -ir /home/ | mail -s "subject" your@email.com
This will scan the entire home directory every night at 5AM and email you the results. Thank you.0 -
Hello, Rather than setting up a custom bash script, you may simply want to add the following cron job when using the "crontab -e" command:
0 5 * * * /usr/local/cpanel/3rdparty/bin/clamscan -ir /home/ | mail -s "subject" your@email.com
This will scan the entire home directory every night at 5AM and email you the results. Thank you.
when i put crontab -e i get the following picture .. how can i add the command ?0 -
Hello, It loads the default text editor. You'd need to review the following third-party URLs for help using nano or vi: The Beginner"s Guide to Nano, the Linux Command-Line Text Editor Using vi, the Unix Visual Editor Thank you. 0 -
thank you .. i added it .. now i will wait for tomorrow and see the results 0 -
Hello, Rather than setting up a custom bash script, you may simply want to add the following cron job when using the "crontab -e" command:
0 5 * * * /usr/local/cpanel/3rdparty/bin/clamscan -ir /home/ | mail -s "subject" your@email.com
This will scan the entire home directory every night at 5AM and email you the results. Thank you.
i added it but did not receive an email the next day ..how can i check what happened ?!0 -
i am sorry .. i received now this email .. but i did not know what happened with the infected items /home/virtfs/africatc/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/africatc/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/africatc/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/africatc/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/safrimex/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/safrimex/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/safrimex/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/safrimex/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/sonades/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/sonades/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/sonades/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/sonades/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/groupsoc/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/groupsoc/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/groupsoc/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/groupsoc/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/centralm/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/centralm/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/centralm/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/centralm/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/alliancelibanais/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/alliancelibanais/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/alliancelibanais/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/alliancelibanais/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/megatran/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/megatran/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/megatran/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/megatran/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/clcongo/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/clcongo/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/clcongo/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/clcongo/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/jpbv/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/jpbv/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/jpbv/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/jpbv/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/congooil/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/congooil/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/congooil/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/congooil/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/national/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/national/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/national/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/national/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/socimex/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/socimex/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/socimex/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/socimex/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/inspecta/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/inspecta/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/inspecta/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/inspecta/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/socitran/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.6.5_2.7/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND /home/virtfs/socitran/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.7.1_2.8/diff: Html.Exploit.CVE_2014_1804-1 FOUND /home/virtfs/socitran/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND /home/virtfs/socitran/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/2.9.2_3.0.1/diff: Html.Exploit.CVE_2017_0221-6306915-0 FOUND ----------- SCAN SUMMARY ----------- Known viruses: 6303701 Engine version: 0.99.2 Scanned directories: 257591 Scanned files: 2014099 Infected files: 56 Data scanned: 108467.41 MB Data read: 151413.93 MB (ratio 0.72:1) Time: 28089.460 sec (468 m 9 s)
and this :LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes
0 -
Hello, You can find a similiar thread here: infected files in virtfs LibClamAV Warning: cli_scanxz: decompress file size exceeds limits
This is answered on the following third-party URL: what does this clamAV message mean? Thank you.0 -
Hello, You can find a similiar thread here: infected files in virtfs This is answered on the following third-party URL: what does this clamAV message mean? Thank you.
thank you for your input .. i understand the size limitations now .. but for the first email about the virtfs i still dont understand what to do ..would be fixed if i remove wordpress addons ?0 -
thank you for your input .. i understand the size limitations now .. but for the first email about the virtfs i still dont understand what to do ..would be fixed if i remove wordpress addons ?
The output suggests those files only exist in the /home/virtfs/$username directories and not under the account's home directory. You should never manually alter or remove files from the VirtFS directory. You can read about how to clear the VirtFS mounts at: VirtFS - Jailed Shell - Documentation - cPanel Documentation Thank you.0
Please sign in to leave a comment.
Comments
13 comments