[Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Q'center app, Helpdesk app
Post Reply
tsberry561
New here
Posts: 8
Joined: Thu May 16, 2019 12:10 pm

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by tsberry561 »

You're welcome usefulvid !
tsberry561
New here
Posts: 8
Joined: Thu May 16, 2019 12:10 pm

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by tsberry561 »

usefulvid wrote: Wed May 27, 2020 8:26 pm Please check my start post.
I apologize for not noticing. Could you check to make sure your installation has all the files?
User avatar
usefulvid
Starting out
Posts: 33
Joined: Thu Oct 11, 2018 5:00 pm

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by usefulvid »

Could you check to make sure your installation has all the files?
What are you talking about?
tsberry561
New here
Posts: 8
Joined: Thu May 16, 2019 12:10 pm

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by tsberry561 »

Please check the clamav blog. There is a bug which affects users downloading the antivirus database. For some users upgrading to the latest version is recommended.
User avatar
Briain
Experience counts
Posts: 1749
Joined: Tue Apr 20, 2010 11:56 pm
Location: Edinburgh (Scotland)

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by Briain »

Hi tsbetty561 and thank you for pointing me at the blog. I spotted the appropriate comment under patch 0.102.2 'Fixed an issue where freshclam failed to update if the database version downloaded is one version older than advertised', so then I used usefulvid's command line tricks to manually update the files and all is now good. Not only did it update to today's AV (according to the QTS AV section, the last successful update was performed on 6th) but a manual update request now also works (and even the CLI triggering of the Qnap update process (/bin/sh -xxxx /etc/init.d/antivirus.sh update_db) now contains a line ending with 'Update Complete'.

There was a similar question on another thread, so I explained my journey and how I'd fixed things based on your posts, crediting both of yourselves for doing all the hard work, of course: viewtopic.php?f=345&t=152727&p=755871#p755871

So a huge thank you to usefulvid for posting that CLI update procedure and a thank you to tsbetty561 for pointing us towards the clamav blog.

Kind regards,
Briain
TS-119, 1 X Seagate ~~ TS-219, 2 X Seagate (R1) ~~ TS-453A, 2 X 3 TB WD Red (R1) ~~ TS-659, 5 X 1 TB Hitachi Enterprise (R6)
APC Smart-UPS 750
User avatar
Briain
Experience counts
Posts: 1749
Joined: Tue Apr 20, 2010 11:56 pm
Location: Edinburgh (Scotland)

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by Briain »

Interestingly, the automatic update failed again both yesterday and today, so I just tried the 'Update now' button and that failed too. Odd; it was all working after I'd performed the other tricks, so I'll just give up for now (I don't run AV on my Debian machines and the Windows machine doesn't have access to my Qnaps, so I'm not that bothered about it).
Briain
TS-119, 1 X Seagate ~~ TS-219, 2 X Seagate (R1) ~~ TS-453A, 2 X 3 TB WD Red (R1) ~~ TS-659, 5 X 1 TB Hitachi Enterprise (R6)
APC Smart-UPS 750
User avatar
usefulvid
Starting out
Posts: 33
Joined: Thu Oct 11, 2018 5:00 pm

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by usefulvid »

Just checked on my site and it fails again without a notification mail.
User avatar
usefulvid
Starting out
Posts: 33
Joined: Thu Oct 11, 2018 5:00 pm

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by usefulvid »

QNAP support is convinced what I have been victim of a malware.
I am not convinced because my devices are kept up to date and behind a firewall.
I always used generated passwords and 2FA.
I did not suffer from any encryption or whatsoever.
I could also not find and entries in the hosts file.
Due to qnaps bad information politic there is no way for me to check this in further detail, the security advisories do not give any help.
The same thing happens on my second nas which is also behind a firewall and only rund for about one hour a day.
They just reflashed the firmware to correct some config files. I already did 2 updates since the problem occured so no idea why flashing it again should help in any way.
User avatar
Briain
Experience counts
Posts: 1749
Joined: Tue Apr 20, 2010 11:56 pm
Location: Edinburgh (Scotland)

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by Briain »

Hi

I'm not convinced that it's malware for all the same reasons that you've listed above. In addition, I've gone to extreme lengths to protect my network (including running Sophos UTM with https inspection enabled for the past 4 years), my network is segmented (so things like my Roku and TV are not the same subnet as my NAS), I am the sole user of my network, my Qnaps run the very minimum of applications (and I use no cloud based services), I use Debian on my laptop and most critically, I don't go casually browsing (dredging) the Internet, so though anything is of course possible, in my case it is fairly unlikely that anything nefarious has found its way onto the NAS.

As I mentioned a few posts back, manually updating (wget the files, updating via the CLI, then restarting the AV via the QTS interface) appeared to fix things, then the next day it failed (and it's failed every day since then) so I've just run through that procedure again and once again, that appears to have worked (and the 'Update Now' button also works) so will be very interesting to see if it fails again tomorrow (I'll post back when I know).

Kind regards,
Briain
TS-119, 1 X Seagate ~~ TS-219, 2 X Seagate (R1) ~~ TS-453A, 2 X 3 TB WD Red (R1) ~~ TS-659, 5 X 1 TB Hitachi Enterprise (R6)
APC Smart-UPS 750
User avatar
usefulvid
Starting out
Posts: 33
Joined: Thu Oct 11, 2018 5:00 pm

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by usefulvid »

Same here, wget works also for me its only the freshclam mechnism which fails.
User avatar
Briain
Experience counts
Posts: 1749
Joined: Tue Apr 20, 2010 11:56 pm
Location: Edinburgh (Scotland)

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by Briain »

It's odd in that when I run /bin/sh -xxxx /etc/init.d/antivirus.sh update_db it fails (and with an exits 1 at the end) then after doing the wget update procedure, when I then run /bin/sh -xxxx /etc/init.d/antivirus.sh update_db it updates and ends with exits with a 0 which, of course, is what it should do. That update_db is the same process that crontab runs to update the AV, so clearly something is corrupting things overnight (maybe another crontab activity). When I get some time (and assuming it breaks again tomorrow) I'll fix it, then manually run the crontab activities to see if that breaks the update_db process (then if so, it'll simply be a case of finding which one it is).

Kind regards,
Briain
TS-119, 1 X Seagate ~~ TS-219, 2 X Seagate (R1) ~~ TS-453A, 2 X 3 TB WD Red (R1) ~~ TS-659, 5 X 1 TB Hitachi Enterprise (R6)
APC Smart-UPS 750
User avatar
usefulvid
Starting out
Posts: 33
Joined: Thu Oct 11, 2018 5:00 pm

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by usefulvid »

Did you open up a ticket?
User avatar
Briain
Experience counts
Posts: 1749
Joined: Tue Apr 20, 2010 11:56 pm
Location: Edinburgh (Scotland)

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by Briain »

Hi

I haven't yet opened a ticket. Interestingly, I just tried /bin/sh -xxxx /etc/init.d/antivirus.sh update_db and this time it failed, so something has broken it over the past few hours.

Briain
TS-119, 1 X Seagate ~~ TS-219, 2 X Seagate (R1) ~~ TS-453A, 2 X 3 TB WD Red (R1) ~~ TS-659, 5 X 1 TB Hitachi Enterprise (R6)
APC Smart-UPS 750
User avatar
Briain
Experience counts
Posts: 1749
Joined: Tue Apr 20, 2010 11:56 pm
Location: Edinburgh (Scotland)

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by Briain »

Incidentally, several years ago I was quite familiar with crontab (and there weren't that many activities within it) but I see that it now contains about 27 entries; good grief! When time permits, I must try to figure out what the heck they're all there for.
TS-119, 1 X Seagate ~~ TS-219, 2 X Seagate (R1) ~~ TS-453A, 2 X 3 TB WD Red (R1) ~~ TS-659, 5 X 1 TB Hitachi Enterprise (R6)
APC Smart-UPS 750
User avatar
Briain
Experience counts
Posts: 1749
Joined: Tue Apr 20, 2010 11:56 pm
Location: Edinburgh (Scotland)

Re: [Antivirus] Failed to update virus definitions. Update definitions manually, or try again later.

Post by Briain »

I've just again repaired it and I'll check (via running the CLI update) every hour to give me an idea of how long it takes for it to get broken.
TS-119, 1 X Seagate ~~ TS-219, 2 X Seagate (R1) ~~ TS-453A, 2 X 3 TB WD Red (R1) ~~ TS-659, 5 X 1 TB Hitachi Enterprise (R6)
APC Smart-UPS 750
Post Reply

Return to “NAS Management”