NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

HansRL's avatar
HansRL
Apprentice
Jul 10, 2020
Solved

Antivirus scanner definition file update failed

ReadyNAS 212 OSversion 6.10.3 Since a couple of days (starting July 5th) my virus definition file update failes.. stating check internet-connection ; my internet connection is fine because the rea...
  • HansRL's avatar
    HansRL
    Dec 23, 2020

    I kept getting errors while executing command: 'systemctl status clamav-freshclam.service' ; see below

         root@Geldrop:~# systemctl status clamav-freshclam.service
         ● clamav-freshclam.service - ClamAV virus database updater
         Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; static; vendor preset: disabled)
         Active: failed (Result: exit-code) since Wed 2020-12-23 14:33:45 CET; 15s ago
        Process: 6263 ExecStart=/usr/bin/freshclam --quiet (code=exited, status=1/FAILURE)
        Main PID: 6263 (code=exited, status=1/FAILURE)

        Dec 23 14:33:45 Geldrop systemd[1]: Starting ClamAV virus database updater...
        Dec 23 14:33:45 Geldrop freshclam[6263]: ClamAV update process started at Wed Dec 23 14:33:45 2020
        Dec 23 14:33:45 Geldrop freshclam[6263]: main.cvd is up to date (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
        Dec 23 14:33:45 Geldrop freshclam[6263]: daily.cld is up to date (version: 26026, sigs: 4328586, f-level: 63, builder: raynman)
        Dec 23 14:33:45 Geldrop freshclam[6263]: bytecode.cvd is up to date (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
        Dec 23 14:33:45 Geldrop systemd[1]: clamav-freshclam.service: Main process exited, code=exited, status=1/FAILURE
        Dec 23 14:33:45 Geldrop systemd[1]: Failed to start ClamAV virus database updater.
        Dec 23 14:33:45 Geldrop systemd[1]: clamav-freshclam.service: Unit entered failed state.
        Dec 23 14:33:45 Geldrop systemd[1]: clamav-freshclam.service: Failed with result 'exit-code'.

     

    The following I did after reading the following web-page (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972974):
    stopping clamav: 'systemctl stop clamav-daemon'

    stopping clamav freshclam: 'systemctl stop clamav-freshclam'

    adjusting member 'usr.bin.freshclam' in dir: /etc/apparmor.d ; adding 'capability dac_override,' and 'capability chown,'

     

              capability setgid,
              capability setuid,
              capability dac_override,
              capability chown,

     

    removing all file from dir: '/var/lib/clamav' (bytecode ; daily ; main ; mirrors ; antivir)

    starting clamav : 'systemctl start clamav-daemon'

    starting clamav freshclam: 'systemctl start clamav-freshclam'

     

    starting 'clamav freshclam' takes a while (about 2 minutes, I guess) and afterwards it looks like the normal databased-updater is working again.... lets see what happens the coming days...

     

    regards

     

     

TerryJColes's avatar
TerryJColes
Luminary
Jan 26, 2021
RuthMarshall wrote:

To be honest I don't remember exactly which product he installed McAfee LiveSafe or Total Protection but if you're interested in more details, I can find out.

Ruth,

 

Are you sure about this?  The ReadyNAS is a Linux server and as far as I can tell, McAfee software only runs on Windows, MacOS, iOS or Anfroid devices.  Furthermore, even if it ran on Linux I suspect a full grahical desktop would be required and the ReadyNAS only offers a browser interface and a shell based login via SSH.

 

Maybe he installed McAfee on his PC?  To be honest he should be doing that anyway because it could be some time before an infected file found its way from his device to the ReadyNAS.

slavrenz's avatar
slavrenz
Aspirant
Jan 26, 2021

Agreed. Even if this did work (and I doubt it), this is not a solution for 98% of people who have no interest or ability to SSH into their ReadyNas to install a 3rd party solution.

 

And it's not like McAfee's antivirus has never accidentally deleted critical system files that it thought were viruses before; I would never trust their products on one of my systems.

  • Sandshark's avatar
    Sandshark
    Sensei
    Jan 26, 2021

    Netgear contacted me mistakenly thinking that my posting to this thread meant I had this issue.  So, I can at least tell you they are working on the problem.

    • kcejo's avatar
      kcejo
      Tutor
      Jan 26, 2021

      Thank you, TerryJColes, for going through the beginning steps of what you did.  I run Windows, so I would assume you would open a Command window to enter the code that needs to be entered, but I could be wrong.  Anyway, I doubt I'll be doing much of that since I remember all too well what happened when people who didn't know what they were doing in DOS would come to me for help after they tried doing something they shouldn't have.  I'd rather just unplug it and plug it back in when needed, much easier to do.

       

      In any case, Netgear has contacted me again to get log files and to have me enable the Secure Diagnostics Mode to try and find a solution to the problem.  So, I've plugged the thing back in, hoping they'll be able to fix it for everybody.  As long as the person who contacted me through Netgear's private message system really is a ReadyNAS engineer, maybe a fix is in the works.  My ReadyNAS was accessed from China after I communicated with this engineer, so I'm hoping there are Netgear engineers in China....  The last Netgear person who contacted me like this fixed the problem for us for a while, but he had posted in this thread before.  We'll see.  I'm happy to hear that another person was contacted by Netgear about it.  Aaand I just now got the antivirus error again today.  I hate that my machine is unprotected while they may or may not be working on it.

      • TerryJColes's avatar
        TerryJColes
        Luminary
        Jan 26, 2021

         kcejo 

         

        It wasn't actually me that detailed the steps; that honour goes to @NormanP and @StephenB.

         

        You cannot use a Windows command line (not directly anyway) to enter the commands.  These have to be entered into the Linux shell on the ReadyNAS.  The only way to do that is to enable SSH in the Administrator pages and then log in to the ReadyNAS as root.  On a Linux machine the command (in a terminal) would be:

        ssh root@<IP Address of the ReadyNAS>

        You will be prompted for a password; use the one you set for the Administrator.

         

        On Windows or Mac there are SSH clients, which should allow you to do the above, but they tend to be a graphical tools with fields to enter the key parameters, such as IP Address, username and password.  I don't use one so I can't help you there.

         

        I too was contacted by Netgear, but since I have used the manual fix, my logfiles are probably of no use to them.  I'm glad that you've agreed to help?  (If anyone else on here is asked; please say yes.)

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More