Problem
NetBackup malware detection scan fails if Avira scanner utility is not able to update itself
Error Message
Error in /usr/openv/logs/ncfnbcs log of media server:
<Logs have been trimmed to include only necessary error lines>5/11/2022 17:39:56.633 [Debug] NB 51216 ncfnbcs 366 PID:25353 TID:4294967295 File ID:366 [No context] 1 [MalwareCmd::executeCmd] Received command : scan, options : -worklistid 31 -malwaretool NetBackup_Malware_Scanner -mountdestpath /tmp/malware/31/MalwareMount/31 (../helper/MalwareCmdMgmt.cpp:382)
5/11/2022 17:44:24.529 [Debug] NB 51216 ncfnbcs 366 PID:25353 TID:4294967295 File ID:366 [No context] 6 [RemoteCliHandler::getCommandStatus] Command stderr response : {"operation":"scan","errorcode":33,"errormessage":"Failed to update the NetBackup Malware Scanner.","errorstring":"","resultfilepath":"NO-RESULT"}
5/11/2022 17:44:24.529 [Debug] NB 51216 ncfnbcs 366 PID:25353 TID:4294967295 File ID:366 [No context] 6 [MalwareCmd::executeCmd] [DEBUG] Get Status - std err response : {"operation":"scan","errorcode":33,"errormessage":"Failed to update the NetBackup Malware Scanner.","errorstring":"","resultfilepath":"NO-RESULT"}
5/11/2022 17:44:24.529 [Debug] NB 51216 ncfnbcs 366 PID:25353 TID:4294967295 File ID:366 [No context] 6 [MalwareCmd::parseCommandResponse] errcode : 33 (../helper/MalwareCmdMgmt.cpp:519)
5/11/2022 17:44:24.529 [Debug] NB 51216 ncfnbcs 366 PID:25353 TID:4294967295 File ID:366 [No context] 6 [MalwareCmd::parseCommandResponse] errmessage : Failed to update the NetBackup Malware Scanner. (../helper/MalwareCmdMgmt.cpp:520)
5/11/2022 17:44:24.529 [Debug] NB 51216 ncfnbcs 366 PID:25353 TID:4294967295 File ID:366 [No context] 1 [MalwareCmd::parseCommandResponse] Operation scanfailed error : 33,Failed to update the NetBackup Malware Scanner. (../helper/MalwareCmdMgmt.cpp:523)
5/11/2022 17:44:24.529 [Debug] NB 51216 ncfnbcs 366 PID:25353 TID:4294967295 File ID:366 [No context] 6 [MalwareCmd::parseCommandResponse] Scan result file path : NO-RESULT (../helper/MalwareCmdMgmt.cpp:532)
5/11/2022 17:44:40.229 [Debug] NB 51216 ncfnbcs 366 PID:25353 TID:4294967295 File ID:366 [No context] 1 [MalwareCmd::scan] Failed to get scan results, Error : -1 (../helper/MalwareCmdMgmt.cpp:214)
5/11/2022 17:44:40.230 [Debug] NB 51216 ncfnbcs 366 PID:25353 TID:4294967295 File ID:366 [No context] 6 [MalwareCmd::updateMalwareUtilStatus] m_errCode : 33 (../helper/MalwareCmdMgmt.cpp:646)
5/11/2022 17:44:55.803 [Debug] NB 51216 ncfnbcs 366 PID:25353 TID:4294967295 File ID:366 [No context] 1 [MalwareScanOperationHandler::objReceived] errMsg :Failed to perform malware scan of the backup image. (../MalwareScanOperationHandler.cpp:204)
Error in /usr/openv/netbackup/logs/nbmalwarescanner logs of media server:
May 11 17:40:56 +0800 (debug: avira_scan) Running command : pgrep -f <Avira_scanner_intall_path>/bin/update.sh
May 11 17:40:56 +0800 (debug: avira_scan) Running command : cd <Avira_scanner_intall_path>/bin && update.sh
May 11 17:40:56 +0800 (debug: avira_scan) Avira update try count <4>
May 11 17:41:13 +0800 (debug: avira_scan) Update command return code : 65280
May 11 17:41:13 +0800 (debug: avira_scan) Update command stdout details:
May 11 17:41:13 +0800 (debug: avira_scan) Update command stderr details : Error: No other server, update aborted
Error in avupdate.log of Scan host
11/05/2022 17:54:25 <scan_host_name> avupdate.bin[31614]: UPD: INFO: Avupdate Version: 2.6.7.23
11/05/2022 17:54:25 <scan_host_name> avupdate.bin[31614]: UPD: INFO: Operating System: LINUX X86_64 4.18.0-80.EL8.X86_64
11/05/2022 17:54:25 <scan_host_name> avupdate.bin[31614]: UPD: INFO: Installation Directory: .
11/05/2022 17:54:25 <scan_host_name> avupdate.bin[31614]: UPD: INFO: Backup Directory: ./avupdate_backup
11/05/2022 17:54:25 <scan_host_name> avupdate.bin[31614]: UPD: INFO: Temp Directory: ./tmp/avupdate_tmp_eQJa4N
11/05/2022 17:54:25 <scan_host_name> avupdate.bin[31614]: UPD: INFO: Cache Modules Directory: ./idx
11/05/2022 17:54:25 <scan_host_name> avupdate.bin[31614]: UPD: INFO: Proxy settings: Direct connection
11/05/2022 17:54:25 <scan_host_name> avupdate.bin[31614]: UPD: INFO: Downloading https://oem.avira-update.com/update/idx/master.idx to ./tmp/avupdate_tmp_eQJa4N/idx/master.idx
11/05/2022 17:54:42 <scan_host_name> avupdate.bin[31614]: UPD: ERROR: No other server, update aborted
Cause
Scan host tries to connect to https://oem.avira-update.com to download the update before running the scan.
Inability to make this connection, causes the upgrade to fail and ultimately NetBackup malware detection scan also fails.
Solution
Please ensure that Scan host can connect to https://oem.avira-update.com and has required permission at operating system level to download the update.
To test the Avira update manually, you may run update.sh from Avira install path.
You can also configure mirror server for signature update using steps mentioned in 10.2 Security and Encryption Guide.
Note: Mirror server configuration is newly added to NetBackup 10.2 Security and Encryption Guide, however the configuration will work for all previous NetBackup 10.x versions.
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.