Multiple machines failing /w disk errors and virus warnings


I have been running UrBackup 2.2.11 for a few months now and all has been well until recently, where multiple machines are failing file level backups with messages related to disk errors or virus warnings like the message below.

Obviously not all of these computers have disk errors and viruses… What can I do to fix this?

That error could definitely be virus javascript in a web page the user visited with Chrome. Are there other examples?

Sure thing, here’s another. Turns out, I may have been exaggerating… these errors are only happening on a couple of machines. Is this something I need to worry about? It looks like these errors are stopping the backup from completing.

First, I’d adjust your exclusion list. Append things like:
;*\Temporary Internet Files\*;*\AppData\Local\Google\Chrome\User Data\Default\Cache\*

I’m trying to work on making the default exclude list a little better, there’s a bunch of redundancy and other issues with it atm. Till then, you’ll have to manage manually. Read:

Your other options is Settings | Advanced | Check “Do not fail backups in case of hash mismatches or read errors”

Thank you! I added those directories to my excluded list and also set the option you recommended in Advanced settings as well.

Looking forward to the fixes – really enjoying this open source self hosted solution! Keep up the good work.

The proper solution would be to exclude d:\urbackup from your on-access virus scanner on the server

Oddly enough – that directory was already excluded from the anti-virus software installed on the server.

Various backups are still failing after applying the changes suggested by silversword. Additionally, the D:\urbackup directory has been excluded from our anti-virus console. Any other ideas?

ERROR: Error opening file “\?\D:\urbackup\Infinity Dallas - Dr. Patel\180618-2103.b68xO+K9SCOF35cLk4Bf9Q\25” for reading file. File: temp_fn. Operation did not complete successfully because the file contains a virus or potentially unwanted software. (code: 225) Target path: “D:\urbackup\Infinity Dallas - Dr. Patel\180618-2103\C\xperver.exe”
ERROR: Error opening file “\?\D:\urbackup\Infinity Dallas - Dr. Patel\180618-2103.b68xO+K9SCOF35cLk4Bf9Q\16045” for reading file. File: temp_fn. Operation did not complete successfully because the file contains a virus or potentially unwanted software. (code: 225) Target path: “D:\urbackup\Infinity Dallas - Dr. Patel\180618-2103\C\Windows\System32\xperver.exe”
WARNING: Not all folder metadata could be applied. Metadata was inconsistent.
ERROR: FATAL: Backup failed because of disk problems (see previous messages)

Do you have the UrBackup server on the same machine as the UrBackup client, and it’s backing itself up?

Also you should investigate what that file is: Windows\System32\xperver.exe . Never seen that file name before, looks suspicious.

Hi Silversword-

No the server is located in my colo, this client in particular is in another office.

xpserver.exe appears to be related to the database that is running on this client’s machine:

This machine failed backup again today:
ERROR: Error opening file “\?\D:\urbackup\Infinity Dallas - Dr. Patel\180619-2104.b68xO+K9SCOF35cLk4Bf9Q\25” for reading file. File: temp_fn. Operation did not complete successfully because the file contains a virus or potentially unwanted software. (code: 225) Target path: “D:\urbackup\Infinity Dallas - Dr. Patel\180619-2104\C\xperver.exe”
ERROR: FATAL: Backup failed because of disk problems (see previous messages)

What’s weird is, I went and scanned this xpserver.exe file with Webroot on this clients machine – it comes up clean… so it seems that Urbackup is classifying it as a virus, not Webroot.

The error message explicitly says that UrBackup server cannot open a temporary file because access is denied by a on-access virus scanner.

And no UrBackup server does not include a virus scanner.

Btw. if a machine is infected virus scanners on that machine may not work anymore, because of root kits.

Shouldn’t adding this to the file exclusion list stop Urbackup from attempting to backup temporary files?

I suggest using it as an excuse to do an extensive scan on the good Dr.'s computer. Something where you can boot from an emergency CD so as not to load any rootkits. I find that people appreciate the overly-diligent. :slight_smile:
As far as the exclusions go, it looks like you don’t have your root defined:

  1. ;* \Temporary Internet Files\*
    is different from
  2. ;\Temporary Internet Files*
    The second uses a relative path and looks to only exclude files that start with “Temporary Internet Files*”

The editor removed some of my characters, which may have happened to you too, so this might be moot. I could also be wrong about how the wildcards work in the exclusions… I am assuming DOS wildcard usage.


1 Like

This has nothing to do with temporary files on the client. As said, this is a server side issue!
The server creates temporary files during backup and then moves them to the final location. The second step fails.

1 Like

I think uroni is referring to this: UrBackup - Server administration manual

Specifically this section:
“The server downloads the file into a temporary file. This temporary file is either in the urbackup_tmp_files folder in the backup storage dir, or, if you enabled it in the advanced settings, in the temporary folder. On successfully downloading a file the server calculates its hash and looks if there is another file with the same hash value. If such a file exists they are assumed to be the same and a hard link to the other file is saved and the temporary file deleted. If no such file exists the file is moved to the new backup location. File path and hash value are saved into the server database.”

The editor did remove characters from my output, oops. Here is my file exclusion list:

And Uroni, I hear you loud and clear – the failure is happening on the server side at the temporary file level. What I’m saying is the D:\Urbackup folder is EXCLUDED from my anti-virus program. In my mind that means no files in the D:\Urbackup directory should be scanned. I guess one way to remove this variable and simplify things is just to uninstall anti-virus from the server itself.

For troubleshooting, you could disable the AV scanning altogether. If that works, then the AV is the issue. If you still have an issue, you may have something else operating like an AV that is separate from the AV. (application whitelisting, etc.)

Well, I completely uninstalled Webroot from my server and the issue still persists. Windows defender is turned off as well, along with Windows firewall. The server is bare bones Windows Server 2016 with literally nothing installed on it but Urbackup.

Not sure what is left to troubleshoot at this point.


The issue is resolved – removing the AV did it, it just took 24 hours or so for it to take effect. Webroot is gonna be the end of me, this isn’t the first issue I’ve had with it. Thank you for the help everyone!