NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Antivirus scanner found a threat ( Win.Worm.VB-5) in the file /var/cores/core-systemd. Please delete
I do have a ReadyNas Ultra 6 - RNDU6000 NAS. It has been upgraded to firmware 6.10.8. I am getting following message: "Antivirus scanner found a threat ( Win.Worm.VB-5) in the file /var/cores/core-s...
Sandshark wrote:
It is most likely a false alarm, though you are the first to report it.
razvanp :
- You could report it to ClamAV here: https://www.clamav.net/reports/fp
Sandshark wrote:
Since it's a system file, you definitely don't want to delete it.
/var/cores/core-systemd is a core dump, not a system file. It is safe to delete anything in /var/cores (but don't delete the folder itself).
razvanp wrote:Not sure how to access those folders on the NAS side.
You'd have to use the ssh (the linux command line).
Do you any experience with that?
If it's a core dump, then it's unique to your NAS and reporting it will do no good. It also explains why nobody else has reported it. I still think it's a false alarm, but since it's not executable, it will do no harm no matter what. I wouldn't think the NAS would keep core dumps forever, though. Maybe StephenB knows if they are automatically deleted periodically.
Sandshark wrote:
Maybe StephenB knows if they are automatically deleted periodically.
I've seen some old ones on my own systems in the past. So I suspect they are not automatically deleted.
razvanp : We can give you step-by-step instructions if you need them. You could also just ignore the false positive.
Hi StephenB,
I did not use ssh in the last 10 years. I do have some experience, but I will need a quick reference guide on how to access the NAS via ssh. I do assume I will need to use the terminal interface on my laptop.
Thank you.
razvanp wrote:
I did not use ssh in the last 10 years. I do have some experience, but I will need a quick reference guide on how to access the NAS via ssh. I do assume I will need to use the terminal interface on my laptop.
The first step is to enable ssh in system->settings->services using the admin web interface. check the box next to "enable password authentication". You don't need to upload an ssh key file.
If you are using the default admin password (which is password) you will need to change it to something else.
Then log into the NAS using root as the username and the NAS admin password.
If you are using Windows, you can just enter
ssh root@nas-ip-addressin the windows search bar.
On a Mac, open terminal, and enter the same command there.
Either way, obviously use the real NAS IP address. With windows, the first time you do this, you will get a prompt you need to accept in order to allow the connection. I suspect you will also get that on the mac.
Once in, you'd enter
cd /var/cores ls -als *If you see the core file, then you are in the correct folder.
You can delete it with
rm core-systemd
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
