Re: Antivirus scanner found a threat (Heuristics.Broken.Executable) in the file /var/cores/core-kill
Hi,
If you have the last FW 6.6.1, and you can't see your antivirus...it's normal..it's an issue or bug. I have also this problem 😞 my antivirus is hidden somewhere since the last FW.
If you have the last FW 6.6.1, and you can't see your antivirus...it's normal..it's an issue or bug. I have also this problem 😞 my antivirus is hidden somewhere since the last FW.
AV itself should appear on system->settings->services. There is no app to control the advanced settings though.
If you have the last FW 6.6.1, and you can't see your antivirus...it's normal..it's an issue or bug. I have also this problem 😞 my antivirus is hidden somewhere since the last FW.
AV itself should appear on system->settings->services. There is no app to control the advanced settings though.
Strange!
I now received a mail stating there is not enough space left on the drive , but web admin says there is at least 90 % left ...
Switched scanner off and wait for update .... This does not appear to be reliable at all.....
I now received a mail stating there is not enough space left on the drive , but web admin says there is at least 90 % left ...
Switched scanner off and wait for update .... This does not appear to be reliable at all.....
Others here have seen similar messages. Netgear did push a patch for AV, but I think that was for definition updates, not this. It will eventually be applied to your NAS, but you can apply it now by rebooting.
Re: Antivirus scanner found a threat (Heuristics.Broken.Executable) in the file /var/cores/core-kill
there is an option in ClamAV to ignore these, traditionally you would go to /etc/default/config/etc/clamav/clamd.conf and /etc/clamav/clamd.conf and change the line: -
DetectBrokenExecutables true
to false.
However, it seems the recent versions of RNOS activly replace these files even when you go in and change them maniually over ssh, probably why the AV+ app was pulled from the little app store because it doesn't work anymore, which is very frustrating, because it picks up a lot of Linux system files from backups I have running...
eg.
System: Antivirus scanner found a threat (Heuristics.Broken.Executable) in the file /data/TranscendUSB/backup2701/usr/lib/libgcj_bc.so.1.0.0. Please delete the infected file soon.
A Way to make the change stick would be really handy.
Re: Antivirus scanner found a threat (Heuristics.Broken.Executable) in the file /var/cores/core-kill
Temprary Fix!
So i was digging around inside the NAS via SSH, and I cannot find where it is getting the default config file, my guess is that something somewhere deep in frontview or readynasd is replacing it. So I engineerd a bit of a hacky (and dirty) workaround.
The problem:
/etc/clamav/clamd.conf is getting replaced by something within readynasOS, as such any sibsiquent changes you make to this file is overwritten almost immediatly.
changing this file to become immutable (chattr +i) will result in Frontview throwing up an error.
However
/etc/default/config/etc/clamav/clamd.conf seems to remain untouched. So it is safe to make your changes in here, though they will not be parsed directly by clamd when it is called.
The dirty fix:
clamd is located under /use/sbin and to sort of fix this problem of the config file being overwritten, i've moved clamd to clamd-bin, and created a shell script in its place to copy over the user preferences every time clamd is called, then execute clamd-bin with the given arguments.
so now under /usr/sbin I have 2 files
clamd-bin (the actual binary)
clamd (the hacky shell script)
To do this for yourself, and if you are comfortable mucking around in the guts of your ReadyNAS, simply do the following: -
Enable SSH via frontview and log in using the user root and your admin password.
the commands are as follows:-
Change directory to /usr/sbin
cd /usr/sbin
Rename the clamd binary
mv clamd clamd-bin
create our standin clamd file (hint, if you prefer nano as opposed to vi/vim you can install it with apt-get install nano)
nano clamd
- or -
vi clamd
and paste the following:-
#!/bin/sh
#overwrite conf with user settings
cp /etc/default/config/etc/clamav/clamd.conf /etc/clamav/clamd.conf
#run clamd-bin with args
/usr/sbin/clamd-bin $1 $2 $3 $4 $5
Save and close
then mark both files as executable
chmod +x clamd clamd-bin
Note, I provided the script with probably way more arg variables ($1 $2 etc) than is probably ever used, but to be on the safe side, it does not hurt to have undefined ones. This script will basically aggresivly overwrite the parsed config file anytime clamd is called, it's not ideal, but for now seems the only way to make changes to the defaults in a more persistent manner.
Re: Antivirus scanner found a threat (Heuristics.Broken.Executable) in the file /var/cores/core-kill
Is Netgear working on a solution for this? I also get messages stating Heuristics.Broken.Executable found on files which I very much doubt that they have an issue.
