This option was not available in the drop-down menu when creating this post.
We are receiving a number of warning emails from the anti-virus software on the NAS about infected files. On further inspection, these files are totally fine and are not infected.
Example warning messages are:
Antivirus scanner found a threat (Heuristics.Broken.Executable) in the file /data/****/Sentin~1.cab. Please delete the infected file soon.
Antivirus scanner found a threat (Win.Trojan.Agent-525152) in the file /data/***/StartSophos.exe. Please delete the infected file soon.
This appears to be a known issue as there are some other topics in these forums discussing this very problem but there appears also to be no real solution other than disabling the anti-virus functionality.
Has there been any progress on resolving this issue from Netgear?
Previously we had AntiVirus Plus app that gave some options but when 6.6.1 was released, this app would no longer work with the built AV of the ReadyNAS of an update on AV that it changed to ClamAV server.
For now, there is no other option nor setting that you can adjust on the ReadyNAS for its AV until there is an app from a developer that will be submitted to Netgear.
I'm getting the same AV email message on multiple files since I upgraded to 6.9.0:
Antivirus scanner found a threat (Heuristics.Broken.Executable) in the file /data/Shared/Jobs/Desktop File Back Up/Notes/nntspreld.exe. Please delete the infected file soon.
Tell me about it, seems Netgear have ditched working on a solution or just ignored this completely. Apparently there were some decent 3rd party virus scanner apps available in the past but I can't find any so I think they've either been removed or discontinued.
I've just configured the alerts to get sent to the bin.
I agree that not having any controls on the AV package makes it of little practical use - I've turned it off altogether, and depend on the AV protection in my PCs.
If these are false positives, you could try reporting them directly to ClamAV ( https://www.clamav.net/contact ). That should result in an updated definition later on.
I am using a Netgear ReadyNAS 526X running Clam AV to back up my work Windows laptop which contains multiple files on the host file system which are Wind River VxWorks RTOS binary files - these are in ELF binary format for either PowerPC, Intel IA32 or ARM processor architectures.
During the backup, Clam AV reported many error messages, each for a VxWorks RTOS binary file, claiming "Antivirus scanner found a threat (Heuristics.Broken.Executable)" in each case. These definitely DO NOT contain viruses as I have already scanned the whole laptop with Intel MacAfee and Malwarebytes, so I think Clam AV is reporting false positives.
I tried to report this via Clam AV website, but unfortunately this cannot be done without providing the false positive file, and I am not able to do this, as VxWorks RTOS and libraries are the intellectual property of Wind River, and the company's advance permission would be required in order to distribute these files to a third-party.
However, surely, it can't be that uncommon for Netgear customer's to use their NAS for backup of host platforms used for embedded software development?
Model: RN526X| ReadyNAS 526X 6-Bay with up to 60TB total storage
FW: 6.9.1 with XRAID utilizing 7 - 4TB drives in a RAID6 array.
I installed the RN628X last week, it is my first time using a Netgear NAS. I am getting hits on 4 files that pass Malwarebytes, Norton and McAfee scans. As they are old archived files that are not relevant anymore, I deleted them rather than take a chance. I will submit the file copies and see what happens.
Model: RN628X|ReadyNAS 628X - Ultimate Performance Business Data Storage - 8-Bay
We've just had 93 hits in the space of 56 minutes and this is happening most days now. All of the files are old archive files which have not been used or changed in 6 months or more so I'm not sure how they could suddenly contain a virus or have become corrupted, or in fact, why the NAS AV is suddenly picking these up.
Very annoying none-the-less and compounded by the fact that Netgear/Clam seem to not be bothered about it.
