× NETGEAR will be terminating ReadyCLOUD service by July 1st, 2023. For more details click here.
Orbi WiFi 7 RBE973
Reply

Re: Lots of Virus detection after 6.6.1 Update

StephenB
Guru

Re: Lots of Virus detection after 6.6.1 Update


@rmacbeth wrote:

 

 

reread all the rest of this thread and tried a reboot of my NAS and the Antivirus definations updated again this time to 57.23342  will see if that changes anythhing.  a hotfix was mention in this thread.... have not found where this hotfix is so i can try it out.

  


I believe the hotfix was for 6.6.0 (and it should have been fixed in 6.6.1).  6.7.1 is now available for manual install, so I think you should try installing that.

 

 

Message 51 of 68
rmacbeth
Apprentice

Re: Lots of Virus detection after 6.6.1 Update

Is 6.7.1 still in beta or has it been release? 

Message 52 of 68
StephenB
Guru

Re: Lots of Virus detection after 6.6.1 Update


@rmacbeth wrote:

Is 6.7.1 still in beta or has it been release? 


It was released on 28 April - https://kb.netgear.com/000038557/ReadyNAS-OS-6-Software-Version-6-7-1

Message 53 of 68
rmacbeth
Apprentice

Re: Lots of Virus detection after 6.6.1 Update

Thanks just downloaded it and it is in the process of installing the 6.7.1 firmware.  Thanks again for the help.

Message 54 of 68
the_Agent
Guide

Re: Lots of Virus detection after 6.6.1 Update

Hi there,

 

I updated from 6.6.1 to 6.7.1 two days ago and everything seems to be normal again. The only thing I recognized, my CPU Temperature is slightly higher than before on my RN204. I switched from quiet to balanced and now it seems OK.

Message 55 of 68
mmcinnis2
Aspirant

Re: Lots of Virus detection after 6.6.1 Update

Just got a few of these today. I am already running the latest firmware on 516.

 

System: Antivirus scanner found a threat (Heuristics.Broken.Executable) in the file /tmp/clamav-c7f80613022894fca87eda3b705ba2fa.tmp (deleted). Please delete the infected file soon.

Message 56 of 68
jtowntex
Guide

Re: Lots of Virus detection after 6.6.1 Update

As 6.7.1 is now formally released maybe we should open a new thread and post related finds there. If you're truly fully updated then you're not on 6.6.1 anymore.

Message 57 of 68
mmcinnis2
Aspirant

Re: Lots of Virus detection after 6.6.1 Update

Quite right.

Message 58 of 68
joe_wht
Luminary

Re: Lots of Virus detection after 6.6.1 Update

I've used ReadyNAS 212 & the AntiVirus for over a year with NO Threats AT ALL found on my mac.

( I'm not a gamer, I don't download music or such,  Only Facebook, Wordprocessing, & Amazon/Ebay)

I sent my MacbookPro in for battery repair.  As far as I know they did not format.

All my files was the same.  EVEN my bootup with a ReadyNAS shared folder in my user bootup.

I save EVERYTHING to my ReadyNAS.  Nothing is saved to my MacBookPro.

(even my iTunes folders is on my ReadyNAS)

.

Now, everyday I get this virus msg:

Antivirus scanner found a threat (Html. Phishing.Auction-213) in the file / ReadyNAS/.timemachine/ ReadyNAS/Joe’s MacBook Pro.  sparsebundle/bands/3f77. Please delete the infected file soon.

.

I see for the past 2 yrs this  was a problem.. I'm not sure why I'm now getting this isisue SO LATE.

My Mac software is UTD.  My Readynas firmware is UTD.

.

Since ReadyNAS built the virus scanner into it's program.. I HAVE NO IDEA how to get to it's settings

to somenow tell it NOT to scan my Mac.

There are instructions to download the Antivirus Plus app.. but there IS NO APP.

Model: RN2120|ReadyNAS 2120 1U 4-Bay Diskless
Message 59 of 68
StephenB
Guru

Re: Lots of Virus detection after 6.6.1 Update


@joe_wht wrote:

Since ReadyNAS built the virus scanner into it's program.. I HAVE NO IDEA how to get to it's settings

to somenow tell it NOT to scan my Mac.

 


Why do you think it scanned your Mac?  The virus (or possibly false alarm) was found on the NAS time machine archive.


@joe_wht wrote:

 

There are instructions to download the Antivirus Plus app.. but there IS NO APP.


That app was written for different AV software.  Netgear switched to ClamAV early this year, and they haven't provided a new app.

 

About all you can do right now is turn the service off.

Message 60 of 68
jtowntex
Guide

Re: Lots of Virus detection after 6.6.1 Update

I had a longer reply but it seems to have disappeared. The short short version...

 

1) It is not unheard of for an infection to escape detection until an update or the use of a different scanning tool. 

2) Social media websites are excellent virus delivery methods no matter which one you use or which OS you use.

 

Out of shear paranoia you might try uploading the file to a site that scans using multiple tools. There is a particular page in specific that will scan files and URLs with several dozen different AV programs. I use it quite often. I hesitiate to use names because I suspect that is why my post disappeared.

 

The file can also simply be damaged. That can sometimes set off false positives as well. I have had that happen with some programs I wrote. I backed them up from a failing external disk and some of them apparently didn't make it on the first try. I just replaced the corrupted copies with functional ones and all is well.

Message 61 of 68
joe_wht
Luminary

Re: Lots of Virus detection after 6.6.1 Update

Thx guys.   My mac has died 4 times this month,  had 5 IO boards put in.  Just got it back today and when I opened Chrome it gave an error saying something was on my system for me to remove it before using Chrome.. SO I reformated.  Then deleted my  ReadyNAS Timemachine backup.

So, it's all gonna be new.

.

BUT.. on my original comment I wasn't  asuming ReadyNAS virus program scanned my Mac.

My thinking  ( which I typed poorly in my comment) .. My thinking was the ReadyNAS Timemachine Backup... "Backs Up My Mac"

--- as in.. duplicating the info   Mac 2 ReadyNAS.   So, it scanned the TimeMachine info that came from my Mac.

( I think I need to stop right there )

.

SO, I have it setup again.  Will see if I get a virus warning tomorrow when I get off work.

Message 62 of 68
joe_wht
Luminary

Re: Lots of Virus detection after 6.6.1 Update

-------------  No Virus Warning Today !!    So my  (1) Stoping/Deleting ReadyNAS Timemachine & (2) Formating/ Reinstalling my MacBook Pro, Then Readding ReadyNAS Timemachine fixed it, Removed any naughty files that ReadyNAS backed up onto it's TM.

Message 63 of 68
jtowntex
Guide

Re: Lots of Virus detection after 6.6.1 Update

It sounds to me like you assumed correctly. That's certainly how I perceived the issues. Your Mac had an infection. It was carried over into your "time machine" back ups and then saved to the NAS under the relavent directory. Then the NAS with its updated AV now saw the threats the previous scanner failed to see. Who knows how long they had actually been there. The rest is history.

 

On a side note. Do you run security software on your MAC? I'd like to make a suggestion for one but I'm not sure I can name names here. I personally don't let any device on my network that doesn't have strong security. MAC, Linux, Android, Windows...doesn't matter to me. If the machine doesn't have a decent AV AND a decent firewall I don't allow access. Period.

Message 64 of 68
StephenB
Guru

Re: Lots of Virus detection after 6.6.1 Update


@jtowntex wrote:

I'd like to make a suggestion for one but I'm not sure I can name names here.

You can. If you were trying to sell it, it would be a problem.  But simply recommending it is fine.

Message 65 of 68
jtowntex
Guide

Re: Lots of Virus detection after 6.6.1 Update

Awesome.

 

For a MAC I'd use Kaspersky AV and Firewall. 

 

And the website I like to use is VirusTotal. You upload the file or copy and paste the URL and it scans it on their servers using several tools - not on your machine. If you do a URL scan note that the results are for the URL itself and not any files that are downloaded from it. In the results "header box" you'll see a "downloaded file analysis" link and that will show results on the file itself. One perfect example... The lady that does our book keeping received an email trying to slip in a cryptogrpahic attack via a link. She ofcourse was not that dumb and asked me to investigate. The URL came back completely clean but the file itself to set off all 65 scanning tools the website used. This included, Kasperksy, Norton, KcAfee, Fortinet, AVG, Sophos, Panda, Avira...if the program is succesful enough for you to know the name it was probably on that list and they all agreed the file was a big threat. 

Message 66 of 68
StephenB
Guru

Re: Lots of Virus detection after 6.6.1 Update

Kaspersky might not play nicely if you have a Netgear router.  You might need this: https://kb.netgear.com/30012/Unable-to-access-router-management-page-with-Kaspersky-installed

 

TotalVirus is a good way to check threats.

Message 67 of 68
jtowntex
Guide

Re: Lots of Virus detection after 6.6.1 Update

BitDefender then...I've never used it but it tests well on MAC OS (actually outperforms Kaspersky on MAC at the moment). I continue to recommend Kaspersky becasue they've been relaibly awesome for a long time whereas BitDefender is more of a recent arrival as a top performer ~2 years. 

 

I would have expected Kaspersky to fix the issue by now but apparently 2 people have found that article helpful in the last 30 days so...

Message 68 of 68
Top Contributors
Discussion stats
Announcements