- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
readynas antivirus
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
i couldn't find my model so it is actually a readynas 202. we have recently turned on the AV and recieved the following email:
Antivirus scanner found a threat ( Heuristic.XZ.DicSizeLimit) in the file /var/backups/md/raid_config_data-0_2019_03_05_195828.tar.xz. Please delete the infected file soon.
There are also a couple more emails with a similar path. however, i am unable to access that location. any advise?
Thanks
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I took the liberty of fixing your model number field (not sure why you couldn't find it).
@Coffin_Jim wrote:
Antivirus scanner found a threat ( Heuristic.XZ.DicSizeLimit) in the file /var/backups/md/raid_config_data-0_2019_03_05_195828.tar.xz. Please delete the infected file soon.
There are also a couple more emails with a similar path. however, i am unable to access that location. any advise?
This is on the OS partition - so you need to enable ssh, and access it with the Linux command line.
Once SSH is enabled in the web ui, you could also use WinSCP to browse to /var/backups - which will be easier if you don't have any linux skills. You'd select "SCP" as the protocol (port 22). the user name is root, the password is the NAS admin password. Then click on login. You'll initially see an empty pane, but if you go up a level you will see the OS folders (starting with apps, ending with var).
These particular alerts are almost certainly false positives, so instead of deleting the files you might want to report them to ClamAV.
Of course if you aren't downloading files directly to the NAS, you could also just turn AV off again.
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I took the liberty of fixing your model number field (not sure why you couldn't find it).
@Coffin_Jim wrote:
Antivirus scanner found a threat ( Heuristic.XZ.DicSizeLimit) in the file /var/backups/md/raid_config_data-0_2019_03_05_195828.tar.xz. Please delete the infected file soon.
There are also a couple more emails with a similar path. however, i am unable to access that location. any advise?
This is on the OS partition - so you need to enable ssh, and access it with the Linux command line.
Once SSH is enabled in the web ui, you could also use WinSCP to browse to /var/backups - which will be easier if you don't have any linux skills. You'd select "SCP" as the protocol (port 22). the user name is root, the password is the NAS admin password. Then click on login. You'll initially see an empty pane, but if you go up a level you will see the OS folders (starting with apps, ending with var).
These particular alerts are almost certainly false positives, so instead of deleting the files you might want to report them to ClamAV.
Of course if you aren't downloading files directly to the NAS, you could also just turn AV off again.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: readynas antivirus
Hi Stephen,
if you believe they are false positives then i will assume you are correct and leave it well alone. I would rather avoid using SSH if i have to for fear of accidently breaking it.
Thanks for your help