본문 바로가기

카테고리 없음

Clamxav Discussions View Topic

Code: JobName = Quick Check LogLastScanTime = 2011/08/25 06:00:20 - /TMBackup/Macmini000d936113d4.sparsebundle/bands/c7a: Adware.FunWeb-2 FOUND - SCAN SUMMARY - Known viruses: 1027045 Engine version: 0.96.4 Scanned directories: 5334 Scanned files: 38203 Infected files: 1 Data scanned: 30567.26 MB Data read: 34560.55 MB (ratio 0.88:1) Time: 39756.518 sec (662 m 36 s) While I'm glad to be aware that there's a problem:. There's no clue about what to do about the issue.

Topics

The infected files are not being quarantined as I set them to be. The only instructions I can find on this virus are for removal on Windows (which are not involved in this case. I have checked and do not see any information that looks helpful. Can anyone give me any hints about how to remedy this situation?

Thanks in advance! You are correct, it could be a false positive, but it is not in this case. While there is no bootcamp, parallels, or Fusion involved here-there was some bad stuff on this machine (it is my wife's mac, not mine, grumble grumble.). I am not used to thinking about viruses on macs so I hadn't thought to install any antivirus software on her Mac. I have now installed and run a report on the mac itself and will elimintate the problem there and the backups will then be fine. I still think the logs and/or UI on QNAP should make much better suggestions about dealing with the anti-virus issues-particularly for Macs.

It could be something as simple as making the suggestion to use Clamxav, etc. So far, the QNAP is pretty nice, but I often do feel the UI is not very intuitive. This is just one example. By the way-one other thing that would be helpful. The QNAP should have an option to simply not backup files that are identified by the virus checker. It could be that that's what delete means (i.e. Delete from backup) but it isn't even clear.

I certainly hope it doesn't mean delete from the machine! The QNAP should not be allowed to do that. Michaelbierman wrote:You are correct, it could be a false positive, but it is not in this case. While there is no bootcamp, parallels, or Fusion involved here-there was some bad stuff on this machine (it is my wife's mac, not mine, grumble grumble.).

I am not used to thinking about viruses on macs so I hadn't thought to install any antivirus software on her Mac. I have now installed and run a report on the mac itself and will elimintate the problem there and the backups will then be fine.

I still think the logs and/or UI on QNAP should make much better suggestions about dealing with the anti-virus issues-particularly for Macs. It could be something as simple as making the suggestion to use Clamxav, etc.

So far, the QNAP is pretty nice, but I often do feel the UI is not very intuitive. This is just one example. By the way-one other thing that would be helpful. The QNAP should have an option to simply not backup files that are identified by the virus checker. It could be that that's what delete means (i.e. Delete from backup) but it isn't even clear.

I certainly hope it doesn't mean delete from the machine! The QNAP should not be allowed to do that. I tried the same thing as you, installed clamxav, and mounted the Time Machine drive to have clamxav scan it directly, but, unfortunately, that didn't find any of the viruses that the QNAP scan did. The QNAP is still reporting that there are five viruses every time its own scan runs. Did you have any better luck with this?

I agree with you that QNAP should make some sort of option available to handle this situation, for example, stating which files in the sparse bundle are supposedly infected. Schumaku wrote:Well, there is some logical shortcoming: The Time Machine share is hidden in almost any Web Admin aspect, this includes the access to the anti virus quarantine, but also i.e. As a backup or replication source. The design error is in the Antivirus where 'All shares' does include the otherwise hidden and invisible Time Machine share in my opinion. The argument against this is that it is always possible for hidden and invisible areas of the NAS to get infected, and specifically with Time Machine, it would be better to know that it is infected rather than not knowing, even if you can't do anything about it.

From my perspective, if they can't provide a way to deal with infected Time Machine files, there just needs to be a way to ignore particular infection prompts once you've seen them. It was said in this thread that if you have it set to do so, it will move these files into a hidden quarantine. This seems to imply that the QNAP system has some way of handling the sparse bundles. The question is, is it precise enough to deal with these sparse bundles at the Mac file system level, or is it quarantining something less identifiable? Keep in mind that when you mount the Time Machine share and scan it with Clamxav, it doesn't find anything in my case, so the QNAP scan is doing something differently - possibly a false positive, possibly not. And any TM files should NOT be touched at all under any circumstances by things like ClamAV. Can you be more specific?

Clamxav Discussions View Topics

If someone runs a read-only scan, with no action taken, how can this be dangerous? Furthermore, are you speaking about the ClamAV used by the QNAP, a copy installed on a Mac to scan the Time Machine share, or both? Are you coming from the perspective that the QNAP will be destructive to the Time Machine spare bundle backup if a quarantine or cleaning occurs, therefore such actions need to be explicitly disabled when scanning the Time Machine share?