Problems using malware remover

[DrJ76]

Hello. I have just received a mail from qnap that told me to install and run malware remover.

I have installed the app from app center, but when I click in "Open", nothing happens, what is it supossed to do?


Best regards and thank you in advance.

[OneCD]

Check your system logs. Actions performed by MalwareRemover are shown there.

[DrJ76]

OK, I have look at them and I see some malware removed messages, grrr, Should I be scared?

I have download the system, but the recommendation of changing the passwords is very annoying for me, I have it used in a lot of devices, grrrr..

Do you think it is completly necessary?

Here are the messages:


Type Date Time Users Source IP Computer name Content
Information 2017/05/19 19:09:05 System 127.0.0.1 localhost [MalwareRemover] Scan completed and malware deleted.
Information 2017/05/19 19:09:03 System 127.0.0.1 localhost [MalwareRemover] Malwares process killed: qcloud_ag (7106)
Information 2017/05/19 19:08:52 System 127.0.0.1 localhost [MalwareRemover] Malware removed: /home/httpd/cgi-bin/syncTime.cgi
Information 2017/05/19 19:08:50 System 127.0.0.1 localhost [MalwareRemover] Malware removed: /home/httpd/cgi-bin/authLogin.cgi
Information 2017/05/19 19:08:47 System 127.0.0.1 localhost [MalwareRemover] Malware removed: /share/MD0_DATA/.log/.cgi_log
Information 2017/05/19 19:08:44 System 127.0.0.1 localhost [MalwareRemover] Malware removed: /share/MD0_DATA/.qpkg/.myQNAPcloud
Information 2017/05/19 19:08:38 System 127.0.0.1 localhost [MalwareRemover] Malware removed: /tmp/config/arm.tar.gz
Information 2017/05/19 19:08:35 System 127.0.0.1 localhost [MalwareRemover] Malware removed: /tmp/config/autorun.sh






Best regards and thank you in advance

[OneCD]

Yes, you had malware so you should definitely change your admin password at least.

This is because it's possible your existing password was sent out to the originators of the malware. And even though you have removed the malware, they can login again as admin and reinstall it.

[DrJ76]

Ok, I will do so, thank you very much

Enviado desde mi GT-I9505 mediante Tapatalk

[DrJ76]

How can the malware been installed?

[OneCD]

Originally - through vulnerabilities in the NAS OS. But once the admin password is known, it could be done at the command line. Even with a patched NAS.

[DrJ76]

Originally - through vulnerabilities in the NAS OS. But once the admin password is known, it could be done at the command line. Even with a patched NAS.

I see, grrrrr... I hope it does not happen again....

[marumi]

20170527001.jpg

I'm same, too.

[Moogle Stiltzkin]

i personally tested and it did not report any malware for me. either i'm effective at warding out malware, or malware remover is not detecting any dodgy things that got onto my device :X for now i just have to trust i'm in the clear.

in regard to password use the max length allowed for qnap also make it complicated. i use a password generator which does that for me. if i ever get compromised i can easily generate another the same way. don't recycle passwords because if it ever gets leaked, the hackers will try using that password on your other accounts.... that is bad practice, don't do that

[youtube=]t8SQo3R7qeU[/youtube]


also if you use password manager o recommend keepass since you store the key and database on your own storage. i don't trust stuff like last pass because it stores it on the cloud, and when they changed their monetization policy their holding your database hostage unless you subscribe to the new model after they got bought out etc... so yes keepass avoids that nonsense and other cloud security liabilities