How to rebuild a compromised system?

Questions about SNMP, Power, System, Logs, disk, & RAID.
Post Reply
jd999
New here
Posts: 2
Joined: Tue Jul 05, 2022 12:39 pm

How to rebuild a compromised system?

Post by jd999 »

I have discovered my system is running some unauthorized software - and I am looking for some help to rebuild it back to its default condition. Can someone advise how to do this?

It starts a process named "situp" but which is actually xmrig (a mining app), I can't find out why it is periodically restarting the app so I renamed it and it seems to have stopped, but I have no way to know if there are other applications running which should not be.

My device is a TS-251 currently running the latest QTS 5.0.0.2055

Thanks - appreciate any clues to get this device back on-line.
FSC830
Experience counts
Posts: 2043
Joined: Thu Mar 03, 2016 1:11 am

Re: How to rebuild a compromised system?

Post by FSC830 »

In the upper right there is a "Search" function (as in every forum).
Using that or looking around, you would have found this: viewtopic.php?f=45&t=164887 :wink:

Regards
User avatar
dolbyman
Guru
Posts: 34903
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: How to rebuild a compromised system?

Post by dolbyman »

In most of the rasomware threads, there is also plenty of info on how to start over
jd999
New here
Posts: 2
Joined: Tue Jul 05, 2022 12:39 pm

Re: How to rebuild a compromised system?

Post by jd999 »

Thank you both for your very helpful advice.
Post Reply

Return to “System & Disk Volume Management”