NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
OD_stub.exe Trojan Detected but Unable to Delete
I have a ReadyNAS 212 device with 2 6TB disks, for a total of 12TB of data. I just upgraded firmware to 6.9.5. I have a Windows 7 machine.
I was just looking at the Logs and noticed 1 Trojan...
These are on the OS partition, so you would need to enable ssh, and delete them from the linux CLI.
These aren't part of the normal NAS install, so you probably have installed some apps. Which ones?
I installed the Plex Media Server (for RN2xx) and VPN Server, but could easily delete those. The VPN Server isn't even enabled, and has never worked, anyway, so I think I'll just delete that.
I don't have Linux on my machine, can you give me more details on how to delete these files? Sorry, but I'm really new to the server area.
Thanks for the reply.
I just checked SSH and it is enabled, so if you could tell me how to delete the file, that would be great. Thanks.
Based on your logs, the file's name/path is `/root/.42/MITMf/libs/bdfactory/onionduke/OD_stub.exe`.
The directory paths show that it could be related to a `backdoor-factory` and `man-in-the-middle-framework`. If these files are not something that you installed, you should be advised to remove the `/root/.42/MITMf` directory (or maybe the whole `/root/.42` depending on what other content is in there), since these are not files that is part of the OS.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
