nexuscan 1 Posted March 23 Share Posted March 23 (edited) Hello all, I am getting this result when I run the synology security advisor. Is that something virus, idk. Edited March 23 by nexuscan Quote Link to post Share on other sites
0 flyride 750 Posted March 23 Share Posted March 23 Security Advisor reports any startup script that is unknown or modified from the distro as anomalous. You will need to inspect the file and determine if it is malware on your own. Post the contents here if you'd like more advice. Quote Link to post Share on other sites
0 Orphée 216 Posted March 23 Share Posted March 23 You probably installed acpid extension with radpill loader.Is so, it is safe. Quote Link to post Share on other sites
0 nexuscan 1 Posted March 24 Author Share Posted March 24 (edited) 17 hours ago, Orphée said: You probably installed acpid extension with radpill loader. Is so, it is safe. yeah I use redpill boot loader on proxmox. Edited March 24 by nexuscan Quote Link to post Share on other sites
0 nexuscan 1 Posted March 24 Author Share Posted March 24 18 hours ago, flyride said: Security Advisor reports any startup script that is unknown or modified from the distro as anomalous. You will need to inspect the file and determine if it is malware on your own. Post the contents here if you'd like more advice. here is the command that in s30acpid.sh file. #!/bin/sh # # This goes in /usr/local/etc/rc.d and gets run at boot-time. PATH_ACPID=/bin/acpid case "$1" in start) if [ -x "$PATH_ACPID" ] ; then # auto by lkm insmod /lib/modules/button.ko # auto by lkm insmod /lib/modules/evdev.ko echo "start acpid" $PATH_ACPID logger -p daemon.info "$0 started acpid" fi ;; stop) echo "stop acpid" killall acpid > /dev/null 2>&1 logger -p daemon.info "$0 stopped acpid" ;; Quote Link to post Share on other sites
0 flyride 750 Posted March 24 Share Posted March 24 There is nothing inappropriate about that rc script. You can easily disable that particular check in Security Advisor, or not run it at all. Quote Link to post Share on other sites
0 Orphée 216 Posted March 24 Share Posted March 24 This is, actually, the ACPI ext module you applied when you built the loader. as already stated. Quote Link to post Share on other sites
0 nexuscan 1 Posted March 25 Author Share Posted March 25 okay, thank you so much friends! I will leave like that, simply ignoring this notification on my nas. I hope it will help to other people as well that you shared information about that. thanks a lot ! Quote Link to post Share on other sites
Question
nexuscan 1
Hello all,
I am getting this result when I run the synology security advisor.
Is that something virus, idk.
Edited by nexuscanLink to post
Share on other sites
7 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.