nexuscan Posted March 23, 2022 Share #1 Posted March 23, 2022 (edited) Hello all, I am getting this result when I run the synology security advisor. Is that something virus, idk. Edited March 23, 2022 by nexuscan Quote Link to comment Share on other sites More sharing options...
0 flyride Posted March 23, 2022 Share #2 Posted March 23, 2022 Security Advisor reports any startup script that is unknown or modified from the distro as anomalous. You will need to inspect the file and determine if it is malware on your own. Post the contents here if you'd like more advice. Quote Link to comment Share on other sites More sharing options...
0 Orphée Posted March 23, 2022 Share #3 Posted March 23, 2022 You probably installed acpid extension with radpill loader.Is so, it is safe. Quote Link to comment Share on other sites More sharing options...
0 nexuscan Posted March 24, 2022 Author Share #4 Posted March 24, 2022 (edited) 17 hours ago, Orphée said: You probably installed acpid extension with radpill loader. Is so, it is safe. yeah I use redpill boot loader on proxmox. Edited March 24, 2022 by nexuscan Quote Link to comment Share on other sites More sharing options...
0 nexuscan Posted March 24, 2022 Author Share #5 Posted March 24, 2022 18 hours ago, flyride said: Security Advisor reports any startup script that is unknown or modified from the distro as anomalous. You will need to inspect the file and determine if it is malware on your own. Post the contents here if you'd like more advice. here is the command that in s30acpid.sh file. #!/bin/sh # # This goes in /usr/local/etc/rc.d and gets run at boot-time. PATH_ACPID=/bin/acpid case "$1" in start) if [ -x "$PATH_ACPID" ] ; then # auto by lkm insmod /lib/modules/button.ko # auto by lkm insmod /lib/modules/evdev.ko echo "start acpid" $PATH_ACPID logger -p daemon.info "$0 started acpid" fi ;; stop) echo "stop acpid" killall acpid > /dev/null 2>&1 logger -p daemon.info "$0 stopped acpid" ;; Quote Link to comment Share on other sites More sharing options...
0 flyride Posted March 24, 2022 Share #6 Posted March 24, 2022 There is nothing inappropriate about that rc script. You can easily disable that particular check in Security Advisor, or not run it at all. Quote Link to comment Share on other sites More sharing options...
0 Orphée Posted March 24, 2022 Share #7 Posted March 24, 2022 This is, actually, the ACPI ext module you applied when you built the loader. as already stated. Quote Link to comment Share on other sites More sharing options...
0 nexuscan Posted March 25, 2022 Author Share #8 Posted March 25, 2022 okay, thank you so much friends! I will leave like that, simply ignoring this notification on my nas. I hope it will help to other people as well that you shared information about that. thanks a lot ! Quote Link to comment Share on other sites More sharing options...
Question
nexuscan
Hello all,
I am getting this result when I run the synology security advisor.
Is that something virus, idk.
Link to comment
Share on other sites
7 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.