Closed d3fz closed 3 years ago
The last two items don't look like regular parts of Gargoyle. You can remove the Cron item to silence the error. Have you installed any packages that may have done this? The tty1 entry is also weird. I don't know why it would be there.
Looks like malware, https://www.joesandbox.com/analysis/375606/0/lighthtml
Looks like malware, https://www.joesandbox.com/analysis/375606/0/lighthtml
Doesn't look good, then.
How does this sort of thing gets into the router like that, anyway? Assuming that I did not manually run/executed any sort of suspicious script.
Despite those nonstop error messages, I did not noticed any other strange behavior on the router.
Anyhow, I assume a clean reflash ASAP is the safest option in this case.
You can remove the Cron item to silence the error.
I did. They kept showing, though. Until I found that the /etc/inittab
file looked like that:
::sysinit:/etc/init.d/rcS S boot
::shutdown:/etc/init.d/rcS K shutdown
::askconsole:/usr/libexec/login.sh
0:2345:respawn:/tmp/irq1
After removal, the error messages were finally gone.
Have you installed any packages that may have done this? The tty1 entry is also weird. I don't know why it would be there.
No third party or suspicious packages were installed.
Other than manually adding/editing some hosts file sources in /usr/lib/adblock/runadblock.sh
, I can't remember of anything else.
The last two items don't look like regular parts of Gargoyle.
Since it seems that's not related to Gargoyle, I'm closing this one.
Thank you!
I've been getting these procd errors nonstop on my Archer C7 for a couple of days now. No idea of what might have caused it.
I do remember updating some QoS rules, and Adblock hosts file lists prior to that, though.
Oddly enough, when looking at
/etc/crontabs/root
, this is what it looked like:Rebooting does not fix it.
Is there any quick and easy way to fix that? Or debug any further to try to find what might've caused it?