Bonjour
sur mon log rkhunter de ce jour j'ai ceci je vous met un extrait
ça ne parle que de Spam tool component ce qui n'est pas très grave je pense mais ?
Warning: The following processes are using suspicious files:
Command: abrt-applet
UID: 1000 PID: 2131
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: abrt-applet
UID: 2244 PID: 2131
Pathname: 24432
Possible Rootkit: Spam tool component
Command: abrt-applet
UID: 2245 PID: 2131
Pathname: 24432
Possible Rootkit: Spam tool component
Command: abrt-applet
UID: 2544 PID: 2131
Pathname: 24432
Possible Rootkit: Spam tool component
Command: abrtd
UID: 0 PID: 1040
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: abrtd
UID: 1160 PID: 1040
Pathname: 24432
Possible Rootkit: Spam tool component
Command: abrtd
UID: 1162 PID: 1040
Pathname: 24432
Possible Rootkit: Spam tool component
Command: abrt-dbus
UID: 0 PID: 2261
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: abrt-dbus
UID: 2309 PID: 2261
Pathname: 24432
Possible Rootkit: Spam tool component
Command: abrt-dbus
UID: 2311 PID: 2261
Pathname: 24432
Possible Rootkit: Spam tool component
Command: abrt-dump-journ
UID: 0 PID: 1163
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: abrt-dump-journ
UID: 0 PID: 1164
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: abrt-dump-journ
UID: 0 PID: 1165
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_akonote
UID: 1000 PID: 2730
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_akonote
UID: 2734 PID: 2730
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_akonote
UID: 2739 PID: 2730
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_akonote
UID: 2741 PID: 2730
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_archive
UID: 1000 PID: 2731
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_archive
UID: 2842 PID: 2731
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_archive
UID: 2878 PID: 2731
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_archive
UID: 2879 PID: 2731
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_archive
UID: 2880 PID: 2731
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_archive
UID: 2881 PID: 2731
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_archive
UID: 2882 PID: 2731
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_archive
UID: 2883 PID: 2731
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_archive
UID: 2900 PID: 2731
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_birthda
UID: 1000 PID: 2732
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_birthda
UID: 2740 PID: 2732
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_birthda
UID: 2749 PID: 2732
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_birthda
UID: 2750 PID: 2732
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_contact
UID: 1000 PID: 2733
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_contact
UID: 2737 PID: 2733
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_contact
UID: 2745 PID: 2733
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_contact
UID: 2746 PID: 2733
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_contact
UID: 1000 PID: 2735
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_contact
UID: 2738 PID: 2735
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_contact
UID: 2744 PID: 2735
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_contact
UID: 2747 PID: 2735
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_control
UID: 1000 PID: 2418
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_control
UID: 2421 PID: 2418
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_control
UID: 2423 PID: 2418
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_control
UID: 2601 PID: 2418
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_control
UID: 2602 PID: 2418
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_followu
UID: 1000 PID: 2736
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_followu
UID: 2748 PID: 2736
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_followu
UID: 2751 PID: 2736
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_followu
UID: 2752 PID: 2736
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_followu
UID: 2754 PID: 2736
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_ical_re
UID: 1000 PID: 2742
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_ical_re
UID: 2757 PID: 2742
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_ical_re
UID: 2761 PID: 2742
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_ical_re
UID: 2763 PID: 2742
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_imap_re
UID: 1000 PID: 2743
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_imap_re
UID: 1431024 PID: 2743
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_imap_re
UID: 1527239 PID: 2743
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_imap_re
UID: 2835 PID: 2743
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_imap_re
UID: 2853 PID: 2743
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_imap_re
UID: 2854 PID: 2743
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_imap_re
UID: 2855 PID: 2743
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_imap_re
UID: 2856 PID: 2743
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_imap_re
UID: 2857 PID: 2743
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_imap_re
UID: 2863 PID: 2743
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_imap_re
UID: 2905 PID: 2743
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_indexin
UID: 1000 PID: 2755
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_indexin
UID: 2812 PID: 2755
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_indexin
UID: 2813 PID: 2755
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_indexin
UID: 2814 PID: 2755
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_maildir
UID: 1000 PID: 2759
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_maildir
UID: 2762 PID: 2759
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_maildir
UID: 2764 PID: 2759
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_maildir
UID: 2765 PID: 2759
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_maildis
UID: 1000 PID: 2760
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_maildis
UID: 2770 PID: 2760
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_maildis
UID: 2774 PID: 2760
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_maildis
UID: 2775 PID: 2760
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_maildis
UID: 2810 PID: 2760
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_mailfil
UID: 1000 PID: 2766
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_mailfil
UID: 2844 PID: 2766
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_mailfil
UID: 2859 PID: 2766
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_mailfil
UID: 2860 PID: 2766
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_mailfil
UID: 2861 PID: 2766
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_mailfil
UID: 2862 PID: 2766
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_mailfil
UID: 2866 PID: 2766
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_mailfil
UID: 2867 PID: 2766
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_mailfil
UID: 2907 PID: 2766
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_migrati
UID: 1000 PID: 2767
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_migrati
UID: 2771 PID: 2767
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_migrati
UID: 2806 PID: 2767
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_migrati
UID: 2807 PID: 2767
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_newmail
UID: 1000 PID: 2768
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_newmail
UID: 1558464 PID: 2768
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_newmail
UID: 2773 PID: 2768
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_newmail
UID: 2802 PID: 2768
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_newmail
UID: 2803 PID: 2768
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_sendlat
UID: 1000 PID: 2769
Pathname: /usr/lib64/libkeyutils.so.1.9
Possible Rootkit: Spam tool component
Command: akonadi_sendlat
UID: 2839 PID: 2769
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_sendlat
UID: 2870 PID: 2769
Pathname: 24432
Possible Rootkit: Spam tool component
Command: akonadi_sendlat
et le bilan
[03:36:27] System checks summary
[03:36:27] =====================
[03:36:27]
[03:36:27] File properties checks...
[03:36:27] Files checked: 146
[03:36:27] Suspect files: 11
[03:36:27]
[03:36:27] Rootkit checks...
[03:36:27] Rootkits checked : 506
[03:36:27] Possible rootkits: 2
[03:36:27] Rootkit names : Sniffer component, Spam tool component
[03:36:27]
[03:36:27] Applications checks...
[03:36:27] All checks skipped
[03:36:28]
[03:36:28] The system checks took: 7 minutes and 14 seconds
[03:36:28]
[03:36:28] Info: End date is dim. 10 janv. 2021 03:36:28 CET
j'ai vérifié le log de la veille il était normal sans ces possibles rootkits
je n'ai pas installé libkeyutils mais le fichier est bien présent dans
je voudrais savoir si il existe un moyen de se débarrasser de ça proprement ou si je doit
envisager une réinstallation complète ce qui m’ennuierais beaucoup car ma machine tourne super bien
et est configurée au petits oignons. Je ne sais pas si un rm serait approprié sans concéquences ?
La je suis bien embêté c'est la première fois que ça m'arrive en 12 ans sous linux et hier j'ai introduis une clé usb
étrangère qui m'a fais une erreur de desktop le bureau s'est éteint et c'est rallumé je ne sais pas si cela vient de là
mais je suis dubitatif. Car la date indique le 05 01 2021 à 12h06
Si quelqu'un peut me venir en aide ce serait grandement apprécié
Merci