Je faisais des des tests de mails envoyés en local et avec msmtp, et je ne sais pas vraiment pourquoi (j'avais déjà fait ce test plusieurs fois et rien) , je viens de tomber là-dessus.
62 fichiers infectés principalement dans le cache de FF et provenant d'une extension de traduction (anaphraseus) que j'avais ajouté à LO.
Code : Tout sélectionner
mia@mia-PC5:~$ mail -s "11h23test" xxx@xxx
Cc:
essai depuis mail
mia@mia-PC5:~$ mail
"/var/mail/mia": 1 message 1 nouveau
>N 1 Cron Daemon ven. févr. 7 1 91/11315 Cron <mia@mia-PC5> /usr/b
?
Return-Path: <mia@mailslocaux.org>
X-Original-To: mia
Delivered-To: mia@mailslocaux.org
Received: by mailslocaux.org (Postfix, from userid 1000)
id D0AB3160E95; Fri, 7 Feb 2020 10:14:05 +0100 (CET)
From: root@mailslocaux.org (Cron Daemon)
To: mia@mailslocaux.org
Subject: Cron <mia@mia-PC5> /usr/bin/clamscan --exclude-dir=/home/mia/.clamtk/vi
ruses --exclude-dir=smb4k --exclude-dir=/run/user/mia/gvfs --exclude-dir=/home/m
ia/.gvfs --exclude-dir=.thunderbird --exclude-dir=.mozilla-thunderbird --exclude
-dir=.evolution --exclude-dir=Mail --exclude-dir=kmail -i --detect-pua -r /home
/mia --log="$HOME/.clamtk/history/$(date +%b-%d-%Y).log" 2>/dev/null # clamtk-sc
an
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <HOME=/home/mia>
X-Cron-Env: <PATH=/usr/bin:/bin>
X-Cron-Env: <LOGNAME=mia>
Message-Id: <20200207091405.D0AB3160E95@mailslocaux.org>
Date: Fri, 7 Feb 2020 10:14:05 +0100 (CET)
/home/mia/.cache/winetricks/comctl32/CC32inst.exe: PUA.Win.Packer.Winzip-2 FOUND
/home/mia/.cache/winetricks/msls31/InstMsiW.exe: PUA.Win.Packer.Armadillo-65 FOU
ND
/home/mia/.cache/mozilla/firefox/3kd4400s.default/cache2/entries/3F81D951573840E
F629E7E849F89CE4441125225: PUA.Win.Trojan.Xored-1 FOUND
/home/mia/.cache/mozilla/firefox/3kd4400s.default/cache2/entries old/F3C68E7FBB0
5852A78769CAD30588DB1B2F77D76: PUA.Win.Exploit.CVE_2012_1461-1 FOUND
/home/mia/.cache/mozilla/firefox/3kd4400s.default/cache2/entries old/94961BE4678
651876C8A3886135FE523233E87E1: PUA.Win.Exploit.CVE_2012_1461-1 FOUND
/home/mia/.cache/mozilla/firefox/3kd4400s.default/cache2/entries old/3F81D951573
840EF629E7E849F89CE4441125225: PUA.Win.Trojan.Xored-1 FOUND
/home/mia/.cache/mozilla/firefox/23mxpsbf.profil2/cache2/entries/05C03AB2C27735C
BF74F2E26EC7287BE871C3116: PUA.Win.Trojan.Xored-1 FOUND
/home/mia/.cache/mozilla/firefox/23mxpsbf.profil2/cache2/entries/EFB061FE7E63802
775D7B433105518EF5DAB72D2: PUA.Win.Exploit.CVE_2012_1461-1 FOUND
/home/mia/.cache/mozilla/firefox/23mxpsbf.profil2/cache2/entries/A86C3F7565F3C2F
0BE32CD110386F8A003B144F0: PUA.Html.Trojan.Agent-37075 FOUND
/home/mia/.cache/mozilla/firefox/23mxpsbf.profil2/cache2/entries/0DA6E39C1408C10
BDE7D817975E7633AD4342118: PUA.Win.Exploit.CVE_2012_1461-1 FOUND
/home/mia/.cache/mozilla/firefox/23mxpsbf.profil2/cache2/entries/3F81D951573840E
F629E7E849F89CE4441125225: PUA.Win.Trojan.Xored-1 FOUND
/home/mia/.cache/mozilla/firefox/23mxpsbf.profil2/cache2/entries/9FF2C1DE78023CF
5DF56083EFA1AEE4180E1793F: PUA.Win.Exploit.CVE_2012_1461-1 FOUND
/home/mia/Téléchargements/aConserver/KMSpico Install2.zip: PUA.Win.Tool.Nettool-
6718280-0 FOUND
/home/mia/.config/libreoffice/4/user/basic/Standard/Module1.xba: PUA.Doc.Tool.Li
breOfficeMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/Keys_const.xba: PUA.Doc.Tool.LibreOffice
Macro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/OFSetup.xba: PUA.Doc.Tool.LibreOfficeMac
ro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/TMSelected.xba: PUA.Doc.Tool.LibreOffice
Macro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/Install.xba: PUA.Doc.Tool.LibreOfficeMac
ro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/Colors.xba: PUA.Doc.Tool.LibreOfficeMacr
o-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/Ztest.xba: PUA.Doc.Tool.LibreOfficeMacro
-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/CleanUP.xba: PUA.Doc.Tool.LibreOfficeMac
ro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/Unicode.xba: PUA.Doc.Tool.LibreOfficeMac
ro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/Keys.xba: PUA.Doc.Tool.LibreOfficeMacro-
2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/L10N.xba: PUA.Doc.Tool.LibreOfficeMacro-
2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/Toolbars.xba: PUA.Doc.Tool.LibreOfficeMa
cro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/KeyConf.xba: PUA.Doc.Tool.LibreOfficeMac
ro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/Utils.xba: PUA.Doc.Tool.LibreOfficeMacro
-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/Dict.xba: PUA.Doc.Tool.LibreOfficeMacro-
2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/WrkEnd.xba: PUA.Doc.Tool.LibreOfficeMacr
o-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/TRBegin.xba: PUA.Doc.Tool.LibreOfficeMac
ro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/TREnd.xba: PUA.Doc.Tool.LibreOfficeMacro
-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/OFuzzy.xba: PUA.Doc.Tool.LibreOfficeMacr
o-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/TMX.xba: PUA.Doc.Tool.LibreOfficeMacro-2
FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/OFeatures.xba: PUA.Doc.Tool.LibreOfficeM
acro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/main.xba: PUA.Doc.Tool.LibreOfficeMacro-
2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/Segments.xba: PUA.Doc.Tool.LibreOfficeMa
cro-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/TMLoad.xba: PUA.Doc.Tool.LibreOfficeMacr
o-2 FOUND
/home/mia/.config/libreoffice/4/user/extensions/tmp/extensions/lu5623zziknj.tmp_
/anaphraseus_2.05.126b.oxt/LibAnaphrase/Terms.xba: PUA.Doc.Tool.LibreOfficeMacro
-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/Keys_const.xba: PUA.Doc.Tool.LibreO
fficeMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/OFSetup.xba: PUA.Doc.Tool.LibreOffi
ceMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/TMSelected.xba: PUA.Doc.Tool.LibreO
fficeMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/Install.xba: PUA.Doc.Tool.LibreOffi
ceMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/Colors.xba: PUA.Doc.Tool.LibreOffic
eMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/Ztest.xba: PUA.Doc.Tool.LibreOffice
Macro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/CleanUP.xba: PUA.Doc.Tool.LibreOffi
ceMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/Unicode.xba: PUA.Doc.Tool.LibreOffi
ceMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/Keys.xba: PUA.Doc.Tool.LibreOfficeM
acro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/L10N.xba: PUA.Doc.Tool.LibreOfficeM
acro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/Toolbars.xba: PUA.Doc.Tool.LibreOff
iceMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/KeyConf.xba: PUA.Doc.Tool.LibreOffi
ceMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/Utils.xba: PUA.Doc.Tool.LibreOffice
Macro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/Dict.xba: PUA.Doc.Tool.LibreOfficeM
acro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/WrkEnd.xba: PUA.Doc.Tool.LibreOffic
eMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/TRBegin.xba: PUA.Doc.Tool.LibreOffi
ceMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/TREnd.xba: PUA.Doc.Tool.LibreOffice
Macro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/OFuzzy.xba: PUA.Doc.Tool.LibreOffic
eMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/TMX.xba: PUA.Doc.Tool.LibreOfficeMa
cro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/OFeatures.xba: PUA.Doc.Tool.LibreOf
ficeMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/main.xba: PUA.Doc.Tool.LibreOfficeM
acro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/Segments.xba: PUA.Doc.Tool.LibreOff
iceMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/TMLoad.xba: PUA.Doc.Tool.LibreOffic
eMacro-2 FOUND
/home/mia/.config/libreoffice/4/user/uno_packages/cache/uno_packages/lu5623zzikn
k.tmp_/Anaphraseus_2.07.135.oxt/LibAnaphrase/Terms.xba: PUA.Doc.Tool.LibreOffice
Macro-2 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 6740506
Engine version: 0.102.1
Scanned directories: 1652
Scanned files: 32248
Infected files: 62
Total errors: 2
Data scanned: 6267.33 MB
Data read: 316969.96 MB (ratio 0.02:1)
Time: 843.936 sec (14 m 3 s)
?
Pas de message applicable
? q
1 message sauvegardé dans /home/mia/mbox
0 message conservé dans /var/mail/mia
mia@mia-PC5:~$
Ce sont des fichiers présents sur mon pc depuis longtemps, savez-vous pourquoi je n'en ai jamais été avertie ?
D'autant plus que je lance un scan manuellement de temps en temps.