Le 16 avril 2023 Jesper Dybdal a écrit : > I have scanned the Windows machine with two antivirus tools (Windows defender > and Malwarebytes).
Can you use clamav on windows ? >> modules.dep >> modules.devname >> modules.symbols.bin >> modules.symbols >> modules.builtin.bin >> modules.alias.bin >> modules.builtin.alias.bin >> modules.softdep >> modules.alias >> modules.dep.bin These are generated during kernel install. And you can safely remove /lib/modules/5.10.0-21-amd64 if these are the only files left. > * Is it probable that somebody can remote control one or both machines? Do > those 4 lines ring a bell? What are they all about? Perhaps a bot trying to execute some commands. As they do not apply to debian you debian machine should not be compromised. > * I would really like to know how this happened. I consider myself to be a > careful person who does not get hit by viruses and other malware. I've had a > Windows virus once - because I trusted an install program from > sourceforge. Malware can be installed via web sites > * Is there a significant risk that the problem came with the Bullseye upgrade? no > * I really don't want to reinstall from scratch. Not only because I don't > know whether there is a problem on one or both machines, but also because I > have no idea where any infection came from - it could easily be from something > that I would also reinstall. I think you don't have to. For debian. For windows a full deinstall without reinstall is the best :)
