Neon startet alleine nachts um 3

KDE neon Community Foren Allgemein /multiverse Neon startet alleine nachts um 3

Dieses Thema enthält 12 Antworten und 2 Teilnehmer. Es wurde zuletzt aktualisiert von  85hans vor 4 Monate, 2 Wochen. This post has been viewed 333 times

Ansicht von 13 Beiträgen - 1 bis 13 (von insgesamt 13)
  • Autor
    Beiträge

  • Hondo

    @hondo

    Teilnehmer
    • Beiträge: 26

    Liebe KDE Fans,

     

    ich habe mal in meinen Logs nachgeschaut und konnte in der syslog, in der auth.log etc. feststellen, dass um Dec 12 03:19:37 mein Rechner angewesen sein muss, obwohl ich keinen cron-job oder ähnliches angelegt habe. Macht Neon sowas von alleine, Updates o.ä.?

    Weiß jemand woran das liegen könnte. Kann ich hier Teile der syslog oder der auth.log posten, ohne dass das gefährlich wäre?

     

    LG

    Hondo

    #2349

    85hans

    @85hans

    Teilnehmer
    • Beiträge: 36

    Das klingt ja sehr abenteuerlich!
    Das setzt voraus, dein Rechner hat Strom.
    War er denn auch online? Updates ohne Online geht ja wohl eher nicht.

    Zeig doch mal die Meldungen in syslog, aufgrund derer du das vermutest.

    #2350

    Hondo

    @hondo

    Teilnehmer
    • Beiträge: 26

    Moin 85hans,

    ich schicke mal einen Auszug aus der syslog der nur zwei Minten umfasst, in denen allerdings sehr viel passiert. Ich würde mich freuen, wenn ich wüsste, was da abgegegangen ist. Dass es eigentlich keine Updates sein können, die den Rechner starten, habe ich mir schon gedacht. Ich habe allerdings WakeOnLAN an und fahre den Rechner zeitgesteuert bei TV-Aufnahmen hoch und lasse ihn dann auch wieder runterfahren. Allerdings war zu dem Zeitpunkt keine Aufnahme angesagt.

     

    Dec 12 03:00:31 hondoneon systemd-modules-load[469]: Inserted module 'lp'
    Dec 12 03:00:31 hondoneon systemd-modules-load[469]: Inserted module 'ppdev'
    Dec 12 03:00:31 hondoneon systemd[1]: Starting Flush Journal to Persistent Storage...
    Dec 12 03:00:31 hondoneon systemd[1]: Started udev Coldplug all Devices.
    Dec 12 03:00:31 hondoneon systemd-modules-load[469]: Inserted module 'parport_pc'
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] microcode: microcode updated early to revision 0x20, date = 2018-04-10
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Linux version 4.15.0-42-generic (buildd@lgw01-amd64-023) (gcc version 7.3.0 (Ubuntu 7.3.0-16ubuntu3)) #45-Ubuntu SMP Thu Nov 15 19:32:57 UTC 2018 (Ubuntu 4.15.0-42.45-generic 4.15.18)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-4.15.0-42-generic root=UUID=ffaa7c7b-206e-40e7-9807-41d49c8f8444 ro quiet splash vt.handoff=1
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] KERNEL supported cpus:
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Intel GenuineIntel
    Dec 12 03:00:31 hondoneon systemd[1]: Started Load/Save Random Seed.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] AMD AuthenticAMD
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Centaur CentaurHauls
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'standard' format.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] e820: BIOS-provided physical RAM map:
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009efff] usable
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x000000000009f000-0x000000000009ffff] reserved
    Dec 12 03:00:31 hondoneon systemd[1]: Started Load Kernel Modules.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000dccf7fff] usable
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000dccf8000-0x00000000dd752fff] reserved
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000dd753000-0x00000000dd763fff] ACPI data
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000dd764000-0x00000000dd88ffff] ACPI NVS
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000dd890000-0x00000000de70ffff] reserved
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000de710000-0x00000000de7a1fff] type 20
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000de7a2000-0x00000000de7a2fff] usable
    Dec 12 03:00:31 hondoneon systemd[1]: Starting Apply Kernel Variables...
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000de7a3000-0x00000000de7e5fff] ACPI NVS
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000de7e6000-0x00000000dec1bfff] usable
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000dec1c000-0x00000000deff3fff] reserved
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000deff4000-0x00000000deffffff] usable
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000f8000000-0x00000000fbffffff] reserved
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000fec00000-0x00000000fec00fff] reserved
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000fed00000-0x00000000fed03fff] reserved
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting Kernel Configuration File System...
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000fed1c000-0x00000000fed1ffff] reserved
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x00000000ff000000-0x00000000ffffffff] reserved
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000041effffff] usable
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] NX (Execute Disable) protection: active
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] efi: EFI v2.31 by American Megatrends
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] efi: ACPI=0xdd757000 ACPI 2.0=0xdd757000 SMBIOS=0xf04c0 MPS=0xfd4b0
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] secureboot: Secure boot could not be determined (mode 0)
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting FUSE Control File System...
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] SMBIOS 2.7 present.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] DMI: System manufacturer System Product Name/P8Z77-V DELUXE, BIOS 2104 08/13/2013
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] e820: last_pfn = 0x41f000 max_arch_pfn = 0x400000000
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] MTRR default type: uncachable
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] MTRR fixed ranges enabled:
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted Kernel Configuration File System.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] 00000-9FFFF write-back
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] A0000-BFFFF uncachable
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] C0000-DBFFF write-protect
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] DC000-DFFFF uncachable
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] E0000-FFFFF write-protect
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] MTRR variable ranges enabled:
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] 0 base 000000000 mask C00000000 write-back
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] 1 base 400000000 mask FF0000000 write-back
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] 2 base 410000000 mask FF8000000 write-back
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] 3 base 418000000 mask FFC000000 write-back
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] 4 base 41C000000 mask FFE000000 write-back
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] 5 base 41E000000 mask FFF000000 write-back
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted FUSE Control File System.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] 6 base 0E0000000 mask FE0000000 uncachable
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] 7 disabled
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] 8 disabled
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] 9 disabled
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] total RAM covered: 16368M
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Found optimal setting for mtrr clean up
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] gran_size: 64K chunk_size: 32M num_reg: 7 lose cover RAM: 0G
    Dec 12 03:00:31 hondoneon mtp-probe: checking bus 1, device 3: "/sys/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.1"
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] e820: update [mem 0xe0000000-0xffffffff] usable ==> reserved
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] e820: last_pfn = 0xdf000 max_arch_pfn = 0x400000000
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] found SMP MP-table at [mem 0x000fd870-0x000fd87f] mapped at [ (ptrval)]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Scanning 1 areas for low memory corruption
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Base memory trampoline at [ (ptrval)] 8b000 size 24576
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b93f000, 0x37b93ffff] PGTABLE
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b940000, 0x37b940fff] PGTABLE
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b941000, 0x37b941fff] PGTABLE
    Dec 12 03:00:31 hondoneon systemd[1]: Started LVM2 metadata daemon.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b942000, 0x37b942fff] PGTABLE
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b943000, 0x37b943fff] PGTABLE
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b944000, 0x37b944fff] PGTABLE
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b945000, 0x37b945fff] PGTABLE
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b946000, 0x37b946fff] PGTABLE
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b947000, 0x37b947fff] PGTABLE
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b948000, 0x37b948fff] PGTABLE
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b949000, 0x37b949fff] PGTABLE
    Dec 12 03:00:31 hondoneon mtp-probe: checking bus 2, device 5: "/sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.8"
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] BRK [0x37b94a000, 0x37b94afff] PGTABLE
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] RAMDISK: [mem 0x31de3000-0x34ee8fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: Early table checksum verification disabled
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: RSDP 0x00000000DD757000 000024 (v02 ALASKA)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: XSDT 0x00000000DD757078 000064 (v01 ALASKA A M I 01072009 AMI 00010013)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: FACP 0x00000000DD761F88 00010C (v05 ALASKA A M I 01072009 AMI 00010013)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: DSDT 0x00000000DD757170 00AE16 (v02 ALASKA A M I 00000022 INTL 20051117)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: FACS 0x00000000DD88E080 000040
    Dec 12 03:00:31 hondoneon systemd[1]: Started Set the console keyboard layout.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: APIC 0x00000000DD762098 000092 (v03 ALASKA A M I 01072009 AMI 00010013)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: FPDT 0x00000000DD762130 000044 (v01 ALASKA A M I 01072009 AMI 00010013)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: MCFG 0x00000000DD762178 00003C (v01 ALASKA A M I 01072009 MSFT 00000097)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: HPET 0x00000000DD7621B8 000038 (v01 ALASKA A M I 01072009 AMI. 00000005)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: SSDT 0x00000000DD7621F0 00036D (v01 SataRe SataTabl 00001000 INTL 20091112)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: SSDT 0x00000000DD762F68 000A92 (v01 PmRef CpuPm 00003000 INTL 20051117)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: SSDT 0x00000000DD7625B8 0009AA (v01 PmRef Cpu0Ist 00003000 INTL 20051117)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: Local APIC address 0xfee00000
    Dec 12 03:00:31 hondoneon mtp-probe: bus: 2, device: 5 was not an MTP device
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] No NUMA configuration found
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Faking a node at [mem 0x0000000000000000-0x000000041effffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] NODE_DATA(0) allocated [mem 0x41efc9000-0x41eff3fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] tsc: Fast TSC calibration using PIT
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Zone ranges:
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] DMA [mem 0x0000000000001000-0x0000000000ffffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] DMA32 [mem 0x0000000001000000-0x00000000ffffffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Normal [mem 0x0000000100000000-0x000000041effffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Device empty
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Movable zone start for each node
    Dec 12 03:00:31 hondoneon systemd[1]: Started Apply Kernel Variables.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Early memory node ranges
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] node 0: [mem 0x0000000000001000-0x000000000009efff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] node 0: [mem 0x0000000000100000-0x00000000dccf7fff]
    Dec 12 03:00:31 hondoneon mtp-probe: checking bus 2, device 4: "/sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.6"
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] node 0: [mem 0x00000000de7a2000-0x00000000de7a2fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] node 0: [mem 0x00000000de7e6000-0x00000000dec1bfff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] node 0: [mem 0x00000000deff4000-0x00000000deffffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] node 0: [mem 0x0000000100000000-0x000000041effffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Initmem setup node 0 [mem 0x0000000000001000-0x000000041effffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] On node 0 totalpages: 4178137
    Dec 12 03:00:31 hondoneon systemd[1]: Started Create Static Device Nodes in /dev.
    Dec 12 03:00:31 hondoneon mtp-probe: bus: 2, device: 4 was not an MTP device
    Dec 12 03:00:31 hondoneon systemd[1]: Starting udev Kernel Device Manager...
    Dec 12 03:00:31 hondoneon mtp-probe: checking bus 2, device 3: "/sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.5"
    Dec 12 03:00:31 hondoneon systemd[1]: Started Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling.
    Dec 12 03:00:31 hondoneon mtp-probe: bus: 2, device: 3 was not an MTP device
    Dec 12 03:00:31 hondoneon systemd[1]: Reached target Local File Systems (Pre).
    Dec 12 03:00:31 hondoneon mtp-probe: bus: 1, device: 3 was not an MTP device
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting Mount unit for core, revision 5742...
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting Mount unit for wine-platform, revision 49...
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting Mount unit for pdftk, revision 9...
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting Mount unit for wine-platform-i386, revision 25...
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting Mount unit for core, revision 5897...
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] DMA zone: 64 pages used for memmap
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] DMA zone: 55 pages reserved
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] DMA zone: 3998 pages, LIFO batch:0
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] DMA32 zone: 14085 pages used for memmap
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting Mount unit for core, revision 6034...
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] DMA32 zone: 901435 pages, LIFO batch:31
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Normal zone: 51136 pages used for memmap
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Normal zone: 3272704 pages, LIFO batch:31
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting Mount unit for kde-frameworks-5, revision 27...
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Reserved but unavailable: 98 pages
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: PM-Timer IO Port: 0x408
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: Local APIC address 0xfee00000
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: LAPIC_NMI (acpi_id[0xff] high edge lint[0x1])
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] IOAPIC[0]: apic_id 2, version 32, address 0xfec00000, GSI 0-23
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting Mount unit for wine-platform, revision 54...
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: IRQ0 used by override.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: IRQ9 used by override.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Using ACPI (MADT) for SMP configuration information
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: HPET id: 0x8086a701 base: 0xfed00000
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] smpboot: Allowing 8 CPUs, 0 hotplug CPUs
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0x00000000-0x00000fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting Mount unit for wine-platform, revision 48...
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0x000a0000-0x000fffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xdccf8000-0xdd752fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xdd753000-0xdd763fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xdd764000-0xdd88ffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xdd890000-0xde70ffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xde710000-0xde7a1fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xde7a3000-0xde7e5fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xdec1c000-0xdeff3fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xdf000000-0xf7ffffff]
    Dec 12 03:00:31 hondoneon systemd[1]: Mounting Mount unit for matroska-tools, revision 19...
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xf8000000-0xfbffffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xfc000000-0xfebfffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xfec00000-0xfec00fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xfec01000-0xfecfffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xfed00000-0xfed03fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xfed04000-0xfed1bfff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xfed1c000-0xfed1ffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xfed20000-0xfedfffff]
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted Mount unit for core, revision 5742.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xfee00000-0xfee00fff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xfee01000-0xfeffffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] PM: Registered nosave memory: [mem 0xff000000-0xffffffff]
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] e820: [mem 0xdf000000-0xf7ffffff] available for PCI devices
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Booting paravirtualized kernel on bare hardware
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645519600211568 ns
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] random: get_random_bytes called from start_kernel+0x99/0x4fd with crng_init=0
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted Mount unit for wine-platform, revision 49.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] setup_percpu: NR_CPUS:8192 nr_cpumask_bits:8 nr_cpu_ids:8 nr_node_ids:1
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] percpu: Embedded 46 pages/cpu @ (ptrval) s151552 r8192 d28672 u262144
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] pcpu-alloc: s151552 r8192 d28672 u262144 alloc=1*2097152
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] pcpu-alloc: [0] 0 1 2 3 4 5 6 7
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Built 1 zonelists, mobility grouping on. Total pages: 4112797
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted Mount unit for pdftk, revision 9.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Policy zone: Normal
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-4.15.0-42-generic root=UUID=ffaa7c7b-206e-40e7-9807-41d49c8f8444 ro quiet splash vt.handoff=1
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Calgary: detecting Calgary via BIOS EBDA area
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Calgary: Unable to locate Rio Grande table in EBDA - bailing!
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted Mount unit for core, revision 5897.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Memory: 16091516K/16712548K available (12300K kernel code, 2472K rwdata, 4252K rodata, 2408K init, 2416K bss, 621032K reserved, 0K cma-reserved)
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=8, Nodes=1
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Kernel/User page tables isolation: enabled
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ftrace: allocating 39186 entries in 154 pages
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Hierarchical RCU implementation.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] RCU restricting CPUs from NR_CPUS=8192 to nr_cpu_ids=8.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Tasks RCU enabled.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] RCU: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=8
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted Mount unit for wine-platform-i386, revision 25.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] NR_IRQS: 524544, nr_irqs: 488, preallocated irqs: 16
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] vt handoff: transparent VT on vt#1
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] Console: colour dummy device 80x25
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] console [tty0] enabled
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: Core revision 20170831
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ACPI: 4 ACPI AML tables successfully acquired and loaded
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 133484882848 ns
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] hpet clockevent registered
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted Mount unit for kde-frameworks-5, revision 27.
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] APIC: Switch to symmetric I/O mode setup
    Dec 12 03:00:31 hondoneon kernel: [ 0.000000] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
    Dec 12 03:00:31 hondoneon kernel: [ 0.020000] tsc: Fast TSC calibration using PIT
    Dec 12 03:00:31 hondoneon kernel: [ 0.024000] tsc: Detected 3510.224 MHz processor
    Dec 12 03:00:31 hondoneon kernel: [ 0.024000] Calibrating delay loop (skipped), value calculated using timer frequency.. 7020.44 BogoMIPS (lpj=14040896)
    Dec 12 03:00:31 hondoneon kernel: [ 0.024000] pid_max: default: 32768 minimum: 301
    Dec 12 03:00:31 hondoneon kernel: [ 0.024000] Security Framework initialized
    Dec 12 03:00:31 hondoneon kernel: [ 0.024000] Yama: becoming mindful.
    Dec 12 03:00:31 hondoneon kernel: [ 0.024000] AppArmor: AppArmor initialized
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted Mount unit for wine-platform, revision 48.
    Dec 12 03:00:31 hondoneon kernel: [ 0.029461] Dentry cache hash table entries: 2097152 (order: 12, 16777216 bytes)
    Dec 12 03:00:31 hondoneon kernel: [ 0.030431] Inode-cache hash table entries: 1048576 (order: 11, 8388608 bytes)
    Dec 12 03:00:31 hondoneon kernel: [ 0.030468] Mount-cache hash table entries: 32768 (order: 6, 262144 bytes)
    Dec 12 03:00:31 hondoneon kernel: [ 0.030499] Mountpoint-cache hash table entries: 32768 (order: 6, 262144 bytes)
    Dec 12 03:00:31 hondoneon kernel: [ 0.030658] ENERGY_PERF_BIAS: Set to 'normal', was 'performance'
    Dec 12 03:00:31 hondoneon kernel: [ 0.030659] ENERGY_PERF_BIAS: View and update with x86_energy_perf_policy(8)
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted Mount unit for wine-platform, revision 54.
    Dec 12 03:00:31 hondoneon kernel: [ 0.030662] mce: CPU supports 9 MCE banks
    Dec 12 03:00:31 hondoneon kernel: [ 0.030668] CPU0: Thermal monitoring enabled (TM1)
    Dec 12 03:00:31 hondoneon kernel: [ 0.030677] process: using mwait in idle threads
    Dec 12 03:00:31 hondoneon kernel: [ 0.030678] Last level iTLB entries: 4KB 512, 2MB 8, 4MB 8
    Dec 12 03:00:31 hondoneon kernel: [ 0.030679] Last level dTLB entries: 4KB 512, 2MB 32, 4MB 32, 1GB 0
    Dec 12 03:00:31 hondoneon kernel: [ 0.030680] Spectre V2 : Mitigation: Full generic retpoline
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted Mount unit for core, revision 6034.
    Dec 12 03:00:31 hondoneon kernel: [ 0.030681] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
    Dec 12 03:00:31 hondoneon kernel: [ 0.030681] Spectre V2 : Spectre v2 mitigation: Enabling Indirect Branch Prediction Barrier
    Dec 12 03:00:31 hondoneon kernel: [ 0.030681] Spectre V2 : Enabling Restricted Speculation for firmware calls
    Dec 12 03:00:31 hondoneon kernel: [ 0.030682] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp
    Dec 12 03:00:31 hondoneon kernel: [ 0.030759] Freeing SMP alternatives memory: 36K
    Dec 12 03:00:31 hondoneon kernel: [ 0.037629] TSC deadline timer enabled
    Dec 12 03:00:31 hondoneon kernel: [ 0.037631] smpboot: CPU0: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz (family: 0x6, model: 0x3a, stepping: 0x9)
    Dec 12 03:00:31 hondoneon systemd[1]: Mounted Mount unit for matroska-tools, revision 19.
    Dec 12 03:00:31 hondoneon kernel: [ 0.037680] Performance Events: PEBS fmt1+, IvyBridge events, 16-deep LBR, full-width counters, Intel PMU driver.
    Dec 12 03:00:31 hondoneon kernel: [ 0.037697] ... version: 3
    Dec 12 03:00:31 hondoneon kernel: [ 0.037697] ... bit width: 48
    Dec 12 03:00:31 hondoneon kernel: [ 0.037698] ... generic registers: 4
    Dec 12 03:00:31 hondoneon kernel: [ 0.037698] ... value mask: 0000ffffffffffff
    Dec 12 03:00:31 hondoneon kernel: [ 0.037699] ... max period: 00007fffffffffff
    Dec 12 03:00:31 hondoneon systemd[1]: Started udev Kernel Device Manager.
    Dec 12 03:00:31 hondoneon kernel: [ 0.037699] ... fixed-purpose events: 3
    Dec 12 03:00:31 hondoneon kernel: [ 0.037699] ... event mask: 000000070000000f
    Dec 12 03:00:31 hondoneon kernel: [ 0.037727] Hierarchical SRCU implementation.
    Dec 12 03:00:31 hondoneon kernel: [ 0.038487] NMI watchdog: Enabled. Permanently consumes one hw-PMU counter.
    Dec 12 03:00:31 hondoneon kernel: [ 0.038500] smp: Bringing up secondary CPUs ...
    Dec 12 03:00:31 hondoneon kernel: [ 0.038554] x86: Booting SMP configuration:
    Dec 12 03:00:31 hondoneon systemd[1]: Starting Show Plymouth Boot Screen...
    Dec 12 03:00:31 hondoneon kernel: [ 0.038555] .... node #0, CPUs: #1 #2 #3 #4 #5 #6 #7
    Dec 12 03:00:31 hondoneon kernel: [ 0.052047] smp: Brought up 1 node, 8 CPUs
    Dec 12 03:00:31 hondoneon kernel: [ 0.052047] smpboot: Max logical packages: 1
    Dec 12 03:00:31 hondoneon kernel: [ 0.052047] smpboot: Total of 8 processors activated (56163.58 BogoMIPS)
    Dec 12 03:00:31 hondoneon kernel: [ 0.056363] devtmpfs: initialized
    Dec 12 03:00:31 hondoneon systemd-udevd[556]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
    Dec 12 03:00:31 hondoneon systemd[1]: Started Show Plymouth Boot Screen.
    Dec 12 03:00:31 hondoneon systemd[1]: Reached target Local Encrypted Volumes.
    Dec 12 03:00:31 hondoneon systemd[1]: Started Forward Password Requests to Plymouth Directory Watch.
    Dec 12 03:00:31 hondoneon systemd-udevd[534]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
    Dec 12 03:00:31 hondoneon systemd[1]: Started Flush Journal to Persistent Storage.
    Dec 12 03:00:31 hondoneon systemd-udevd[534]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
    Dec 12 03:00:31 hondoneon systemd[1]: Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
    Dec 12 03:00:31 hondoneon systemd[1]: Starting Load/Save RF Kill Switch Status...
    Dec 12 03:00:31 hondoneon systemd-udevd[537]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
    Dec 12 03:00:31 hondoneon systemd[1]: Starting Show Plymouth Boot Screen...
    Dec 12 03:00:31 hondoneon systemd[1]: Reached target Sound Card.
    Dec 12 03:00:31 hondoneon kernel: [ 0.056363] x86/mm: Memory block size: 128MB
    Dec 12 03:00:31 hondoneon kernel: [ 0.056910] evm: security.selinux
    Dec 12 03:00:31 hondoneon systemd[1]: Started Show Plymouth Boot Screen.
    Dec 12 03:00:31 hondoneon kernel: [ 0.056910] evm: security.SMACK64
    Dec 12 03:00:31 hondoneon kernel: [ 0.056910] evm: security.SMACK64EXEC
    Dec 12 03:00:31 hondoneon kernel: [ 0.056911] evm: security.SMACK64TRANSMUTE
    Dec 12 03:00:31 hondoneon kernel: [ 0.056911] evm: security.SMACK64MMAP
    Dec 12 03:00:31 hondoneon kernel: [ 0.056911] evm: security.apparmor
    Dec 12 03:00:31 hondoneon kernel: [ 0.056912] evm: security.ima
    Dec 12 03:00:31 hondoneon kernel: [ 0.056912] evm: security.capability
    Dec 12 03:00:31 hondoneon systemd[1]: Started Load/Save RF Kill Switch Status.
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] PM: Registering ACPI NVS region [mem 0xdd764000-0xdd88ffff] (1228800 bytes)
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] PM: Registering ACPI NVS region [mem 0xde7a3000-0xde7e5fff] (274432 bytes)
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] futex hash table entries: 2048 (order: 5, 131072 bytes)
    Dec 12 03:00:31 hondoneon systemd[1]: Found device /dev/disk/by-uuid/D008C86B08C851E0.
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] pinctrl core: initialized pinctrl subsystem
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] RTC time: 2:00:23, date: 12/12/18
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] NET: Registered protocol family 16
    Dec 12 03:00:31 hondoneon systemd[1]: Found device Samsung_SSD_840_EVO_1TB 5.
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] audit: initializing netlink subsys (disabled)
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] audit: type=2000 audit(1544580022.056:1): state=initialized audit_enabled=0 res=1
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] cpuidle: using governor ladder
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] cpuidle: using governor menu
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] ACPI FADT declares the system doesn't support PCIe ASPM, so disable it
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] ACPI: bus type PCI registered
    Dec 12 03:00:31 hondoneon systemd[1]: Activating swap /dev/disk/by-uuid/e3b9e704-438d-412a-a21a-d99c6ecf1262...
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] PCI: MMCONFIG for domain 0000 [bus 00-3f] at [mem 0xf8000000-0xfbffffff] (base 0xf8000000)
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] PCI: MMCONFIG at [mem 0xf8000000-0xfbffffff] reserved in E820
    Dec 12 03:00:31 hondoneon kernel: [ 0.056923] PCI: Using configuration type 1 for base access
    • Diese Antwort wurde geändert vor 5 Monate von  Hondo.
    #2353

    85hans

    @85hans

    Teilnehmer
    • Beiträge: 36

    Sorry, bin ein paar Tage ausgefallen.

    Beginnt das Protokoll mit der ersten Zeile?
    Nur die ersten Zeilen könnten einen Hinweis auf den Bootvorgang liefern. Mir scheint das ein völlig normaler Bootvorgang zu sein.

    Du könntest deinen PC normal starten und dann das aktuelle Protokoll mit dem hier gezeigten vergleichen. Vielleicht ergibt sich daraus ein Hinweis.

    Hast du schon mal daran gedacht, dass du dir evtl. einen Trojaner eingefangen haben könntest?
    Solltest du vielleicht mal testen:
    https://wiki.ubuntuusers.de/rkhunter/
    https://forum.ubuntuusers.de/topic/rkhunter-trojaner-eingefangen/

    #2358

    Hondo

    @hondo

    Teilnehmer
    • Beiträge: 26

    Moin Hans,

    ich habe jetzt nochmal in meine Logs geschaut, die zu späteren Zeitpunkten aufgezeichnet worden sind. Ich habe immer das gleiche Ergebnis. Immer um 03 Uhr wird der Rechner geweckt und immer mit dem gleichen schmonsens.

    Hier mal ein Log vom 14.12:

    
    Dec 15 22:33:43 hondoneon systemd[1]: Stopping Make remote CUPS printers available locally...
    Dec 15 22:33:43 hondoneon systemd[1]: Stopping LSB: TurboPrint usb port daemon...
    Dec 15 22:33:43 hondoneon systemd[1]: Stopped target Login Prompts.
    Dec 16 03:00:36 hondoneon systemd-modules-load[474]: Inserted module 'lp'
    Dec 16 03:00:36 hondoneon systemd-modules-load[474]: Inserted module 'ppdev'
    Dec 16 03:00:36 hondoneon systemd-modules-load[474]: Inserted module 'parport_pc'
    Dec 16 03:00:36 hondoneon systemd[1]: Starting Flush Journal to Persistent Storage...
    Dec 16 03:00:36 hondoneon systemd[1]: Started LVM2 metadata daemon.
    Dec 16 03:00:36 hondoneon mtp-probe: checking bus 2, device 5: "/sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.8"
    Dec 16 03:00:36 hondoneon systemd[1]: Started Set the console keyboard layout.
    Dec 16 03:00:36 hondoneon mtp-probe: checking bus 2, device 4: "/sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.6"
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] microcode: microcode updated early to revision 0x20, date = 2018-04-10
    Dec 16 03:00:36 hondoneon systemd[1]: Started Apply Kernel Variables.
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] Linux version 4.15.0-42-generic (buildd@lgw01-amd64-023) (gcc version 7.3.0 (Ubuntu 7.3.0-16ubuntu3)) #45-Ubuntu SMP Thu Nov 15 19:32:57 UTC 2018 (Ubuntu 4.15.0-42.45-generic 4.15.18)
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-4.15.0-42-generic root=UUID=ffaa7c7b-206e-40e7-9807-41d49c8f8444 ro quiet splash vt.handoff=1
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] KERNEL supported cpus:
    Dec 16 03:00:36 hondoneon mtp-probe: checking bus 2, device 3: "/sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.5"
    Dec 16 03:00:36 hondoneon kernel: [    0.000000]   Intel GenuineIntel
    Dec 16 03:00:36 hondoneon kernel: [    0.000000]   AMD AuthenticAMD
    Dec 16 03:00:36 hondoneon kernel: [    0.000000]   Centaur CentaurHauls
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
    Dec 16 03:00:36 hondoneon systemd[1]: Started Create Static Device Nodes in /dev.
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] x86/fpu: xstate_offset[2]:  576, xstate_sizes[2]:  256
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'standard' format.
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] e820: BIOS-provided physical RAM map:
    Dec 16 03:00:36 hondoneon mtp-probe: checking bus 1, device 3: "/sys/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.1"
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009efff] usable
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x000000000009f000-0x000000000009ffff] reserved
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000dccf7fff] usable
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000dccf8000-0x00000000dd752fff] reserved
    Dec 16 03:00:36 hondoneon systemd[1]: Starting udev Kernel Device Manager...
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000dd753000-0x00000000dd763fff] ACPI data
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000dd764000-0x00000000dd88ffff] ACPI NVS
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000dd890000-0x00000000de70ffff] reserved
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000de710000-0x00000000de7a1fff] type 20
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000de7a2000-0x00000000de7a2fff] usable
    Dec 16 03:00:36 hondoneon mtp-probe: bus: 2, device: 3 was not an MTP device
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000de7a3000-0x00000000de7e5fff] ACPI NVS
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000de7e6000-0x00000000dec1bfff] usable
    Dec 16 03:00:36 hondoneon systemd[1]: Started Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling.
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000dec1c000-0x00000000deff3fff] reserved
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000deff4000-0x00000000deffffff] usable
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000f8000000-0x00000000fbffffff] reserved
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000fec00000-0x00000000fec00fff] reserved
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000fed00000-0x00000000fed03fff] reserved
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000fed1c000-0x00000000fed1ffff] reserved
    Dec 16 03:00:36 hondoneon mtp-probe: bus: 2, device: 5 was not an MTP device
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000ff000000-0x00000000ffffffff] reserved
    Dec 16 03:00:36 hondoneon systemd[1]: Reached target Local File Systems (Pre).
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000041effffff] usable
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] NX (Execute Disable) protection: active
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] efi: EFI v2.31 by American Megatrends
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] efi:  ACPI=0xdd757000  ACPI 2.0=0xdd757000  SMBIOS=0xf04c0  MPS=0xfd4b0 
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] secureboot: Secure boot could not be determined (mode 0)
    Dec 16 03:00:36 hondoneon mtp-probe: bus: 2, device: 4 was not an MTP device
    Dec 16 03:00:36 hondoneon kernel: [    0.000000] SMBIOS 2.7 present.

    Kann das auch ein Cron-Job sein, ich meine, wenn das ein Hack wäre, geht der dann immer genau um die gleiche Zeit los?

    Morgens, wenn ich den Rechner starte, geht der auch mit der gleichen Meldung an:

    Dec 15 08:35:03 hondoneon systemd-modules-load[466]: Inserted module 'lp'
    Dec 15 08:35:03 hondoneon systemd-modules-load[466]: Inserted module 'ppdev'
    Dec 15 08:35:03 hondoneon systemd-modules-load[466]: Inserted module 'parport_pc'
    Dec 15 08:35:03 hondoneon systemd[1]: Starting Flush Journal to Persistent Storage...
    Dec 15 08:35:03 hondoneon systemd[1]: Started Load Kernel Modules.
    Dec 15 08:35:03 hondoneon systemd[1]: Mounting FUSE Control File System...
    Dec 15 08:35:03 hondoneon systemd[1]: Starting Apply Kernel Variables...
    Dec 15 08:35:03 hondoneon systemd[1]: Mounting Kernel Configuration File System...
    Dec 15 08:35:03 hondoneon systemd[1]: Mounted FUSE Control File System.
    Dec 15 08:35:03 hondoneon systemd[1]: Mounted Kernel Configuration File System.
    Dec 15 08:35:03 hondoneon mtp-probe: checking bus 2, device 3: "/sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.5"
    Dec 15 08:35:03 hondoneon systemd[1]: Started LVM2 metadata daemon.
    Dec 15 08:35:03 hondoneon mtp-probe: checking bus 1, device 3: "/sys/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.1"
    Dec 15 08:35:03 hondoneon systemd[1]: Started Set the console keyboard layout.
    Dec 15 08:35:03 hondoneon mtp-probe: checking bus 2, device 4: "/sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.6"
    Dec 15 08:35:03 hondoneon systemd[1]: Started Apply Kernel Variables.
    Dec 15 08:35:03 hondoneon mtp-probe: bus: 2, device: 3 was not an MTP device
    Dec 15 08:35:03 hondoneon systemd[1]: Started Create Static Device Nodes in /dev.
    Dec 15 08:35:03 hondoneon mtp-probe: bus: 2, device: 4 was not an MTP device
    Dec 15 08:35:03 hondoneon systemd[1]: Starting udev Kernel Device Manager...
    Dec 15 08:35:03 hondoneon mtp-probe: checking bus 2, device 5: "/sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.8"
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] microcode: microcode updated early to revision 0x20, date = 2018-04-10
    Dec 15 08:35:03 hondoneon systemd[1]: Started Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling.
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] Linux version 4.15.0-42-generic (buildd@lgw01-amd64-023) (gcc version 7.3.0 (Ubuntu 7.3.0-16ubuntu3)) #45-Ubuntu SMP Thu Nov 15 19:32:57 UTC 2018 (Ubuntu 4.15.0-42.45-generic 4.15.18)
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-4.15.0-42-generic root=UUID=ffaa7c7b-206e-40e7-9807-41d49c8f8444 ro quiet splash vt.handoff=1
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] KERNEL supported cpus:
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   Intel GenuineIntel
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   AMD AuthenticAMD
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   Centaur CentaurHauls
    Dec 15 08:35:03 hondoneon mtp-probe: bus: 2, device: 5 was not an MTP device
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] x86/fpu: xstate_offset[2]:  576, xstate_sizes[2]:  256
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'standard' format.
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] e820: BIOS-provided physical RAM map:
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009efff] usable
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x000000000009f000-0x000000000009ffff] reserved
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000dccf7fff] usable
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000dccf8000-0x00000000dd752fff] reserved
    Dec 15 08:35:03 hondoneon systemd[1]: Reached target Local File Systems (Pre).
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000dd753000-0x00000000dd763fff] ACPI data
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000dd764000-0x00000000dd88ffff] ACPI NVS
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000dd890000-0x00000000de70ffff] reserved
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000de710000-0x00000000de7a1fff] type 20
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000de7a2000-0x00000000de7a2fff] usable
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000de7a3000-0x00000000de7e5fff] ACPI NVS
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000de7e6000-0x00000000dec1bfff] usable
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000dec1c000-0x00000000deff3fff] reserved
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000deff4000-0x00000000deffffff] usable
    Dec 15 08:35:03 hondoneon mtp-probe: bus: 1, device: 3 was not an MTP device
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000f8000000-0x00000000fbffffff] reserved
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000fec00000-0x00000000fec00fff] reserved
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000fed00000-0x00000000fed03fff] reserved
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000fed1c000-0x00000000fed1ffff] reserved
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x00000000ff000000-0x00000000ffffffff] reserved
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000041effffff] usable
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] NX (Execute Disable) protection: active
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] efi: EFI v2.31 by American Megatrends
    Dec 15 08:35:03 hondoneon systemd[1]: Mounting Mount unit for wine-platform-i386, revision 25...
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] efi:  ACPI=0xdd757000  ACPI 2.0=0xdd757000  SMBIOS=0xf04c0  MPS=0xfd4b0 
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] secureboot: Secure boot could not be determined (mode 0)
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] SMBIOS 2.7 present.
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] DMI: System manufacturer System Product Name/P8Z77-V DELUXE, BIOS 2104 08/13/2013
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable
    Dec 15 08:35:03 hondoneon systemd[1]: Mounting Mount unit for wine-platform, revision 49...
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] e820: last_pfn = 0x41f000 max_arch_pfn = 0x400000000
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] MTRR default type: uncachable
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] MTRR fixed ranges enabled:
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   00000-9FFFF write-back
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   A0000-BFFFF uncachable
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   C0000-DBFFF write-protect
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   DC000-DFFFF uncachable
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   E0000-FFFFF write-protect
    Dec 15 08:35:03 hondoneon systemd[1]: Mounting Mount unit for core, revision 5897...
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] MTRR variable ranges enabled:
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   0 base 000000000 mask C00000000 write-back
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   1 base 400000000 mask FF0000000 write-back
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   2 base 410000000 mask FF8000000 write-back
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   3 base 418000000 mask FFC000000 write-back
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   4 base 41C000000 mask FFE000000 write-back
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   5 base 41E000000 mask FFF000000 write-back
    Dec 15 08:35:03 hondoneon systemd[1]: Mounting Mount unit for core, revision 6034...
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   6 base 0E0000000 mask FE0000000 uncachable
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   7 disabled
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   8 disabled
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]   9 disabled
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WP  UC- WT  
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] total RAM covered: 16368M
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] Found optimal setting for mtrr clean up
    Dec 15 08:35:03 hondoneon systemd[1]: Mounting Mount unit for wine-platform, revision 48...
    Dec 15 08:35:03 hondoneon kernel: [    0.000000]  gran_size: 64K 	chunk_size: 32M 	num_reg: 7  	lose cover RAM: 0G
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] e820: update [mem 0xe0000000-0xffffffff] usable ==> reserved
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] e820: last_pfn = 0xdf000 max_arch_pfn = 0x400000000
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] found SMP MP-table at [mem 0x000fd870-0x000fd87f] mapped at [        (ptrval)]
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] Scanning 1 areas for low memory corruption
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] Base memory trampoline at [        (ptrval)] 8b000 size 24576
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x29193f000, 0x29193ffff] PGTABLE
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x291940000, 0x291940fff] PGTABLE
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x291941000, 0x291941fff] PGTABLE
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x291942000, 0x291942fff] PGTABLE
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x291943000, 0x291943fff] PGTABLE
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x291944000, 0x291944fff] PGTABLE
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x291945000, 0x291945fff] PGTABLE
    Dec 15 08:35:03 hondoneon systemd[1]: Mounting Mount unit for kde-frameworks-5, revision 27...
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x291946000, 0x291946fff] PGTABLE
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x291947000, 0x291947fff] PGTABLE
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x291948000, 0x291948fff] PGTABLE
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x291949000, 0x291949fff] PGTABLE
    Dec 15 08:35:03 hondoneon kernel: [    0.000000] BRK [0x29194a000, 0x29194afff] PGTABLE

    Das sieht irgendwie nicht für mich so aus.

    LG

    Hondo

    • Diese Antwort wurde geändert vor 4 Monate, 4 Wochen von  Hondo.
    #2359

    85hans

    @85hans

    Teilnehmer
    • Beiträge: 36

    Bei einem Hack startet ein Skript (Cron-Job) immer zur gleichen Zeit die Armada der gehackten PCs.

    Teste mal dein Gerät wie oben beschrieben.
    Du kannst auch in deine crontab schauen, ob da was Auffälliges ist:

    https://wiki.ubuntuusers.de/Cron/

    Trotzdem: Fröhliche Weihnacht in den hohen Norden!

    #2361

    Hondo

    @hondo

    Teilnehmer
    • Beiträge: 26

    Moin Hans,

    Dir und allen anderen auch erst einmal ein paar frohe und erholsame Tage.
    Ich habe mal gerade mit rkhunter nachgeschaut:

    Performing file properties checks
        /usr/bin/lwp-request                                     [ Warning ]
    
    Performing malware checks
        Checking for suspicious (large) shared memory segments   [ Warning ]
    
    Performing group and account checks
        Checking for passwd file changes                         [ Warning ]
        Checking for group file changes                          [ Warning ]
        
        
        
        
    Performing filesystem checks
        Checking /dev for suspicious file types                  [ Warning ]
        Checking for hidden files and directories                [ Warning ]
        
    Performing system configuration file checks
        Checking if SSH root access is allowed                   [ Warning ]

    Allerdings weiß ich nicht, wie ich mit den Warnungen umgehen soll. Was soll ich zb machen, wenn unter /dev suspicious files liegen. Welche sollen das sein, wie kann ich das beheben?
    Unter Cron habe ich keine Einträge wenn ich
    crontab -e
    mache.

    LG

    Hondo

    • Diese Antwort wurde geändert vor 4 Monate, 4 Wochen von  Hondo.
    #2362

    85hans

    @85hans

    Teilnehmer
    • Beiträge: 36

    Servus Hondo,

    hast du unter https://wiki.ubuntuusers.de/rkhunter/  den Abschnitt “Falsche Warnungen durch Whitelist-Einträge beseitigen” beachtet.
    Warnungen bedeuten nicht unbedingt, dass du dir was eingefangen hast. Du solltest also in den angeführten Dateien die entsprechenden Einträge überprüfen.

    Nachdem ich noch nie eine Warnung hatte, habe ich auch keine Erfahrung mit der weiteren Bearbeitung.
    Ich kann dir noch zur weiteren Info empfehlen:
    https://forum.ubuntuusers.de/topic/rkhunter-und-chkrootkit
    https://www.edvnet-uk.com/apps/rkhunter/

    #2364

    Hondo

    @hondo

    Teilnehmer
    • Beiträge: 26

    Hi Hans! Danke für Rat und Tat!!!

    Ich habe bisher nichts Auffälliges weiter an meinem System feststellen können, ich habe übrigens
    sudo apt purge mono-complete gemacht, das hat auch noch mal ein paar Fehlermeldungen weggeschafft.
    Ich habe bis auf die erste Fehlermeldung sonst nichts mehr (außer wenn ich beim Check noch Firefox laufen lasse, meckert er

    Performing malware checks
        Checking for suspicious (large) shared memory segments   [ Warning ]

    und das ein Verzeichnis in /etc/ versteckt sei. Das Verzeichnis ist aber von Java und ich gehe mal davon aus, dass Java ungefährlich ist, genauso wie Firefox.

    LG

    Hondo

    #2365

    85hans

    @85hans

    Teilnehmer
    • Beiträge: 36

    Das sieht ja schon ganz gut aus!

    Java ist natürlich potentiell gefährlich, deshalb installiert man sich ja z.B. “Noscript” im Browser, um damit die unbemerkte Ausführung schädlicher Scripts zu verhindern.

    Du kannst ja dieses Verzeichnis mal umbenennen oder verschieben und beobachten, was passiert.
    Wenn nötig, kannst du es dann wieder herstellen.
    Oder löschen.

    #2367

    Hondo

    @hondo

    Teilnehmer
    • Beiträge: 26

    Moin Hans,
    ich bin ein Esel. Ich habe das Problem jetzt lokalisiert. Dass mein System alle zwei Tage um 3 Uhr für 20min hochfährt liegt an Kodi bzw. genauer an dem Plugin “TVHeadend Power and Recording Management”. Dies will die EPG-Daten auf den neusten Stand bringen, damit das System nicht tagsüber einfach mal mitten in der Arbeit sich ein und ausschaltet, ist die Einstellung wohl für nachts um 3 Uhr gewählt worden, weil die meisten Menschen da schlafen. Rausgefunden habe ich das über die auth.log.

    Aber durch Deine Anregungen habe ich noch einiges gelernt und auch noch die letzte Warnung bei rkhunter wegbekommen:

    Performing file properties checks
        /usr/bin/lwp-request                                     [warning]

    rkhunter weiß nicht, dass ich eine Debian basierte Distribution verwende. Deshalb muss ich rkhunter in der conf mitteilen, dass ich DPKG als Paketmanager verwende. Also muss in die /etc/rkhunter.conf
    dieser Wert eingetragen oder editiert werden.
    PKGMGR=DPKG

    Liebe Grüße

    Hondo

    #2369

    Hondo

    @hondo

    Teilnehmer
    • Beiträge: 26
    • Diese Antwort wurde geändert vor 4 Monate, 3 Wochen von  Hondo.
    #2370

    85hans

    @85hans

    Teilnehmer
    • Beiträge: 36

    Gratuliere!

    So kann man sich Lösungen Schritt für Schritt systematisch erarbeiten.

    Gutes Neues Jahr und weiterhin viel Spaß und Erfolg mit KDEneon.

    #2378
Ansicht von 13 Beiträgen - 1 bis 13 (von insgesamt 13)

Du musst angemeldet sein, um auf dieses Thema antworten zu können.