root kits

[InvaderSumo]

I can recall there being a software that automagically scans and removes rootkits that were installed onto a linux system.
could anybody guide me in the direction to such software. or teach me how to look for backdoor/rootkits on my system and manually remove them?
I'm asking because used glances and and my cpu is being consumed %90 something percent and that's not normal. I'd provide a screenshot but now its gone.
it was under ROOT user and the application was labeled packagekitd. If anyone knows just what exactly it is please do inform me.


*edit. the application is called rkhunter... but idk how to install it. its a tar.gz file

 

[Condobloke]

packagekit is a piece of software normally included in ubuntu.

Leave it alone.

What OS are you running and which version?

 

[KGIII]

There is a root user and they do stuff sometimes.

Anyhow, you probably install it with sudo apt install rkhunter, assuming you're using Debian/Ubuntu/Mate/etc...

 

[Vimmer]

I'm asking because used glances and and my cpu is being consumed %90 something percent and that's not normal.

Wow!

There is a root user and they do stuff sometimes.

Stuff? Like what?

 

[InvaderSumo]

well i learned how to install it without apt.. but ive ran into a problem with it giving me false neagtives.... so im gonna uninstall it and re install it with apt and see if it works then

*edit... does anybody know how to uninstall a tar installation? lmao

 

[InvaderSumo]

packagekit is a piece of software normally included in ubuntu.

Leave it alone.

What OS are you running and which version?

i learned it was for http requests definitely not gonna mess with that. it went away eventually. but now m trying to figure out how to uninstall a tar installation because it makes less false positives when installed with apt

 

[KGIII]

Stuff? Like what?

Generally low-level things, that is processes owned by 'root'.

Run this command in the terminal: ps aux | grep root

 

[InvaderSumo]

I figured it out. thanks in advanced
~ can be a moron at times

 

[Vimmer]

Generally low-level things, that is processes owned by 'root'.

Run this command in the terminal: ps aux | grep root

417 processes! That's more than "some" to me.

 

[InvaderSumo]

I scanned my local with rkhunter -c and got more than a couple WARNINGS. How can I gain the knowledge of knowing whether or not these are false positives???
also do you want me to post my rkhunter.log file?

 

[bob466]

Rootkits...malware...viruses and ransomware are very dangerous...you must do everything to protect your files and...hang on this isn't a windoze Forum silly me...forget everything I said.