[users]anti-spyware/ad-ware for linux
NoOp
glgxg at sbcglobal.net
Thu Aug 30 15:26:11 UTC 2007
On 08/29/2007 01:00 PM, Jimmy Wu wrote:
> Tried chkrootkit, and everything seems fine, except for these lines:
> Checking `lkm'... You have 3 process hidden for readdir command
> You have 3 process hidden for ps command
> chkproc: Warning: Possible LKM Trojan installed
>
> Should I be worried, and what should I do?
>
> Thanks
>
Google is your friend (sometimes)... you'll find many threads regarding
chkrootkit and the possibility of false positives. Google for "Possible
LKM Trojan installed". Also:
http://www.chkrootkit.org/faq/
http://www.chkrootkit.org/faq/#6
However, I would take it as serious until you can confirm that it is a
false positive. I'd also recommend that you scan using Rootkit Hunter:
http://www.rootkit.nl/projects/rootkit_hunter.html
$ sudo apt-get install rkhunter
to see if it finds the same.
More information about the ubuntu-users
mailing list