[users]anti-spyware/ad-ware for linux
NoOp
glgxg at sbcglobal.net
Thu Aug 30 15:44:06 UTC 2007
On 08/30/2007 08:26 AM, NoOp wrote:
> On 08/29/2007 01:00 PM, Jimmy Wu wrote:
>> Tried chkrootkit, and everything seems fine, except for these lines:
>> Checking `lkm'... You have 3 process hidden for readdir command
>> You have 3 process hidden for ps command
>> chkproc: Warning: Possible LKM Trojan installed
>>
>> Should I be worried, and what should I do?
>>
>> Thanks
>>
>
> Google is your friend (sometimes)... you'll find many threads regarding
> chkrootkit and the possibility of false positives. Google for "Possible
> LKM Trojan installed". Also:
>
> http://www.chkrootkit.org/faq/
> http://www.chkrootkit.org/faq/#6
>
> However, I would take it as serious until you can confirm that it is a
> false positive. I'd also recommend that you scan using Rootkit Hunter:
> http://www.rootkit.nl/projects/rootkit_hunter.html
>
> $ sudo apt-get install rkhunter
>
> to see if it finds the same.
>
>
Sorry, forgot to add that after '$ sudo apt-get install rkhunter' do:
$ sudo rkhunter --update
then
$ sudo rkhunter -c
Gary
More information about the ubuntu-users
mailing list