Hello all
I wanted to check the integrity of my Dual Boot Vista and Ubuntu 10.04 system. Because I play WoW and I use web mail etc etc.
I Ran RKhunter using the
sudo rkhunter --update to udate
and then Ran
sudo rkhunter -c
to check for any rootkits or Vulnerabilities.
luckily No rootkits where found
But worryingly. Quite a few Warnings where shown.::
Here are some of them::
I would like to know if I am safe from any Malware. and if I am not. How can I clear any malwareCode:Warning ] [00:14:06] Warning: The file properties have changed: [00:14:07] File: /usr/bin/chattr [00:14:07] Current inode: 137378 Stored inode: 131139 [00:14:07] Current file modification time: 1282026587 (17-Aug-2010 07:29:47) [00:14:07] Stored file modification time : 1271651439 (19-Apr-2010 05:30:39) [00:14:07] /usr/bin/curl [ Warning ] [00:14:07] Warning: The file '/usr/bin/curl' exists on the system, but it is not present in the rkhunter.dat file. [ Warning ] [00:14:09] Warning: The file properties have changed: [00:14:09] File: /usr/bin/ldd [00:14:09] Current hash: f73d7823160b3bd2105d5ffff0ecfcf94512aebf [00:14:09] Stored hash : 32b0f6e26bc337becb5e4539c8890180607361c4 [00:14:09] Current inode: 149834 Stored inode: 130947 [00:14:09] Current file modification time: 1282037498 (17-Aug-2010 10:31:38) [00:14:09] Stored file modification time : 1276526043 (14-Jun-2010 15:34:03) [00:14:09] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check. [ Warning ] [00:14:09] Warning: The file properties have changed: [00:14:09] File: /usr/bin/lsattr [00:14:09] Current inode: 137379 Stored inode: 131699 [00:14:09] Current file modification time: 1282026587 (17-Aug-2010 07:29:47) [00:14:09] Stored file modification time : 1271651439 (19-Apr-2010 05:30:39) [00:14:09] /usr/bin/lsof [ Warning ] [00:14:14] Warning: The file properties have changed: [00:14:14] File: /sbin/ifdown [00:14:14] Current hash: 8492aba75f302334dc9c558c0f58b09ab3040479 [00:14:14] Stored hash : 36cd231c396a15983d0afe23e4e33dbb2349102a [00:14:14] Current inode: 130910 Stored inode: 130869 [00:14:14] Current file modification time: 1282025603 (17-Aug-2010 07:13:23) [00:14:14] Stored file modification time : 1266649378 (20-Feb-2010 07:02:58) [00:14:14] /sbin/ifup [ Warning ] [00:14:14] Warning: The file properties have changed: [00:14:14] File: /sbin/ifup [00:14:14] Current hash: 8492aba75f302334dc9c558c0f58b09ab3040479 [00:14:14] Stored hash : 36cd231c396a15983d0afe23e4e33dbb2349102a [00:14:14] Current inode: 130910 Stored inode: 130871 [00:14:14] Current file modification time: 1282025603 (17-Aug-2010 07:13:23) [00:14:15] Stored file modification time : 1266649378 (20-Feb-2010 07:02:59) [00:14:15] /sbin/init [ Warning ] [00:14:15] Warning: The file properties have changed: [00:14:15] File: /sbin/init [00:14:15] Current hash: 968cbc98023d4bed9a52fd6f2aa519457fe0412b [00:14:15] Stored hash : d6997dd8ca3d89f8038729a284fb2447c35a1448 [00:14:15] Current inode: 134700 Stored inode: 130872 [00:14:15] Current file modification time: 1281659208 (13-Aug-2010 01:26:48) [00:14:15] Stored file modification time : 1270150546 (01-Apr-2010 20:35:46) [ Warning ] [00:14:16] Warning: The file properties have changed: [00:14:16] File: /sbin/runlevel [00:14:16] Current hash: 028c8437b6cd831baf318e2acc5a8db8fb83c5f8 [00:14:16] Stored hash : 550b372a8615ea7d455105d2244f2cf8345f43b2 [00:14:16] Current inode: 139931 Stored inode: 130954 [00:14:16] Current file modification time: 1281659208 (13-Aug-2010 01:26:48) [00:14:16] Stored file modification time : 1270150546 (01-Apr-2010 20:35:46) Warning ] [00:15:27] Warning: Suspicious file types found in /dev: [00:15:27] /dev/shm/pulse-shm-3266890909: data [00:15:27] /dev/shm/pulse-shm-124107464: data [00:15:27] /dev/shm/pulse-shm-1774287387: AmigaOS bitmap font [00:15:27] /dev/shm/pulse-shm-621502677: data [00:15:27] /dev/shm/ecryptfs-mark-Private: ASCII text [00:15:27] /dev/shm/pulse-shm-2538263110: data [00:15:27] Checking for hidden files and directories [ Warning ] [00:15:27] Warning: Hidden directory found: /etc/.java [00:15:27] Warning: Hidden directory found: /dev/.udev [00:15:27] Warning: Hidden directory found: /dev/.initramfs [00:15:33] [00:15:33] Info: Test 'apps' disabled at users request. [00:15:33] [00:15:33] System checks summary [00:15:33] ===================== [00:15:33] [00:15:33] File properties checks... [00:15:33] Files checked: 133 [00:15:33] Suspect files: 8 [00:15:33] [00:15:33] Rootkit checks... [00:15:33] Rootkits checked : 242 [00:15:33] Possible rootkits: 0 [00:15:33] [00:15:33] Applications checks... [00:15:33] All checks skipped [00:15:33] [00:15:33] The system checks took: 1 minute and 35 seconds [00:15:33] [00:15:33] Info: End date is Wed Aug 18 00:15:33 BST 2010 I will post my full RKhunter scan output at the end of this thread. I would appreciate if someone with knowledge of viewing. Understanding, Removing and cleaning any Malware found by RKHunter. could assit me in understanding what these warnings mean. and am I right to be concerned. and mainly how can i fix these warnings to once gain feel safe. Here is the my Complete RKHunter scan output incase I did not show any of the important warnings in the earlier part of this thread :: [00:13:57] Running Rootkit Hunter version 1.3.6 on mark-laptop [00:13:57] [00:13:57] Info: Start date is Wed Aug 18 00:13:57 BST 2010 [00:13:57] [00:13:57] Checking configuration file and command-line options... [00:13:57] Info: Detected operating system is 'Linux' [00:13:57] Info: Found O/S name: Ubuntu 10.04.1 LTS [00:13:57] Info: Command line is /usr/bin/rkhunter -c [00:13:57] Info: Environment shell is /bin/bash; rkhunter is using dash [00:13:57] Info: Using configuration file '/etc/rkhunter.conf' [00:13:57] Info: Installation directory is '/usr' [00:13:57] Info: Using language 'en' [00:13:57] Info: Using '/var/lib/rkhunter/db' as the database directory [00:13:57] Info: Using '/usr/share/rkhunter/scripts' as the support script directory [00:13:57] Info: Using '/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin /usr/X11R6/bin /bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin /usr/libexec /usr/local/libexec' as the command directories [00:13:57] Info: Using '/' as the root directory by default [00:13:57] Info: Using '/var/lib/rkhunter/tmp' as the temporary directory [00:13:57] Info: No mail-on-warning address configured [00:13:57] Info: X will be automatically detected [00:13:57] Info: Using second color set [00:13:57] Info: Found the 'basename' command: /usr/bin/basename [00:13:57] Info: Found the 'diff' command: /usr/bin/diff [00:13:57] Info: Found the 'dirname' command: /usr/bin/dirname [00:13:57] Info: Found the 'file' command: /usr/bin/file [00:13:57] Info: Found the 'find' command: /usr/bin/find [00:13:57] Info: Found the 'ifconfig' command: /sbin/ifconfig [00:13:57] Info: Found the 'ip' command: /sbin/ip [00:13:57] Info: Found the 'ldd' command: /usr/bin/ldd [00:13:57] Info: Found the 'lsattr' command: /usr/bin/lsattr [00:13:57] Info: Found the 'lsmod' command: /sbin/lsmod [00:13:57] Info: Found the 'lsof' command: /usr/bin/lsof [00:13:57] Info: Found the 'mktemp' command: /bin/mktemp [00:13:58] Info: Found the 'netstat' command: /bin/netstat [00:13:58] Info: Found the 'perl' command: /usr/bin/perl [00:13:58] Info: Found the 'pgrep' command: /usr/bin/pgrep [00:13:58] Info: Found the 'ps' command: /bin/ps [00:13:58] Info: Found the 'pwd' command: /bin/pwd [00:13:58] Info: Found the 'readlink' command: /bin/readlink [00:13:58] Info: Found the 'sort' command: /usr/bin/sort [00:13:58] Info: Found the 'stat' command: /usr/bin/stat [00:13:58] Info: Found the 'strings' command: /usr/bin/strings [00:13:58] Info: Found the 'uniq' command: /usr/bin/uniq [00:13:58] Info: System is not using prelinking [00:13:58] Info: Using the '/usr/bin/sha1sum' command for the file hash checks [00:13:58] Info: Stored hash values used hash function '/usr/bin/sha1sum' [00:13:58] Info: Stored hash values did not use a package manager [00:13:58] Info: The hash function field index is set to 1 [00:13:58] Info: No package manager specified: using hash function '/usr/bin/sha1sum' [00:13:58] Info: Previous file attributes were stored [00:13:58] Info: Enabled tests are: all [00:13:58] Info: Disabled tests are: suspscan hidden_procs deleted_files packet_cap_apps apps [00:13:58] Info: Found ksym file '/proc/kallsyms' [00:13:58] Info: Using 'date' to process epoch second times. [00:13:58] [00:13:58] Checking if the O/S has changed since last time... [00:13:58] Info: Nothing seems to have changed [00:13:58] Info: Locking is not being used [00:13:58] [00:13:58] Starting system checks... [00:13:58] [00:13:58] Checking system commands... [00:13:58] Info: Starting test name 'system_commands' [00:13:58] [00:13:58] Performing 'strings' command checks [00:13:58] Info: Starting test name 'strings' [00:13:58] Scanning for string /usr/sbin/ntpsx [ OK ] [00:13:58] Scanning for string /usr/sbin/.../bkit-ava [ OK ] [00:13:58] Scanning for string /usr/sbin/.../bkit-d [ OK ] [00:13:58] Scanning for string /usr/sbin/.../bkit-shd [ OK ] [00:13:58] Scanning for string /usr/sbin/.../bkit-f [ OK ] [00:13:58] Scanning for string /usr/include/.../proc.h [ OK ] [00:13:58] Scanning for string /usr/include/.../.bash_history [ OK ] [00:13:58] Scanning for string /usr/include/.../bkit-get [ OK ] [00:13:58] Scanning for string /usr/include/.../bkit-dl [ OK ] [00:13:58] Scanning for string /usr/include/.../bkit-screen [ OK ] [00:13:58] Scanning for string /usr/include/.../bkit-sleep [ OK ] [00:13:59] Scanning for string /usr/lib/.../bkit-adore.o [ OK ] [00:13:59] Scanning for string /usr/lib/.../ls [ OK ] [00:13:59] Scanning for string /usr/lib/.../netstat [ OK ] [00:13:59] Scanning for string /usr/lib/.../lsof [ OK ] [00:13:59] Scanning for string /usr/lib/.../bkit-ssh/bkit-shdcfg [ OK ] [00:13:59] Scanning for string /usr/lib/.../bkit-ssh/bkit-shhk [ OK ] [00:13:59] Scanning for string /usr/lib/.../bkit-ssh/bkit-pw [ OK ] [00:13:59] Scanning for string /usr/lib/.../bkit-ssh/bkit-shrs [ OK ] [00:13:59] Scanning for string /usr/lib/.../bkit-ssh/bkit-mots [ OK ] [00:13:59] Scanning for string /usr/lib/.../uconf.inv [ OK ] [00:13:59] Scanning for string /usr/lib/.../psr [ OK ] [00:13:59] Scanning for string /usr/lib/.../find [ OK ] [00:13:59] Scanning for string /usr/lib/.../pstree [ OK ] [00:13:59] Scanning for string /usr/lib/.../slocate [ OK ] [00:13:59] Scanning for string /usr/lib/.../du [ OK ] [00:13:59] Scanning for string /usr/lib/.../top [ OK ] [00:13:59] Scanning for string /usr/sbin/... [ OK ] [00:13:59] Scanning for string /usr/include/... [ OK ] [00:13:59] Scanning for string /usr/include/.../.tmp [ OK ] [00:13:59] Scanning for string /usr/lib/... [ OK ] [00:13:59] Scanning for string /usr/lib/.../.ssh [ OK ] [00:13:59] Scanning for string /usr/lib/.../bkit-ssh [ OK ] [00:13:59] Scanning for string /usr/lib/.bkit- [ OK ] [00:13:59] Scanning for string /tmp/.bkp [ OK ] [00:13:59] Scanning for string /tmp/.cinik [ OK ] [00:13:59] Scanning for string /tmp/.font-unix/.cinik [ OK ] [00:13:59] Scanning for string /lib/.sso [ OK ] [00:13:59] Scanning for string /lib/.so [ OK ] [00:14:00] Scanning for string /var/run/...dica/clean [ OK ] [00:14:00] Scanning for string /var/run/...dica/dxr [ OK ] [00:14:00] Scanning for string /var/run/...dica/read [ OK ] [00:14:00] Scanning for string /var/run/...dica/write [ OK ] [00:14:00] Scanning for string /var/run/...dica/lf [ OK ] [00:14:00] Scanning for string /var/run/...dica/xl [ OK ] [00:14:00] Scanning for string /var/run/...dica/xdr [ OK ] [00:14:00] Scanning for string /var/run/...dica/psg [ OK ] [00:14:00] Scanning for string /var/run/...dica/secure [ OK ] [00:14:00] Scanning for string /var/run/...dica/rdx [ OK ] [00:14:00] Scanning for string /var/run/...dica/va [ OK ] [00:14:00] Scanning for string /var/run/...dica/cl.sh [ OK ] [00:14:00] Scanning for string /var/run/...dica/last.log [ OK ] [00:14:00] Scanning for string /usr/bin/.etc [ OK ] [00:14:00] Scanning for string /etc/sshd_config [ OK ] [00:14:00] Scanning for string /etc/ssh_host_key [ OK ] [00:14:00] Scanning for string /etc/ssh_random_seed [ OK ] [00:14:00] Scanning for string /dev/ptyp [ OK ] [00:14:00] Scanning for string /dev/ptyq [ OK ] [00:14:00] Scanning for string /dev/ptyr [ OK ] [00:14:00] Scanning for string /dev/ptys [ OK ] [00:14:00] Scanning for string /dev/ptyt [ OK ] [00:14:00] Scanning for string /dev/fd/.88/freshb-bsd [ OK ] [00:14:00] Scanning for string /dev/fd/.88/fresht [ OK ] [00:14:00] Scanning for string /dev/fd/.88/zxsniff [ OK ] [00:14:00] Scanning for string /dev/fd/.88/zxsniff.log [ OK ] [00:14:00] Scanning for string /dev/fd/.99/.ttyf00 [ OK ] [00:14:00] Scanning for string /dev/fd/.99/.ttyp00 [ OK ] [00:14:01] Scanning for string /dev/fd/.99/.ttyq00 [ OK ] [00:14:01] Scanning for string /dev/fd/.99/.ttys00 [ OK ] [00:14:01] Scanning for string /dev/fd/.99/.pwsx00 [ OK ] [00:14:01] Scanning for string /etc/.acid [ OK ] [00:14:01] Scanning for string /usr/lib/.fx/sched_host.2 [ OK ] [00:14:01] Scanning for string /usr/lib/.fx/random_d.2 [ OK ] [00:14:01] Scanning for string /usr/lib/.fx/set_pid.2 [ OK ] [00:14:01] Scanning for string /usr/lib/.fx/setrgrp.2 [ OK ] [00:14:01] Scanning for string /usr/lib/.fx/TOHIDE [ OK ] [00:14:01] Scanning for string /usr/lib/.fx/cons.saver [ OK ] [00:14:01] Scanning for string /usr/lib/.fx/adore/ava/ava [ OK ] [00:14:01] Scanning for string /usr/lib/.fx/adore/adore/adore.ko [ OK ] [00:14:01] Scanning for string /bin/sysback [ OK ] [00:14:01] Scanning for string /usr/local/bin/sysback [ OK ] [00:14:01] Scanning for string /usr/lib/.tbd [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/t0rns [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/du [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/ls [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/t0rnsb [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/ps [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/t0rnp [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/find [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/ifconfig [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/pg [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/ssh.tgz [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/top [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/sz [ OK ] [00:14:01] Scanning for string /dev/.lib/lib/lib/login [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/lib/in.fingerd [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/lib/1i0n.sh [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/lib/pstree [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/lib/in.telnetd [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/lib/mjy [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/lib/sush [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/lib/tfn [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/lib/name [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/lib/getip.sh [ OK ] [00:14:02] Scanning for string /usr/info/.torn/sh* [ OK ] [00:14:02] Scanning for string /usr/src/.puta/.1addr [ OK ] [00:14:02] Scanning for string /usr/src/.puta/.1file [ OK ] [00:14:02] Scanning for string /usr/src/.puta/.1proc [ OK ] [00:14:02] Scanning for string /usr/src/.puta/.1logz [ OK ] [00:14:02] Scanning for string /usr/info/.t0rn [ OK ] [00:14:02] Scanning for string /dev/.lib [ OK ] [00:14:02] Scanning for string /dev/.lib/lib [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/lib [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/lib/dev [ OK ] [00:14:02] Scanning for string /dev/.lib/lib/scan [ OK ] [00:14:02] Scanning for string /usr/src/.puta [ OK ] [00:14:02] Scanning for string /usr/man/man1/man1 [ OK ] [00:14:02] Scanning for string /usr/man/man1/man1/lib [ OK ] [00:14:02] Scanning for string /usr/man/man1/man1/lib/.lib [ OK ] [00:14:02] Scanning for string /usr/man/man1/man1/lib/.lib/.backup [ OK ] [00:14:02] [00:14:02] Performing 'shared libraries' checks [00:14:02] Info: Starting test name 'shared_libs' [00:14:02] Checking for preloading variables [ None found ] [00:14:02] Checking for preloaded libraries [ None found ] [00:14:03] Info: Starting test name 'shared_libs_path' [00:14:03] Checking LD_LIBRARY_PATH variable [ Not found ] [00:14:03] [00:14:03] Performing file properties checks [00:14:03] Info: Starting test name 'properties' [00:14:03] Checking for prerequisites [ OK ] [00:14:03] /bin/bash [ OK ] [00:14:03] /bin/cat [ OK ] [00:14:03] /bin/chmod [ OK ] [00:14:03] /bin/chown [ OK ] [00:14:03] /bin/cp [ OK ] [00:14:03] /bin/date [ OK ] [00:14:03] /bin/df [ OK ] [00:14:03] /bin/dmesg [ OK ] [00:14:04] /bin/echo [ OK ] [00:14:04] /bin/ed [ OK ] [00:14:04] /bin/egrep [ OK ] [00:14:04] Info: Found file '/bin/egrep': it is whitelisted for the 'script replacement' check. [00:14:04] /bin/fgrep [ OK ] [00:14:04] Info: Found file '/bin/fgrep': it is whitelisted for the 'script replacement' check. [00:14:04] /bin/fuser [ OK ] [00:14:04] /bin/grep [ OK ] [00:14:04] /bin/ip [ OK ] [00:14:04] /bin/kill [ OK ] [00:14:04] /bin/less [ OK ] [00:14:04] /bin/login [ OK ] [00:14:04] /bin/ls [ OK ] [00:14:04] /bin/lsmod [ OK ] [00:14:05] /bin/mktemp [ OK ] [00:14:05] /bin/more [ OK ] [00:14:05] /bin/mount [ OK ] [00:14:05] /bin/mv [ OK ] [00:14:05] /bin/netstat [ OK ] [00:14:05] /bin/ps [ OK ] [00:14:05] /bin/pwd [ OK ] [00:14:05] /bin/readlink [ OK ] [00:14:05] /bin/sed [ OK ] [00:14:05] /bin/sh [ OK ] [00:14:06] /bin/su [ OK ] [00:14:06] /bin/touch [ OK ] [00:14:06] /bin/uname [ OK ] [00:14:06] /bin/which [ OK ] [00:14:06] Info: Found file '/bin/which': it is whitelisted for the 'script replacement' check. [00:14:06] /bin/dash [ OK ] [00:14:06] /usr/bin/awk [ OK ] [00:14:06] /usr/bin/basename [ OK ] [00:14:06] /usr/bin/chattr [ Warning ] [00:14:06] Warning: The file properties have changed: [00:14:07] File: /usr/bin/chattr [00:14:07] Current inode: 137378 Stored inode: 131139 [00:14:07] Current file modification time: 1282026587 (17-Aug-2010 07:29:47) [00:14:07] Stored file modification time : 1271651439 (19-Apr-2010 05:30:39) [00:14:07] /usr/bin/curl [ Warning ] [00:14:07] Warning: The file '/usr/bin/curl' exists on the system, but it is not present in the rkhunter.dat file. [00:14:07] /usr/bin/cut [ OK ] [00:14:07] /usr/bin/diff [ OK ] [00:14:07] /usr/bin/dirname [ OK ] [00:14:07] /usr/bin/dpkg [ OK ] [00:14:07] /usr/bin/dpkg-query [ OK ] [00:14:07] /usr/bin/du [ OK ] [00:14:07] /usr/bin/env [ OK ] [00:14:08] /usr/bin/file [ OK ] [00:14:08] /usr/bin/find [ OK ] [00:14:08] /usr/bin/GET [ OK ] [00:14:08] /usr/bin/groups [ OK ] [00:14:08] Info: Found file '/usr/bin/groups': it is whitelisted for the 'script replacement' check. [00:14:08] /usr/bin/head [ OK ] [00:14:08] /usr/bin/id [ OK ] [00:14:08] /usr/bin/killall [ OK ] [00:14:08] /usr/bin/last [ OK ] [00:14:09] /usr/bin/lastlog [ OK ] [00:14:09] /usr/bin/ldd [ Warning ] [00:14:09] Warning: The file properties have changed: [00:14:09] File: /usr/bin/ldd [00:14:09] Current hash: f73d7823160b3bd2105d5ffff0ecfcf94512aebf [00:14:09] Stored hash : 32b0f6e26bc337becb5e4539c8890180607361c4 [00:14:09] Current inode: 149834 Stored inode: 130947 [00:14:09] Current file modification time: 1282037498 (17-Aug-2010 10:31:38) [00:14:09] Stored file modification time : 1276526043 (14-Jun-2010 15:34:03) [00:14:09] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check. [00:14:09] /usr/bin/less [ OK ] [00:14:09] /usr/bin/locate [ OK ] [00:14:09] /usr/bin/logger [ OK ] [00:14:09] /usr/bin/lsattr [ Warning ] [00:14:09] Warning: The file properties have changed: [00:14:09] File: /usr/bin/lsattr [00:14:09] Current inode: 137379 Stored inode: 131699 [00:14:09] Current file modification time: 1282026587 (17-Aug-2010 07:29:47) [00:14:09] Stored file modification time : 1271651439 (19-Apr-2010 05:30:39) [00:14:09] /usr/bin/lsof [ OK ] [00:14:09] /usr/bin/mail [ OK ] [00:14:10] /usr/bin/md5sum [ OK ] [00:14:10] /usr/bin/mlocate [ OK ] [00:14:10] /usr/bin/newgrp [ OK ] [00:14:10] /usr/bin/passwd [ OK ] [00:14:10] /usr/bin/perl [ OK ] [00:14:10] /usr/bin/pgrep [ OK ] [00:14:10] /usr/bin/pstree [ OK ] [00:14:10] /usr/bin/rkhunter [ OK ] [00:14:10] /usr/bin/runcon [ OK ] [00:14:11] /usr/bin/sha1sum [ OK ] [00:14:11] /usr/bin/sha224sum [ OK ] [00:14:11] /usr/bin/sha256sum [ OK ] [00:14:11] /usr/bin/sha384sum [ OK ] [00:14:11] /usr/bin/sha512sum [ OK ] [00:14:11] /usr/bin/size [ OK ] [00:14:11] /usr/bin/sort [ OK ] [00:14:11] /usr/bin/stat [ OK ] [00:14:11] /usr/bin/strace [ OK ] [00:14:11] /usr/bin/strings [ OK ] [00:14:11] /usr/bin/sudo [ OK ] [00:14:12] /usr/bin/tail [ OK ] [00:14:12] /usr/bin/test [ OK ] [00:14:12] /usr/bin/top [ OK ] [00:14:12] /usr/bin/touch [ OK ] [00:14:12] /usr/bin/tr [ OK ] [00:14:12] /usr/bin/uniq [ OK ] [00:14:12] /usr/bin/users [ OK ] [00:14:12] /usr/bin/vmstat [ OK ] [00:14:12] /usr/bin/w [ OK ] [00:14:12] /usr/bin/watch [ OK ] [00:14:13] /usr/bin/wc [ OK ] [00:14:13] /usr/bin/wget [ OK ] [00:14:13] /usr/bin/whatis [ OK ] [00:14:13] /usr/bin/whereis [ OK ] [00:14:13] /usr/bin/which [ OK ] [00:14:13] /usr/bin/who [ OK ] [00:14:13] /usr/bin/whoami [ OK ] [00:14:13] /usr/bin/gawk [ OK ] [00:14:13] /usr/bin/lwp-request [ OK ] [00:14:13] Info: Found file '/usr/bin/lwp-request': it is whitelisted for the 'script replacement' check. [00:14:13] /usr/bin/bsd-mailx [ OK ] [00:14:13] /usr/bin/w.procps [ OK ] [00:14:14] /sbin/depmod [ OK ] [00:14:14] /sbin/ifconfig [ OK ] [00:14:14] /sbin/ifdown [ Warning ] [00:14:14] Warning: The file properties have changed: [00:14:14] File: /sbin/ifdown [00:14:14] Current hash: 8492aba75f302334dc9c558c0f58b09ab3040479 [00:14:14] Stored hash : 36cd231c396a15983d0afe23e4e33dbb2349102a [00:14:14] Current inode: 130910 Stored inode: 130869 [00:14:14] Current file modification time: 1282025603 (17-Aug-2010 07:13:23) [00:14:14] Stored file modification time : 1266649378 (20-Feb-2010 07:02:58) [00:14:14] /sbin/ifup [ Warning ] [00:14:14] Warning: The file properties have changed: [00:14:14] File: /sbin/ifup [00:14:14] Current hash: 8492aba75f302334dc9c558c0f58b09ab3040479 [00:14:14] Stored hash : 36cd231c396a15983d0afe23e4e33dbb2349102a [00:14:14] Current inode: 130910 Stored inode: 130871 [00:14:14] Current file modification time: 1282025603 (17-Aug-2010 07:13:23) [00:14:15] Stored file modification time : 1266649378 (20-Feb-2010 07:02:59) [00:14:15] /sbin/init [ Warning ] [00:14:15] Warning: The file properties have changed: [00:14:15] File: /sbin/init [00:14:15] Current hash: 968cbc98023d4bed9a52fd6f2aa519457fe0412b [00:14:15] Stored hash : d6997dd8ca3d89f8038729a284fb2447c35a1448 [00:14:15] Current inode: 134700 Stored inode: 130872 [00:14:15] Current file modification time: 1281659208 (13-Aug-2010 01:26:48) [00:14:15] Stored file modification time : 1270150546 (01-Apr-2010 20:35:46) [00:14:15] /sbin/insmod [ OK ] [00:14:15] /sbin/ip [ OK ] [00:14:15] /sbin/lsmod [ OK ] [00:14:15] /sbin/modinfo [ OK ] [00:14:15] /sbin/modprobe [ OK ] [00:14:16] /sbin/rmmod [ OK ] [00:14:16] /sbin/runlevel [ Warning ] [00:14:16] Warning: The file properties have changed: [00:14:16] File: /sbin/runlevel [00:14:16] Current hash: 028c8437b6cd831baf318e2acc5a8db8fb83c5f8 [00:14:16] Stored hash : 550b372a8615ea7d455105d2244f2cf8345f43b2 [00:14:16] Current inode: 139931 Stored inode: 130954 [00:14:16] Current file modification time: 1281659208 (13-Aug-2010 01:26:48) [00:14:16] Stored file modification time : 1270150546 (01-Apr-2010 20:35:46) [00:14:16] /sbin/sulogin [ OK ] [00:14:16] /sbin/sysctl [ OK ] [00:14:17] /usr/sbin/adduser [ OK ] [00:14:17] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check. [00:14:17] /usr/sbin/chroot [ OK ] [00:14:17] /usr/sbin/cron [ OK ] [00:14:17] /usr/sbin/groupadd [ OK ] [00:14:17] /usr/sbin/groupdel [ OK ] [00:14:17] /usr/sbin/groupmod [ OK ] [00:14:18] /usr/sbin/grpck [ OK ] [00:14:18] /usr/sbin/nologin [ OK ] [00:14:18] /usr/sbin/pwck [ OK ] [00:14:18] /usr/sbin/rsyslogd [ OK ] [00:14:19] /usr/sbin/tcpd [ OK ] [00:14:19] /usr/sbin/useradd [ OK ] [00:14:19] /usr/sbin/userdel [ OK ] [00:14:19] /usr/sbin/usermod [ OK ] [00:14:19] /usr/sbin/vipw [ OK ] [00:14:19] /usr/sbin/unhide-linux26 [ OK ] [00:14:25] [00:14:25] Checking for rootkits... [00:14:25] Info: Starting test name 'rootkits' [00:14:25] [00:14:25] Performing check of known rootkit files and directories [00:14:25] Info: Starting test name 'known_rkts' [00:14:25] [00:14:25] Checking for 55808 Trojan - Variant A... [00:14:25] Checking for file '/tmp/.../r' [ Not found ] [00:14:25] Checking for file '/tmp/.../a' [ Not found ] [00:14:25] 55808 Trojan - Variant A [ Not found ] [00:14:25] [00:14:25] Checking for ADM Worm... [00:14:25] Checking for string 'w0rm' [ Not found ] [00:14:25] ADM Worm [ Not found ] [00:14:25] [00:14:25] Checking for AjaKit Rootkit... [00:14:25] Checking for file '/dev/tux/.addr' [ Not found ] [00:14:25] Checking for file '/dev/tux/.proc' [ Not found ] [00:14:25] Checking for file '/dev/tux/.file' [ Not found ] [00:14:25] Checking for file '/lib/.libgh-gh/cleaner' [ Not found ] [00:14:25] Checking for file '/lib/.libgh-gh/Patch/patch' [ Not found ] [00:14:25] Checking for file '/lib/.libgh-gh/sb0k' [ Not found ] [00:14:25] Checking for directory '/dev/tux' [ Not found ] [00:14:25] Checking for directory '/lib/.libgh-gh' [ Not found ] [00:14:25] AjaKit Rootkit [ Not found ] [00:14:25] [00:14:25] Checking for Adore Rootkit... [00:14:25] Checking for file '/usr/secure' [ Not found ] [00:14:26] Checking for file '/usr/doc/sys/qrt' [ Not found ] [00:14:26] Checking for file '/usr/doc/sys/run' [ Not found ] [00:14:26] Checking for file '/usr/doc/sys/crond' [ Not found ] [00:14:26] Checking for file '/usr/sbin/kfd' [ Not found ] [00:14:26] Checking for file '/usr/doc/kern/var' [ Not found ] [00:14:26] Checking for file '/usr/doc/kern/string.o' [ Not found ] [00:14:26] Checking for file '/usr/doc/kern/ava' [ Not found ] [00:14:26] Checking for file '/usr/doc/kern/adore.o' [ Not found ] [00:14:26] Checking for file '/var/log/ssh/old' [ Not found ] [00:14:26] Checking for directory '/lib/security/.config/ssh' [ Not found ] [00:14:26] Checking for directory '/usr/doc/kern' [ Not found ] [00:14:26] Checking for directory '/usr/doc/backup' [ Not found ] [00:14:26] Checking for directory '/usr/doc/backup/txt' [ Not found ] [00:14:26] Checking for directory '/lib/backup' [ Not found ] [00:14:26] Checking for directory '/lib/backup/txt' [ Not found ] [00:14:26] Checking for directory '/usr/doc/work' [ Not found ] [00:14:26] Checking for directory '/usr/doc/sys' [ Not found ] [00:14:26] Checking for directory '/var/log/ssh' [ Not found ] [00:14:26] Checking for directory '/usr/doc/.spool' [ Not found ] [00:14:26] Checking for directory '/usr/lib/kterm' [ Not found ] [00:14:26] Adore Rootkit [ Not found ] [00:14:26] [00:14:26] Checking for aPa Kit... [00:14:26] Checking for file '/usr/share/.aPa' [ Not found ] [00:14:26] aPa Kit [ Not found ] [00:14:26] [00:14:26] Checking for Apache Worm... [00:14:26] Checking for file '/bin/.log' [ Not found ] [00:14:26] Apache Worm [ Not found ] [00:14:26] [00:14:26] Checking for Ambient (ark) Rootkit... [00:14:26] Checking for file '/usr/lib/.ark?' [ Not found ] [00:14:26] Checking for file '/dev/ptyxx/.log' [ Not found ] [00:14:26] Checking for file '/dev/ptyxx/.file' [ Not found ] [00:14:26] Checking for file '/dev/ptyxx/.proc' [ Not found ] [00:14:26] Checking for file '/dev/ptyxx/.addr' [ Not found ] [00:14:27] Checking for directory '/dev/ptyxx' [ Not found ] [00:14:27] Ambient (ark) Rootkit [ Not found ] [00:14:27] [00:14:27] Checking for Balaur Rootkit... [00:14:27] Checking for file '/usr/lib/liblog.o' [ Not found ] [00:14:27] Checking for directory '/usr/lib/.kinetic' [ Not found ] [00:14:27] Checking for directory '/usr/lib/.egcs' [ Not found ] [00:14:27] Checking for directory '/usr/lib/.wormie' [ Not found ] [00:14:27] Balaur Rootkit [ Not found ] [00:14:27] [00:14:27] Checking for BeastKit Rootkit... [00:14:27] Checking for file '/usr/sbin/arobia' [ Not found ] [00:14:27] Checking for file '/usr/sbin/idrun' [ Not found ] [00:14:27] Checking for file '/usr/lib/elm/arobia/elm' [ Not found ] [00:14:27] Checking for file '/usr/lib/elm/arobia/elm/hk' [ Not found ] [00:14:27] Checking for file '/usr/lib/elm/arobia/elm/hk.pub' [ Not found ] [00:14:27] Checking for file '/usr/lib/elm/arobia/elm/sc' [ Not found ] [00:14:27] Checking for file '/usr/lib/elm/arobia/elm/sd.pp' [ Not found ] [00:14:27] Checking for file '/usr/lib/elm/arobia/elm/sdco' [ Not found ] [00:14:27] Checking for file '/usr/lib/elm/arobia/elm/srsd' [ Not found ] [00:14:27] Checking for directory '/lib/ldd.so/bktools' [ Not found ] [00:14:27] BeastKit Rootkit [ Not found ] [00:14:27] [00:14:27] Checking for beX2 Rootkit... [00:14:27] Checking for file '/usr/info/termcap.info-5.gz' [ Not found ] [00:14:27] Checking for file '/usr/bin/sshd2' [ Not found ] [00:14:27] Checking for directory '/usr/include/bex' [ Not found ] [00:14:27] beX2 Rootkit [ Not found ] [00:14:27] [00:14:27] Checking for BOBKit Rootkit... [00:14:27] Checking for file '/usr/sbin/ntpsx' [ Not found ] [00:14:27] Checking for file '/usr/sbin/.../bkit-ava' [ Not found ] [00:14:27] Checking for file '/usr/sbin/.../bkit-d' [ Not found ] [00:14:27] Checking for file '/usr/sbin/.../bkit-shd' [ Not found ] [00:14:27] Checking for file '/usr/sbin/.../bkit-f' [ Not found ] [00:14:27] Checking for file '/usr/include/.../proc.h' [ Not found ] [00:14:27] Checking for file '/usr/include/.../.bash_history' [ Not found ] [00:14:27] Checking for file '/usr/include/.../bkit-get' [ Not found ] [00:14:28] Checking for file '/usr/include/.../bkit-dl' [ Not found ] [00:14:28] Checking for file '/usr/include/.../bkit-screen' [ Not found ] [00:14:28] Checking for file '/usr/include/.../bkit-sleep' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../bkit-adore.o' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../ls' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../netstat' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../lsof' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../bkit-ssh/bkit-shdcfg' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../bkit-ssh/bkit-shhk' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../bkit-ssh/bkit-pw' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../bkit-ssh/bkit-shrs' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../bkit-ssh/bkit-mots' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../uconf.inv' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../psr' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../find' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../pstree' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../slocate' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../du' [ Not found ] [00:14:28] Checking for file '/usr/lib/.../top' [ Not found ] [00:14:28] Checking for directory '/usr/sbin/...' [ Not found ] [00:14:28] Checking for directory '/usr/include/...' [ Not found ] [00:14:28] Checking for directory '/usr/include/.../.tmp' [ Not found ] [00:14:28] Checking for directory '/usr/lib/...' [ Not found ] [00:14:28] Checking for directory '/usr/lib/.../.ssh' [ Not found ] [00:14:28] Checking for directory '/usr/lib/.../bkit-ssh' [ Not found ] [00:14:28] Checking for directory '/usr/lib/.bkit-' [ Not found ] [00:14:28] Checking for directory '/tmp/.bkp' [ Not found ] [00:14:28] BOBKit Rootkit [ Not found ] [00:14:28] [00:14:28] Checking for cb Rootkit... [00:14:28] Checking for file '/dev/srd0' [ Not found ] [00:14:28] Checking for file '/lib/libproc.so.2.0.6' [ Not found ] [00:14:29] Checking for file '/dev/mounnt' [ Not found ] [00:14:29] Checking for file '/etc/rc.d/init.d/init' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /cl' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /.x.tgz' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /statdx' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /wted' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /write' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /scan' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /sc' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /sl2' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /wroot' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /wscan' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /wu' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /v' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /read' [ Not found ] [00:14:29] Checking for file '/usr/lib/sshrc' [ Not found ] [00:14:29] Checking for file '/usr/lib/ssh_host_key' [ Not found ] [00:14:29] Checking for file '/usr/lib/ssh_host_key.pub' [ Not found ] [00:14:29] Checking for file '/usr/lib/ssh_random_seed' [ Not found ] [00:14:29] Checking for file '/usr/lib/sshd_config' [ Not found ] [00:14:29] Checking for file '/usr/lib/shosts.equiv' [ Not found ] [00:14:29] Checking for file '/usr/lib/ssh_known_hosts' [ Not found ] [00:14:29] Checking for file '/u/zappa/.ssh/pid' [ Not found ] [00:14:29] Checking for file '/usr/bin/.system/.. /tcp.log' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /curatare/attrib' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /curatare/chattr' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /curatare/ps' [ Not found ] [00:14:29] Checking for file '/usr/bin/.zeen/.. /curatare/pstree' [ Not found ] [00:14:29] Checking for file '/usr/bin/.system/.. /.x/xC.o' [ Not found ] [00:14:29] Checking for directory '/usr/bin/.zeen' [ Not found ] [00:14:30] Checking for directory '/usr/bin/.zeen/.. /curatare' [ Not found ] [00:14:30] Checking for directory '/usr/bin/.zeen/.. /scan' [ Not found ] [00:14:30] Checking for directory '/usr/bin/.system/.. ' [ Not found ] [00:14:30] cb Rootkit [ Not found ] [00:14:30] [00:14:30] Checking for CiNIK Worm (Slapper.B variant)... [00:14:30] Checking for file '/tmp/.cinik' [ Not found ] [00:14:30] Checking for directory '/tmp/.font-unix/.cinik' [ Not found ] [00:14:30] CiNIK Worm (Slapper.B variant) [ Not found ] [00:14:30] [00:14:30] Checking for Danny-Boy's Abuse Kit... [00:14:30] Checking for file '/dev/mdev' [ Not found ] [00:14:30] Checking for file '/usr/lib/libX.a' [ Not found ] [00:14:30] Danny-Boy's Abuse Kit [ Not found ] [00:14:30] [00:14:30] Checking for Devil RootKit... [00:14:30] Checking for file '/var/lib/games/.src' [ Not found ] [00:14:30] Checking for file '/dev/dsx' [ Not found ] [00:14:30] Checking for file '/dev/caca' [ Not found ] [00:14:30] Checking for file '/dev/pro' [ Not found ] [00:14:30] Checking for file '/bin/bye' [ Not found ] [00:14:30] Checking for file '/bin/homedir' [ Not found ] [00:14:30] Checking for file '/usr/bin/xfss' [ Not found ] [00:14:30] Checking for file '/usr/sbin/tzava' [ Not found ] [00:14:30] Checking for file '/usr/doc/tar/.../.dracusor/stuff/holber' [ Not found ] [00:14:30] Checking for file '/usr/doc/tar/.../.dracusor/stuff/sense' [ Not found ] [00:14:30] Checking for file '/usr/doc/tar/.../.dracusor/stuff/clear' [ Not found ] [00:14:30] Checking for file '/usr/doc/tar/.../.dracusor/stuff/tzava' [ Not found ] [00:14:30] Checking for file '/usr/doc/tar/.../.dracusor/stuff/citeste' [ Not found ] [00:14:30] Checking for file '/usr/doc/tar/.../.dracusor/stuff/killrk' [ Not found ] [00:14:30] Checking for file '/usr/doc/tar/.../.dracusor/stuff/searchlog' [ Not found ] [00:14:30] Checking for file '/usr/doc/tar/.../.dracusor/stuff/gaoaza' [ Not found ] [00:14:30] Checking for file '/usr/doc/tar/.../.dracusor/stuff/cleaner' [ Not found ] [00:14:30] Checking for file '/usr/doc/tar/.../.dracusor/stuff/shk' [ Not found ] [00:14:30] Checking for file '/usr/doc/tar/.../.dracusor/stuff/srs' [ Not found ] [00:14:31] Checking for file '/usr/doc/tar/.../.dracusor/utile.tgz' [ Not found ] [00:14:31] Checking for file '/usr/doc/tar/.../.dracusor/webpage' [ Not found ] [00:14:31] Checking for file '/usr/doc/tar/.../.dracusor/getpsy' [ Not found ] [00:14:31] Checking for file '/usr/doc/tar/.../.dracusor/getbnc' [ Not found ] [00:14:31] Checking for file '/usr/doc/tar/.../.dracusor/getemech' [ Not found ] [00:14:31] Checking for file '/usr/doc/tar/.../.dracusor/localroot.sh' [ Not found ] [00:14:31] Checking for file '/usr/doc/tar/.../.dracusor/stuff/old/sense' [ Not found ] [00:14:31] Checking for directory '/usr/doc/tar/.../.dracusor' [ Not found ] [00:14:31] Devil RootKit [ Not found ] [00:14:31] [00:14:31] Checking for Dica-Kit Rootkit... [00:14:31] Checking for file '/lib/.sso' [ Not found ] [00:14:31] Checking for file '/lib/.so' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/clean' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/dxr' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/read' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/write' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/lf' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/xl' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/xdr' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/psg' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/secure' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/rdx' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/va' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/cl.sh' [ Not found ] [00:14:31] Checking for file '/var/run/...dica/last.log' [ Not found ] [00:14:31] Checking for file '/usr/bin/.etc' [ Not found ] [00:14:31] Checking for file '/etc/sshd_config' [ Not found ] [00:14:31] Checking for file '/etc/ssh_host_key' [ Not found ] [00:14:31] Checking for file '/etc/ssh_random_seed' [ Not found ] [00:14:31] Checking for directory '/var/run/...dica' [ Not found ] [00:14:31] Checking for directory '/var/run/...dica/mh' [ Not found ] [00:14:32] Checking for directory '/var/run/...dica/scan' [ Not found ] [00:14:32] Dica-Kit Rootkit [ Not found ] [00:14:32] [00:14:32] Checking for Dreams Rootkit... [00:14:32] Checking for file '/dev/ttyoa' [ Not found ] [00:14:32] Checking for file '/dev/ttyof' [ Not found ] [00:14:32] Checking for file '/dev/ttyop' [ Not found ] [00:14:32] Checking for file '/usr/bin/sense' [ Not found ] [00:14:32] Checking for file '/usr/bin/sl2' [ Not found ] [00:14:32] Checking for file '/usr/bin/logclear' [ Not found ] [00:14:32] Checking for file '/usr/bin/(swapd)' [ Not found ] [00:14:32] Checking for file '/usr/bin/initrd' [ Not found ] [00:14:32] Checking for file '/usr/bin/crontabs' [ Not found ] [00:14:32] Checking for file '/usr/bin/snfs' [ Not found ] [00:14:32] Checking for file '/usr/lib/libsss' [ Not found ] [00:14:32] Checking for file '/usr/lib/libsnf.log' [ Not found ] [00:14:32] Checking for file '/usr/lib/libshtift/top' [ Not found ] [00:14:32] Checking for file '/usr/lib/libshtift/ps' [ Not found ] [00:14:32] Checking for file '/usr/lib/libshtift/netstat' [ Not found ] [00:14:32] Checking for file '/usr/lib/libshtift/ls' [ Not found ] [00:14:32] Checking for file '/usr/lib/libshtift/ifconfig' [ Not found ] [00:14:32] Checking for file '/usr/include/linseed.h' [ Not found ] [00:14:32] Checking for file '/usr/include/linpid.h' [ Not found ] [00:14:32] Checking for file '/usr/include/linkey.h' [ Not found ] [00:14:32] Checking for file '/usr/include/linconf.h' [ Not found ] [00:14:32] Checking for file '/usr/include/iceseed.h' [ Not found ] [00:14:32] Checking for file '/usr/include/icepid.h' [ Not found ] [00:14:32] Checking for file '/usr/include/icekey.h' [ Not found ] [00:14:32] Checking for file '/usr/include/iceconf.h' [ Not found ] [00:14:32] Checking for directory '/dev/ida/.hpd' [ Not found ] [00:14:32] Checking for directory '/usr/lib/libshtift' [ Not found ] [00:14:32] Dreams Rootkit [ Not found ] [00:14:32] [00:14:32] Checking for Duarawkz Rootkit... [00:14:33] Checking for file '/usr/bin/duarawkz/loginpass' [ Not found ] [00:14:33] Checking for directory '/usr/bin/duarawkz' [ Not found ] [00:14:33] Duarawkz Rootkit [ Not found ] [00:14:33] [00:14:33] Checking for Enye LKM... [00:14:33] Checking for file '/etc/.enyelkmHIDE^IT.ko' [ Not found ] [00:14:33] Checking for file '/etc/.enyelkmOCULTAR.ko' [ Not found ] [00:14:33] Enye LKM [ Not found ] [00:14:33] [00:14:33] Checking for Flea Linux Rootkit... [00:14:33] Checking for file '/etc/ld.so.hash' [ Not found ] [00:14:33] Checking for file '/lib/security/.config/ssh/sshd_config' [ Not found ] [00:14:33] Checking for file '/lib/security/.config/ssh/ssh_host_key' [ Not found ] [00:14:33] Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' [ Not found ] [00:14:33] Checking for file '/lib/security/.config/ssh/ssh_random_seed' [ Not found ] [00:14:33] Checking for file '/usr/bin/ssh2d' [ Not found ] [00:14:33] Checking for file '/usr/lib/ldlibns.so' [ Not found ] [00:14:33] Checking for file '/usr/lib/ldlibps.so' [ Not found ] [00:14:33] Checking for file '/usr/lib/ldlibpst.so' [ Not found ] [00:14:33] Checking for file '/usr/lib/ldlibdu.so' [ Not found ] [00:14:33] Checking for file '/usr/lib/ldlibct.so' [ Not found ] [00:14:33] Checking for directory '/lib/security/.config/ssh' [ Not found ] [00:14:33] Checking for directory '/dev/..0' [ Not found ] [00:14:33] Checking for directory '/dev/..0/backup' [ Not found ] [00:14:33] Flea Linux Rootkit [ Not found ] [00:14:33] [00:14:33] Checking for FreeBSD Rootkit... [00:14:33] Checking for file '/dev/ptyp' [ Not found ] [00:14:33] Checking for file '/dev/ptyq' [ Not found ] [00:14:33] Checking for file '/dev/ptyr' [ Not found ] [00:14:33] Checking for file '/dev/ptys' [ Not found ] [00:14:33] Checking for file '/dev/ptyt' [ Not found ] [00:14:33] Checking for file '/dev/fd/.88/freshb-bsd' [ Not found ] [00:14:33] Checking for file '/dev/fd/.88/fresht' [ Not found ] [00:14:33] Checking for file '/dev/fd/.88/zxsniff' [ Not found ] [00:14:33] Checking for file '/dev/fd/.88/zxsniff.log' [ Not found ] [00:14:33] Checking for file '/dev/fd/.99/.ttyf00' [ Not found ] [00:14:34] Checking for file '/dev/fd/.99/.ttyp00' [ Not found ] [00:14:34] Checking for file '/dev/fd/.99/.ttyq00' [ Not found ] [00:14:34] Checking for file '/dev/fd/.99/.ttys00' [ Not found ] [00:14:34] Checking for file '/dev/fd/.99/.pwsx00' [ Not found ] [00:14:34] Checking for file '/etc/.acid' [ Not found ] [00:14:34] Checking for file '/usr/lib/.fx/sched_host.2' [ Not found ] [00:14:34] Checking for file '/usr/lib/.fx/random_d.2' [ Not found ] [00:14:34] Checking for file '/usr/lib/.fx/set_pid.2' [ Not found ] [00:14:34] Checking for file '/usr/lib/.fx/setrgrp.2' [ Not found ] [00:14:34] Checking for file '/usr/lib/.fx/TOHIDE' [ Not found ] [00:14:34] Checking for file '/usr/lib/.fx/cons.saver' [ Not found ] [00:14:34] Checking for file '/usr/lib/.fx/adore/ava/ava' [ Not found ] [00:14:34] Checking for file '/usr/lib/.fx/adore/adore/adore.ko' [ Not found ] [00:14:34] Checking for file '/bin/sysback' [ Not found ] [00:14:34] Checking for file '/usr/local/bin/sysback' [ Not found ] [00:14:34] Checking for directory '/dev/fd/.88' [ Not found ] [00:14:34] Checking for directory '/dev/fd/.99' [ Not found ] [00:14:34] Checking for directory '/usr/lib/.fx' [ Not found ] [00:14:34] Checking for directory '/usr/lib/.fx/adore' [ Not found ] [00:14:34] FreeBSD Rootkit [ Not found ] [00:14:34] [00:14:34] Checking for Fu Rootkit... [00:14:34] Checking for file '/sbin/xc' [ Not found ] [00:14:34] Checking for file '/usr/include/ivtype.h' [ Not found ] [00:14:34] Checking for file '/bin/.lib' [ Not found ] [00:14:34] Fu Rootkit [ Not found ] [00:14:34] [00:14:34] Checking for ****`it Rootkit... [00:14:34] Checking for file '/lib/libproc.so.2.0.7' [ Not found ] [00:14:34] Checking for file '/dev/proc/.bash_profile' [ Not found ] [00:14:34] Checking for file '/dev/proc/.bashrc' [ Not found ] [00:14:34] Checking for file '/dev/proc/.cshrc' [ Not found ] [00:14:34] Checking for file '/dev/proc/****it/hax0r' [ Not found ] [00:14:34] Checking for file '/dev/proc/****it/hax0rshell' [ Not found ] [00:14:34] Checking for file '/dev/proc/****it/config/lports' [ Not found ] [00:14:35] Checking for file '/dev/proc/****it/config/rports' [ Not found ] [00:14:35] Checking for file '/dev/proc/****it/config/rkconf' [ Not found ] [00:14:35] Checking for file '/dev/proc/****it/config/password' [ Not found ] [00:14:35] Checking for file '/dev/proc/****it/config/progs' [ Not found ] [00:14:35] Checking for file '/dev/proc/****it/system-bins/init' [ Not found ] [00:14:35] Checking for file '/usr/lib/libcps.a' [ Not found ] [00:14:35] Checking for file '/usr/lib/libtty.a' [ Not found ] [00:14:35] Checking for directory '/dev/proc' [ Not found ] [00:14:35] Checking for directory '/dev/proc/****it' [ Not found ] [00:14:35] Checking for directory '/dev/proc/****it/system-bins' [ Not found ] [00:14:35] Checking for directory '/dev/proc/toolz' [ Not found ] [00:14:35] ****`it Rootkit [ Not found ] [00:14:35] [00:14:35] Checking for GasKit Rootkit... [00:14:35] Checking for file '/dev/dev/gaskit/sshd/sshdd' [ Not found ] [00:14:35] Checking for directory '/dev/dev' [ Not found ] [00:14:35] Checking for directory '/dev/dev/gaskit' [ Not found ] [00:14:35] Checking for directory '/dev/dev/gaskit/sshd' [ Not found ] [00:14:35] GasKit Rootkit [ Not found ] [00:14:35] [00:14:35] Checking for Heroin LKM... [00:14:35] Checking for kernel symbol 'heroin' [ Not found ] [00:14:35] Heroin LKM [ Not found ] [00:14:35] [00:14:35] Checking for HjC Kit... [00:14:35] Checking for directory '/dev/.hijackerz' [ Not found ] [00:14:35] HjC Kit [ Not found ] [00:14:35] [00:14:35] Checking for ignoKit Rootkit... [00:14:35] Checking for file '/lib/defs/p' [ Not found ] [00:14:35] Checking for file '/lib/defs/q' [ Not found ] [00:14:35] Checking for file '/lib/defs/r' [ Not found ] [00:14:35] Checking for file '/lib/defs/s' [ Not found ] [00:14:35] Checking for file '/lib/defs/t' [ Not found ] [00:14:35] Checking for file '/usr/lib/defs/p' [ Not found ] [00:14:36] Checking for file '/usr/lib/defs/q' [ Not found ] [00:14:36] Checking for file '/usr/lib/defs/r' [ Not found ] [00:14:36] Checking for file '/usr/lib/defs/s' [ Not found ] [00:14:36] Checking for file '/usr/lib/defs/t' [ Not found ] [00:14:36] Checking for file '/usr/lib/.libigno/pkunsec' [ Not found ] [00:14:36] Checking for file '/usr/lib/.libigno/.igno/psybnc/psybnc' [ Not found ] [00:14:36] Checking for directory '/usr/lib/.libigno' [ Not found ] [00:14:36] Checking for directory '/usr/lib/.libigno/.igno' [ Not found ] [00:14:36] ignoKit Rootkit [ Not found ] [00:14:36] [00:14:36] Checking for iLLogiC Rootkit... [00:14:36] Checking for file '/dev/kmod' [ Not found ] [00:14:36] Checking for file '/dev/dos' [ Not found ] [00:14:36] Checking for file '/usr/lib/crth.o' [ Not found ] [00:14:36] Checking for file '/usr/lib/crtz.o' [ Not found ] [00:14:36] Checking for file '/etc/ld.so.hash' [ Not found ] [00:14:36] Checking for file '/usr/bin/sia' [ Not found ] [00:14:36] Checking for file '/usr/bin/ssh2d' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/sn' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/iver' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/uconf.inv' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/ssh/ssh_host_key' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/ssh/sshport' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/ssh/ssh_random_seed' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/ava' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/cleaner' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/lpsched' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/sz' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/rcp' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/patcher' [ Not found ] [00:14:36] Checking for file '/lib/security/.config/pg' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/crypt' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/utime' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/wget' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/instmod' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/bin/find' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/bin/du' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/bin/ls' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/bin/psr' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/bin/netstat' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/bin/su' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/bin/ping' [ Not found ] [00:14:37] Checking for file '/lib/security/.config/bin/passwd' [ Not found ] [00:14:37] Checking for directory '/lib/security/.config' [ Not found ] [00:14:37] Checking for directory '/lib/security/.config/ssh' [ Not found ] [00:14:37] Checking for directory '/lib/security/.config/bin' [ Not found ] [00:14:37] Checking for directory '/lib/security/.config/backup' [ Not found ] [00:14:37] Checking for directory '/root/ /.dir' [ Not found ] [00:14:37] Checking for directory '/root/ /.dir/mass-scan' [ Not found ] [00:14:37] Checking for directory '/root/ /.dir/flood' [ Not found ] [00:14:37] iLLogiC Rootkit [ Not found ] [00:14:37] [00:14:37] Checking for IntoXonia-NG Rootkit... [00:14:37] Checking for kernel symbol 'funces' [ Not found ] [00:14:37] Checking for kernel symbol 'ixinit' [ Not found ] [00:14:37] Checking for kernel symbol 'tricks' [ Not found ] [00:14:37] Checking for kernel symbol 'kernel_unlink' [ Not found ] [00:14:38] Checking for kernel symbol 'rootme' [ Not found ] [00:14:38] Checking for kernel symbol 'hide_module' [ Not found ] [00:14:38] Checking for kernel symbol 'find_sys_call_tbl' [ Not found ] [00:14:38] IntoXonia-NG Rootkit [ Not found ] [00:14:38] [00:14:38] Checking for Irix Rootkit... [00:14:38] Checking for directory '/dev/pts/01' [ Not found ] [00:14:38] Checking for directory '/dev/pts/01/backup' [ Not found ] [00:14:38] Checking for directory '/dev/pts/01/etc' [ Not found ] [00:14:38] Checking for directory '/dev/pts/01/tmp' [ Not found ] [00:14:38] Irix Rootkit [ Not found ] [00:14:38] [00:14:38] Checking for Kitko Rootkit... [00:14:38] Checking for directory '/usr/src/redhat/SRPMS/...' [ Not found ] [00:14:38] Kitko Rootkit [ Not found ] [00:14:38] [00:14:38] Checking for Knark Rootkit... [00:14:38] Checking for file '/proc/knark/pids' [ Not found ] [00:14:38] Checking for directory '/proc/knark' [ Not found ] [00:14:38] Knark Rootkit [ Not found ] [00:14:38] [00:14:38] Checking for ld-linuxv.so Rootkit... [00:14:38] Checking for file '/lib/ld-linuxv.so.1' [ Not found ] [00:14:38] Checking for directory '/var/opt/_so_cache' [ Not found ] [00:14:38] Checking for directory '/var/opt/_so_cache/ld' [ Not found ] [00:14:38] Checking for directory '/var/opt/_so_cache/lc' [ Not found ] [00:14:38] ld-linuxv.so Rootkit [ Not found ] [00:14:38] [00:14:38] Checking for Li0n Worm... [00:14:38] Checking for file '/bin/in.telnetd' [ Not found ] [00:14:38] Checking for file '/bin/mjy' [ Not found ] [00:14:38] Checking for file '/usr/man/man1/man1/lib/.lib/mjy' [ Not found ] [00:14:38] Checking for file '/usr/man/man1/man1/lib/.lib/in.telnetd' [ Not found ] [00:14:38] Checking for file '/usr/man/man1/man1/lib/.lib/.x' [ Not found ] [00:14:38] Checking for file '/dev/.lib/lib/scan/1i0n.sh' [ Not found ] [00:14:38] Checking for file '/dev/.lib/lib/scan/hack.sh' [ Not found ] [00:14:38] Checking for file '/dev/.lib/lib/scan/bind' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/scan/randb' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/scan/scan.sh' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/scan/pscan' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/scan/star.sh' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/scan/bindx.sh' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/scan/bindname.log' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/1i0n.sh' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/lib/netstat' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/lib/dev/.1addr' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/lib/dev/.1logz' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/lib/dev/.1proc' [ Not found ] [00:14:39] Checking for file '/dev/.lib/lib/lib/dev/.1file' [ Not found ] [00:14:39] Li0n Worm [ Not found ] [00:14:39] [00:14:39] Checking for Lockit / LJK2 Rootkit... [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_config' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key.pub' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_random_seed*' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/sshd_config' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/backdoor/RK1bd' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/du' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ifconfig' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/inetd.conf' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/locate' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/login' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ls' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/netstat' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ps' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/pstree' [ Not found ] [00:14:39] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/rc.sysinit' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/syslogd' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/tcpd' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/backup/top' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1sauber' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1wted' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1parse' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1sniff' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1addr' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1dir' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1log' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1proc' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/hide/RK1phidemod.c' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/modules/README.modules' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1hidem.c' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1phide' [ Not found ] [00:14:40] Checking for file '/usr/lib/libmen.oo/.LJK2/sshconfig/RK1ssh' [ Not found ] [00:14:40] Checking for directory '/usr/lib/libmen.oo/.LJK2' [ Not found ] [00:14:40] Lockit / LJK2 Rootkit [ Not found ] [00:14:40] [00:14:40] Checking for Mood-NT Rootkit... [00:14:40] Checking for file '/sbin/init__mood-nt-_-_cthulhu' [ Not found ] [00:14:40] Checking for file '/_cthulhu/mood-nt.init' [ Not found ] [00:14:40] Checking for file '/_cthulhu/mood-nt.conf' [ Not found ] [00:14:40] Checking for file '/_cthulhu/mood-nt.sniff' [ Not found ] [00:14:40] Checking for directory '/_cthulhu' [ Not found ] [00:14:40] Mood-NT Rootkit [ Not found ] [00:14:40] [00:14:40] Checking for MRK Rootkit... [00:14:40] Checking for file '/dev/ida/.inet/pid' [ Not found ] [00:14:40] Checking for file '/dev/ida/.inet/ssh_host_key' [ Not found ] [00:14:40] Checking for file '/dev/ida/.inet/ssh_random_seed' [ Not found ] [00:14:40] Checking for file '/dev/ida/.inet/tcp.log' [ Not found ] [00:14:40] Checking for directory '/dev/ida/.inet' [ Not found ] [00:14:40] Checking for directory '/var/spool/cron/.sh' [ Not found ] [00:14:41] MRK Rootkit [ Not found ] [00:14:41] [00:14:41] Checking for Ni0 Rootkit... [00:14:41] Checking for file '/var/lock/subsys/...datafile.../...net...' [ Not found ] [00:14:41] Checking for file '/var/lock/subsys/...datafile.../...port...' [ Not found ] [00:14:41] Checking for file '/var/lock/subsys/...datafile.../...ps...' [ Not found ] [00:14:41] Checking for file '/var/lock/subsys/...datafile.../...file...' [ Not found ] [00:14:41] Checking for directory '/tmp/waza' [ Not found ] [00:14:41] Checking for directory '/var/lock/subsys/...datafile...' [ Not found ] [00:14:41] Checking for directory '/usr/sbin/es' [ Not found ] [00:14:41] Ni0 Rootkit [ Not found ] [00:14:41] [00:14:41] Checking for Ohhara Rootkit... [00:14:41] Checking for file '/var/lock/subsys/...datafile.../...datafile.../in.smbd.log' [ Not found ] [00:14:41] Checking for directory '/var/lock/subsys/...datafile...' [ Not found ] [00:14:41] Checking for directory '/var/lock/subsys/...datafile.../...datafile...' [ Not found ] [00:14:41] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../bin' [ Not found ] [00:14:41] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/bin' [ Not found ] [00:14:41] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/sbin' [ Not found ] [00:14:41] Checking for directory '/var/lock/subsys/...datafile.../...datafile.../lib/security' [ Not found ] [00:14:41] Ohhara Rootkit [ Not found ] [00:14:41] [00:14:41] Checking for Optic Kit (Tux) Worm... [00:14:41] Checking for directory '/dev/tux' [ Not found ] [00:14:41] Checking for directory '/usr/bin/xchk' [ Not found ] [00:14:41] Checking for directory '/usr/bin/xsf' [ Not found ] [00:14:41] Checking for directory '/usr/bin/ssh2d' [ Not found ] [00:14:41] Optic Kit (Tux) Worm [ Not found ] [00:14:41] [00:14:41] Checking for Oz Rootkit... [00:14:41] Checking for file '/dev/.oz/.nap/rkit/terror' [ Not found ] [00:14:41] Checking for directory '/dev/.oz' [ Not found ] [00:14:41] Oz Rootkit [ Not found ] [00:14:41] [00:14:41] Checking for Phalanx Rootkit... [00:14:41] Checking for file '/uNFuNF' [ Not found ] [00:14:41] Checking for file '/etc/host.ph1' [ Not found ] [00:14:41] Checking for file '/bin/host.ph1' [ Not found ] [00:14:41] Checking for file '/usr/share/.home.ph1/phalanx' [ Not found ] [00:14:42] Checking for file '/usr/share/.home.ph1/cb' [ Not found ] [00:14:42] Checking for file '/usr/share/.home.ph1/kebab' [ Not found ] [00:14:42] Checking for directory '/usr/share/.home.ph1' [ Not found ] [00:14:42] Checking for directory '/usr/share/.home.ph1/tty' [ Not found ] [00:14:42] Phalanx Rootkit [ Not found ] [00:14:42] [00:14:42] Checking for Phalanx2 Rootkit... [00:14:42] Checking for file '/etc/khubd.p2/.p2rc' [ Not found ] [00:14:42] Checking for file '/etc/khubd.p2/.phalanx2' [ Not found ] [00:14:42] Checking for file '/etc/khubd.p2/.sniff' [ Not found ] [00:14:42] Checking for file '/etc/khubd.p2/sshgrab.py' [ Not found ] [00:14:42] Checking for file '/etc/lolzz.p2/.p2rc' [ Not found ] [00:14:42] Checking for file '/etc/lolzz.p2/.phalanx2' [ Not found ] [00:14:42] Checking for file '/etc/lolzz.p2/.sniff' [ Not found ] [00:14:42] Checking for file '/etc/lolzz.p2/sshgrab.py' [ Not found ] [00:14:42] Checking for file '/etc/cron.d/zupzzplaceholder' [ Not found ] [00:14:42] Checking for file '/usr/lib/zupzz.p2/.p-2.3d' [ Not found ] [00:14:42] Checking for file '/usr/lib/zupzz.p2/.p2rc' [ Not found ] [00:14:42] Checking for directory '/etc/khubd.p2' [ Not found ] [00:14:42] Checking for directory '/etc/lolzz.p2' [ Not found ] [00:14:42] Checking for directory '/usr/lib/zupzz.p2' [ Not found ] [00:14:42] Phalanx2 Rootkit [ Not found ] [00:14:42] [00:14:42] Checking for Phalanx2 Rootkit (extended tests)... [00:14:42] Checking for directory '/etc/khubd.p2' [ Not found ] [00:14:42] Checking for directory '/etc/lolzz.p2' [ Not found ] [00:14:42] Checking for directory '/usr/lib/zupzz.p2' [ Not found ] [00:14:42] Checking process list for process 'ata/0' [ OK ] [00:14:42] Phalanx2 Rootkit (extended tests) [ Not found ] [00:14:42] [00:14:42] Checking for Portacelo Rootkit... [00:14:42] Checking for file '/var/lib/.../.ak' [ Not found ] [00:14:42] Checking for file '/var/lib/.../.hk' [ Not found ] [00:14:42] Checking for file '/var/lib/.../.rs' [ Not found ] [00:14:43] Checking for file '/var/lib/.../.p' [ Not found ] [00:14:43] Checking for file '/var/lib/.../getty' [ Not found ] [00:14:43] Checking for file '/var/lib/.../lkt.o' [ Not found ] [00:14:43] Checking for file '/var/lib/.../show' [ Not found ] [00:14:43] Checking for file '/var/lib/.../nlkt.o' [ Not found ] [00:14:43] Checking for file '/var/lib/.../ssshrc' [ Not found ] [00:14:43] Checking for file '/var/lib/.../sssh_equiv' [ Not found ] [00:14:43] Checking for file '/var/lib/.../sssh_known_hosts' [ Not found ] [00:14:43] Checking for file '/var/lib/.../sssh_pid' [ Not found ] [00:14:43] Checking for file '~/.sssh/known_hosts' [ Not found ] [00:14:43] Portacelo Rootkit [ Not found ] [00:14:43] [00:14:43] Checking for R3dstorm Toolkit... [00:14:43] Checking for file '/var/log/tk02/see_all' [ Not found ] [00:14:43] Checking for file '/var/log/tk02/.scris' [ Not found ] [00:14:43] Checking for file '/bin/.../sshd/sbin/sshd1' [ Not found ] [00:14:43] Checking for file '/bin/.../hate/sk' [ Not found ] [00:14:43] Checking for file '/bin/.../see_all' [ Not found ] [00:14:43] Checking for directory '/var/log/tk02' [ Not found ] [00:14:43] Checking for directory '/var/log/tk02/old' [ Not found ] [00:14:43] Checking for directory '/bin/...' [ Not found ] [00:14:43] R3dstorm Toolkit [ Not found ] [00:14:43] [00:14:43] Checking for RH-Sharpe's Rootkit... [00:14:43] Checking for file '/bin/lps' [ Not found ] [00:14:43] Checking for file '/usr/bin/lpstree' [ Not found ] [00:14:43] Checking for file '/usr/bin/ltop' [ Not found ] [00:14:43] Checking for file '/usr/bin/lkillall' [ Not found ] [00:14:43] Checking for file '/usr/bin/ldu' [ Not found ] [00:14:43] Checking for file '/usr/bin/lnetstat' [ Not found ] [00:14:43] Checking for file '/usr/bin/wp' [ Not found ] [00:14:43] Checking for file '/usr/bin/shad' [ Not found ] [00:14:43] Checking for file '/usr/bin/vadim' [ Not found ] [00:14:44] Checking for file '/usr/bin/slice' [ Not found ] [00:14:44] Checking for file '/usr/bin/cleaner' [ Not found ] [00:14:44] Checking for file '/usr/include/rpcsvc/du' [ Not found ] [00:14:44] RH-Sharpe's Rootkit [ Not found ] [00:14:44] [00:14:44] Checking for RSHA's Rootkit... [00:14:44] Checking for file '/bin/kr4p' [ Not found ] [00:14:44] Checking for file '/usr/bin/n3tstat' [ Not found ] [00:14:44] Checking for file '/usr/bin/chsh2' [ Not found ] [00:14:44] Checking for file '/usr/bin/slice2' [ Not found ] [00:14:44] Checking for file '/usr/src/linux/arch/alpha/lib/.lib/.1proc' [ Not found ] [00:14:44] Checking for file '/etc/rc.d/arch/alpha/lib/.lib/.1addr' [ Not found ] [00:14:44] Checking for directory '/etc/rc.d/rsha' [ Not found ] [00:14:44] Checking for directory '/etc/rc.d/arch/alpha/lib/.lib' [ Not found ] [00:14:44] RSHA's Rootkit [ Not found ] [00:14:44] [00:14:44] Checking for Scalper Worm... [00:14:44] Checking for file '/tmp/.a' [ Not found ] [00:14:44] Checking for file '/tmp/.uua' [ Not found ] [00:14:44] Scalper Worm [ Not found ] [00:14:44] [00:14:44] Checking for Sebek LKM... [00:14:44] Checking for kernel symbol 'adore or sebek' [ Not found ] [00:14:44] Sebek LKM [ Not found ] [00:14:44] [00:14:44] Checking for Shutdown Rootkit... [00:14:45] Checking for file '/usr/man/man5/.. /.dir/scannah/asus' [ Not found ] [00:14:45] Checking for file '/usr/man/man5/.. /.dir/see' [ Not found ] [00:14:45] Checking for file '/usr/man/man5/.. /.dir/nscd' [ Not found ] [00:14:45] Checking for file '/usr/man/man5/.. /.dir/alpd' [ Not found ] [00:14:45] Checking for file '/etc/rc.d/rc.local ' [ Not found ] [00:14:45] Checking for directory '/usr/man/man5/.. /.dir' [ Not found ] [00:14:45] Checking for directory '/usr/man/man5/.. /.dir/scannah' [ Not found ] [00:14:45] Checking for directory '/etc/rc.d/rc0.d/.. /.dir' [ Not found ] [00:14:45] Shutdown Rootkit [ Not found ] [00:14:45] [00:14:45] Checking for SHV4 Rootkit... [00:14:45] Checking for file '/etc/ld.so.hash' [ Not found ] [00:14:45] Checking for file '/lib/libext-2.so.7' [ Not found ] [00:14:45] Checking for file '/lib/lidps1.so' [ Not found ] [00:14:45] Checking for file '/lib/libproc.a' [ Not found ] [00:14:45] Checking for file '/lib/libproc.so.2.0.6' [ Not found ] [00:14:45] Checking for file '/lib/ldd.so/tks' [ Not found ] [00:14:45] Checking for file '/lib/ldd.so/tkp' [ Not found ] [00:14:45] Checking for file '/lib/ldd.so/tksb' [ Not found ] [00:14:45] Checking for file '/lib/security/.config/sshd' [ Not found ] [00:14:45] Checking for file '/lib/security/.config/ssh/ssh_host_key' [ Not found ] [00:14:45] Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' [ Not found ] [00:14:45] Checking for file '/lib/security/.config/ssh/ssh_random_seed' [ Not found ] [00:14:45] Checking for file '/usr/include/file.h' [ Not found ] [00:14:45] Checking for file '/usr/include/hosts.h' [ Not found ] [00:14:45] Checking for file '/usr/include/lidps1.so' [ Not found ] [00:14:45] Checking for file '/usr/include/log.h' [ Not found ] [00:14:45] Checking for file '/usr/include/proc.h' [ Not found ] [00:14:45] Checking for file '/usr/sbin/xntps' [ Not found ] [00:14:45] Checking for file '/dev/srd0' [ Not found ] [00:14:45] Checking for directory '/lib/ldd.so' [ Not found ] [00:14:45] Checking for directory '/lib/security/.config' [ Not found ] [00:14:45] Checking for directory '/lib/security/.config/ssh' [ Not found ] [00:14:45] SHV4 Rootkit [ Not found ] [00:14:45] [00:14:45] Checking for SHV5 Rootkit... [00:14:46] Checking for file '/etc/sh.conf' [ Not found ] [00:14:46] Checking for file '/lib/libproc.a' [ Not found ] [00:14:46] Checking for file '/lib/libproc.so.2.0.6' [ Not found ] [00:14:46] Checking for file '/lib/lidps1.so' [ Not found ] [00:14:46] Checking for file '/lib/libsh.so/bash' [ Not found ] [00:14:46] Checking for file '/usr/include/file.h' [ Not found ] [00:14:46] Checking for file '/usr/include/hosts.h' [ Not found ] [00:14:46] Checking for file '/usr/include/log.h' [ Not found ] [00:14:46] Checking for file '/usr/include/proc.h' [ Not found ] [00:14:46] Checking for file '/lib/libsh.so/shdcf2' [ Not found ] [00:14:46] Checking for file '/lib/libsh.so/shhk' [ Not found ] [00:14:46] Checking for file '/lib/libsh.so/shhk.pub' [ Not found ] [00:14:46] Checking for file '/lib/libsh.so/shrs' [ Not found ] [00:14:46] Checking for file '/usr/lib/libsh/.bashrc' [ Not found ] [00:14:46] Checking for file '/usr/lib/libsh/shsb' [ Not found ] [00:14:46] Checking for file '/usr/lib/libsh/hide' [ Not found ] [00:14:46] Checking for file '/usr/lib/libsh/.sniff/shsniff' [ Not found ] [00:14:46] Checking for file '/usr/lib/libsh/.sniff/shp' [ Not found ] [00:14:46] Checking for file '/dev/srd0' [ Not found ] [00:14:46] Checking for directory '/lib/libsh.so' [ Not found ] [00:14:46] Checking for directory '/usr/lib/libsh' [ Not found ] [00:14:46] Checking for directory '/usr/lib/libsh/utilz' [ Not found ] [00:14:46] Checking for directory '/usr/lib/libsh/.backup' [ Not found ] [00:14:46] SHV5 Rootkit [ Not found ] [00:14:46] [00:14:46] Checking for Sin Rootkit... [00:14:46] Checking for file '/dev/.haos/haos1/.f/Denyed' [ Not found ] [00:14:46] Checking for file '/dev/ttyoa' [ Not found ] [00:14:46] Checking for file '/dev/ttyof' [ Not found ] [00:14:46] Checking for file '/dev/ttyop' [ Not found ] [00:14:46] Checking for file '/dev/ttyos' [ Not found ] [00:14:47] Checking for file '/usr/lib/.lib' [ Not found ] [00:14:47] Checking for file '/usr/lib/sn/.X' [ Not found ] [00:14:47] Checking for file '/usr/lib/sn/.sys' [ Not found ] [00:14:47] Checking for file '/usr/lib/ld/.X' [ Not found ] [00:14:47] Checking for file '/usr/man/man1/...' [ Not found ] [00:14:47] Checking for file '/usr/man/man1/.../.m' [ Not found ] [00:14:47] Checking for file '/usr/man/man1/.../.w' [ Not found ] [00:14:47] Checking for directory '/usr/lib/sn' [ Not found ] [00:14:47] Checking for directory '/usr/lib/man1/...' [ Not found ] [00:14:47] Checking for directory '/dev/.haos' [ Not found ] [00:14:47] Sin Rootkit [ Not found ] [00:14:47] [00:14:47] Checking for Slapper Worm... [00:14:47] Checking for file '/tmp/.bugtraq' [ Not found ] [00:14:47] Checking for file '/tmp/.uubugtraq' [ Not found ] [00:14:47] Checking for file '/tmp/.bugtraq.c' [ Not found ] [00:14:47] Checking for file '/tmp/httpd' [ Not found ] [00:14:47] Checking for file '/tmp/.unlock' [ Not found ] [00:14:47] Checking for file '/tmp/update' [ Not found ] [00:14:47] Checking for file '/tmp/.cinik' [ Not found ] [00:14:47] Checking for file '/tmp/.b' [ Not found ] [00:14:47] Slapper Worm [ Not found ] [00:14:47] [00:14:47] Checking for Sneakin Rootkit... [00:14:47] Checking for directory '/tmp/.X11-unix/.../rk' [ Not found ] [00:14:47] Sneakin Rootkit [ Not found ] [00:14:47] [00:14:47] Checking for 'Spanish' Rootkit... [00:14:47] Checking for file '/dev/ptyq' [ Not found ] [00:14:47] Checking for file '/bin/ad' [ Not found ] [00:14:47] Checking for file '/bin/ava' [ Not found ] [00:14:47] Checking for file '/bin/server' [ Not found ] [00:14:47] Checking for file '/usr/sbin/rescue' [ Not found ] [00:14:47] Checking for file '/usr/share/.../chrps' [ Not found ] [00:14:47] Checking for file '/usr/share/.../chrifconfig' [ Not found ] [00:14:47] Checking for file '/usr/share/.../netstat' [ Not found ] [00:14:48] Checking for file '/usr/share/.../linsniffer' [ Not found ] [00:14:48] Checking for file '/usr/share/.../charbd' [ Not found ] [00:14:48] Checking for file '/usr/share/.../charbd2' [ Not found ] [00:14:48] Checking for file '/usr/share/.../charbd3' [ Not found ] [00:14:48] Checking for file '/usr/share/.../charbd4' [ Not found ] [00:14:48] Checking for file '/usr/man/tmp/update.tgz' [ Not found ] [00:14:48] Checking for file '/var/lib/rpm/db.rpm' [ Not found ] [00:14:48] Checking for file '/var/cache/man/.cat' [ Not found ] [00:14:48] Checking for file '/var/spool/lpd/remote/.lpq' [ Not found ] [00:14:48] Checking for directory '/usr/share/...' [ Not found ] [00:14:48] 'Spanish' Rootkit [ Not found ] [00:14:48] [00:14:48] Checking for Suckit Rootkit... [00:14:48] Checking for file '/sbin/initsk12' [ Not found ] [00:14:48] Checking for file '/sbin/initxrk' [ Not found ] [00:14:48] Checking for file '/usr/bin/null' [ Not found ] [00:14:48] Checking for file '/usr/share/locale/sk/.sk12/sk' [ Not found ] [00:14:48] Checking for file '/etc/rc.d/rc0.d/S23kmdac' [ Not found ] [00:14:48] Checking for file '/etc/rc.d/rc1.d/S23kmdac' [ Not found ] [00:14:48] Checking for file '/etc/rc.d/rc2.d/S23kmdac' [ Not found ] [00:14:48] Checking for file '/etc/rc.d/rc3.d/S23kmdac' [ Not found ] [00:14:48] Checking for file '/etc/rc.d/rc4.d/S23kmdac' [ Not found ] [00:14:48] Checking for file '/etc/rc.d/rc5.d/S23kmdac' [ Not found ] [00:14:48] Checking for file '/etc/rc.d/rc6.d/S23kmdac' [ Not found ] [00:14:48] Checking for directory '/dev/sdhu0/tehdrakg' [ Not found ] [00:14:48] Checking for directory '/etc/.MG' [ Not found ] [00:14:48] Checking for directory '/usr/share/locale/sk/.sk12' [ Not found ] [00:14:48] Checking for directory '/usr/lib/perl5/site_perl/i386-linux/auto/TimeDate/.packlist' [ Not found ] [00:14:48] Suckit Rootkit [ Not found ] [00:14:48] [00:14:48] Checking for SunOS Rootkit... [00:14:48] Checking for file '/etc/ld.so.hash' [ Not found ] [00:14:48] Checking for file '/lib/libext-2.so.7' [ Not found ] [00:14:49] Checking for file '/usr/bin/ssh2d' [ Not found ] [00:14:49] Checking for file '/bin/xlogin' [ Not found ] [00:14:49] Checking for file '/usr/lib/crth.o' [ Not found ] [00:14:49] Checking for file '/usr/lib/crtz.o' [ Not found ] [00:14:49] Checking for file '/sbin/login' [ Not found ] [00:14:49] Checking for file '/lib/security/.config/sn' [ Not found ] [00:14:49] Checking for file '/lib/security/.config/lpsched' [ Not found ] [00:14:49] Checking for file '/dev/kmod' [ Not found ] [00:14:49] Checking for file '/dev/dos' [ Not found ] [00:14:49] SunOS Rootkit [ Not found ] [00:14:49] [00:14:49] Checking for SunOS / NSDAP Rootkit... [00:14:49] Checking for file '/dev/pts/01/55su' [ Not found ] [00:14:49] Checking for file '/dev/pts/01/55ps' [ Not found ] [00:14:49] Checking for file '/dev/pts/01/55ping' [ Not found ] [00:14:49] Checking for file '/dev/pts/01/55login' [ Not found ] [00:14:49] Checking for file '/dev/pts/01/PATCHER_COMPLETED' [ Not found ] [00:14:49] Checking for file '/dev/prom/sn.l' [ Not found ] [00:14:49] Checking for file '/dev/prom/dos' [ Not found ] [00:14:49] Checking for file '/usr/lib/vold/nsdap/.kit' [ Not found ] [00:14:49] Checking for file '/usr/lib/vold/nsdap/defines' [ Not found ] [00:14:49] Checking for file '/usr/lib/vold/nsdap/patcher' [ Not found ] [00:14:49] Checking for file '/usr/lib/vold/nsdap/pg' [ Not found ] [00:14:49] Checking for file '/usr/lib/vold/nsdap/cleaner' [ Not found ] [00:14:49] Checking for file '/usr/lib/vold/nsdap/utime' [ Not found ] [00:14:49] Checking for file '/usr/lib/vold/nsdap/crypt' [ Not found ] [00:14:49] Checking for file '/usr/lib/vold/nsdap/findkit' [ Not found ] [00:14:49] Checking for file '/usr/lib/vold/nsdap/sn2' [ Not found ] [00:14:49] Checking for file '/usr/lib/vold/nsdap/sniffload' [ Not found ] [00:14:49] Checking for file '/usr/lib/vold/nsdap/runsniff' [ Not found ] [00:14:49] Checking for file '/usr/lib/lpset' [ Not found ] [00:14:49] Checking for file '/usr/lib/lpstart' [ Not found ] [00:14:50] Checking for file '/usr/bin/mc68000' [ Not found ] [00:14:50] Checking for file '/usr/bin/mc68010' [ Not found ] [00:14:50] Checking for file '/usr/bin/mc68020' [ Not found ] [00:14:50] Checking for file '/usr/ucb/bin/ps' [ Not found ] [00:14:50] Checking for file '/usr/bin/m68k' [ Not found ] [00:14:50] Checking for file '/usr/bin/sun2' [ Not found ] [00:14:50] Checking for file '/usr/bin/mc68030' [ Not found ] [00:14:50] Checking for file '/usr/bin/mc68040' [ Not found ] [00:14:50] Checking for file '/usr/bin/sun3' [ Not found ] [00:14:50] Checking for file '/usr/bin/sun3x' [ Not found ] [00:14:50] Checking for file '/usr/bin/lso' [ Not found ] [00:14:50] Checking for file '/usr/bin/u370' [ Not found ] [00:14:50] Checking for directory '/dev/pts/01' [ Not found ] [00:14:50] Checking for directory '/dev/prom' [ Not found ] [00:14:50] Checking for directory '/usr/lib/vold/nsdap' [ Not found ] [00:14:50] Checking for directory '/.pat' [ Not found ] [00:14:50] SunOS / NSDAP Rootkit [ Not found ] [00:14:50] [00:14:50] Checking for Superkit Rootkit... [00:14:50] Checking for file '/usr/man/.sman/sk/backsh' [ Not found ] [00:14:50] Checking for file '/usr/man/.sman/sk/izbtrag' [ Not found ] [00:14:50] Checking for file '/usr/man/.sman/sk/sksniff' [ Not found ] [00:14:50] Checking for file '/var/www/cgi-bin/cgiback.cgi' [ Not found ] [00:14:50] Checking for directory '/usr/man/.sman/sk' [ Not found ] [00:14:50] Superkit Rootkit [ Not found ] [00:14:50] [00:14:50] Checking for TBD (Telnet BackDoor)... [00:14:50] Checking for file '/usr/lib/.tbd' [ Not found ] [00:14:50] TBD (Telnet BackDoor) [ Not found ] [00:14:50] [00:14:50] Checking for TeLeKiT Rootkit... [00:14:50] Checking for file '/usr/man/man3/.../TeLeKiT/bin/sniff' [ Not found ] [00:14:50] Checking for file '/usr/man/man3/.../TeLeKiT/bin/telnetd' [ Not found ] [00:14:50] Checking for file '/usr/man/man3/.../TeLeKiT/bin/teleulo' [ Not found ] [00:14:50] Checking for file '/usr/man/man3/.../cl' [ Not found ] [00:14:51] Checking for file '/dev/ptyr' [ Not found ] [00:14:51] Checking for file '/dev/ptyp' [ Not found ] [00:14:51] Checking for file '/dev/ptyq' [ Not found ] [00:14:51] Checking for file '/dev/hda06' [ Not found ] [00:14:51] Checking for file '/usr/info/libc1.so' [ Not found ] [00:14:51] Checking for directory '/usr/man/man3/...' [ Not found ] [00:14:51] Checking for directory '/usr/man/man3/.../lsniff' [ Not found ] [00:14:51] Checking for directory '/usr/man/man3/.../TeLeKiT' [ Not found ] [00:14:51] TeLeKiT Rootkit [ Not found ] [00:14:51] [00:14:51] Checking for T0rn Rootkit... [00:14:51] Checking for file '/dev/.lib/lib/lib/t0rns' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/du' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/ls' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/t0rnsb' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/ps' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/t0rnp' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/find' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/ifconfig' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/pg' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/ssh.tgz' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/top' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/sz' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/login' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/in.fingerd' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/1i0n.sh' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/pstree' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/in.telnetd' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/mjy' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/sush' [ Not found ] [00:14:51] Checking for file '/dev/.lib/lib/lib/tfn' [ Not found ] [00:14:52] Checking for file '/dev/.lib/lib/lib/name' [ Not found ] [00:14:52] Checking for file '/dev/.lib/lib/lib/getip.sh' [ Not found ] [00:14:52] Checking for file '/usr/info/.torn/sh*' [ Not found ] [00:14:52] Checking for file '/usr/src/.puta/.1addr' [ Not found ] [00:14:52] Checking for file '/usr/src/.puta/.1file' [ Not found ] [00:14:52] Checking for file '/usr/src/.puta/.1proc' [ Not found ] [00:14:52] Checking for file '/usr/src/.puta/.1logz' [ Not found ] [00:14:52] Checking for file '/usr/info/.t0rn' [ Not found ] [00:14:52] Checking for directory '/dev/.lib' [ Not found ] [00:14:52] Checking for directory '/dev/.lib/lib' [ Not found ] [00:14:52] Checking for directory '/dev/.lib/lib/lib' [ Not found ] [00:14:52] Checking for directory '/dev/.lib/lib/lib/dev' [ Not found ] [00:14:52] Checking for directory '/dev/.lib/lib/scan' [ Not found ] [00:14:52] Checking for directory '/usr/src/.puta' [ Not found ] [00:14:52] Checking for directory '/usr/man/man1/man1' [ Not found ] [00:14:52] Checking for directory '/usr/man/man1/man1/lib' [ Not found ] [00:14:52] Checking for directory '/usr/man/man1/man1/lib/.lib' [ Not found ] [00:14:52] Checking for directory '/usr/man/man1/man1/lib/.lib/.backup' [ Not found ] [00:14:52] T0rn Rootkit [ Not found ] [00:14:52] [00:14:52] Checking for trNkit Rootkit... [00:14:52] Checking for file '/usr/lib/libbins.la' [ Not found ] [00:14:52] Checking for file '/usr/lib/libtcs.so' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/ulogin.sh' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/tcpshell.sh' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/bupdu' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/buloc' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/buloc1' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/buloc2' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/stat' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/backps' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/tree' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/topk' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/wold' [ Not found ] [00:14:52] Checking for file '/dev/.ttpy/whoold' [ Not found ] [00:14:53] Checking for file '/dev/.ttpy/backdoors' [ Not found ] [00:14:53] trNkit Rootkit [ Not found ] [00:14:53] [00:14:53] Checking for Trojanit Kit... [00:14:53] Checking for file '/bin/.ls' [ Not found ] [00:14:53] Checking for file '/bin/.ps' [ Not found ] [00:14:53] Checking for file '/bin/.netstat' [ Not found ] [00:14:53] Checking for file '/usr/bin/.nop' [ Not found ] [00:14:53] Checking for file '/usr/bin/.who' [ Not found ] [00:14:53] Trojanit Kit [ Not found ] [00:14:53] [00:14:53] Checking for Tuxtendo Rootkit... [00:14:53] Checking for file '/lib/libproc.so.2.0.7' [ Not found ] [00:14:53] Checking for file '/usr/bin/xchk' [ Not found ] [00:14:53] Checking for file '/usr/bin/xsf' [ Not found ] [00:14:53] Checking for file '/dev/tux/suidsh' [ Not found ] [00:14:53] Checking for file '/dev/tux/.addr' [ Not found ] [00:14:53] Checking for file '/dev/tux/.cron' [ Not found ] [00:14:53] Checking for file '/dev/tux/.file' [ Not found ] [00:14:53] Checking for file '/dev/tux/.log' [ Not found ] [00:14:53] Checking for file '/dev/tux/.proc' [ Not found ] [00:14:53] Checking for file '/dev/tux/.iface' [ Not found ] [00:14:53] Checking for file '/dev/tux/.pw' [ Not found ] [00:14:53] Checking for file '/dev/tux/.df' [ Not found ] [00:14:53] Checking for file '/dev/tux/.ssh' [ Not found ] [00:14:53] Checking for file '/dev/tux/.tux' [ Not found ] [00:14:53] Checking for file '/dev/tux/ssh2/sshd2_config' [ Not found ] [00:14:53] Checking for file '/dev/tux/ssh2/hostkey' [ Not found ] [00:14:53] Checking for file '/dev/tux/ssh2/hostkey.pub' [ Not found ] [00:14:53] Checking for file '/dev/tux/ssh2/logo' [ Not found ] [00:14:53] Checking for file '/dev/tux/ssh2/random_seed' [ Not found ] [00:14:53] Checking for file '/dev/tux/backup/crontab' [ Not found ] [00:14:53] Checking for file '/dev/tux/backup/df' [ Not found ] [00:14:53] Checking for file '/dev/tux/backup/dir' [ Not found ] [00:14:54] Checking for file '/dev/tux/backup/find' [ Not found ] [00:14:54] Checking for file '/dev/tux/backup/ifconfig' [ Not found ] [00:14:54] Checking for file '/dev/tux/backup/locate' [ Not found ] [00:14:54] Checking for file '/dev/tux/backup/netstat' [ Not found ] [00:14:54] Checking for file '/dev/tux/backup/ps' [ Not found ] [00:14:54] Checking for file '/dev/tux/backup/pstree' [ Not found ] [00:14:54] Checking for file '/dev/tux/backup/syslogd' [ Not found ] [00:14:54] Checking for file '/dev/tux/backup/tcpd' [ Not found ] [00:14:54] Checking for file '/dev/tux/backup/top' [ Not found ] [00:14:54] Checking for file '/dev/tux/backup/updatedb' [ Not found ] [00:14:54] Checking for file '/dev/tux/backup/vdir' [ Not found ] [00:14:54] Checking for directory '/dev/tux' [ Not found ] [00:14:54] Checking for directory '/dev/tux/ssh2' [ Not found ] [00:14:54] Checking for directory '/dev/tux/backup' [ Not found ] [00:14:54] Tuxtendo Rootkit [ Not found ] [00:14:54] [00:14:54] Checking for URK Rootkit... [00:14:54] Checking for file '/dev/prom/sn.l' [ Not found ] [00:14:54] Checking for file '/usr/lib/ldlibps.so' [ Not found ] [00:14:54] Checking for file '/usr/lib/ldlibnet.so' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/uconf.inv' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/cleaner' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/bin/psniff' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/bin/du' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/bin/ls' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/bin/passwd' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/bin/ps' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/bin/psr' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/bin/su' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/bin/find' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/bin/netstat' [ Not found ] [00:14:54] Checking for file '/dev/pts/01/bin/ping' [ Not found ] [00:14:55] Checking for file '/dev/pts/01/bin/strings' [ Not found ] [00:14:55] Checking for file '/dev/pts/01/bin/bash' [ Not found ] [00:14:55] Checking for file '/usr/man/man1/xxxxxxbin/du' [ Not found ] [00:14:55] Checking for file '/usr/man/man1/xxxxxxbin/ls' [ Not found ] [00:14:55] Checking for file '/usr/man/man1/xxxxxxbin/passwd' [ Not found ] [00:14:55] Checking for file '/usr/man/man1/xxxxxxbin/ps' [ Not found ] [00:14:55] Checking for file '/usr/man/man1/xxxxxxbin/psr' [ Not found ] [00:14:55] Checking for file '/usr/man/man1/xxxxxxbin/su' [ Not found ] [00:14:55] Checking for file '/usr/man/man1/xxxxxxbin/find' [ Not found ] [00:14:55] Checking for file '/usr/man/man1/xxxxxxbin/netstat' [ Not found ] [00:14:55] Checking for file '/usr/man/man1/xxxxxxbin/ping' [ Not found ] [00:14:55] Checking for file '/usr/man/man1/xxxxxxbin/strings' [ Not found ] [00:14:55] Checking for file '/usr/man/man1/xxxxxxbin/bash' [ Not found ] [00:14:55] Checking for file '/tmp/conf.inv' [ Not found ] [00:14:55] Checking for directory '/dev/prom' [ Not found ] [00:14:55] Checking for directory '/dev/pts/01' [ Not found ] [00:14:55] Checking for directory '/dev/pts/01/bin' [ Not found ] [00:14:55] Checking for directory '/usr/man/man1/xxxxxxbin' [ Not found ] [00:14:55] URK Rootkit [ Not found ] [00:14:55] [00:14:55] Checking for Vampire Rootkit... [00:14:55] Checking for kernel symbol 'new_getdents' [ Not found ] [00:14:55] Checking for kernel symbol 'old_getdents' [ Not found ] [00:14:55] Checking for kernel symbol 'should_hide_file_name' [ Not found ] [00:14:55] Checking for kernel symbol 'should_hide_task_name' [ Not found ] [00:14:55] Vampire Rootkit [ Not found ] [00:14:55] [00:14:55] Checking for VcKit Rootkit... [00:14:55] Checking for directory '/usr/include/linux/modules/lib.so' [ Not found ] [00:14:55] Checking for directory '/usr/include/linux/modules/lib.so/bin' [ Not found ] [00:14:55] VcKit Rootkit [ Not found ] [00:14:55] [00:14:55] Checking for Volc Rootkit... [00:14:56] Checking for file '/usr/bin/volc' [ Not found ] [00:14:56] Checking for file '/usr/lib/volc/backdoor/divine' [ Not found ] [00:14:56] Checking for file '/usr/lib/volc/linsniff' [ Not found ] [00:14:56] Checking for file '/etc/rc.d/rc1.d/S25sysconf' [ Not found ] [00:14:56] Checking for file '/etc/rc.d/rc2.d/S25sysconf' [ Not found ] [00:14:56] Checking for file '/etc/rc.d/rc3.d/S25sysconf' [ Not found ] [00:14:56] Checking for file '/etc/rc.d/rc4.d/S25sysconf' [ Not found ] [00:14:56] Checking for file '/etc/rc.d/rc5.d/S25sysconf' [ Not found ] [00:14:56] Checking for directory '/var/spool/.recent' [ Not found ] [00:14:56] Checking for directory '/var/spool/.recent/.files' [ Not found ] [00:14:56] Checking for directory '/usr/lib/volc' [ Not found ] [00:14:56] Checking for directory '/usr/lib/volc/backup' [ Not found ] [00:14:56] Volc Rootkit [ Not found ] [00:14:56] [00:14:56] Checking for Xzibit Rootkit... [00:14:56] Checking for file '/dev/dsx' [ Not found ] [00:14:56] Checking for file '/dev/caca' [ Not found ] [00:14:56] Checking for file '/dev/ida/.inet/linsniffer' [ Not found ] [00:14:56] Checking for file '/dev/ida/.inet/logclear' [ Not found ] [00:14:56] Checking for file '/dev/ida/.inet/sense' [ Not found ] [00:14:56] Checking for file '/dev/ida/.inet/sl2' [ Not found ] [00:14:56] Checking for file '/dev/ida/.inet/sshdu' [ Not found ] [00:14:56] Checking for file '/dev/ida/.inet/s' [ Not found ] [00:14:56] Checking for file '/dev/ida/.inet/ssh_host_key' [ Not found ] [00:14:56] Checking for file '/dev/ida/.inet/ssh_random_seed' [ Not found ] [00:14:56] Checking for file '/dev/ida/.inet/sl2new.c' [ Not found ] [00:14:56] Checking for file '/dev/ida/.inet/tcp.log' [ Not found ] [00:14:56] Checking for file '/home/httpd/cgi-bin/becys.cgi' [ Not found ] [00:14:56] Checking for file '/usr/local/httpd/cgi-bin/becys.cgi' [ Not found ] [00:14:56] Checking for file '/usr/local/apache/cgi-bin/becys.cgi' [ Not found ] [00:14:56] Checking for file '/www/httpd/cgi-bin/becys.cgi' [ Not found ] [00:14:56] Checking for file '/www/cgi-bin/becys.cgi' [ Not found ] [00:14:56] Checking for directory '/dev/ida/.inet' [ Not found ] [00:14:57] Xzibit Rootkit [ Not found ] [00:14:57] [00:14:57] Checking for X-Org SunOS Rootkit... [00:14:57] Checking for file '/usr/lib/libX.a/bin/tmpfl' [ Not found ] [00:14:57] Checking for file '/usr/lib/libX.a/bin/rps' [ Not found ] [00:14:57] Checking for file '/usr/bin/srload' [ Not found ] [00:14:57] Checking for file '/usr/lib/libX.a/bin/sparcv7/rps' [ Not found ] [00:14:57] Checking for file '/usr/sbin/modcheck' [ Not found ] [00:14:57] Checking for directory '/usr/lib/libX.a' [ Not found ] [00:14:57] Checking for directory '/usr/lib/libX.a/bin' [ Not found ] [00:14:57] Checking for directory '/usr/lib/libX.a/bin/sparcv7' [ Not found ] [00:14:57] Checking for directory '/usr/share/man...' [ Not found ] [00:14:57] X-Org SunOS Rootkit [ Not found ] [00:14:57] [00:14:57] Checking for zaRwT.KiT Rootkit... [00:14:57] Checking for file '/dev/rd/s/sendmeil' [ Not found ] [00:14:57] Checking for file '/dev/ttyf' [ Not found ] [00:14:57] Checking for file '/dev/ttyp' [ Not found ] [00:14:57] Checking for file '/dev/ttyn' [ Not found ] [00:14:57] Checking for file '/rk/tulz' [ Not found ] [00:14:57] Checking for directory '/rk' [ Not found ] [00:14:57] Checking for directory '/dev/rd/s' [ Not found ] [00:14:57] zaRwT.KiT Rootkit [ Not found ] [00:14:57] [00:14:57] Checking for ZK Rootkit... [00:14:57] Checking for file '/usr/share/.zk/zk' [ Not found ] [00:14:57] Checking for file '/usr/X11R6/.zk/xfs' [ Not found ] [00:14:57] Checking for file '/usr/X11R6/.zk/echo' [ Not found ] [00:14:57] Checking for file '/etc/1ssue.net' [ Not found ] [00:14:57] Checking for file '/etc/sysconfig/console/load.zk' [ Not found ] [00:14:57] Checking for directory '/usr/share/.zk' [ Not found ] [00:14:57] Checking for directory '/usr/X11R6/.zk' [ Not found ] [00:14:57] ZK Rootkit [ Not found ] [00:14:57] [00:14:57] Performing additional rootkit checks [00:14:57] Info: Starting test name 'additional_rkts' [00:14:57] [00:14:57] Performing Suckit Rookit additional checks [00:14:58] Checking hard link count on '/sbin/init' [ OK ] [00:14:58] Checking for hidden file extensions [ None found ] [00:14:58] Running skdet command [ Skipped ] [00:14:58] Info: Unable to find the 'skdet' command [00:14:58] Suckit Rookit additional checks [ OK ] [00:14:58] [00:14:58] Performing check of possible rootkit files and directories [00:14:58] Info: Starting test name 'possible_rkt_files' [00:14:58] Checking for file '/dev/sdr0' [ Not found ] [00:14:58] Checking for file '/dev/pisu' [ Not found ] [00:14:58] Checking for file '/dev/xdta' [ Not found ] [00:14:58] Checking for file '/dev/saux' [ Not found ] [00:14:58] Checking for file '/dev/hdx' [ Not found ] [00:14:58] Checking for file '/dev/hdx1' [ Not found ] [00:14:58] Checking for file '/dev/hdx2' [ Not found ] [00:14:58] Checking for file '/dev/ptyy' [ Not found ] [00:14:58] Checking for file '/dev/ptyu' [ Not found ] [00:14:58] Checking for file '/dev/ptyv' [ Not found ] [00:14:58] Checking for file '/dev/hdbb' [ Not found ] [00:14:58] Checking for file '/tmp/.syshackfile' [ Not found ] [00:14:58] Checking for file '/tmp/.bash_history' [ Not found ] [00:14:58] Checking for file '/usr/info/.clib' [ Not found ] [00:14:58] Checking for file '/usr/sbin/tcp.log' [ Not found ] [00:14:58] Checking for file '/usr/bin/take/pid' [ Not found ] [00:14:58] Checking for file '/sbin/create' [ Not found ] [00:14:58] Checking for file '/dev/ttypz' [ Not found ] [00:14:58] Checking for file '/var/log/tcp.log' [ Not found ] [00:14:59] Checking for file '/usr/include/audit.h' [ Not found ] [00:14:59] Checking for file '/usr/bin/sourcemask' [ Not found ] [00:14:59] Checking for file '/usr/bin/ras2xm' [ Not found ] [00:14:59] Checking for file '/dev/xmx' [ Not found ] [00:14:59] Checking for file '/usr/sbin/gpm.root' [ Not found ] [00:14:59] Checking for file '/bin/vobiscum' [ Not found ] [00:14:59] Checking for file '/bin/psr' [ Not found ] [00:14:59] Checking for file '/dev/kdx' [ Not found ] [00:14:59] Checking for file '/dev/dkx' [ Not found ] [00:14:59] Checking for file '/usr/sbin/sshd3' [ Not found ] [00:14:59] Checking for file '/usr/sbin/jcd' [ Not found ] [00:14:59] Checking for file '/etc/rc.d/init.d/jcd' [ Not found ] [00:14:59] Checking for file '/usr/sbin/atd2' [ Not found ] [00:14:59] Checking for file '/home/httpd/cgi-bin/linux.cgi' [ Not found ] [00:14:59] Checking for file '/home/httpd/cgi-bin/psid' [ Not found ] [00:14:59] Checking for file '/home/httpd/cgi-bin/void.cgi' [ Not found ] [00:14:59] Checking for file '/etc/rc.d/init.d/system' [ Not found ] [00:14:59] Checking for file '/etc/rc.d/rc3.d/S93users' [ Not found ] [00:14:59] Checking for file '/tmp/.ush' [ Not found ] [00:14:59] Checking for file '/usr/lib/libhidefile.so' [ Not found ] [00:14:59] Checking for file '/etc/cron.d/kmod' [ Not found ] [00:14:59] Checking for file '/usr/lib/dmis/dmisd' [ Not found ] [00:14:59] Checking for file '/lib/secure/libhij.so' [ Not found ] [00:15:00] Checking for file '/usr/sbin/sshd3' [ Not found ] [00:15:00] Checking for file '/etc/rc.d/init.d/crontab' [ Not found ] [00:15:00] Checking for file '/etc/rc.d/init.d/jcd' [ Not found ] [00:15:00] Checking for file '/usr/sbin/atd2' [ Not found ] [00:15:00] Checking for file '/etc/rc.d/rc5.d/S93users' [ Not found ] [00:15:00] Checking for directory '/dev/ptyas' [ Not found ] [00:15:00] Checking for directory '/usr/bin/take' [ Not found ] [00:15:00] Checking for directory '/usr/src/.lib' [ Not found ] [00:15:00] Checking for directory '/usr/share/man/man1/.1c' [ Not found ] [00:15:00] Checking for directory '/lib/lblip.tk' [ Not found ] [00:15:00] Checking for directory '/usr/sbin/...' [ Not found ] [00:15:00] Checking for directory '/usr/share/.gun' [ Not found ] [00:15:00] Checking for directory '/unde/vrei/tu/sa/te/ascunzi/in/server' [ Not found ] [00:15:00] Checking for directory '/usr/man/man1/.. /.dir' [ Not found ] [00:15:00] Checking for directory '/usr/X11R6/include/X11/...' [ Not found ] [00:15:00] Checking for directory '/usr/X11R6/lib/X11/.fonts/misc/...' [ Not found ] [00:15:00] Checking for directory '/tmp/.sys' [ Not found ] [00:15:00] Checking for directory '/tmp/'' [ Not found ] [00:15:00] Checking for directory '/tmp/.,' [ Not found ] [00:15:00] Checking for directory '/tmp/,.,' [ Not found ] [00:15:00] Checking for directory '/dev/shm/emilien' [ Not found ] [00:15:00] Checking for directory '/var/tmp/.log' [ Not found ] [00:15:00] Checking for directory '/tmp/zmeu/... ' [ Not found ] [00:15:01] Checking for directory '/var/log/ssh' [ Not found ] [00:15:01] Checking for directory '/dev/ida' [ Not found ] [00:15:01] Checking for directory '/lib/java' [ Not found ] [00:15:01] Checking for directory '/var/lib/games/.src/ssk/****' [ Not found ] [00:15:01] Checking for directory '/usr/lib/libshtift' [ Not found ] [00:15:01] Checking for directory '/usr/src/.poop' [ Not found ] [00:15:01] Checking for directory '/dev/wd4' [ Not found ] [00:15:01] Checking for directory '/var/run/.tmp' [ Not found ] [00:15:01] Checking for directory '/usr/man/man1/lib/.lib' [ Not found ] [00:15:01] Checking for directory '/dev/portd' [ Not found ] [00:15:01] Checking for directory '/dev/...' [ Not found ] [00:15:01] Checking for directory '/usr/share/man/mansps' [ Not found ] [00:15:01] Checking for directory '/lib/.so' [ Not found ] [00:15:01] Checking for directory '/lib/.sso' [ Not found ] [00:15:01] Checking for possible rootkit files and directories [ None found ] [00:15:01] [00:15:01] Performing check for possible rootkit strings [00:15:01] Info: Starting test name 'possible_rkt_strings' [00:15:01] Info: Using system startup paths: /etc/rc.local /etc/init.d [00:15:01] Checking for string 'phalanx' [ Not found ] [00:15:01] Checking for string '/dev/proc/****it' [ Not found ] [00:15:01] Checking for string '****' [ Not found ] [00:15:01] Checking for string 'backdoor' [ Not found ] [00:15:01] Checking for string '/usr/bin/rcpc' [ Not found ] [00:15:01] Checking for string '/usr/sbin/login' [ Not found ] [00:15:02] Checking for string '/dev/ptyxx/.proc' [ Not found ] [00:15:02] Checking for string 'vt200' [ Not found ] [00:15:02] Checking for string '/usr/bin/xstat' [ Not found ] [00:15:02] Checking for string '/bin/envpc' [ Not found ] [00:15:02] Checking for string 'L4m3r0x' [ Not found ] [00:15:02] Checking for string '/lib/libext' [ Not found ] [00:15:02] Checking for string '/usr/sbin/login' [ Not found ] [00:15:02] Checking for string '/usr/lib/.tbd' [ Not found ] [00:15:02] Checking for string 'sendmail' [ Not found ] [00:15:02] Checking for string 'cocacola' [ Not found ] [00:15:02] Checking for string 'joao' [ Not found ] [00:15:02] Checking for string '/dev/ptyxx/.file' [ Not found ] [00:15:02] Checking for string '/dev/ptyxx/.file' [ Not found ] [00:15:02] Checking for string '/dev/sgk' [ Not found ] [00:15:02] Checking for string '/var/lock/subsys/...datafile...' [ Not found ] [00:15:02] Checking for string '/usr/lib/.tbd' [ Not found ] [00:15:02] Checking for string '/dev/proc/****it' [ Not found ] [00:15:02] Checking for string '/lib/.sso' [ Not found ] [00:15:03] Checking for string '/var/lock/subsys/...datafile...' [ Not found ] [00:15:03] Checking for string '/dev/caca' [ Not found ] [00:15:03] Checking for string '/dev/ttyoa' [ Not found ] [00:15:03] Checking for string '/usr/lib/ldlibns.so' [ Not found ] [00:15:03] Checking for string '/dev/ptyxx/.addr' [ Not found ] [00:15:03] Checking for string 'syg' [ Not found ] [00:15:03] Checking for string '/var/lock/subsys/...datafile...' [ Not found ] [00:15:03] Checking for string '/dev/pts/01' [ Not found ] [00:15:03] Checking for string 'tw33dl3' [ Not found ] [00:15:03] Checking for string 'psniff' [ Not found ] [00:15:03] Checking for string 'uconf.inv' [ Not found ] [00:15:03] Checking for string 'lib/ldlibps.so' [ Not found ] [00:15:03] Checking for string '/usr/lib/ldlibpst.so' [ Not found ] [00:15:03] Checking for string '/var/lock/subsys/...datafile...' [ Not found ] [00:15:03] Checking for string 'libproc.so.2.0.7' [ Not found ] [00:15:03] Checking for string '/dev/ptyxx/.proc' [ Not found ] [00:15:03] Checking for string '/dev/ptyxx/.proc' [ Not found ] [00:15:03] Checking for string 'libproc.so.2.0.7' [ Not found ] [00:15:04] Checking for string 'libproc.so.2.0.7' [ Not found ] [00:15:04] Checking for string '/bin/bash' [ Not found ] [00:15:04] Checking for string '/dev/xdta' [ Not found ] [00:15:04] Checking for string '/usr/lib/.tbd' [ Not found ] [00:15:04] Checking for string '/dev/ptyxx/.proc' [ Not found ] [00:15:04] Checking for string 'in.inetd' [ Not found ] [00:15:05] Checking for string '#<HIDE_.*>' [ Not found ] [00:15:05] Checking for string 'bin/xchk' [ Not found ] [00:15:05] Checking for string 'bin/xsf' [ Not found ] [00:15:06] Checking for string '/usr/bin/ssh2d' [ Not found ] [00:15:06] Checking for string '/usr/sbin/xntps' [ Not found ] [00:15:06] Checking for string 'ttyload' [ Not found ] [00:15:07] Checking for string '/etc/rc.d/init.d/init' [ Not found ] [00:15:07] Checking for string 'usr/bin/xfss' [ Not found ] [00:15:07] Checking for string '/usr/sbin/rpc.netinet' [ Not found ] [00:15:07] Checking for string '/usr/lib/.fx/cons.saver' [ Not found ] [00:15:08] Checking for string '/usr/lib/.fx/xs' [ Not found ] [00:15:08] Checking for string '/ssh2d' [ Not found ] [00:15:08] Checking for string '/dev/kmod' [ Not found ] [00:15:08] Checking for string '/crth.o' [ Not found ] [00:15:09] Checking for string '/crtz.o' [ Not found ] [00:15:09] Checking for string '/dev/dos' [ Not found ] [00:15:09] Checking for string '/lpq' [ Not found ] [00:15:10] Checking for string '/usr/sbin/rescue' [ Not found ] [00:15:10] Checking for string '/usr/lib/lpstart' [ Not found ] [00:15:10] Checking for string '/volc' [ Not found ] [00:15:10] Checking for string 'sourcemask' [ Not found ] [00:15:10] Checking for string '/bin/vobiscum' [ Not found ] [00:15:11] Checking for string '/usr/sbin/in.telnet' [ Not found ] [00:15:11] Checking for string 'hdparm' [ Not found ] [00:15:11] Checking for string '/lib/ldd.so/tkps' [ Not found ] [00:15:11] Checking for string 't0rnkit' [ Not found ] [00:15:11] Checking for string '/dev/proc/****it' [ Not found ] [00:15:11] Checking for string 'libproc.so.2.0.7' [ Not found ] [00:15:11] Checking for string 'libproc.so.2.0.7' [ Not found ] [00:15:11] Checking for string 'libproc.so.2.0.7' [ Not found ] [00:15:11] Checking for string '/usr/lib/ldlibct.so' [ Not found ] [00:15:11] Checking for string '/usr/lib/ldlibdu.so' [ Not found ] [00:15:11] Checking for string '/dev/ptyxx/.file' [ Not found ] [00:15:11] Checking for string 'libproc.so.2.0.7' [ Not found ] [00:15:11] Checking for string '/dev/ida/.inet' [ Not found ] [00:15:11] Checking for possible rootkit strings [ None found ] [00:15:11] [00:15:11] Performing malware checks [00:15:11] Info: Starting test name 'malware' [00:15:11] [00:15:11] Info: Test 'deleted_files' disabled at users request. [00:15:12] Info: Starting test name 'running_procs' [00:15:12] Checking running processes for suspicious files [ None found ] [00:15:12] [00:15:12] Info: Test 'hidden_procs' disabled at users request. [00:15:12] [00:15:12] Info: Test 'suspscan' disabled at users request. [00:15:12] [00:15:12] Performing check for login backdoors [00:15:12] Info: Starting test name 'other_malware' [00:15:12] Checking for '/bin/.login' [ Not found ] [00:15:12] Checking for '/sbin/.login' [ Not found ] [00:15:12] Checking for login backdoors [ None found ] [00:15:12] [00:15:12] Performing check for suspicious directories [00:15:12] Checking for directory '/usr/X11R6/bin/.,/copy' [ Not found ] [00:15:12] Checking for directory '/dev/rd/cdb' [ Not found ] [00:15:12] Checking for suspicious directories [ None found ] [00:15:12] [00:15:12] Checking for software intrusions [ Skipped ] [00:15:12] Info: Check skipped - tripwire not installed [00:15:12] [00:15:12] Performing check for sniffer log files [00:15:12] Checking for file '/usr/lib/libice.log' [ Not found ] [00:15:12] Checking for file '/dev/prom/sn.l' [ Not found ] [00:15:12] Checking for file '/dev/fd/.88/zxsniff.log' [ Not found ] [00:15:12] Checking for sniffer log files [ None found ] [00:15:13] [00:15:13] Performing trojan specific checks [00:15:13] Info: Starting test name 'trojans' [00:15:13] Checking for enabled inetd services [ Skipped ] [00:15:13] Info: Check skipped - file '/etc/inetd.conf' does not exist. [00:15:13] [00:15:13] Performing check for enabled xinetd services [00:15:13] Checking for enabled xinetd services [ Skipped ] [00:15:13] Info: Check skipped - file '/etc/xinetd.conf' does not exist. [00:15:13] Info: Apache backdoor check skipped: Apache modules and configuration directories not found. [00:15:13] [00:15:13] Performing Linux specific checks [00:15:13] Info: Starting test name 'os_specific' [00:15:13] Checking loaded kernel modules [ OK ] [00:15:13] Info: Using modules pathname of '/lib/modules/2.6.32-24-generic' [00:15:13] Checking kernel module names [ OK ] [00:15:20] [00:15:20] Checking the network... [00:15:20] Info: Starting test name 'network' [00:15:20] Info: Starting test name 'ports' [00:15:20] [00:15:20] Performing check for backdoor ports [00:15:20] Checking for TCP port 1524 [ Not found ] [00:15:20] Checking for TCP port 1984 [ Not found ] [00:15:20] Checking for UDP port 2001 [ Not found ] [00:15:20] Checking for TCP port 2006 [ Not found ] [00:15:20] Checking for TCP port 2128 [ Not found ] [00:15:20] Checking for TCP port 6666 [ Not found ] [00:15:21] Checking for TCP port 6667 [ Not found ] [00:15:21] Checking for TCP port 6668 [ Not found ] [00:15:21] Checking for TCP port 6669 [ Not found ] [00:15:21] Checking for TCP port 7000 [ Not found ] [00:15:21] Checking for TCP port 13000 [ Not found ] [00:15:21] Checking for TCP port 14856 [ Not found ] [00:15:21] Checking for TCP port 25000 [ Not found ] [00:15:21] Checking for TCP port 29812 [ Not found ] [00:15:21] Checking for TCP port 31337 [ Not found ] [00:15:21] Checking for TCP port 33369 [ Not found ] [00:15:22] Checking for TCP port 47107 [ Not found ] [00:15:22] Checking for TCP port 47018 [ Not found ] [00:15:22] Checking for TCP port 60922 [ Not found ] [00:15:22] Checking for TCP port 62883 [ Not found ] [00:15:22] Checking for TCP port 65535 [ Not found ] [00:15:22] [00:15:22] Performing checks on the network interfaces [00:15:22] Info: Starting test name 'promisc' [00:15:22] Checking for promiscuous interfaces [ None found ] [00:15:22] [00:15:22] Info: Test 'packet_cap_apps' disabled at users request. [00:15:25] [00:15:25] Checking the local host... [00:15:25] Info: Starting test name 'local_host' [00:15:25] [00:15:25] Performing system boot checks [00:15:25] Info: Starting test name 'startup_files' [00:15:25] Checking for local host name [ Found ] [00:15:25] Info: Starting test name 'startup_malware' [00:15:25] Checking for system startup files [ Found ] [00:15:26] Checking system startup files for malware [ None found ] [00:15:26] [00:15:26] Performing group and account checks [00:15:26] Info: Starting test name 'group_accounts' [00:15:26] Checking for passwd file [ Found ] [00:15:26] Info: Found password file: /etc/passwd [00:15:26] Checking for root equivalent (UID 0) accounts [ None found ] [00:15:26] Info: Found shadow file: /etc/shadow [00:15:26] Checking for passwordless accounts [ None found ] [00:15:26] Info: Starting test name 'passwd_changes' [00:15:26] Checking for passwd file changes [ None found ] [00:15:26] Info: Starting test name 'group_changes' [00:15:26] Checking for group file changes [ None found ] [00:15:26] Checking root account shell history files [ OK ] [00:15:26] [00:15:26] Performing system configuration file checks [00:15:26] Info: Starting test name 'system_configs' [00:15:26] Checking for SSH configuration file [ Not found ] [00:15:26] Checking for running syslog daemon [ Found ] [00:15:26] Checking for syslog configuration file [ Found ] [00:15:26] Info: Found syslog configuration file: /etc/rsyslog.conf [00:15:26] Checking if syslog remote logging is allowed [ Not allowed ] [00:15:26] [00:15:26] Performing filesystem checks [00:15:26] Info: Starting test name 'filesystem' [00:15:26] Info: SCAN_MODE_DEV set to 'THOROUGH' [00:15:27] Checking /dev for suspicious file types [ Warning ] [00:15:27] Warning: Suspicious file types found in /dev: [00:15:27] /dev/shm/pulse-shm-3266890909: data [00:15:27] /dev/shm/pulse-shm-124107464: data [00:15:27] /dev/shm/pulse-shm-1774287387: AmigaOS bitmap font [00:15:27] /dev/shm/pulse-shm-621502677: data [00:15:27] /dev/shm/ecryptfs-mark-Private: ASCII text [00:15:27] /dev/shm/pulse-shm-2538263110: data [00:15:27] Checking for hidden files and directories [ Warning ] [00:15:27] Warning: Hidden directory found: /etc/.java [00:15:27] Warning: Hidden directory found: /dev/.udev [00:15:27] Warning: Hidden directory found: /dev/.initramfs [00:15:33] [00:15:33] Info: Test 'apps' disabled at users request. [00:15:33] [00:15:33] System checks summary [00:15:33] ===================== [00:15:33] [00:15:33] File properties checks... [00:15:33] Files checked: 133 [00:15:33] Suspect files: 8 [00:15:33] [00:15:33] Rootkit checks... [00:15:33] Rootkits checked : 242 [00:15:33] Possible rootkits: 0 [00:15:33] [00:15:33] Applications checks... [00:15:33] All checks skipped [00:15:33] [00:15:33] The system checks took: 1 minute and 35 seconds [00:15:33] [00:15:33] Info: End date is Wed Aug 18 00:15:33 BST 2010
Thanks for taking the time to read my thread. any help is appreciated.
Bookmarks