shurecao
(usa Fedora)
Enviado em 27/11/2016 - 08:50h
bom dia cavalheiros eu dei uma escaneada no meu notebook e ai achou se 28 arquivos suspeitos ,por favor quem tem experiencia no rkhunter como eu concerto essas anomalias
[08:37:59] Running Rootkit Hunter version 1.4.2 on alexpc
[08:37:59]
[08:37:59] Info: Start date is Dom Nov 27 08:37:59 BRST 2016
[08:37:59]
[08:37:59] Checking configuration file and command-line options...
[08:37:59] Info: Detected operating system is 'Linux'
[08:37:59] Info: Found O/S name: Ubuntu 16.04.1 LTS
[08:37:59] Info: Command line is /usr/bin/rkhunter --check
[08:37:59] Info: Environment shell is /bin/bash; rkhunter is using dash
[08:37:59] Info: Using configuration file '/etc/rkhunter.conf'
[08:37:59] Info: Installation directory is '/usr'
[08:37:59] Info: Using language 'en'
[08:37:59] Info: Using '/var/lib/rkhunter/db' as the database directory
[08:37:59] Info: Using '/usr/share/rkhunter/scripts' as the support script directory
[08:37:59] Info: Using '/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin' as the command directories
[08:37:59] Info: Using '/var/lib/rkhunter/tmp' as the temporary directory
[08:37:59] Info: No mail-on-warning address configured
[08:37:59] Info: X will be automatically detected
[08:37:59] Info: Using second color set
[08:37:59] Info: Found the 'basename' command: /usr/bin/basename
[08:37:59] Info: Found the 'diff' command: /usr/bin/diff
[08:37:59] Info: Found the 'dirname' command: /usr/bin/dirname
[08:37:59] Info: Found the 'file' command: /usr/bin/file
[08:37:59] Info: Found the 'find' command: /usr/bin/find
[08:37:59] Info: Found the 'ifconfig' command: /sbin/ifconfig
[08:37:59] Info: Found the 'ip' command: /sbin/ip
[08:37:59] Info: Found the 'ipcs' command: /usr/bin/ipcs
[08:37:59] Info: Found the 'ldd' command: /usr/bin/ldd
[08:37:59] Info: Found the 'lsattr' command: /usr/bin/lsattr
[08:37:59] Info: Found the 'lsmod' command: /sbin/lsmod
[08:37:59] Info: Found the 'lsof' command: /usr/bin/lsof
[08:37:59] Info: Found the 'mktemp' command: /bin/mktemp
[08:37:59] Info: Found the 'netstat' command: /bin/netstat
[08:37:59] Info: Found the 'perl' command: /usr/bin/perl
[08:37:59] Info: Found the 'pgrep' command: /usr/bin/pgrep
[08:37:59] Info: Found the 'ps' command: /bin/ps
[08:37:59] Info: Found the 'pwd' command: /bin/pwd
[08:37:59] Info: Found the 'readlink' command: /bin/readlink
[08:37:59] Info: Found the 'stat' command: /usr/bin/stat
[08:37:59] Info: Found the 'strings' command: /usr/bin/strings
[08:37:59] Info: System is not using prelinking
[08:37:59] Info: Using the '/usr/bin/sha256sum' command for the file hash checks
[08:37:59] Info: Stored hash values used hash function '/usr/bin/sha256sum'
[08:37:59] Info: Stored hash values did not use a package manager
[08:37:59] Info: The hash function field index is set to 1
[08:37:59] Info: No package manager specified: using hash function '/usr/bin/sha256sum'
[08:37:59] Info: Previous file attributes were stored
[08:37:59] Info: Enabled tests are: all
[08:38:00] Info: Disabled tests are: suspscan hidden_procs deleted_files packet_cap_apps apps
[08:38:00] Info: Found ksym file '/proc/kallsyms'
[08:38:00] Info: Using syslog for some logging - facility/priority level is 'authpriv.warning'.
[08:38:00] Info: Using 'date' to process epoch second times
[08:38:00]
[08:38:00] Checking if the O/S has changed since last time...
[08:38:00] Info: Nothing seems to have changed.
[08:38:00] Info: Locking is not being used
[08:38:00]
[08:38:00] Starting system checks...
[08:38:00]
[08:38:00] Info: Starting test name 'system_commands'
[08:38:00] Checking system commands...
[08:38:00]
[08:38:00] Info: Starting test name 'strings'
[08:38:00] Performing 'strings' command checks
[08:38:00] Scanning for string /usr/sbin/ntpsx [ OK ]
[08:38:00] Scanning for string /usr/sbin/.../bkit-ava [ OK ]
[08:38:00] Scanning for string /usr/sbin/.../bkit-d [ OK ]
[08:38:00] Scanning for string /usr/sbin/.../bkit-shd [ OK ]
[08:38:00] Scanning for string /usr/sbin/.../bkit-f [ OK ]
[08:38:00] Scanning for string /usr/include/.../proc.h [ OK ]
[08:38:00] Scanning for string /usr/include/.../.bash_history [ OK ]
[08:38:00] Scanning for string /usr/include/.../bkit-get [ OK ]
[08:38:00] Scanning for string /usr/include/.../bkit-dl [ OK ]
[08:38:00] Scanning for string /usr/include/.../bkit-screen [ OK ]
[08:38:00] Scanning for string /usr/include/.../bkit-sleep [ OK ]
[08:38:00] Scanning for string /usr/lib/.../bkit-adore.o [ OK ]
[08:38:00] Scanning for string /usr/lib/.../ls [ OK ]
[08:38:00] Scanning for string /usr/lib/.../netstat [ OK ]
[08:38:00] Scanning for string /usr/lib/.../lsof [ OK ]
[08:38:00] Scanning for string /usr/lib/.../bkit-ssh/bkit-shdcfg [ OK ]
[08:38:00] Scanning for string /usr/lib/.../bkit-ssh/bkit-shhk [ OK ]
[08:38:00] Scanning for string /usr/lib/.../bkit-ssh/bkit-pw [ OK ]
[08:38:00] Scanning for string /usr/lib/.../bkit-ssh/bkit-shrs [ OK ]
[08:38:00] Scanning for string /usr/lib/.../bkit-ssh/bkit-mots [ OK ]
[08:38:00] Scanning for string /usr/lib/.../uconf.inv [ OK ]
[08:38:00] Scanning for string /usr/lib/.../psr [ OK ]
[08:38:00] Scanning for string /usr/lib/.../find [ OK ]
[08:38:00] Scanning for string /usr/lib/.../pstree [ OK ]
[08:38:00] Scanning for string /usr/lib/.../slocate [ OK ]
[08:38:00] Scanning for string /usr/lib/.../du [ OK ]
[08:38:00] Scanning for string /usr/lib/.../top [ OK ]
[08:38:00] Scanning for string /usr/sbin/... [ OK ]
[08:38:00] Scanning for string /usr/include/... [ OK ]
[08:38:00] Scanning for string /usr/include/.../.tmp [ OK ]
[08:38:00] Scanning for string /usr/lib/... [ OK ]
[08:38:00] Scanning for string /usr/lib/.../.ssh [ OK ]
[08:38:00] Scanning for string /usr/lib/.../bkit-ssh [ OK ]
[08:38:00] Scanning for string /usr/lib/.bkit- [ OK ]
[08:38:00] Scanning for string /tmp/.bkp [ OK ]
[08:38:00] Scanning for string /tmp/.cinik [ OK ]
[08:38:01] Scanning for string /tmp/.font-unix/.cinik [ OK ]
[08:38:01] Scanning for string /lib/.sso [ OK ]
[08:38:01] Scanning for string /lib/.so [ OK ]
[08:38:01] Scanning for string /var/run/...dica/clean [ OK ]
[08:38:01] Scanning for string /var/run/...dica/dxr [ OK ]
[08:38:01] Scanning for string /var/run/...dica/read [ OK ]
[08:38:01] Scanning for string /var/run/...dica/write [ OK ]
[08:38:01] Scanning for string /var/run/...dica/lf [ OK ]
[08:38:01] Scanning for string /var/run/...dica/xl [ OK ]
[08:38:01] Scanning for string /var/run/...dica/xdr [ OK ]
[08:38:01] Scanning for string /var/run/...dica/psg [ OK ]
[08:38:01] Scanning for string /var/run/...dica/secure [ OK ]
[08:38:01] Scanning for string /var/run/...dica/rdx [ OK ]
[08:38:01] Scanning for string /var/run/...dica/va [ OK ]
[08:38:01] Scanning for string /var/run/...dica/cl.sh [ OK ]
[08:38:01] Scanning for string /var/run/...dica/last.log [ OK ]
[08:38:01] Scanning for string /usr/bin/.etc [ OK ]
[08:38:01] Scanning for string /etc/sshd_config [ OK ]
[08:38:01] Scanning for string /etc/ssh_host_key [ OK ]
[08:38:01] Scanning for string /etc/ssh_random_seed [ OK ]
[08:38:01] Scanning for string /dev/ptyp [ OK ]
[08:38:01] Scanning for string /dev/ptyq [ OK ]
[08:38:01] Scanning for string /dev/ptyr [ OK ]
[08:38:01] Scanning for string /dev/ptys [ OK ]
[08:38:01] Scanning for string /dev/ptyt [ OK ]
[08:38:01] Scanning for string /dev/fd/.88/freshb-bsd [ OK ]
[08:38:01] Scanning for string /dev/fd/.88/fresht [ OK ]
[08:38:01] Scanning for string /dev/fd/.88/zxsniff [ OK ]
[08:38:01] Scanning for string /dev/fd/.88/zxsniff.log [ OK ]
[08:38:01] Scanning for string /dev/fd/.99/.ttyf00 [ OK ]
[08:38:01] Scanning for string /dev/fd/.99/.ttyp00 [ OK ]
[08:38:01] Scanning for string /dev/fd/.99/.ttyq00 [ OK ]
[08:38:01] Scanning for string /dev/fd/.99/.ttys00 [ OK ]
[08:38:01] Scanning for string /dev/fd/.99/.pwsx00 [ OK ]
[08:38:01] Scanning for string /etc/.acid [ OK ]
[08:38:01] Scanning for string /usr/lib/.fx/sched_host.2 [ OK ]
[08:38:01] Scanning for string /usr/lib/.fx/random_d.2 [ OK ]
[08:38:01] Scanning for string /usr/lib/.fx/set_pid.2 [ OK ]
[08:38:01] Scanning for string /usr/lib/.fx/setrgrp.2 [ OK ]
[08:38:01] Scanning for string /usr/lib/.fx/TOHIDE [ OK ]
[08:38:01] Scanning for string /usr/lib/.fx/cons.saver [ OK ]
[08:38:01] Scanning for string /usr/lib/.fx/adore/ava/ava [ OK ]
[08:38:01] Scanning for string /usr/lib/.fx/adore/adore/adore.ko [ OK ]
[08:38:01] Scanning for string /bin/sysback [ OK ]
[08:38:01] Scanning for string /usr/local/bin/sysback [ OK ]
[08:38:02] Scanning for string /usr/lib/.tbd [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/t0rns [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/du [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/ls [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/t0rnsb [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/ps [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/t0rnp [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/find [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/ifconfig [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/pg [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/ssh.tgz [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/top [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/sz [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/login [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/in.fingerd [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/1i0n.sh [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/pstree [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/in.telnetd [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/mjy [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/sush [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/tfn [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/name [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/getip.sh [ OK ]
[08:38:02] Scanning for string /usr/info/.torn/sh* [ OK ]
[08:38:02] Scanning for string /usr/src/.<span class='filtrado'>[*****]</span>/.1addr [ OK ]
[08:38:02] Scanning for string /usr/src/.<span class='filtrado'>[*****]</span>/.1file [ OK ]
[08:38:02] Scanning for string /usr/src/.<span class='filtrado'>[*****]</span>/.1proc [ OK ]
[08:38:02] Scanning for string /usr/src/.<span class='filtrado'>[*****]</span>/.1logz [ OK ]
[08:38:02] Scanning for string /usr/info/.t0rn [ OK ]
[08:38:02] Scanning for string /dev/.lib [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/lib/dev [ OK ]
[08:38:02] Scanning for string /dev/.lib/lib/scan [ OK ]
[08:38:02] Scanning for string /usr/src/.<span class='filtrado'>[*****]</span> [ OK ]
[08:38:02] Scanning for string /usr/man/man1/man1 [ OK ]
[08:38:02] Scanning for string /usr/man/man1/man1/lib [ OK ]
[08:38:02] Scanning for string /usr/man/man1/man1/lib/.lib [ OK ]
[08:38:02] Scanning for string /usr/man/man1/man1/lib/.lib/.backup [ OK ]
[08:38:02]
[08:38:02] Info: Starting test name 'shared_libs'
[08:38:03] Performing 'shared libraries' checks
[08:38:03] Checking for preloading variables [ None found ]
[08:38:03] Checking for preloaded libraries [ None found ]
[08:38:03]
[08:38:03] Info: Starting test name 'shared_libs_path'
[08:38:03] Checking LD_LIBRARY_PATH variable [ Not found ]
[08:38:03]
[08:38:03] Info: Starting test name 'properties'
[08:38:03] Performing file properties checks
[08:38:03] Checking for prerequisites [ OK ]
[08:38:06] /usr/sbin/adduser [ OK ]
[08:38:06] Info: Found file '/usr/sbin/adduser': it is whitelisted for the 'script replacement' check.
[08:38:06] /usr/sbin/chroot [ OK ]
[08:38:07] /usr/sbin/cron [ OK ]
[08:38:07] /usr/sbin/groupadd [ OK ]
[08:38:07] /usr/sbin/groupdel [ OK ]
[08:38:07] /usr/sbin/groupmod [ OK ]
[08:38:07] /usr/sbin/grpck [ OK ]
[08:38:08] /usr/sbin/nologin [ OK ]
[08:38:08] /usr/sbin/pwck [ OK ]
[08:38:08] /usr/sbin/rsyslogd [ OK ]
[08:38:09] /usr/sbin/tcpd [ OK ]
[08:38:09] /usr/sbin/useradd [ OK ]
[08:38:09] /usr/sbin/userdel [ OK ]
[08:38:09] /usr/sbin/usermod [ OK ]
[08:38:09] /usr/sbin/vipw [ OK ]
[08:38:09] /usr/sbin/unhide [ OK ]
[08:38:09] /usr/sbin/unhide-linux [ OK ]
[08:38:09] /usr/sbin/unhide-posix [ OK ]
[08:38:09] /usr/sbin/unhide-tcp [ OK ]
[08:38:10] /usr/bin/awk [ OK ]
[08:38:10] /usr/bin/basename [ OK ]
[08:38:10] /usr/bin/chattr [ OK ]
[08:38:10] /usr/bin/curl [ Warning ]
[08:38:10] Warning: The file properties have changed:
[08:38:10] File: /usr/bin/curl
[08:38:10] Current hash: cf846b7f3f11fc8af6cf79a2bbad3c8314eec72c1425b49bc9e34cf85a5090bb
[08:38:10] Stored hash : f901ad5a44c79191dcae2d319c12e213d1f506103dbc6457fb223c13617690c1
[08:38:10] Current inode: 262526 Stored inode: 261319
[08:38:10] Current file modification time: 1478126766 (02-Nov-2016 20:46:06)
[08:38:10] Stored file modification time : 1455783510 (18-Fev-2016 06:18:30)
[08:38:10] /usr/bin/cut [ OK ]
[08:38:10] /usr/bin/diff [ OK ]
[08:38:10] /usr/bin/dirname [ OK ]
[08:38:11] /usr/bin/dpkg [ OK ]
[08:38:11] /usr/bin/dpkg-query [ OK ]
[08:38:11] /usr/bin/du [ OK ]
[08:38:11] /usr/bin/env [ OK ]
[08:38:11] /usr/bin/file [ OK ]
[08:38:11] /usr/bin/find [ OK ]
[08:38:11] /usr/bin/GET [ OK ]
[08:38:11] /usr/bin/groups [ OK ]
[08:38:12] /usr/bin/head [ OK ]
[08:38:12] /usr/bin/id [ OK ]
[08:38:12] /usr/bin/killall [ OK ]
[08:38:12] /usr/bin/last [ OK ]
[08:38:12] /usr/bin/lastlog [ OK ]
[08:38:12] /usr/bin/ldd [ Warning ]
[08:38:12] Warning: The file properties have changed:
[08:38:12] File: /usr/bin/ldd
[08:38:12] Current hash: 145922b62f62694ef171f331c12b947d82d997f8a06633ed66392e89f5083b85
[08:38:12] Stored hash : aea125b1d562b4d99e3801dc87f3a37b9b0e35635748ed51c48b6ce1eb35d040
[08:38:12] Current inode: 264177 Stored inode: 261820
[08:38:12] Current file modification time: 1476450864 (14-Out-2016 10:14:24)
[08:38:12] Stored file modification time : 1460671821 (14-Abr-2016 19:10:21)
[08:38:12] Info: Found file '/usr/bin/ldd': it is whitelisted for the 'script replacement' check.
[08:38:12] /usr/bin/less [ Warning ]
[08:38:12] Warning: The file properties have changed:
[08:38:12] File: /usr/bin/less
[08:38:12] Current hash: c077918f5287fb16f319ca58444b62feeeb52d782ce85a1a321f848966d7a83d
[08:38:12] Stored hash : 9650b991aecb64079773dd92ca4bee9ff79da8e2c5d2245405f14d9892685f68
[08:38:12] /usr/bin/locate [ OK ]
[08:38:13] /usr/bin/logger [ OK ]
[08:38:13] /usr/bin/lsattr [ OK ]
[08:38:13] /usr/bin/lsof [ OK ]
[08:38:13] /usr/bin/md5sum [ OK ]
[08:38:13] /usr/bin/mlocate [ OK ]
[08:38:13] /usr/bin/newgrp [ OK ]
[08:38:13] /usr/bin/passwd [ OK ]
[08:38:13] /usr/bin/perl [ OK ]
[08:38:14] /usr/bin/pgrep [ Warning ]
[08:38:14] Warning: The file properties have changed:
[08:38:14] File: /usr/bin/pgrep
[08:38:14] Current hash: c14e9dc6a1a70c1a23e950848daf2d9889ae69cb96b68e076437355b6b3e4490
[08:38:14] Stored hash : a908385eca078b4c4b47d2fd76d4fd20c273b86aea3463b766ceb3492468059f
[08:38:14] Current inode: 263362 Stored inode: 262151
[08:38:14] Current file modification time: 1478202345 (03-Nov-2016 17:45:45)
[08:38:14] Stored file modification time : 1452685738 (13-Jan-2016 09:48:58)
[08:38:14] /usr/bin/pkill [ Warning ]
[08:38:14] Warning: The file properties have changed:
[08:38:14] File: /usr/bin/pkill
[08:38:14] Current hash: c14e9dc6a1a70c1a23e950848daf2d9889ae69cb96b68e076437355b6b3e4490
[08:38:14] Stored hash : a908385eca078b4c4b47d2fd76d4fd20c273b86aea3463b766ceb3492468059f
[08:38:14] Current inode: 263364 Stored inode: 262172
[08:38:14] Current file modification time: 1478202342 (03-Nov-2016 17:45:42)
[08:38:14] Stored file modification time : 1480083450 (25-Nov-2016 12:17:30)
[08:38:14] /usr/bin/pstree [ OK ]
[08:38:14] /usr/bin/rkhunter [ OK ]
[08:38:14] /usr/bin/runcon [ OK ]
[08:38:14] /usr/bin/sha1sum [ OK ]
[08:38:15] /usr/bin/sha224sum [ OK ]
[08:38:15] /usr/bin/sha256sum [ OK ]
[08:38:15] /usr/bin/sha384sum [ OK ]
[08:38:15] /usr/bin/sha512sum [ OK ]
[08:38:15] /usr/bin/size [ Warning ]
[08:38:15] Warning: The file properties have changed:
[08:38:15] File: /usr/bin/size
[08:38:15] Current hash: 6a23a5528bd7d7207ea88b45203374397cf0f8f2c677d54cf0748a0e70796652
[08:38:15] Stored hash : 905c6528e8c2874dea2b209a033ea645a39c7519346b3cb85924c2d0f160af8a
[08:38:15] Current inode: 264369 Stored inode: 262502
[08:38:15] Current file modification time: 1470584636 (07-Ago-2016 12:43:56)
[08:38:15] Stored file modification time : 1480083451 (25-Nov-2016 12:17:31)
[08:38:15] /usr/bin/sort [ OK ]
[08:38:15] /usr/bin/ssh [ Warning ]
[08:38:15] Warning: The file properties have changed:
[08:38:15] File: /usr/bin/ssh
[08:38:15] Current hash: 862f0c52b1a40602dcdf02402835fada289c7144ae97711a382ed5a6f9f92074
[08:38:15] Stored hash : 1bcaaafd9b5ee46fad9e59ae8cc9e2b58b1206dbef2801829453c57e13d9e473
[08:38:15] Current inode: 271354 Stored inode: 262529
[08:38:15] Current file modification time: 1470932716 (11-Ago-2016 13:25:16)
[08:38:15] Stored file modification time : 1461833562 (28-Abr-2016 05:52:42)
[08:38:16] /usr/bin/stat [ OK ]
[08:38:16] /usr/bin/strace [ OK ]
[08:38:16] /usr/bin/strings [ Warning ]
[08:38:16] Warning: The file properties have changed:
[08:38:16] File: /usr/bin/strings
[08:38:16] Current hash: 95442a54bbcdc95409a5e66ca174862f02a3a1f3b512c087b33465d083306972
[08:38:16] Stored hash : 4f000509f99d36654bcfef69fe72d5cfea8606855617e26985690a733453607b
[08:38:16] Current inode: 264367 Stored inode: 262544
[08:38:16] Current file modification time: 1470584636 (07-Ago-2016 12:43:56)
[08:38:16] Stored file modification time : 1480083451 (25-Nov-2016 12:17:31)
[08:38:16] /usr/bin/sudo [ Warning ]
[08:38:16] Warning: The file properties have changed:
[08:38:16] File: /usr/bin/sudo
[08:38:16] Current hash: 8dd82e588226b3bb39acabc28b88a23587fbb00edfdf6acccefa47a68fdef7a9
[08:38:16] Stored hash : 19663bc8d92963e7a16ac2ca0f58e61d743e7f29f16b0d961fdccb3a8834fd8e
[08:38:16] Current inode: 261846 Stored inode: 262546
[08:38:16] Current file modification time: 1471440053 (17-Ago-2016 10:20:53)
[08:38:16] Stored file modification time : 1462382729 (04-Mai-2016 14:25:29)
[08:38:16] /usr/bin/tail [ OK ]
[08:38:16] /usr/bin/telnet [ OK ]
[08:38:16] /usr/bin/test [ OK ]
[08:38:16] /usr/bin/top [ Warning ]
[08:38:16] Warning: The file properties have changed:
[08:38:16] File: /usr/bin/top
[08:38:17] Current hash: 1522c791b7f294d92ece74053e3b4b40da7bed35d7d0e86bcc137784c6bad8d6
[08:38:17] Stored hash : 2fea078b6376abfee55eb357d3d28cfb98aa45611583ccae57551a15bed4467c
[08:38:17] Current inode: 261326 Stored inode: 262598
[08:38:17] Current file modification time: 1478202345 (03-Nov-2016 17:45:45)
[08:38:17] Stored file modification time : 1452685738 (13-Jan-2016 09:48:58)
[08:38:17] /usr/bin/touch [ OK ]
[08:38:17] /usr/bin/tr [ OK ]
[08:38:17] /usr/bin/uniq [ OK ]
[08:38:17] /usr/bin/users [ OK ]
[08:38:17] /usr/bin/vmstat [ Warning ]
[08:38:17] Warning: The file properties have changed:
[08:38:17] File: /usr/bin/vmstat
[08:38:17] Current hash: 4ae0bede1d336cb49177bd2b00cf5b69fb01e7c2c2f07a1f33d44d3e08a82f9c
[08:38:17] Stored hash : 16c28cdd26099070570a228b62196ecb87c9b43ce766f8928006b412c3d2b8b6
[08:38:17] Current inode: 263363 Stored inode: 262687
[08:38:17] Current file modification time: 1478202345 (03-Nov-2016 17:45:45)
[08:38:17] Stored file modification time : 1452685738 (13-Jan-2016 09:48:58)
[08:38:17] /usr/bin/w [ Warning ]
[08:38:17] Warning: The file properties have changed:
[08:38:17] File: /usr/bin/w
[08:38:17] Current hash: 0e860e48bc6a7cd1537c15830dd65c5692fa841e2e64a4c70521f6b83a9abda6
[08:38:17] Stored hash : 8337ccc25ffbc482f4ea281f9db694dd8c5f4e37811af59b48917f62de5e2cca
[08:38:17] /usr/bin/watch [ Warning ]
[08:38:17] Warning: The file properties have changed:
[08:38:17] File: /usr/bin/watch
[08:38:17] Current hash: abeafba7aec44285be4b0482dc8e8bb36038ba0c2a6b666338a8d23cc32b199b
[08:38:17] Stored hash : d1ab8aec5d92b8545d65ff469187633dc073ef06542f4b5fc4de09f96551af1e
[08:38:17] Current inode: 261329 Stored inode: 262694
[08:38:18] Current file modification time: 1478202345 (03-Nov-2016 17:45:46)
[08:38:18] Stored file modification time : 1452685738 (13-Jan-2016 09:48:58)
[08:38:18] /usr/bin/wc [ OK ]
[08:38:18] /usr/bin/wget [ OK ]
[08:38:18] /usr/bin/whatis [ OK ]
[08:38:18] /usr/bin/whereis [ OK ]
[08:38:18] /usr/bin/which [ OK ]
[08:38:18] /usr/bin/who [ OK ]
[08:38:18] /usr/bin/whoami [ OK ]
[08:38:18] /usr/bin/mawk [ OK ]
[08:38:18] /usr/bin/lwp-request [ Warning ]
[08:38:19] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: a /usr/bin/perl -w script, ASCII text executable
[08:38:19] /usr/bin/x86_64-linux-gnu-size [ Warning ]
[08:38:19] Warning: The file properties have changed:
[08:38:19] File: /usr/bin/x86_64-linux-gnu-size
[08:38:19] Current hash: 6a23a5528bd7d7207ea88b45203374397cf0f8f2c677d54cf0748a0e70796652
[08:38:19] Stored hash : 905c6528e8c2874dea2b209a033ea645a39c7519346b3cb85924c2d0f160af8a
[08:38:19] Current inode: 264343 Stored inode: 262755
[08:38:19] Current file modification time: 1470584636 (07-Ago-2016 12:43:56)
[08:38:19] Stored file modification time : 1468524617 (14-Jul-2016 16:30:17)
[08:38:19] /usr/bin/x86_64-linux-gnu-strings [ Warning ]
[08:38:19] Warning: The file properties have changed:
[08:38:19] File: /usr/bin/x86_64-linux-gnu-strings
[08:38:19] Current hash: 95442a54bbcdc95409a5e66ca174862f02a3a1f3b512c087b33465d083306972
[08:38:19] Stored hash : 4f000509f99d36654bcfef69fe72d5cfea8606855617e26985690a733453607b
[08:38:19] Current inode: 264338 Stored inode: 262756
[08:38:19] Current file modification time: 1470584636 (07-Ago-2016 12:43:56)
[08:38:19] Stored file modification time : 1468524617 (14-Jul-2016 16:30:17)
[08:38:19] /usr/bin/telnet.netkit [ OK ]
[08:38:19] /usr/bin/w.procps [ Warning ]
[08:38:19] Warning: The file properties have changed:
[08:38:19] File: /usr/bin/w.procps
[08:38:19] Current hash: 0e860e48bc6a7cd1537c15830dd65c5692fa841e2e64a4c70521f6b83a9abda6
[08:38:19] Stored hash : 8337ccc25ffbc482f4ea281f9db694dd8c5f4e37811af59b48917f62de5e2cca
[08:38:19] Current inode: 261327 Stored inode: 262692
[08:38:19] Current file modification time: 1478202345 (03-Nov-2016 17:45:45)
[08:38:19] Stored file modification time : 1452685738 (13-Jan-2016 09:48:58)
[08:38:20] /sbin/depmod [ OK ]
[08:38:20] /sbin/fsck [ OK ]
[08:38:20] /sbin/ifconfig [ OK ]
[08:38:20] /sbin/ifdown [ Warning ]
[08:38:20] Warning: The file properties have changed:
[08:38:20] File: /sbin/ifdown
[08:38:20] Current hash: f0e59a9cdfdd49c2ba880b1139b8505cdd96d29ace3f8b794950f30370c47b1c
[08:38:20] Stored hash : 5b3d2562f8eb0199cddce149db3bd619341d6c2556f5a7f03bc9916b20cb995f
[08:38:20] Current inode: 395832 Stored inode: 391942
[08:38:20] Current file modification time: 1473846638 (14-Set-2016 06:50:38)
[08:38:20] Stored file modification time : 1480083448 (25-Nov-2016 12:17:28)
[08:38:20] /sbin/ifup [ Warning ]
[08:38:20] Warning: The file properties have changed:
[08:38:20] File: /sbin/ifup
[08:38:20] Current hash: f0e59a9cdfdd49c2ba880b1139b8505cdd96d29ace3f8b794950f30370c47b1c
[08:38:20] Stored hash : 5b3d2562f8eb0199cddce149db3bd619341d6c2556f5a7f03bc9916b20cb995f
[08:38:20] Current inode: 395830 Stored inode: 391944
[08:38:20] Current file modification time: 1473846639 (14-Set-2016 06:50:39)
[08:38:20] Stored file modification time : 1453662530 (24-Jan-2016 17:08:50)
[08:38:21] /sbin/init [ Warning ]
[08:38:21] Warning: The file properties have changed:
[08:38:21] File: /sbin/init
[08:38:21] Current hash: 382a78604145c808f5c1f6f5b942eec58001d8b65e331498208cfc4b953f6648
[08:38:21] Stored hash : 96cf7d47c1db27a04b07cdb7e711f50d84b308574bedc8e9e70e75a635633536
[08:38:21] Current inode: 391854 Stored inode: 391945
[08:38:21] Current file modification time: 1477487098 (26-Out-2016 11:04:58)
[08:38:21] Stored file modification time : 1480083448 (25-Nov-2016 12:17:28)
[08:38:21] /sbin/insmod [ OK ]
[08:38:21] /sbin/ip [ OK ]
[08:38:21] /sbin/lsmod [ OK ]
[08:38:21] /sbin/modinfo [ OK ]
[08:38:21] /sbin/modprobe [ OK ]
[08:38:22] /sbin/rmmod [ OK ]
[08:38:22] /sbin/route [ OK ]
[08:38:22] /sbin/runlevel [ Warning ]
[08:38:22] Warning: The file properties have changed:
[08:38:22] File: /sbin/runlevel
[08:38:22] Current hash: 30899212ef979cd22a2490eca82fc1b2bcfaf631cf8640ed09297f360dd1e63a
[08:38:22] Stored hash : 3f5f4e104d145cea3a9b0245cafbf4e675db762218cb6de26cd7ad074e742b1b
[08:38:22] Current inode: 391839 Stored inode: 392064
[08:38:22] Current file modification time: 1477487098 (26-Out-2016 11:04:58)
[08:38:22] Stored file modification time : 1480083448 (25-Nov-2016 12:17:28)
[08:38:22] /sbin/sulogin [ OK ]
[08:38:22] /sbin/sysctl [ Warning ]
[08:38:22] Warning: The file properties have changed:
[08:38:22] File: /sbin/sysctl
[08:38:22] Current hash: 78426399ef59c5a145cd519be793374bc3ccc0ed79b31cc8aa38428caaa2bf45
[08:38:23] Stored hash : 2706412bd04e39377bfa89d01a8d55f4af534462a78c86a5218da68474877dad
[08:38:23] Current inode: 396195 Stored inode: 392083
[08:38:23] Current file modification time: 1478202345 (03-Nov-2016 17:45:45)
[08:38:23] Stored file modification time : 1452685738 (13-Jan-2016 09:48:58)
[08:38:23] /bin/bash [ OK ]
[08:38:23] /bin/cat [ OK ]
[08:38:23] /bin/chmod [ OK ]
[08:38:23] /bin/chown [ OK ]
[08:38:24] /bin/cp [ OK ]
[08:38:24] /bin/date [ OK ]
[08:38:24] /bin/df [ OK ]
[08:38:24] /bin/dmesg [ OK ]
[08:38:24] /bin/echo [ OK ]
[08:38:24] /bin/ed [ OK ]
[08:38:24] /bin/egrep [ OK ]
[08:38:24] Info: Found file '/bin/egrep': it is whitelisted for the 'script replacement' check.
[08:38:24] /bin/fgrep [ OK ]
[08:38:24] Info: Found file '/bin/fgrep': it is whitelisted for the 'script replacement' check.
[08:38:24] /bin/fuser [ OK ]
[08:38:24] /bin/grep [ OK ]
[08:38:25] /bin/ip [ OK ]
[08:38:25] /bin/kill [ Warning ]
[08:38:25] Warning: The file properties have changed:
[08:38:25] File: /bin/kill
[08:38:25] Current hash: d05aa9806572b5a366d8af34ab8b2609952be9d487b0a3586954974e8e7ca7de
[08:38:25] Stored hash : 8d0411c422ac0f503f4c0281de7364e33d518043e4de744e83e5bceeb7d6006c
[08:38:25] Current inode: 396196 Stored inode: 391750
[08:38:25] Current file modification time: 1478202345 (03-Nov-2016 17:45:45)
[08:38:25] Stored file modification time : 1452685738 (13-Jan-2016 09:48:58)
[08:38:25] /bin/less [ Warning ]
[08:38:25] Warning: The file properties have changed:
[08:38:25] File: /bin/less
[08:38:25] Current hash: c077918f5287fb16f319ca58444b62feeeb52d782ce85a1a321f848966d7a83d
[08:38:25] Stored hash : 9650b991aecb64079773dd92ca4bee9ff79da8e2c5d2245405f14d9892685f68
[08:38:25] Current inode: 391748 Stored inode: 391752
[08:38:25] Current file modification time: 1469554454 (26-Jul-2016 14:34:14)
[08:38:25] Stored file modification time : 1456748036 (29-Fev-2016 09:13:56)
[08:38:25] /bin/login [ OK ]
[08:38:25] /bin/ls [ OK ]
[08:38:25] /bin/lsmod [ OK ]
[08:38:25] /bin/mktemp [ OK ]
[08:38:26] /bin/more [ OK ]
[08:38:26] /bin/mount [ OK ]
[08:38:26] /bin/mv [ OK ]
[08:38:26] /bin/netstat [ OK ]
[08:38:26] /bin/ping [ OK ]
[08:38:26] /bin/ps [ Warning ]
[08:38:26] Warning: The file properties have changed:
[08:38:26] File: /bin/ps
[08:38:26] Current hash: 47c79f8b6299ee8402e68ccc8865f22a7dfca3f1ed45a5fe699d71cacdc739d9
[08:38:26] Stored hash : 0662569086609a52406e956fce27e6fb7ea6b155235c5233edac545786d23992
[08:38:26] Current inode: 396197 Stored inode: 391813
[08:38:26] Current file modification time: 1478202345 (03-Nov-2016 17:45:45)
[08:38:26] Stored file modification time : 1452685738 (13-Jan-2016 09:48:58)
[08:38:26] /bin/pwd [ OK ]
[08:38:26] /bin/readlink [ OK ]
[08:38:27] /bin/sed [ OK ]
[08:38:27] /bin/sh [ OK ]
[08:38:27] /bin/su [ OK ]
[08:38:27] /bin/touch [ OK ]
[08:38:27] /bin/uname [ OK ]
[08:38:27] /bin/which [ OK ]
[08:38:27] Info: Found file '/bin/which': it is whitelisted for the 'script replacement' check.
[08:38:28] /bin/kmod [ OK ]
[08:38:28] /bin/systemd [ Warning ]
[08:38:28] Warning: The file properties have changed:
[08:38:28] File: /bin/systemd
[08:38:28] Current hash: 382a78604145c808f5c1f6f5b942eec58001d8b65e331498208cfc4b953f6648
[08:38:28] Stored hash : 96cf7d47c1db27a04b07cdb7e711f50d84b308574bedc8e9e70e75a635633536
[08:38:28] Current inode: 396217 Stored inode: 391840
[08:38:28] Current file modification time: 1477487098 (26-Out-2016 11:04:58)
[08:38:28] Stored file modification time : 1480083434 (25-Nov-2016 12:17:14)
[08:38:28] /bin/systemctl [ Warning ]
[08:38:28] Warning: The file properties have changed:
[08:38:28] File: /bin/systemctl
[08:38:28] Current hash: 30899212ef979cd22a2490eca82fc1b2bcfaf631cf8640ed09297f360dd1e63a
[08:38:28] Stored hash : 3f5f4e104d145cea3a9b0245cafbf4e675db762218cb6de26cd7ad074e742b1b
[08:38:28] Current inode: 395835 Stored inode: 391839
[08:38:28] Current file modification time: 1477487112 (26-Out-2016 11:05:12)
[08:38:28] Stored file modification time : 1468340927 (12-Jul-2016 13:28:47)
[08:38:28] /bin/dash [ OK ]
[08:38:30] /lib/systemd/systemd [ Warning ]
[08:38:30] Warning: The file properties have changed:
[08:38:30] File: /lib/systemd/systemd
[08:38:30] Current hash: 382a78604145c808f5c1f6f5b942eec58001d8b65e331498208cfc4b953f6648
[08:38:30] Stored hash : 96cf7d47c1db27a04b07cdb7e711f50d84b308574bedc8e9e70e75a635633536
[08:38:30] Current inode: 662576 Stored inode: 657772
[08:38:30] Current file modification time: 1477487110 (26-Out-2016 11:05:10)
[08:38:30] Stored file modification time : 1468340923 (12-Jul-2016 13:28:43)
[08:38:33]
[08:38:33] Info: Starting test name 'rootkits'
[08:38:33] Checking for rootkits...
[08:38:33]
[08:38:33] Info: Starting test name 'known_rkts'
[08:38:33] Performing check of known rootkit files and directories
[08:38:33]
[08:38:33] Checking for 55808 Trojan - Variant A...
[08:38:33] Checking for file '/tmp/.../r' [ Not found ]
[08:38:33] Checking for file '/tmp/.../a' [ Not found ]
[08:38:33] 55808 Trojan - Variant A [ Not found ]
[08:38:33]
[08:38:33] Checking for ADM Worm...
[08:38:33] Checking for string 'w0rm' [ Not found ]
[08:38:33] ADM Worm [ Not found ]
[08:38:33]
[08:38:33] Checking for AjaKit Rootkit...
[08:38:33] Checking for file '/dev/tux/.addr' [ Not found ]
[08:38:33] Checking for file '/dev/tux/.proc' [ Not found ]
[08:38:33] Checking for file '/dev/tux/.file' [ Not found ]
[08:38:33] Checking for file '/lib/.libgh-gh/cleaner' [ Not found ]
[08:38:33] Checking for file '/lib/.libgh-gh/Patch/patch' [ Not found ]
[08:38:33] Checking for file '/lib/.libgh-gh/sb0k' [ Not found ]
[08:38:33] Checking for directory '/dev/tux' [ Not found ]
[08:38:33] Checking for directory '/lib/.libgh-gh' [ Not found ]
[08:38:33] AjaKit Rootkit [ Not found ]
[08:38:33]
[08:38:33] Checking for Adore Rootkit...
[08:38:33] Checking for file '/usr/secure' [ Not found ]
[08:38:33] Checking for file '/usr/doc/sys/qrt' [ Not found ]
[08:38:33] Checking for file '/usr/doc/sys/run' [ Not found ]
[08:38:33] Checking for file '/usr/doc/sys/crond' [ Not found ]
[08:38:33] Checking for file '/usr/sbin/kfd' [ Not found ]
[08:38:33] Checking for file '/usr/doc/kern/var' [ Not found ]
[08:38:33] Checking for file '/usr/doc/kern/string.o' [ Not found ]
[08:38:33] Checking for file '/usr/doc/kern/ava' [ Not found ]
[08:38:33] Checking for file '/usr/doc/kern/adore.o' [ Not found ]
[08:38:33] Checking for file '/var/log/ssh/old' [ Not found ]
[08:38:33] Checking for directory '/lib/security/.config/ssh' [ Not found ]
[08:38:33] Checking for directory '/usr/doc/kern' [ Not found ]
[08:38:33] Checking for directory '/usr/doc/backup' [ Not found ]
[08:38:33] Checking for directory '/usr/doc/backup/txt' [ Not found ]
[08:38:33] Checking for directory '/lib/backup' [ Not found ]
[08:38:33] Checking for directory '/lib/backup/txt' [ Not found ]
[08:38:33] Checking for directory '/usr/doc/work' [ Not found ]
[08:38:33] Checking for directory '/usr/doc/sys' [ Not found ]
[08:38:33] Checking for directory '/var/log/ssh' [ Not found ]
[08:38:33] Checking for directory '/usr/doc/.spool' [ Not found ]
[08:38:33] Checking for directory '/usr/lib/kterm' [ Not found ]
[08:38:33] Adore Rootkit [ Not found ]
[08:38:34]
[08:38:34] Checking for aPa Kit...
[08:38:34] Checking for file '/usr/share/.aPa' [ Not found ]
[08:38:34] aPa Kit [ Not found ]
[08:38:34]
[08:38:34] Checking for Apache Worm...
[08:38:34] Checking for file '/bin/.log' [ Not found ]
[08:38:34] Apache Worm [ Not found ]
[08:38:34]
[08:38:34] Checking for Ambient (ark) Rootkit...
[08:38:34] Checking for file '/usr/lib/.ark?' [ Not found ]
[08:38:34] Checking for file '/dev/ptyxx/.log' [ Not found ]
[08:38:34] Checking for file '/dev/ptyxx/.file' [ Not found ]
[08:38:34] Checking for file '/dev/ptyxx/.proc' [ Not found ]
[08:38:34] Checking for file '/dev/ptyxx/.addr' [ Not found ]
[08:38:34] Checking for directory '/dev/ptyxx' [ Not found ]
[08:38:34] Ambient (ark) Rootkit [ Not found ]
[08:38:34]
[08:38:34] Checking for Balaur Rootkit...
[08:38:34] Checking for file '/usr/lib/liblog.o' [ Not found ]
[08:38:34] Checking for directory '/usr/lib/.kinetic' [ Not found ]
[08:38:34] Checking for directory '/usr/lib/.egcs' [ Not found ]
[08:38:34] Checking for directory '/usr/lib/.wormie' [ Not found ]
[08:38:34] Balaur Rootkit [ Not found ]
[08:38:34]
[08:38:34] Checking for BeastKit Rootkit...
[08:38:34] Checking for file '/usr/sbin/arobia' [ Not found ]
[08:38:34] Checking for file '/usr/sbin/idrun' [ Not found ]
[08:38:34] Checking for file '/usr/lib/elm/arobia/elm' [ Not found ]
[08:38:34] Checking for file '/usr/lib/elm/arobia/elm/hk' [ Not found ]
[08:38:34] Checking for file '/usr/lib/elm/arobia/elm/hk.pub' [ Not found ]
[08:38:34] Checking for file '/usr/lib/elm/arobia/elm/sc' [ Not found ]
[08:38:34] Checking for file '/usr/lib/elm/arobia/elm/sd.pp' [ Not found ]
[08:38:34] Checking for file '/usr/lib/elm/arobia/elm/sdco' [ Not found ]
[08:38:34] Checking for file '/usr/lib/elm/arobia/elm/srsd' [ Not found ]
[08:38:34] Checking for directory '/lib/ldd.so/bktools' [ Not found ]
[08:38:34] BeastKit Rootkit [ Not found ]
[08:38:34]
[08:38:34] Checking for beX2 Rootkit...
[08:38:34] Checking for file '/usr/info/termcap.info-5.gz' [ Not found ]
[08:38:34] Checking for file '/usr/bin/sshd2' [ Not found ]
[08:38:34] Checking for directory '/usr/include/bex' [ Not found ]
[08:38:34] beX2 Rootkit [ Not found ]
[08:38:34]
[08:38:34] Checking for BOBKit Rootkit...
[08:38:34] Checking for file '/usr/sbin/ntpsx' [ Not found ]
[08:38:34] Checking for file '/usr/sbin/.../bkit-ava' [ Not found ]
[08:38:34] Checking for file '/usr/sbin/.../bkit-d' [ Not found ]
[08:38:34] Checking for file '/usr/sbin/.../bkit-shd' [ Not found ]
[08:38:34] Checking for file '/usr/sbin/.../bkit-f' [ Not found ]
[08:38:34] Checking for file '/usr/include/.../proc.h' [ Not found ]
[08:38:34] Checking for file '/usr/include/.../.bash_history' [ Not found ]
[08:38:34] Checking for file '/usr/include/.../bkit-get' [ Not found ]
[08:38:34] Checking for file '/usr/include/.../bkit-dl' [ Not found ]
[08:38:34] Checking for file '/usr/include/.../bkit-screen' [ Not found ]
[08:38:34] Checking for file '/usr/include/.../bkit-sleep' [ Not found ]
[08:38:34] Checking for file '/usr/lib/.../bkit-adore.o' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../ls' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../netstat' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../lsof' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../bkit-ssh/bkit-shdcfg' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../bkit-ssh/bkit-shhk' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../bkit-ssh/bkit-pw' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../bkit-ssh/bkit-shrs' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../bkit-ssh/bkit-mots' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../uconf.inv' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../psr' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../find' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../pstree' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../slocate' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../du' [ Not found ]
[08:38:35] Checking for file '/usr/lib/.../top' [ Not found ]
[08:38:35] Checking for directory '/usr/sbin/...' [ Not found ]
[08:38:35] Checking for directory '/usr/include/...' [ Not found ]
[08:38:35] Checking for directory '/usr/include/.../.tmp' [ Not found ]
[08:38:35] Checking for directory '/usr/lib/...' [ Not found ]
[08:38:35] Checking for directory '/usr/lib/.../.ssh' [ Not found ]
[08:38:35] Checking for directory '/usr/lib/.../bkit-ssh' [ Not found ]
[08:38:35] Checking for directory '/usr/lib/.bkit-' [ Not found ]
[08:38:35] Checking for directory '/tmp/.bkp' [ Not found ]
[08:38:35] BOBKit Rootkit [ Not found ]
[08:38:35]
[08:38:35] Checking for cb Rootkit...
[08:38:35] Checking for file '/dev/srd0' [ Not found ]
[08:38:35] Checking for file '/lib/libproc.so.2.0.6' [ Not found ]
[08:38:35] Checking for file '/dev/mounnt' [ Not found ]
[08:38:35] Checking for file '/etc/rc.d/init.d/init' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/cl' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/.x.tgz' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/statdx' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/wted' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/write' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/scan' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/sc' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/sl2' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/wroot' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/wscan' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/wu' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/v' [ Not found ]
[08:38:35] Checking for file '/usr/bin/.zeen/..<SP>/read' [ Not found ]
[08:38:35] Checking for file '/usr/lib/sshrc' [ Not found ]
[08:38:36] Checking for file '/usr/lib/ssh_host_key' [ Not found ]
[08:38:36] Checking for file '/usr/lib/ssh_host_key.pub' [ Not found ]
[08:38:36] Checking for file '/usr/lib/ssh_random_seed' [ Not found ]
[08:38:36] Checking for file '/usr/lib/sshd_config' [ Not found ]
[08:38:36] Checking for file '/usr/lib/shosts.equiv' [ Not found ]
[08:38:36] Checking for file '/usr/lib/ssh_known_hosts' [ Not found ]
[08:38:36] Checking for file '/u/zappa/.ssh/pid' [ Not found ]
[08:38:36] Checking for file '/usr/bin/.system/..<SP>/tcp.log' [ Not found ]
[08:38:36] Checking for file '/usr/bin/.zeen/..<SP>/curatare/attrib' [ Not found ]
[08:38:36] Checking for file '/usr/bin/.zeen/..<SP>/curatare/chattr' [ Not found ]
[08:38:36] Checking for file '/usr/bin/.zeen/..<SP>/curatare/ps' [ Not found ]
[08:38:36] Checking for file '/usr/bin/.zeen/..<SP>/curatare/pstree' [ Not found ]
[08:38:36] Checking for file '/usr/bin/.system/..<SP>/.x/xC.o' [ Not found ]
[08:38:36] Checking for directory '/usr/bin/.zeen' [ Not found ]
[08:38:36] Checking for directory '/usr/bin/.zeen/..<SP>/curatare' [ Not found ]
[08:38:36] Checking for directory '/usr/bin/.zeen/..<SP>/scan' [ Not found ]
[08:38:36] Checking for directory '/usr/bin/.system/..<SP>' [ Not found ]
[08:38:36] cb Rootkit [ Not found ]
[08:38:36]
[08:38:36] Checking for CiNIK Worm (Slapper.B variant)...
[08:38:36] Checking for file '/tmp/.cinik' [ Not found ]
[08:38:36] Checking for directory '/tmp/.font-unix/.cinik' [ Not found ]
[08:38:36] CiNIK Worm (Slapper.B variant) [ Not found ]
[08:38:36]
[08:38:36] Checking for Danny-Boy's Abuse Kit...
[08:38:36] Checking for file '/dev/mdev' [ Not found ]
[08:38:36] Checking for file '/usr/lib/libX.a' [ Not found ]
[08:38:36] Danny-Boy's Abuse Kit [ Not found ]
[08:38:36]
[08:38:36] Checking for Devil RootKit...
[08:38:36] Checking for file '/var/lib/games/.src' [ Not found ]
[08:38:36] Checking for file '/dev/dsx' [ Not found ]
[08:38:36] Checking for file '/dev/caca' [ Not found ]
[08:38:36] Checking for file '/dev/pro' [ Not found ]
[08:38:36] Checking for file '/bin/bye' [ Not found ]
[08:38:36] Checking for file '/bin/homedir' [ Not found ]
[08:38:36] Checking for file '/usr/bin/xfss' [ Not found ]
[08:38:36] Checking for file '/usr/sbin/tzava' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/stuff/holber' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/stuff/sense' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/stuff/clear' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/stuff/tzava' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/stuff/citeste' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/stuff/killrk' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/stuff/searchlog' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/stuff/gaoaza' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/stuff/cleaner' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/stuff/shk' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/stuff/srs' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/utile.tgz' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/webpage' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/getpsy' [ Not found ]
[08:38:36] Checking for file '/usr/doc/tar/.../.dracusor/getbnc' [ Not found ]
[08:38:37] Checking for file '/usr/doc/tar/.../.dracusor/getemech' [ Not found ]
[08:38:37] Checking for file '/usr/doc/tar/.../.dracusor/localroot.sh' [ Not found ]
[08:38:37] Checking for file '/usr/doc/tar/.../.dracusor/stuff/old/sense' [ Not found ]
[08:38:37] Checking for directory '/usr/doc/tar/.../.dracusor' [ Not found ]
[08:38:37] Devil RootKit [ Not found ]
[08:38:37]
[08:38:37] Checking for Dica-Kit Rootkit...
[08:38:37] Checking for file '/lib/.sso' [ Not found ]
[08:38:37] Checking for file '/lib/.so' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/clean' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/dxr' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/read' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/write' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/lf' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/xl' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/xdr' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/psg' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/secure' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/rdx' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/va' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/cl.sh' [ Not found ]
[08:38:37] Checking for file '/var/run/...dica/last.log' [ Not found ]
[08:38:37] Checking for file '/usr/bin/.etc' [ Not found ]
[08:38:37] Checking for file '/etc/sshd_config' [ Not found ]
[08:38:37] Checking for file '/etc/ssh_host_key' [ Not found ]
[08:38:37] Checking for file '/etc/ssh_random_seed' [ Not found ]
[08:38:37] Checking for directory '/var/run/...dica' [ Not found ]
[08:38:37] Checking for directory '/var/run/...dica/mh' [ Not found ]
[08:38:37] Checking for directory '/var/run/...dica/scan' [ Not found ]
[08:38:37] Dica-Kit Rootkit [ Not found ]
[08:38:37]
[08:38:37] Checking for Dreams Rootkit...
[08:38:37] Checking for file '/dev/ttyoa' [ Not found ]
[08:38:37] Checking for file '/dev/ttyof' [ Not found ]
[08:38:37] Checking for file '/dev/ttyop' [ Not found ]
[08:38:37] Checking for file '/usr/bin/sense' [ Not found ]
[08:38:37] Checking for file '/usr/bin/sl2' [ Not found ]
[08:38:37] Checking for file '/usr/bin/logclear' [ Not found ]
[08:38:37] Checking for file '/usr/bin/(swapd)' [ Not found ]
[08:38:37] Checking for file '/usr/bin/initrd' [ Not found ]
[08:38:37] Checking for file '/usr/bin/crontabs' [ Not found ]
[08:38:37] Checking for file '/usr/bin/snfs' [ Not found ]
[08:38:37] Checking for file '/usr/lib/libsss' [ Not found ]
[08:38:37] Checking for file '/usr/lib/libsnf.log' [ Not found ]
[08:38:37] Checking for file '/usr/lib/libshtift/top' [ Not found ]
[08:38:37] Checking for file '/usr/lib/libshtift/ps' [ Not found ]
[08:38:37] Checking for file '/usr/lib/libshtift/netstat' [ Not found ]
[08:38:37] Checking for file '/usr/lib/libshtift/ls' [ Not found ]
[08:38:37] Checking for file '/usr/lib/libshtift/ifconfig' [ Not found ]
[08:38:37] Checking for file '/usr/include/linseed.h' [ Not found ]
[08:38:37] Checking for file '/usr/include/linpid.h' [ Not found ]
[08:38:37] Checking for file '/usr/include/linkey.h' [ Not found ]
[08:38:37] Checking for file '/usr/include/linconf.h' [ Not found ]
[08:38:38] Checking for file '/usr/include/iceseed.h' [ Not found ]
[08:38:38] Checking for file '/usr/include/icepid.h' [ Not found ]
[08:38:38] Checking for file '/usr/include/icekey.h' [ Not found ]
[08:38:38] Checking for file '/usr/include/iceconf.h' [ Not found ]
[08:38:38] Checking for directory '/dev/ida/.hpd' [ Not found ]
[08:38:38] Checking for directory '/usr/lib/libshtift' [ Not found ]
[08:38:38] Dreams Rootkit [ Not found ]
[08:38:38]
[08:38:38] Checking for Duarawkz Rootkit...
[08:38:38] Checking for file '/usr/bin/duarawkz/loginpass' [ Not found ]
[08:38:38] Checking for directory '/usr/bin/duarawkz' [ Not found ]
[08:38:38] Duarawkz Rootkit [ Not found ]
[08:38:38]
[08:38:38] Checking for Enye LKM...
[08:38:38] Checking for file '/etc/.enyelkmHIDE^IT.ko' [ Not found ]
[08:38:38] Checking for file '/etc/.enyelkmOCULTAR.ko' [ Not found ]
[08:38:38] Enye LKM [ Not found ]
[08:38:38]
[08:38:38] Checking for Flea Linux Rootkit...
[08:38:38] Checking for file '/etc/ld.so.hash' [ Not found ]
[08:38:38] Checking for file '/lib/security/.config/ssh/sshd_config' [ Not found ]
[08:38:38] Checking for file '/lib/security/.config/ssh/ssh_host_key' [ Not found ]
[08:38:38] Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' [ Not found ]
[08:38:38] Checking for file '/lib/security/.config/ssh/ssh_random_seed' [ Not found ]
[08:38:38] Checking for file '/usr/bin/ssh2d' [ Not found ]
[08:38:38] Checking for file '/usr/lib/ldlibns.so' [ Not found ]
[08:38:38] Checking for file '/usr/lib/ldlibps.so' [ Not found ]
[08:38:38] Checking for file '/usr/lib/ldlibpst.so' [ Not found ]
[08:38:38] Checking for file '/usr/lib/ldlibdu.so' [ Not found ]
[08:38:38] Checking for file '/usr/lib/ldlibct.so' [ Not found ]
[08:38:38] Checking for directory '/lib/security/.config/ssh' [ Not found ]
[08:38:38] Checking for directory '/dev/..0' [ Not found ]
[08:38:38] Checking for directory '/dev/..0/backup' [ Not found ]
[08:38:38] Flea Linux Rootkit [ Not found ]
[08:38:38]
[08:38:38] Checking for Fu Rootkit...
[08:38:38] Checking for file '/sbin/xc' [ Not found ]
[08:38:38] Checking for file '/usr/include/ivtype.h' [ Not found ]
[08:38:38] Checking for file '/bin/.lib' [ Not found ]
[08:38:38] Fu Rootkit [ Not found ]
[08:38:38]
[08:38:38] Checking for Fuck`it Rootkit...
[08:38:38] Checking for file '/lib/libproc.so.2.0.7' [ Not found ]
[08:38:38] Checking for file '/dev/proc/.bash_profile' [ Not found ]
[08:38:38] Checking for file '/dev/proc/.bashrc' [ Not found ]
[08:38:38] Checking for file '/dev/proc/.cshrc' [ Not found ]
[08:38:38] Checking for file '/dev/proc/fuckit/hax0r' [ Not found ]
[08:38:38] Checking for file '/dev/proc/fuckit/hax0rshell' [ Not found ]
[08:38:38] Checking for file '/dev/proc/fuckit/config/lports' [ Not found ]
[08:38:38] Checking for file '/dev/proc/fuckit/config/rports' [ Not found ]
[08:38:38] Checking for file '/dev/proc/fuckit/config/rkconf' [ Not found ]
[08:38:38] Checking for file '/dev/proc/fuckit/config/password' [ Not found ]
[08:38:38] Checking for file '/dev/proc/fuckit/config/progs' [ Not found ]
[08:38:38] Checking for file '/dev/proc/fuckit/system-bins/init' [ Not found ]
[08:38:39] Checking for file '/usr/lib/libcps.a' [ Not found ]
[08:38:39] Checking for file '/usr/lib/libtty.a' [ Not found ]
[08:38:39] Checking for directory '/dev/proc' [ Not found ]
[08:38:39] Checking for directory '/dev/proc/fuckit' [ Not found ]
[08:38:39] Checking for directory '/dev/proc/fuckit/system-bins' [ Not found ]
[08:38:39] Checking for directory '/dev/proc/toolz' [ Not found ]
[08:38:39] Fuck`it Rootkit [ Not found ]
[08:38:39]
[08:38:39] Checking for GasKit Rootkit...
[08:38:39] Checking for file '/dev/dev/gaskit/sshd/sshdd' [ Not found ]
[08:38:39] Checking for directory '/dev/dev' [ Not found ]
[08:38:39] Checking for directory '/dev/dev/gaskit' [ Not found ]
[08:38:39] Checking for directory '/dev/dev/gaskit/sshd' [ Not found ]
[08:38:39] GasKit Rootkit [ Not found ]
[08:38:39]
[08:38:39] Checking for Heroin LKM...
[08:38:39] Checking for kernel symbol 'heroin' [ Not found ]
[08:38:39] Heroin LKM [ Not found ]
[08:38:39]
[08:38:39] Checking for HjC Kit...
[08:38:39] Checking for directory '/dev/.hijackerz' [ Not found ]
[08:38:39] HjC Kit [ Not found ]
[08:38:39]
[08:38:39] Checking for ignoKit Rootkit...
[08:38:39] Checking for file '/lib/defs/p' [ Not found ]
[08:38:39] Checking for file '/lib/defs/q' [ Not found ]
[08:38:39] Checking for file '/lib/defs/r' [ Not found ]
[08:38:39] Checking for file '/lib/defs/s' [ Not found ]
[08:38:39] Checking for file '/lib/defs/t' [ Not found ]
[08:38:39] Checking for file '/usr/lib/defs/p' [ Not found ]
[08:38:39] Checking for file '/usr/lib/defs/q' [ Not found ]
[08:38:39] Checking for file '/usr/lib/defs/r' [ Not found ]
[08:38:39] Checking for file '/usr/lib/defs/s' [ Not found ]
[08:38:39] Checking for file '/usr/lib/defs/t' [ Not found ]
[08:38:39] Checking for file '/usr/lib/.libigno/pkunsec' [ Not found ]
[08:38:39] Checking for file '/usr/lib/.libigno/.igno/psybnc/psybnc' [ Not found ]
[08:38:39] Checking for directory '/usr/lib/.libigno' [ Not found ]
[08:38:39] Checking for directory '/usr/lib/.libigno/.igno' [ Not found ]
[08:38:39] ignoKit Rootkit [ Not found ]
[08:38:39]
[08:38:39] Checking for IntoXonia-NG Rootkit...
[08:38:39] Checking for kernel symbol 'funces' [ Not found ]
[08:38:40] Checking for kernel symbol 'ixinit' [ Not found ]
[08:38:40] Checking for kernel symbol 'tricks' [ Not found ]
[08:38:40] Checking for kernel symbol 'kernel_unlink' [ Not found ]
[08:38:40] Checking for kernel symbol 'rootme' [ Not found ]
[08:38:40] Checking for kernel symbol 'hide_module' [ Not found ]
[08:38:40] Checking for kernel symbol 'find_sys_call_tbl' [ Not found ]
[08:38:40] IntoXonia-NG Rootkit [ Not found ]
[08:38:40]
[08:38:40] Checking for Irix Rootkit...
[08:38:40] Checking for directory '/dev/pts/01' [ Not found ]
[08:38:40] Checking for directory '/dev/pts/01/backup' [ Not found ]
[08:38:40] Checking for directory '/dev/pts/01/etc' [ Not found ]
[08:38:40] Checking for directory '/dev/pts/01/tmp' [ Not found ]
[08:38:40] Irix Rootkit [ Not found ]
[08:38:40]
[08:38:40] Checking for Jynx Rootkit...
[08:38:40] Checking for file '/xochikit/bc' [ Not found ]
[08:38:40] Checking for file '/xochikit/ld_poison.so' [ Not found ]
[08:38:40] Checking for file '/omgxochi/bc' [ Not found ]
[08:38:40] Checking for file '/omgxochi/ld_poison.so' [ Not found ]
[08:38:40] Checking for file '/var/local/^^/bc' [ Not found ]
[08:38:40] Checking for file '/var/local/^^/ld_poison.so' [ Not found ]
[08:38:40] Checking for directory '/xochikit' [ Not found ]
[08:38:41] Checking for directory '/omgxochi' [ Not found ]
[08:38:41] Checking for directory '/var/local/^^' [ Not found ]
[08:38:41] Jynx Rootkit [ Not found ]
[08:38:41]
[08:38:41] Checking for KBeast Rootkit...
[08:38:41] Checking for file '/usr/_h4x_/ipsecs-kbeast-v1.ko' [ Not found ]
[08:38:41] Checking for file '/usr/_h4x_/_h4x_bd' [ Not found ]
[08:38:41] Checking for file '/usr/_h4x_/acctlog' [ Not found ]
[08:38:41] Checking for directory '/usr/_h4x_' [ Not found ]
[08:38:41] Checking for kernel symbol 'h4x_delete_module' [ Not found ]
[08:38:41] Checking for kernel symbol 'h4x_getdents64' [ Not found ]
[08:38:41] Checking for kernel symbol 'h4x_kill' [ Not found ]
[08:38:41] Checking for kernel symbol 'h4x_open' [ Not found ]
[08:38:41] Checking for kernel symbol 'h4x_read' [ Not found ]
[08:38:41] Checking for kernel symbol 'h4x_rename' [ Not found ]
[08:38:41] Checking for kernel symbol 'h4x_rmdir' [ Not found ]
[08:38:42] Checking for kernel symbol 'h4x_tcp4_seq_show' [ Not found ]
[08:38:42] Checking for kernel symbol 'h4x_write' [ Not found ]
[08:38:42] KBeast Rootkit [ Not found ]
[08:38:42]
[08:38:42] Checking for Kitko Rootkit...
[08:38:42] Checking for directory '/usr/src/redhat/SRPMS/...' [ Not found ]
[08:38:42] Kitko Rootkit [ Not found ]
[08:38:42]
[08:38:42] Checking for Knark Rootkit...
[08:38:42] Checking for file '/proc/knark/pids' [ Not found ]
[08:38:42] Checking for directory '/proc/knark' [ Not found ]
[08:38:42] Knark Rootkit
