Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    US charges Samourai cryptomixer founders for laundering $100 million

Featured Deal: A one-year Sam's Club membership is only $14 now

Latest Buyer's Guide:    How to setup a VPN on your router: Detailed walkthrough

Generic User Avatar

Suspected Manjaro/Arch Linux Malware - Help needed

Started by leeroy_jenkins , Mar 17 2024 06:26 PM

  • Please log in to reply
10 replies to this topic

#1 leeroy_jenkins

leeroy_jenkins

  • Avatar image
  • Members
  • 5 posts
  • OFFLINE
    •  
  • Local time:06:38 AM

Posted 17 March 2024 - 06:26 PM

Dear Bleeping Computers Community,

 

I have been advised by several people I know online to inquire about malware on this forum. I have read through it, and couldn't find a similar subject to mine, as it's a specific situation.

 

I will tell you how it happened chronologically, and would like to ask you to try and assist me. I will upload whatever log you need, and also will be welcome to any advice how to get rid of bootkits/rootkits on Arch Linux.

 

I am a user of up-to-date Manjaro, and I received a strange video via e-mail, and opened it. It was .mp4, and I thought that Linux is pretty much protected from these kinds of malware, and also I have VLC updated to the newest version (3.0.20). It would be worth to mention that I think that the provider doesn't have a virus scan.

 

However, once I opened it (I didn't do anything out of the ordinary that day except that) and turned on my laptop tomorrow, I noticed an increase in how my fan performs, it was louder than before, I will freely say, about 30%. I was lucky to have done a Manjaro install a month ago, and had files in a backup, so I just reinstalled it by wiping everything, from scratch, without any files remaining, so a clean reinstall.

 

However, once I reinstalled it, and reinstalled my programs, the problem persists. Therefore, I currently suspect that I might have a bootkit, considering that Manjaro doesn't have a secure boot. I know it's rare, but that's the only thing I can think of.

 

Thankful in advance,

Leeroy


Edited by leeroy_jenkins, 17 March 2024 - 06:29 PM.

BC AdBot (Login to Remove)

 

#2 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 34,434 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:05:38 AM

Posted 17 March 2024 - 06:44 PM

Install EndeavourOS and see if it happens there it's Arch based and is far better than Manjaro

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#3 leeroy_jenkins

leeroy_jenkins
  • Topic Starter

  • Avatar image
  • Members
  • 5 posts
  • OFFLINE
    •  
  • Local time:06:38 AM

Posted 17 March 2024 - 06:52 PM

Thanks a lot for your response, Dan.

 

I will promptly do so. Is it more secure than Manjaro too? I would also like to ask you if you know how I can scan for bootkits. As I see that you are a Digital Forensics Expert, can I possibly ask you about the ways to do that. I forgot to mention that I have updated my UEFI too.


Edited by leeroy_jenkins, 17 March 2024 - 07:01 PM.

#4 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 34,434 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:05:38 AM

Posted 17 March 2024 - 07:02 PM

If your uefi has been updated it likely cleaned your boot entries. You'd need to use specialized tools like rkhunter but likely it was a poor update in manjaro.

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#5 leeroy_jenkins

leeroy_jenkins
  • Topic Starter

  • Avatar image
  • Members
  • 5 posts
  • OFFLINE
    •  
  • Local time:06:38 AM

Posted 17 March 2024 - 07:31 PM

Yes, I have updated it after it happened, just to make sure.

 

Also, I used rkhunter with unhide now, so I will upload its outcome here:

 

I will also inform you once I install the new system.

[01:09:35] Running Rootkit Hunter version 1.4.6 on My-PC
[01:09:35]
[01:09:35] Info: Start date is Mo 18. Mär 01:09:35 CET 2024
[01:09:35]
[01:09:35] Checking configuration file and command-line options...
[01:09:35] Info: Detected operating system is 'Linux'
[01:09:35] Info: Uname output is 'Linux My-PC 6.6.19-1-MANJARO #1 SMP PREEMPT_DYNAMIC Fri Mar  1 18:16:16 UTC 2024 x86_64 GNU/Linux'
[01:09:35] Info: Command line is /usr/bin/rkhunter --check --sk
[01:09:35] Info: Environment shell is /bin/bash; rkhunter is using bash
[01:09:35] Info: Using configuration file '/etc/rkhunter.conf'
[01:09:35] Info: Installation directory is '/usr'
[01:09:36] Info: Using language 'en'
[01:09:36] Info: Using '/var/lib/rkhunter/db' as the database directory
[01:09:36] Info: Using '/usr/lib/rkhunter/scripts' as the support script directory
[01:09:36] Info: Using '/usr/local/bin /usr/bin /bin /usr/local/sbin /usr/bin/site_perl /usr/bin/vendor_perl /usr/bin/core_perl /var/lib/snapd/snap/bin /sbin /usr/sbin' as the command directories
[01:09:36] Info: Using '/var/lib/rkhunter/tmp' as the temporary directory
[01:09:36] Info: No mail-on-warning address configured
[01:09:36] Info: X will be automatically detected
[01:09:36] Info: Using second color set
[01:09:36] Info: Found the 'basename' command: /usr/bin/basename
[01:09:36] Info: Found the 'diff' command: /usr/bin/diff
[01:09:36] Info: Found the 'dirname' command: /usr/bin/dirname
[01:09:36] Info: Found the 'file' command: /usr/bin/file
[01:09:36] Info: Found the 'find' command: /usr/bin/find
[01:09:36] Info: Found the 'ifconfig' command: /usr/bin/ifconfig
[01:09:36] Info: Found the 'ip' command: /usr/bin/ip
[01:09:36] Info: Found the 'ipcs' command: /usr/bin/ipcs
[01:09:36] Info: Found the 'ldd' command: /usr/bin/ldd
[01:09:36] Info: Found the 'lsattr' command: /usr/bin/lsattr
[01:09:36] Info: Found the 'lsmod' command: /usr/bin/lsmod
[01:09:36] Info: Found the 'lsof' command: /usr/bin/lsof
[01:09:36] Info: Found the 'mktemp' command: /usr/bin/mktemp
[01:09:36] Info: Found the 'netstat' command: /usr/bin/netstat
[01:09:36] Info: Found the 'numfmt' command: /usr/bin/numfmt
[01:09:36] Info: Found the 'perl' command: /usr/bin/perl
[01:09:36] Info: Found the 'pgrep' command: /usr/bin/pgrep
[01:09:36] Info: Found the 'ps' command: /usr/bin/ps
[01:09:36] Info: Found the 'pwd' command: /usr/bin/pwd
[01:09:36] Info: Found the 'readlink' command: /usr/bin/readlink
[01:09:36] Info: Found the 'stat' command: /usr/bin/stat
[01:09:36] Info: Found the 'strings' command: /usr/bin/strings
[01:09:36] Info: System is not using prelinking
[01:09:36] Info: Using the '/usr/bin/sha256sum' command for the file hash checks
[01:09:36] Info: The hash function field index is set to 1
[01:09:36] Info: No package manager specified: using hash function '/usr/bin/sha256sum'
[01:09:36] Info: Previous file attributes were stored
[01:09:36] Info: Enabled tests are: all
[01:09:36] Info: Disabled tests are: suspscan hidden_ports hidden_procs deleted_files packet_cap_apps apps
[01:09:36] Info: Including user files for file properties check:
[01:09:36]       /etc/rkhunter.conf
[01:09:37] Info: Found kernel symbols file '/proc/kallsyms'
[01:09:37] Info: Using 'date' to process epoch second times
[01:09:37] Info: Locking is not being used
[01:09:37]
[01:09:37] Starting system checks...
[01:09:37]
[01:09:37] Info: Starting test name 'system_commands'
[01:09:37] Checking system commands...
[01:09:37]
[01:09:37] Info: Starting test name 'strings'
[01:09:37] Performing 'strings' command checks
[01:09:37]   Scanning for string /usr/sbin/ntpsx             [ OK ]
[01:09:37]   Scanning for string /usr/sbin/.../bkit-ava      [ OK ]
[01:09:37]   Scanning for string /usr/sbin/.../bkit-d        [ OK ]
[01:09:37]   Scanning for string /usr/sbin/.../bkit-shd      [ OK ]
[01:09:37]   Scanning for string /usr/sbin/.../bkit-f        [ OK ]
[01:09:37]   Scanning for string /usr/include/.../proc.h     [ OK ]
[01:09:37]   Scanning for string /usr/include/.../.bash_history [ OK ]
[01:09:37]   Scanning for string /usr/include/.../bkit-get   [ OK ]
[01:09:37]   Scanning for string /usr/include/.../bkit-dl    [ OK ]
[01:09:37]   Scanning for string /usr/include/.../bkit-screen [ OK ]
[01:09:37]   Scanning for string /usr/include/.../bkit-sleep [ OK ]
[01:09:37]   Scanning for string /usr/lib/.../bkit-adore.o   [ OK ]
[01:09:37]   Scanning for string /usr/lib/.../ls             [ OK ]
[01:09:37]   Scanning for string /usr/lib/.../netstat        [ OK ]
[01:09:37]   Scanning for string /usr/lib/.../lsof           [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../bkit-ssh/bkit-shdcfg [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../bkit-ssh/bkit-shhk [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../bkit-ssh/bkit-pw [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../bkit-ssh/bkit-shrs [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../bkit-ssh/bkit-mots [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../uconf.inv      [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../psr            [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../find           [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../pstree         [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../slocate        [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../du             [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../top            [ OK ]
[01:09:38]   Scanning for string /usr/sbin/...               [ OK ]
[01:09:38]   Scanning for string /usr/include/...            [ OK ]
[01:09:38]   Scanning for string /usr/include/.../.tmp       [ OK ]
[01:09:38]   Scanning for string /usr/lib/...                [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../.ssh           [ OK ]
[01:09:38]   Scanning for string /usr/lib/.../bkit-ssh       [ OK ]
[01:09:38]   Scanning for string /usr/lib/.bkit-             [ OK ]
[01:09:39]   Scanning for string /tmp/.bkp                   [ OK ]
[01:09:39]   Scanning for string /tmp/.cinik                 [ OK ]
[01:09:39]   Scanning for string /tmp/.font-unix/.cinik      [ OK ]
[01:09:39]   Scanning for string /lib/.sso                   [ OK ]
[01:09:39]   Scanning for string /lib/.so                    [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/clean      [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/dxr        [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/read       [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/write      [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/lf         [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/xl         [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/xdr        [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/psg        [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/secure     [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/rdx        [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/va         [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/cl.sh      [ OK ]
[01:09:39]   Scanning for string /var/run/...dica/last.log   [ OK ]
[01:09:39]   Scanning for string /usr/bin/.etc               [ OK ]
[01:09:39]   Scanning for string /etc/sshd_config            [ OK ]
[01:09:40]   Scanning for string /etc/ssh_host_key           [ OK ]
[01:09:40]   Scanning for string /etc/ssh_random_seed        [ OK ]
[01:09:40]   Scanning for string /dev/ptyp                   [ OK ]
[01:09:40]   Scanning for string /dev/ptyq                   [ OK ]
[01:09:40]   Scanning for string /dev/ptyr                   [ OK ]
[01:09:40]   Scanning for string /dev/ptys                   [ OK ]
[01:09:40]   Scanning for string /dev/ptyt                   [ OK ]
[01:09:40]   Scanning for string /dev/fd/.88/freshb-bsd      [ OK ]
[01:09:40]   Scanning for string /dev/fd/.88/fresht          [ OK ]
[01:09:40]   Scanning for string /dev/fd/.88/zxsniff         [ OK ]
[01:09:40]   Scanning for string /dev/fd/.88/zxsniff.log     [ OK ]
[01:09:40]   Scanning for string /dev/fd/.99/.ttyf00         [ OK ]
[01:09:40]   Scanning for string /dev/fd/.99/.ttyp00         [ OK ]
[01:09:40]   Scanning for string /dev/fd/.99/.ttyq00         [ OK ]
[01:09:40]   Scanning for string /dev/fd/.99/.ttys00         [ OK ]
[01:09:40]   Scanning for string /dev/fd/.99/.pwsx00         [ OK ]
[01:09:40]   Scanning for string /etc/.acid                  [ OK ]
[01:09:40]   Scanning for string /usr/lib/.fx/sched_host.2   [ OK ]
[01:09:40]   Scanning for string /usr/lib/.fx/random_d.2     [ OK ]
[01:09:41]   Scanning for string /usr/lib/.fx/set_pid.2      [ OK ]
[01:09:41]   Scanning for string /usr/lib/.fx/setrgrp.2      [ OK ]
[01:09:41]   Scanning for string /usr/lib/.fx/TOHIDE         [ OK ]
[01:09:41]   Scanning for string /usr/lib/.fx/cons.saver     [ OK ]
[01:09:41]   Scanning for string /usr/lib/.fx/adore/ava/ava  [ OK ]
[01:09:41]   Scanning for string /usr/lib/.fx/adore/adore/adore.ko [ OK ]
[01:09:41]   Scanning for string /bin/sysback                [ OK ]
[01:09:41]   Scanning for string /usr/local/bin/sysback      [ OK ]
[01:09:41]   Scanning for string /usr/lib/.tbd               [ OK ]
[01:09:41]   Scanning for string /dev/.lib/lib/lib/t0rns     [ OK ]
[01:09:41]   Scanning for string /dev/.lib/lib/lib/du        [ OK ]
[01:09:41]   Scanning for string /dev/.lib/lib/lib/ls        [ OK ]
[01:09:41]   Scanning for string /dev/.lib/lib/lib/t0rnsb    [ OK ]
[01:09:41]   Scanning for string /dev/.lib/lib/lib/ps        [ OK ]
[01:09:41]   Scanning for string /dev/.lib/lib/lib/t0rnp     [ OK ]
[01:09:41]   Scanning for string /dev/.lib/lib/lib/find      [ OK ]
[01:09:41]   Scanning for string /dev/.lib/lib/lib/ifconfig  [ OK ]
[01:09:41]   Scanning for string /dev/.lib/lib/lib/pg        [ OK ]
[01:09:41]   Scanning for string /dev/.lib/lib/lib/ssh.tgz   [ OK ]
[01:09:41]   Scanning for string /dev/.lib/lib/lib/top       [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib/lib/sz        [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib/lib/login     [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib/lib/in.fingerd [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib/lib/1i0n.sh   [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib/lib/pstree    [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib/lib/in.telnetd [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib/lib/mjy       [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib/lib/sush      [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib/lib/tfn       [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib/lib/name      [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib/lib/getip.sh  [ OK ]
[01:09:42]   Scanning for string /usr/info/.torn/sh*         [ OK ]
[01:09:42]   Scanning for string /usr/src/.puta/.1addr       [ OK ]
[01:09:42]   Scanning for string /usr/src/.puta/.1file       [ OK ]
[01:09:42]   Scanning for string /usr/src/.puta/.1proc       [ OK ]
[01:09:42]   Scanning for string /usr/src/.puta/.1logz       [ OK ]
[01:09:42]   Scanning for string /usr/info/.t0rn             [ OK ]
[01:09:42]   Scanning for string /dev/.lib                   [ OK ]
[01:09:42]   Scanning for string /dev/.lib/lib               [ OK ]
[01:09:43]   Scanning for string /dev/.lib/lib/lib           [ OK ]
[01:09:43]   Scanning for string /dev/.lib/lib/lib/dev       [ OK ]
[01:09:43]   Scanning for string /dev/.lib/lib/scan          [ OK ]
[01:09:43]   Scanning for string /usr/src/.puta              [ OK ]
[01:09:43]   Scanning for string /usr/man/man1/man1          [ OK ]
[01:09:43]   Scanning for string /usr/man/man1/man1/lib      [ OK ]
[01:09:43]   Scanning for string /usr/man/man1/man1/lib/.lib [ OK ]
[01:09:43]   Scanning for string /usr/man/man1/man1/lib/.lib/.backup [ OK ]
[01:09:43]
[01:09:43] Info: Starting test name 'shared_libs'
[01:09:43] Performing 'shared libraries' checks
[01:09:43]   Checking for preloading variables               [ None found ]
[01:09:43]   Checking for preloaded libraries                [ None found ]
[01:09:43]
[01:09:43] Info: Starting test name 'shared_libs_path'
[01:09:43]   Checking LD_LIBRARY_PATH variable               [ Not found ]
[01:09:43]
[01:09:43] Info: Starting test name 'properties'
[01:09:43] Performing file properties checks
[01:09:43] Warning: Checking for prerequisites               [ Warning ]
[01:09:43]          The file of stored file properties (rkhunter.dat) does not exist, and should be created. To do this type in 'rkhunter --propupd'.
[01:09:43] Info: The file properties check will still run as there are checks that can be performed without the 'rkhunter.dat' file.
[01:09:43]
[01:09:43] Warning: WARNING! It is the users responsibility to ensure that when the '--propupd' option
           is used, all the files on their system are known to be genuine, and installed from a
           reliable source. The rkhunter '--check' option will compare the current file properties
           against previously stored values, and report if any values differ. However, rkhunter
           cannot determine what has caused the change, that is for the user to do.
[01:09:44]   /usr/bin/awk                                    [ OK ]
[01:09:45]   /usr/bin/basename                               [ OK ]
[01:09:45]   /usr/bin/bash                                   [ OK ]
[01:09:45]   /usr/bin/cat                                    [ OK ]
[01:09:45]   /usr/bin/chattr                                 [ OK ]
[01:09:45]   /usr/bin/chmod                                  [ OK ]
[01:09:45]   /usr/bin/chown                                  [ OK ]
[01:09:45]   /usr/bin/chroot                                 [ OK ]
[01:09:45]   /usr/bin/cp                                     [ OK ]
[01:09:45]   /usr/bin/curl                                   [ OK ]
[01:09:45]   /usr/bin/cut                                    [ OK ]
[01:09:46]   /usr/bin/date                                   [ OK ]
[01:09:46]   /usr/bin/depmod                                 [ OK ]
[01:09:46]   /usr/bin/df                                     [ OK ]
[01:09:46]   /usr/bin/diff                                   [ OK ]
[01:09:46]   /usr/bin/dirname                                [ OK ]
[01:09:46]   /usr/bin/dmesg                                  [ OK ]
[01:09:46]   /usr/bin/dpkg                                   [ OK ]
[01:09:46]   /usr/bin/dpkg-query                             [ OK ]
[01:09:46]   /usr/bin/du                                     [ OK ]
[01:09:46]   /usr/bin/echo                                   [ OK ]
[01:09:47]   /usr/bin/egrep                                  [ Warning ]
[01:09:47] Warning: The command '/usr/bin/egrep' has been replaced by a script: /usr/bin/egrep: POSIX shell script, ASCII text executable
[01:09:47]   /usr/bin/env                                    [ OK ]
[01:09:47]   /usr/bin/fgrep                                  [ Warning ]
[01:09:47] Warning: The command '/usr/bin/fgrep' has been replaced by a script: /usr/bin/fgrep: POSIX shell script, ASCII text executable
[01:09:47]   /usr/bin/file                                   [ OK ]
[01:09:47]   /usr/bin/find                                   [ OK ]
[01:09:47]   /usr/bin/fsck                                   [ OK ]
[01:09:47]   /usr/bin/fuser                                  [ OK ]
[01:09:47]   /usr/bin/grep                                   [ OK ]
[01:09:47]   /usr/bin/groupadd                               [ OK ]
[01:09:48]   /usr/bin/groupdel                               [ OK ]
[01:09:48]   /usr/bin/groupmod                               [ OK ]
[01:09:48]   /usr/bin/groups                                 [ OK ]
[01:09:48]   /usr/bin/grpck                                  [ OK ]
[01:09:48]   /usr/bin/head                                   [ OK ]
[01:09:48]   /usr/bin/id                                     [ OK ]
[01:09:48]   /usr/bin/ifconfig                               [ OK ]
[01:09:48]   /usr/bin/init                                   [ OK ]
[01:09:48]   /usr/bin/insmod                                 [ OK ]
[01:09:49]   /usr/bin/ip                                     [ OK ]
[01:09:49]   /usr/bin/ipcs                                   [ OK ]
[01:09:49]   /usr/bin/kill                                   [ OK ]
[01:09:49]   /usr/bin/killall                                [ OK ]
[01:09:49]   /usr/bin/last                                   [ OK ]
[01:09:49]   /usr/bin/lastlog                                [ OK ]
[01:09:49]   /usr/bin/ldd                                    [ Warning ]
[01:09:49] Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script, ASCII text executable
[01:09:49]   /usr/bin/less                                   [ OK ]
[01:09:49]   /usr/bin/locate                                 [ OK ]
[01:09:49]   /usr/bin/logger                                 [ OK ]
[01:09:50]   /usr/bin/login                                  [ OK ]
[01:09:50]   /usr/bin/ls                                     [ OK ]
[01:09:50]   /usr/bin/lsattr                                 [ OK ]
[01:09:50]   /usr/bin/lsmod                                  [ OK ]
[01:09:50]   /usr/bin/lsof                                   [ OK ]
[01:09:50]   /usr/bin/mail                                   [ OK ]
[01:09:50]   /usr/bin/md5sum                                 [ OK ]
[01:09:50]   /usr/bin/mktemp                                 [ OK ]
[01:09:50]   /usr/bin/modinfo                                [ OK ]
[01:09:50]   /usr/bin/modprobe                               [ OK ]
[01:09:51]   /usr/bin/more                                   [ OK ]
[01:09:51]   /usr/bin/mount                                  [ OK ]
[01:09:51]   /usr/bin/mv                                     [ OK ]
[01:09:51]   /usr/bin/netstat                                [ OK ]
[01:09:51]   /usr/bin/newgrp                                 [ OK ]
[01:09:51]   /usr/bin/nologin                                [ OK ]
[01:09:51]   /usr/bin/passwd                                 [ OK ]
[01:09:51]   /usr/bin/perl                                   [ OK ]
[01:09:51]   /usr/bin/pgrep                                  [ OK ]
[01:09:51]   /usr/bin/ping                                   [ OK ]
[01:09:52]   /usr/bin/pkill                                  [ OK ]
[01:09:52]   /usr/bin/ps                                     [ OK ]
[01:09:52]   /usr/bin/pstree                                 [ OK ]
[01:09:52]   /usr/bin/pwck                                   [ OK ]
[01:09:52]   /usr/bin/pwd                                    [ OK ]
[01:09:52]   /usr/bin/readlink                               [ OK ]
[01:09:52]   /usr/bin/rkhunter                               [ OK ]
[01:09:52]   /usr/bin/rmmod                                  [ OK ]
[01:09:52]   /usr/bin/route                                  [ OK ]
[01:09:52]   /usr/bin/runcon                                 [ OK ]
[01:09:53]   /usr/bin/sed                                    [ OK ]
[01:09:53]   /usr/bin/sh                                     [ OK ]
[01:09:53]   /usr/bin/sha1sum                                [ OK ]
[01:09:53]   /usr/bin/sha224sum                              [ OK ]
[01:09:53]   /usr/bin/sha256sum                              [ OK ]
[01:09:53]   /usr/bin/sha384sum                              [ OK ]
[01:09:53]   /usr/bin/sha512sum                              [ OK ]
[01:09:53]   /usr/bin/size                                   [ OK ]
[01:09:53]   /usr/bin/slocate                                [ OK ]
[01:09:53]   /usr/bin/sort                                   [ OK ]
[01:09:54]   /usr/bin/ssh                                    [ OK ]
[01:09:54]   /usr/bin/sshd                                   [ OK ]
[01:09:54]   /usr/bin/stat                                   [ OK ]
[01:09:54]   /usr/bin/strings                                [ OK ]
[01:09:54]   /usr/bin/su                                     [ OK ]
[01:09:54]   /usr/bin/sudo                                   [ OK ]
[01:09:54]   /usr/bin/sulogin                                [ OK ]
[01:09:54]   /usr/bin/sysctl                                 [ OK ]
[01:09:54]   /usr/bin/tail                                   [ OK ]
[01:09:54]   /usr/bin/telnet                                 [ OK ]
[01:09:55]   /usr/bin/test                                   [ OK ]
[01:09:55]   /usr/bin/top                                    [ OK ]
[01:09:55]   /usr/bin/touch                                  [ OK ]
[01:09:55]   /usr/bin/tr                                     [ OK ]
[01:09:55]   /usr/bin/uname                                  [ OK ]
[01:09:55]   /usr/bin/uniq                                   [ OK ]
[01:09:55]   /usr/bin/useradd                                [ OK ]
[01:09:55]   /usr/bin/userdel                                [ OK ]
[01:09:55]   /usr/bin/usermod                                [ OK ]
[01:09:55]   /usr/bin/users                                  [ OK ]
[01:09:56]   /usr/bin/vipw                                   [ OK ]
[01:09:56]   /usr/bin/vmstat                                 [ OK ]
[01:09:56]   /usr/bin/w                                      [ OK ]
[01:09:56]   /usr/bin/watch                                  [ OK ]
[01:09:56]   /usr/bin/wc                                     [ OK ]
[01:09:56]   /usr/bin/wget                                   [ OK ]
[01:09:56]   /usr/bin/whatis                                 [ OK ]
[01:09:56]   /usr/bin/whereis                                [ OK ]
[01:09:56]   /usr/bin/which                                  [ OK ]
[01:09:56]   /usr/bin/who                                    [ OK ]
[01:09:57]   /usr/bin/whoami                                 [ OK ]
[01:09:57]   /usr/bin/unhide                                 [ OK ]
[01:09:57]   /usr/bin/unhide-linux                           [ OK ]
[01:09:57]   /usr/bin/unhide-posix                           [ OK ]
[01:09:57]   /usr/bin/unhide-tcp                             [ OK ]
[01:09:57]   /usr/bin/numfmt                                 [ OK ]
[01:09:57]   /usr/bin/gawk                                   [ OK ]
[01:09:57]   /usr/bin/kmod                                   [ OK ]
[01:09:59]   /usr/bin/vendor_perl/GET                        [ Warning ]
[01:09:59] Warning: The command '/usr/bin/vendor_perl/GET' has been replaced by a script: /usr/bin/vendor_perl/GET: Perl script text executable
[01:10:03]   /usr/lib/systemd/systemd                        [ OK ]
[01:10:03]   /etc/rkhunter.conf                              [ OK ]
[01:10:03]
[01:10:03] Info: Starting test name 'rootkits'
[01:10:03] Checking for rootkits...
[01:10:03]
[01:10:03] Info: Starting test name 'known_rkts'
[01:10:03] Performing check of known rootkit files and directories
[01:10:03]
[01:10:03] Checking for 55808 Trojan - Variant A...
[01:10:03]   Checking for file '/tmp/.../r'                  [ Not found ]
[01:10:03]   Checking for file '/tmp/.../a'                  [ Not found ]
[01:10:03] 55808 Trojan - Variant A                          [ Not found ]
[01:10:03]
[01:10:03] Checking for ADM Worm...
[01:10:03]   Checking for string 'w0rm'                      [ Not found ]
[01:10:03] ADM Worm                                          [ Not found ]
[01:10:03]
[01:10:03] Checking for AjaKit Rootkit...
[01:10:04]   Checking for file '/dev/tux/.addr'              [ Not found ]
[01:10:04]   Checking for file '/dev/tux/.proc'              [ Not found ]
[01:10:04]   Checking for file '/dev/tux/.file'              [ Not found ]
[01:10:04]   Checking for file '/lib/.libgh-gh/cleaner'      [ Not found ]
[01:10:04]   Checking for file '/lib/.libgh-gh/Patch/patch'  [ Not found ]
[01:10:04]   Checking for file '/lib/.libgh-gh/sb0k'         [ Not found ]
[01:10:04]   Checking for directory '/dev/tux'               [ Not found ]
[01:10:04]   Checking for directory '/lib/.libgh-gh'         [ Not found ]
[01:10:04] AjaKit Rootkit                                    [ Not found ]
[01:10:04]
[01:10:04] Checking for Adore Rootkit...
[01:10:04]   Checking for file '/usr/secure'                 [ Not found ]
[01:10:04]   Checking for file '/usr/doc/sys/qrt'            [ Not found ]
[01:10:04]   Checking for file '/usr/doc/sys/run'            [ Not found ]
[01:10:04]   Checking for file '/usr/doc/sys/crond'          [ Not found ]
[01:10:04]   Checking for file '/usr/sbin/kfd'               [ Not found ]
[01:10:04]   Checking for file '/usr/doc/kern/var'           [ Not found ]
[01:10:04]   Checking for file '/usr/doc/kern/string.o'      [ Not found ]
[01:10:04]   Checking for file '/usr/doc/kern/ava'           [ Not found ]
[01:10:04]   Checking for file '/usr/doc/kern/adore.o'       [ Not found ]
[01:10:04]   Checking for file '/var/log/ssh/old'            [ Not found ]
[01:10:05]   Checking for directory '/lib/security/.config/ssh' [ Not found ]
[01:10:05]   Checking for directory '/usr/doc/kern'          [ Not found ]
[01:10:05]   Checking for directory '/usr/doc/backup'        [ Not found ]
[01:10:05]   Checking for directory '/usr/doc/backup/txt'    [ Not found ]
[01:10:05]   Checking for directory '/lib/backup'            [ Not found ]
[01:10:05]   Checking for directory '/lib/backup/txt'        [ Not found ]
[01:10:05]   Checking for directory '/usr/doc/work'          [ Not found ]
[01:10:05]   Checking for directory '/usr/doc/sys'           [ Not found ]
[01:10:05]   Checking for directory '/var/log/ssh'           [ Not found ]
[01:10:05]   Checking for directory '/usr/doc/.spool'        [ Not found ]
[01:10:05]   Checking for directory '/usr/lib/kterm'         [ Not found ]
[01:10:05] Adore Rootkit                                     [ Not found ]
[01:10:05]
[01:10:05] Checking for aPa Kit...
[01:10:05]   Checking for file '/usr/share/.aPa'             [ Not found ]
[01:10:05] aPa Kit                                           [ Not found ]
[01:10:05]
[01:10:05] Checking for Apache Worm...
[01:10:05]   Checking for file '/bin/.log'                   [ Not found ]
[01:10:05] Apache Worm                                       [ Not found ]
[01:10:05]
[01:10:05] Checking for Ambient (ark) Rootkit...
[01:10:05]   Checking for file '/usr/lib/.ark?'              [ Not found ]
[01:10:06]   Checking for file '/dev/ptyxx/.log'             [ Not found ]
[01:10:06]   Checking for file '/dev/ptyxx/.file'            [ Not found ]
[01:10:06]   Checking for file '/dev/ptyxx/.proc'            [ Not found ]
[01:10:06]   Checking for file '/dev/ptyxx/.addr'            [ Not found ]
[01:10:06]   Checking for directory '/dev/ptyxx'             [ Not found ]
[01:10:06] Ambient (ark) Rootkit                             [ Not found ]
[01:10:06]
[01:10:06] Checking for Balaur Rootkit...
[01:10:06]   Checking for file '/usr/lib/liblog.o'           [ Not found ]
[01:10:06]   Checking for directory '/usr/lib/.kinetic'      [ Not found ]
[01:10:06]   Checking for directory '/usr/lib/.egcs'         [ Not found ]
[01:10:06]   Checking for directory '/usr/lib/.wormie'       [ Not found ]
[01:10:06] Balaur Rootkit                                    [ Not found ]
[01:10:06]
[01:10:06] Checking for BeastKit Rootkit...
[01:10:06]   Checking for file '/usr/sbin/arobia'            [ Not found ]
[01:10:06]   Checking for file '/usr/sbin/idrun'             [ Not found ]
[01:10:06]   Checking for file '/usr/lib/elm/arobia/elm'     [ Not found ]
[01:10:06]   Checking for file '/usr/lib/elm/arobia/elm/hk'  [ Not found ]
[01:10:06]   Checking for file '/usr/lib/elm/arobia/elm/hk.pub' [ Not found ]
[01:10:06]   Checking for file '/usr/lib/elm/arobia/elm/sc'  [ Not found ]
[01:10:06]   Checking for file '/usr/lib/elm/arobia/elm/sd.pp' [ Not found ]
[01:10:07]   Checking for file '/usr/lib/elm/arobia/elm/sdco' [ Not found ]
[01:10:07]   Checking for file '/usr/lib/elm/arobia/elm/srsd' [ Not found ]
[01:10:07]   Checking for directory '/lib/ldd.so/bktools'    [ Not found ]
[01:10:07] BeastKit Rootkit                                  [ Not found ]
[01:10:07]
[01:10:07] Checking for beX2 Rootkit...
[01:10:07]   Checking for file '/usr/info/termcap.info-5.gz' [ Not found ]
[01:10:07]   Checking for file '/usr/bin/sshd2'              [ Not found ]
[01:10:07]   Checking for directory '/usr/include/bex'       [ Not found ]
[01:10:07] beX2 Rootkit                                      [ Not found ]
[01:10:07]
[01:10:07] Checking for BOBKit Rootkit...
[01:10:07]   Checking for file '/usr/sbin/ntpsx'             [ Not found ]
[01:10:07]   Checking for file '/usr/sbin/.../bkit-ava'      [ Not found ]
[01:10:07]   Checking for file '/usr/sbin/.../bkit-d'        [ Not found ]
[01:10:07]   Checking for file '/usr/sbin/.../bkit-shd'      [ Not found ]
[01:10:07]   Checking for file '/usr/sbin/.../bkit-f'        [ Not found ]
[01:10:07]   Checking for file '/usr/include/.../proc.h'     [ Not found ]
[01:10:07]   Checking for file '/usr/include/.../.bash_history' [ Not found ]
[01:10:07]   Checking for file '/usr/include/.../bkit-get'   [ Not found ]
[01:10:07]   Checking for file '/usr/include/.../bkit-dl'    [ Not found ]
[01:10:07]   Checking for file '/usr/include/.../bkit-screen' [ Not found ]
[01:10:08]   Checking for file '/usr/include/.../bkit-sleep' [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../bkit-adore.o'   [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../ls'             [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../netstat'        [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../lsof'           [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shdcfg' [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shhk' [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../bkit-ssh/bkit-pw' [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../bkit-ssh/bkit-shrs' [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../bkit-ssh/bkit-mots' [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../uconf.inv'      [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../psr'            [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../find'           [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../pstree'         [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../slocate'        [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../du'             [ Not found ]
[01:10:08]   Checking for file '/usr/lib/.../top'            [ Not found ]
[01:10:08]   Checking for directory '/usr/sbin/...'          [ Not found ]
[01:10:08]   Checking for directory '/usr/include/...'       [ Not found ]
[01:10:09]   Checking for directory '/usr/include/.../.tmp'  [ Not found ]
[01:10:09]   Checking for directory '/usr/lib/...'           [ Not found ]
[01:10:09]   Checking for directory '/usr/lib/.../.ssh'      [ Not found ]
[01:10:09]   Checking for directory '/usr/lib/.../bkit-ssh'  [ Not found ]
[01:10:09]   Checking for directory '/usr/lib/.bkit-'        [ Not found ]
[01:10:09]   Checking for directory '/tmp/.bkp'              [ Not found ]
[01:10:09] BOBKit Rootkit                                    [ Not found ]
[01:10:09]
[01:10:09] Checking for cb Rootkit...
[01:10:09]   Checking for file '/dev/srd0'                   [ Not found ]
[01:10:09]   Checking for file '/lib/libproc.so.2.0.6'       [ Not found ]
[01:10:09]   Checking for file '/dev/mounnt'                 [ Not found ]
[01:10:09]   Checking for file '/etc/rc.d/init.d/init'       [ Not found ]
[01:10:09]   Checking for file '/usr/bin/.zeen/..<SP>/cl'    [ Not found ]
[01:10:09]   Checking for file '/usr/bin/.zeen/..<SP>/.x.tgz' [ Not found ]
[01:10:09]   Checking for file '/usr/bin/.zeen/..<SP>/statdx' [ Not found ]
[01:10:09]   Checking for file '/usr/bin/.zeen/..<SP>/wted'  [ Not found ]
[01:10:09]   Checking for file '/usr/bin/.zeen/..<SP>/write' [ Not found ]
[01:10:09]   Checking for file '/usr/bin/.zeen/..<SP>/scan'  [ Not found ]
[01:10:09]   Checking for file '/usr/bin/.zeen/..<SP>/sc'    [ Not found ]
[01:10:09]   Checking for file '/usr/bin/.zeen/..<SP>/sl2'   [ Not found ]
[01:10:10]   Checking for file '/usr/bin/.zeen/..<SP>/wroot' [ Not found ]
[01:10:10]   Checking for file '/usr/bin/.zeen/..<SP>/wscan' [ Not found ]
[01:10:10]   Checking for file '/usr/bin/.zeen/..<SP>/wu'    [ Not found ]
[01:10:10]   Checking for file '/usr/bin/.zeen/..<SP>/v'     [ Not found ]
[01:10:10]   Checking for file '/usr/bin/.zeen/..<SP>/read'  [ Not found ]
[01:10:10]   Checking for file '/usr/lib/sshrc'              [ Not found ]
[01:10:10]   Checking for file '/usr/lib/ssh_host_key'       [ Not found ]
[01:10:10]   Checking for file '/usr/lib/ssh_host_key.pub'   [ Not found ]
[01:10:10]   Checking for file '/usr/lib/ssh_random_seed'    [ Not found ]
[01:10:10]   Checking for file '/usr/lib/sshd_config'        [ Not found ]
[01:10:10]   Checking for file '/usr/lib/shosts.equiv'       [ Not found ]
[01:10:10]   Checking for file '/usr/lib/ssh_known_hosts'    [ Not found ]
[01:10:10]   Checking for file '/u/zappa/.ssh/pid'           [ Not found ]
[01:10:10]   Checking for file '/usr/bin/.system/..<SP>/tcp.log' [ Not found ]
[01:10:10]   Checking for file '/usr/bin/.zeen/..<SP>/curatare/attrib' [ Not found ]
[01:10:10]   Checking for file '/usr/bin/.zeen/..<SP>/curatare/chattr' [ Not found ]
[01:10:10]   Checking for file '/usr/bin/.zeen/..<SP>/curatare/ps' [ Not found ]
[01:10:10]   Checking for file '/usr/bin/.zeen/..<SP>/curatare/pstree' [ Not found ]
[01:10:10]   Checking for file '/usr/bin/.system/..<SP>/.x/xC.o' [ Not found ]
[01:10:11]   Checking for directory '/usr/bin/.zeen'         [ Not found ]
[01:10:11]   Checking for directory '/usr/bin/.zeen/..<SP>/curatare' [ Not found ]
[01:10:11]   Checking for directory '/usr/bin/.zeen/..<SP>/scan' [ Not found ]
[01:10:11]   Checking for directory '/usr/bin/.system/..<SP>' [ Not found ]
[01:10:11] cb Rootkit                                        [ Not found ]
[01:10:11]
[01:10:11] Checking for CiNIK Worm (Slapper.B variant)...
[01:10:11]   Checking for file '/tmp/.cinik'                 [ Not found ]
[01:10:11]   Checking for directory '/tmp/.font-unix/.cinik' [ Not found ]
[01:10:11] CiNIK Worm (Slapper.B variant)                    [ Not found ]
[01:10:11]
[01:10:11] Checking for Danny-Boy's Abuse Kit...
[01:10:11]   Checking for file '/dev/mdev'                   [ Not found ]
[01:10:11]   Checking for file '/usr/lib/libX.a'             [ Not found ]
[01:10:11] Danny-Boy's Abuse Kit                             [ Not found ]
[01:10:11]
[01:10:11] Checking for Devil RootKit...
[01:10:11]   Checking for file '/var/lib/games/.src'         [ Not found ]
[01:10:11]   Checking for file '/dev/dsx'                    [ Not found ]
[01:10:11]   Checking for file '/dev/caca'                   [ Not found ]
[01:10:11]   Checking for file '/dev/pro'                    [ Not found ]
[01:10:11]   Checking for file '/bin/bye'                    [ Not found ]
[01:10:11]   Checking for file '/bin/homedir'                [ Not found ]
[01:10:12]   Checking for file '/usr/bin/xfss'               [ Not found ]
[01:10:12]   Checking for file '/usr/sbin/tzava'             [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/holber' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/sense' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/clear' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/tzava' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/citeste' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/killrk' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/searchlog' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/gaoaza' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/cleaner' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/shk' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/srs' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/utile.tgz' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/webpage' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/getpsy' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/getbnc' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/getemech' [ Not found ]
[01:10:12]   Checking for file '/usr/doc/tar/.../.dracusor/localroot.sh' [ Not found ]
[01:10:13]   Checking for file '/usr/doc/tar/.../.dracusor/stuff/old/sense' [ Not found ]
[01:10:13]   Checking for directory '/usr/doc/tar/.../.dracusor' [ Not found ]
[01:10:13] Devil RootKit                                     [ Not found ]
[01:10:13]
[01:10:13] Checking for Diamorphine LKM...
[01:10:13]   Checking for kernel symbol 'diamorphine'        [ Not found ]
[01:10:13]   Checking for kernel symbol 'module_hide'        [ Not found ]
[01:10:13]   Checking for kernel symbol 'module_hidden'      [ Not found ]
[01:10:14]   Checking for kernel symbol 'is_invisible'       [ Not found ]
[01:10:14]   Checking for kernel symbol 'hacked_getdents'    [ Not found ]
[01:10:14]   Checking for kernel symbol 'hacked_kill'        [ Not found ]
[01:10:14] Diamorphine LKM                                   [ Not found ]
[01:10:14]
[01:10:14] Checking for Dica-Kit Rootkit...
[01:10:14]   Checking for file '/lib/.sso'                   [ Not found ]
[01:10:14]   Checking for file '/lib/.so'                    [ Not found ]
[01:10:14]   Checking for file '/var/run/...dica/clean'      [ Not found ]
[01:10:14]   Checking for file '/var/run/...dica/dxr'        [ Not found ]
[01:10:15]   Checking for file '/var/run/...dica/read'       [ Not found ]
[01:10:15]   Checking for file '/var/run/...dica/write'      [ Not found ]
[01:10:15]   Checking for file '/var/run/...dica/lf'         [ Not found ]
[01:10:15]   Checking for file '/var/run/...dica/xl'         [ Not found ]
[01:10:15]   Checking for file '/var/run/...dica/xdr'        [ Not found ]
[01:10:15]   Checking for file '/var/run/...dica/psg'        [ Not found ]
[01:10:15]   Checking for file '/var/run/...dica/secure'     [ Not found ]
[01:10:15]   Checking for file '/var/run/...dica/rdx'        [ Not found ]
[01:10:15]   Checking for file '/var/run/...dica/va'         [ Not found ]
[01:10:15]   Checking for file '/var/run/...dica/cl.sh'      [ Not found ]
[01:10:15]   Checking for file '/var/run/...dica/last.log'   [ Not found ]
[01:10:15]   Checking for file '/usr/bin/.etc'               [ Not found ]
[01:10:15]   Checking for file '/etc/sshd_config'            [ Not found ]
[01:10:15]   Checking for file '/etc/ssh_host_key'           [ Not found ]
[01:10:15]   Checking for file '/etc/ssh_random_seed'        [ Not found ]
[01:10:15]   Checking for directory '/var/run/...dica'       [ Not found ]
[01:10:15]   Checking for directory '/var/run/...dica/mh'    [ Not found ]
[01:10:15]   Checking for directory '/var/run/...dica/scan'  [ Not found ]
[01:10:16] Dica-Kit Rootkit                                  [ Not found ]
[01:10:16]
[01:10:16] Checking for Dreams Rootkit...
[01:10:16]   Checking for file '/dev/ttyoa'                  [ Not found ]
[01:10:16]   Checking for file '/dev/ttyof'                  [ Not found ]
[01:10:16]   Checking for file '/dev/ttyop'                  [ Not found ]
[01:10:16]   Checking for file '/usr/bin/sense'              [ Not found ]
[01:10:16]   Checking for file '/usr/bin/sl2'                [ Not found ]
[01:10:16]   Checking for file '/usr/bin/logclear'           [ Not found ]
[01:10:16]   Checking for file '/usr/bin/(swapd)'            [ Not found ]
[01:10:16]   Checking for file '/usr/bin/initrd'             [ Not found ]
[01:10:16]   Checking for file '/usr/bin/crontabs'           [ Not found ]
[01:10:16]   Checking for file '/usr/bin/snfs'               [ Not found ]
[01:10:16]   Checking for file '/usr/lib/libsss'             [ Not found ]
[01:10:16]   Checking for file '/usr/lib/libsnf.log'         [ Not found ]
[01:10:16]   Checking for file '/usr/lib/libshtift/top'      [ Not found ]
[01:10:16]   Checking for file '/usr/lib/libshtift/ps'       [ Not found ]
[01:10:16]   Checking for file '/usr/lib/libshtift/netstat'  [ Not found ]
[01:10:16]   Checking for file '/usr/lib/libshtift/ls'       [ Not found ]
[01:10:16]   Checking for file '/usr/lib/libshtift/ifconfig' [ Not found ]
[01:10:16]   Checking for file '/usr/include/linseed.h'      [ Not found ]
[01:10:17]   Checking for file '/usr/include/linpid.h'       [ Not found ]
[01:10:17]   Checking for file '/usr/include/linkey.h'       [ Not found ]
[01:10:17]   Checking for file '/usr/include/linconf.h'      [ Not found ]
[01:10:17]   Checking for file '/usr/include/iceseed.h'      [ Not found ]
[01:10:17]   Checking for file '/usr/include/icepid.h'       [ Not found ]
[01:10:17]   Checking for file '/usr/include/icekey.h'       [ Not found ]
[01:10:17]   Checking for file '/usr/include/iceconf.h'      [ Not found ]
[01:10:17]   Checking for directory '/dev/ida/.hpd'          [ Not found ]
[01:10:17]   Checking for directory '/usr/lib/libshtift'     [ Not found ]
[01:10:17] Dreams Rootkit                                    [ Not found ]
[01:10:17]
[01:10:17] Checking for Duarawkz Rootkit...
[01:10:17]   Checking for file '/usr/bin/duarawkz/loginpass' [ Not found ]
[01:10:17]   Checking for directory '/usr/bin/duarawkz'      [ Not found ]
[01:10:17] Duarawkz Rootkit                                  [ Not found ]
[01:10:17]
[01:10:17] Checking for Ebury backdoor...
[01:10:17]   Checking for file '/lib/libns2.so'              [ Not found ]
[01:10:17]   Checking for file '/lib64/libns2.so'            [ Not found ]
[01:10:17]   Checking for file '/lib/libns5.so'              [ Not found ]
[01:10:17]   Checking for file '/lib64/libns5.so'            [ Not found ]
[01:10:17]   Checking for file '/lib/libpw3.so'              [ Not found ]
[01:10:18]   Checking for file '/lib64/libpw3.so'            [ Not found ]
[01:10:18]   Checking for file '/lib/libpw5.so'              [ Not found ]
[01:10:18]   Checking for file '/lib64/libpw5.so'            [ Not found ]
[01:10:18]   Checking for file '/lib/libsbr.so'              [ Not found ]
[01:10:18]   Checking for file '/lib64/libsbr.so'            [ Not found ]
[01:10:18]   Checking for file '/lib/libslr.so'              [ Not found ]
[01:10:18]   Checking for file '/lib64/libslr.so'            [ Not found ]
[01:10:18]   Checking for file '/lib/tls/libkeyutils.so.1'   [ Not found ]
[01:10:18]   Checking for file '/lib64/tls/libkeyutils.so.1' [ Not found ]
[01:10:18] Ebury backdoor                                    [ Not found ]
[01:10:18]
[01:10:18] Checking for Enye LKM...
[01:10:18]   Checking for file '/etc/.enyelkmHIDE^IT.ko'     [ Not found ]
[01:10:18]   Checking for file '/etc/.enyelkmOCULTAR.ko'     [ Not found ]
[01:10:18] Enye LKM                                          [ Not found ]
[01:10:18]
[01:10:18] Checking for Flea Linux Rootkit...
[01:10:18]   Checking for file '/etc/ld.so.hash'             [ Not found ]
[01:10:18]   Checking for file '/lib/security/.config/ssh/sshd_config' [ Not found ]
[01:10:18]   Checking for file '/lib/security/.config/ssh/ssh_host_key' [ Not found ]
[01:10:18]   Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' [ Not found ]
[01:10:18]   Checking for file '/lib/security/.config/ssh/ssh_random_seed' [ Not found ]
[01:10:19]   Checking for file '/usr/bin/ssh2d'              [ Not found ]
[01:10:19]   Checking for file '/usr/lib/ldlibns.so'         [ Not found ]
[01:10:19]   Checking for file '/usr/lib/ldlibps.so'         [ Not found ]
[01:10:19]   Checking for file '/usr/lib/ldlibpst.so'        [ Not found ]
[01:10:19]   Checking for file '/usr/lib/ldlibdu.so'         [ Not found ]
[01:10:19]   Checking for file '/usr/lib/ldlibct.so'         [ Not found ]
[01:10:19]   Checking for directory '/lib/security/.config/ssh' [ Not found ]
[01:10:19]   Checking for directory '/dev/..0'               [ Not found ]
[01:10:19]   Checking for directory '/dev/..0/backup'        [ Not found ]
[01:10:19] Flea Linux Rootkit                                [ Not found ]
[01:10:19]
[01:10:19] Checking for Fu Rootkit...
[01:10:19]   Checking for file '/sbin/xc'                    [ Not found ]
[01:10:19]   Checking for file '/usr/include/ivtype.h'       [ Not found ]
[01:10:19]   Checking for file '/bin/.lib'                   [ Not found ]
[01:10:19] Fu Rootkit                                        [ Not found ]
[01:10:19]
[01:10:19] Checking for ■■■■■■■ Rootkit...
[01:10:19]   Checking for file '/lib/libproc.so.2.0.7'       [ Not found ]
[01:10:19]   Checking for file '/dev/proc/.bash_profile'     [ Not found ]
[01:10:19]   Checking for file '/dev/proc/.bashrc'           [ Not found ]
[01:10:19]   Checking for file '/dev/proc/.cshrc'            [ Not found ]
[01:10:20]   Checking for file ■■■■■■■■■■■■■■■■■■■■■■■■      [ Not found ]
[01:10:20]   Checking for file ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ [ Not found ]
[01:10:20]   Checking for file ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ [ Not found ]
[01:10:20]   Checking for file ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ [ Not found ]
[01:10:20]   Checking for file ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ [ Not found ]
[01:10:20]   Checking for file ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ [ Not found ]
[01:10:20]   Checking for file ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ [ Not found ]
[01:10:20]   Checking for file ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ [ Not found ]
[01:10:20]   Checking for file '/usr/lib/libcps.a'           [ Not found ]
[01:10:20]   Checking for file '/usr/lib/libtty.a'           [ Not found ]
[01:10:20]   Checking for directory '/dev/proc'              [ Not found ]
[01:10:20]   Checking for directory ■■■■■■■■■■■■■■■■■■       [ Not found ]
[01:10:20]   Checking for directory ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ [ Not found ]
[01:10:20]   Checking for directory '/dev/proc/toolz'        [ Not found ]
[01:10:20] ■■■■■■■ Rootkit                                   [ Not found ]
[01:10:20]
[01:10:20] Checking for GasKit Rootkit...
[01:10:20]   Checking for file '/dev/dev/gaskit/sshd/sshdd'  [ Not found ]
[01:10:20]   Checking for directory '/dev/dev'               [ Not found ]
[01:10:20]   Checking for directory '/dev/dev/gaskit'        [ Not found ]
[01:10:21]   Checking for directory '/dev/dev/gaskit/sshd'   [ Not found ]
[01:10:21] GasKit Rootkit                                    [ Not found ]
[01:10:21]
[01:10:21] Checking for Heroin LKM...
[01:10:21]   Checking for kernel symbol 'heroin'             [ Not found ]
[01:10:21] Heroin LKM                                        [ Not found ]
[01:10:21]
[01:10:21] Checking for HjC Kit...
[01:10:21]   Checking for directory '/dev/.hijackerz'        [ Not found ]
[01:10:21] HjC Kit                                           [ Not found ]
[01:10:21]
[01:10:21] Checking for ignoKit Rootkit...
[01:10:21]   Checking for file '/lib/defs/p'                 [ Not found ]
[01:10:21]   Checking for file '/lib/defs/q'                 [ Not found ]
[01:10:21]   Checking for file '/lib/defs/r'                 [ Not found ]
[01:10:21]   Checking for file '/lib/defs/s'                 [ Not found ]
[01:10:21]   Checking for file '/lib/defs/t'                 [ Not found ]
[01:10:21]   Checking for file '/usr/lib/defs/p'             [ Not found ]
[01:10:21]   Checking for file '/usr/lib/defs/q'             [ Not found ]
[01:10:22]   Checking for file '/usr/lib/defs/r'             [ Not found ]
[01:10:22]   Checking for file '/usr/lib/defs/s'             [ Not found ]
[01:10:22]   Checking for file '/usr/lib/defs/t'             [ Not found ]
[01:10:22]   Checking for file '/usr/lib/.libigno/pkunsec'   [ Not found ]
[01:10:22]   Checking for file '/usr/lib/.libigno/.igno/psybnc/psybnc' [ Not found ]
[01:10:22]   Checking for directory '/usr/lib/.libigno'      [ Not found ]
[01:10:22]   Checking for directory '/usr/lib/.libigno/.igno' [ Not found ]
[01:10:22] ignoKit Rootkit                                   [ Not found ]
[01:10:22]
[01:10:22] Checking for IntoXonia-NG Rootkit...
[01:10:22]   Checking for kernel symbol 'funces'             [ Not found ]
[01:10:22]   Checking for kernel symbol 'ixinit'             [ Not found ]
[01:10:23]   Checking for kernel symbol 'tricks'             [ Not found ]
[01:10:23]   Checking for kernel symbol 'kernel_unlink'      [ Not found ]
[01:10:23]   Checking for kernel symbol 'rootme'             [ Not found ]
[01:10:23]   Checking for kernel symbol 'hide_module'        [ Not found ]
[01:10:24]   Checking for kernel symbol 'find_sys_call_tbl'  [ Not found ]
[01:10:24] IntoXonia-NG Rootkit                              [ Not found ]
[01:10:24]
[01:10:24] Checking for Irix Rootkit...
[01:10:24]   Checking for directory '/dev/pts/01'            [ Not found ]
[01:10:24]   Checking for directory '/dev/pts/01/backup'     [ Not found ]
[01:10:24]   Checking for directory '/dev/pts/01/etc'        [ Not found ]
[01:10:24]   Checking for directory '/dev/pts/01/tmp'        [ Not found ]
[01:10:24] Irix Rootkit                                      [ Not found ]
[01:10:24]
[01:10:24] Checking for Jynx Rootkit...
[01:10:24]   Checking for file '/xochikit/bc'                [ Not found ]
[01:10:24]   Checking for file '/xochikit/ld_poison.so'      [ Not found ]
[01:10:24]   Checking for file '/omgxochi/bc'                [ Not found ]
[01:10:24]   Checking for file '/omgxochi/ld_poison.so'      [ Not found ]
[01:10:24]   Checking for file '/var/local/^^/bc'            [ Not found ]
[01:10:24]   Checking for file '/var/local/^^/ld_poison.so'  [ Not found ]
[01:10:24]   Checking for directory '/xochikit'              [ Not found ]
[01:10:25]   Checking for directory '/omgxochi'              [ Not found ]
[01:10:25]   Checking for directory '/var/local/^^'          [ Not found ]
[01:10:25] Jynx Rootkit                                      [ Not found ]
[01:10:25]
[01:10:25] Checking for Jynx2 Rootkit...
[01:10:25]   Checking for file '/XxJynx/reality.so'          [ Not found ]
[01:10:25]   Checking for directory '/XxJynx'                [ Not found ]
[01:10:25] Jynx2 Rootkit                                     [ Not found ]
[01:10:25]
[01:10:25] Checking for KBeast Rootkit...
[01:10:25]   Checking for file '/usr/_h4x_/ipsecs-kbeast-v1.ko' [ Not found ]
[01:10:25]   Checking for file '/usr/_h4x_/_h4x_bd'          [ Not found ]
[01:10:25]   Checking for file '/usr/_h4x_/acctlog'          [ Not found ]
[01:10:25]   Checking for directory '/usr/_h4x_'             [ Not found ]
[01:10:25]   Checking for kernel symbol 'h4x_delete_module'  [ Not found ]
[01:10:26]   Checking for kernel symbol 'h4x_getdents64'     [ Not found ]
[01:10:26]   Checking for kernel symbol 'h4x_kill'           [ Not found ]
[01:10:26]   Checking for kernel symbol 'h4x_open'           [ Not found ]
[01:10:26]   Checking for kernel symbol 'h4x_read'           [ Not found ]
[01:10:27]   Checking for kernel symbol 'h4x_rename'         [ Not found ]
[01:10:27]   Checking for kernel symbol 'h4x_rmdir'          [ Not found ]
[01:10:27]   Checking for kernel symbol 'h4x_tcp4_seq_show'  [ Not found ]
[01:10:27]   Checking for kernel symbol 'h4x_write'          [ Not found ]
[01:10:27] KBeast Rootkit                                    [ Not found ]
[01:10:28]
[01:10:28] Checking for Kitko Rootkit...
[01:10:28]   Checking for directory '/usr/src/redhat/SRPMS/...' [ Not found ]
[01:10:28] Kitko Rootkit                                     [ Not found ]
[01:10:28]
[01:10:28] Checking for Knark Rootkit...
[01:10:28]   Checking for file '/proc/knark/pids'            [ Not found ]
[01:10:28]   Checking for directory '/proc/knark'            [ Not found ]
[01:10:28] Knark Rootkit                                     [ Not found ]
[01:10:28]
[01:10:28] Checking for ld-linuxv.so Rootkit...
[01:10:28]   Checking for file '/lib/ld-linuxv.so.1'         [ Not found ]
[01:10:28]   Checking for directory '/var/opt/_so_cache'     [ Not found ]
[01:10:28]   Checking for directory '/var/opt/_so_cache/ld'  [ Not found ]
[01:10:28]   Checking for directory '/var/opt/_so_cache/lc'  [ Not found ]
[01:10:28] ld-linuxv.so Rootkit                              [ Not found ]
[01:10:28]
[01:10:28] Checking for Li0n Worm...
[01:10:28]   Checking for file '/bin/in.telnetd'             [ Not found ]
[01:10:28]   Checking for file '/bin/mjy'                    [ Not found ]
[01:10:28]   Checking for file '/usr/man/man1/man1/lib/.lib/mjy' [ Not found ]
[01:10:28]   Checking for file '/usr/man/man1/man1/lib/.lib/in.telnetd' [ Not found ]
[01:10:28]   Checking for file '/usr/man/man1/man1/lib/.lib/.x' [ Not found ]
[01:10:28]   Checking for file '/dev/.lib/lib/scan/1i0n.sh'  [ Not found ]
[01:10:28]   Checking for file '/dev/.lib/lib/scan/hack.sh'  [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/scan/bind'     [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/scan/randb'    [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/scan/scan.sh'  [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/scan/pscan'    [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/scan/star.sh'  [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/scan/bindx.sh' [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/scan/bindname.log' [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/1i0n.sh'       [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/lib/netstat'   [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/lib/dev/.1addr' [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/lib/dev/.1logz' [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/lib/dev/.1proc' [ Not found ]
[01:10:29]   Checking for file '/dev/.lib/lib/lib/dev/.1file' [ Not found ]
[01:10:29] Li0n Worm                                         [ Not found ]
[01:10:29]
[01:10:29] Checking for Lockit / LJK2 Rootkit...
[01:10:29]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_config' [ Not found ]
[01:10:29]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key' [ Not found ]
[01:10:29]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_host_key.pub' [ Not found ]
[01:10:29]   Checking for file '/usr/lib/libmen.oo/.LJK2/ssh_random_seed*' [ Not found ]
[01:10:29]   Checking for file '/usr/lib/libmen.oo/.LJK2/sshd_config' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backdoor/RK1bd' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/du' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ifconfig' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/inetd.conf' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/locate' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/login' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ls' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/netstat' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/ps' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/pstree' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/rc.sysinit' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/syslogd' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/tcpd' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/backup/top' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1sauber' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/clean/RK1wted' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1parse' [ Not found ]
[01:10:30]   Checking for file '/usr/lib/libmen.oo/.LJK2/hack/RK1sniff' [ Not found ]
[01:10:31]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1addr' [ Not found ]
[01:10:31]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1dir' [ Not found ]
[01:10:31]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1log' [ Not found ]
[01:10:31]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/.RK1proc' [ Not found ]
[01:10:31]   Checking for file '/usr/lib/libmen.oo/.LJK2/hide/RK1phidemod.c' [ Not found ]
[01:10:31]   Checking for file '/usr/lib/libmen.oo/.LJK2/modules/README.modules' [ Not found ]
[01:10:31]   Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1hidem.c' [ Not found ]
[01:10:31]   Checking for file '/usr/lib/libmen.oo/.LJK2/modules/RK1phide' [ Not found ]
[01:10:31]   Checking for file '/usr/lib/libmen.oo/.LJK2/sshconfig/RK1ssh' [ Not found ]
[01:10:31]   Checking for directory '/usr/lib/libmen.oo/.LJK2' [ Not found ]
[01:10:31] Lockit / LJK2 Rootkit                             [ Not found ]
[01:10:31]
[01:10:31] Checking for Mokes backdoor...
[01:10:31]   Checking for file '/tmp/ss0-[0-9][0-9][0-9][0-9][0-9][0-9]-[0-9][0-9][0-9][0-9][0-9][0-9]-[0-9][0-9][0-9].sst' [ Not found ]
[01:10:31]   Checking for file '/tmp/aa0-[0-9][0-9][0-9][0-9][0-9][0-9]-[0-9][0-9][0-9][0-9][0-9][0-9]-[0-9][0-9][0-9].aat' [ Not found ]
[01:10:31]   Checking for file '/tmp/kk0-[0-9][0-9][0-9][0-9][0-9][0-9]-[0-9][0-9][0-9][0-9][0-9][0-9]-[0-9][0-9][0-9].kkt' [ Not found ]
[01:10:31]   Checking for file '/tmp/dd0-[0-9][0-9][0-9][0-9][0-9][0-9]-[0-9][0-9][0-9][0-9][0-9][0-9]-[0-9][0-9][0-9].ddt' [ Not found ]
[01:10:31] Mokes backdoor                                    [ Not found ]
[01:10:31]
[01:10:31] Checking for Mood-NT Rootkit...
[01:10:31]   Checking for file '/sbin/init__mood-nt-_-_cthulhu' [ Not found ]
[01:10:31]   Checking for file '/_cthulhu/mood-nt.init'      [ Not found ]
[01:10:32]   Checking for file '/_cthulhu/mood-nt.conf'      [ Not found ]
[01:10:32]   Checking for file '/_cthulhu/mood-nt.sniff'     [ Not found ]
[01:10:32]   Checking for directory '/_cthulhu'              [ Not found ]
[01:10:32] Mood-NT Rootkit                                   [ Not found ]
[01:10:32]
[01:10:32] Checking for MRK Rootkit...
[01:10:32]   Checking for file '/dev/ida/.inet/pid'          [ Not found ]
[01:10:32]   Checking for file '/dev/ida/.inet/ssh_host_key' [ Not found ]
[01:10:32]   Checking for file '/dev/ida/.inet/ssh_random_seed' [ Not found ]
[01:10:32]   Checking for file '/dev/ida/.inet/tcp.log'      [ Not found ]
[01:10:32]   Checking for directory '/dev/ida/.inet'         [ Not found ]
[01:10:32]   Checking for directory '/var/spool/cron/.sh'    [ Not found ]
[01:10:32] MRK Rootkit                                       [ Not found ]
[01:10:32]
[01:10:32] Checking for Ni0 Rootkit...
[01:10:32]   Checking for file '/var/lock/subsys/...datafile.../...net...' [ Not found ]
[01:10:32]   Checking for file '/var/lock/subsys/...datafile.../...port...' [ Not found ]
[01:10:32]   Checking for file '/var/lock/subsys/...datafile.../...ps...' [ Not found ]
[01:10:32]   Checking for file '/var/lock/subsys/...datafile.../...file...' [ Not found ]
[01:10:32]   Checking for directory '/tmp/waza'              [ Not found ]
[01:10:32]   Checking for directory '/var/lock/subsys/...datafile...' [ Not found ]
[01:10:32]   Checking for directory '/usr/sbin/es'           [ Not found ]
[01:10:32] Ni0 Rootkit                                       [ Not found ]
[01:10:33]
[01:10:33] Checking for Ohhara Rootkit...
[01:10:33]   Checking for file '/var/lock/subsys/...datafile.../...datafile.../in.smbd.log' [ Not found ]
[01:10:33]   Checking for directory '/var/lock/subsys/...datafile...' [ Not found ]
[01:10:33]   Checking for directory '/var/lock/subsys/...datafile.../...datafile...' [ Not found ]
[01:10:33]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../bin' [ Not found ]
[01:10:33]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/bin' [ Not found ]
[01:10:33]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../usr/sbin' [ Not found ]
[01:10:33]   Checking for directory '/var/lock/subsys/...datafile.../...datafile.../lib/security' [ Not found ]
[01:10:33] Ohhara Rootkit                                    [ Not found ]
[01:10:33]
[01:10:33] Checking for Optic Kit (Tux) Worm...
[01:10:33]   Checking for directory '/dev/tux'               [ Not found ]
[01:10:33]   Checking for directory '/usr/bin/xchk'          [ Not found ]
[01:10:33]   Checking for directory '/usr/bin/xsf'           [ Not found ]
[01:10:33]   Checking for directory '/usr/bin/ssh2d'         [ Not found ]
[01:10:33] Optic Kit (Tux) Worm                              [ Not found ]
[01:10:33]
[01:10:33] Checking for Oz Rootkit...
[01:10:33]   Checking for file '/dev/.oz/.nap/rkit/terror'   [ Not found ]
[01:10:33]   Checking for directory '/dev/.oz'               [ Not found ]
[01:10:33] Oz Rootkit                                        [ Not found ]
[01:10:33]
[01:10:33] Checking for Phalanx Rootkit...
[01:10:34]   Checking for file '/uNFuNF'                     [ Not found ]
[01:10:34]   Checking for file '/etc/host.ph1'               [ Not found ]
[01:10:34]   Checking for file '/bin/host.ph1'               [ Not found ]
[01:10:34]   Checking for file '/usr/share/.home.ph1/phalanx' [ Not found ]
[01:10:34]   Checking for file '/usr/share/.home.ph1/cb'     [ Not found ]
[01:10:34]   Checking for file '/usr/share/.home.ph1/kebab'  [ Not found ]
[01:10:34]   Checking for directory '/usr/share/.home.ph1'   [ Not found ]
[01:10:34]   Checking for directory '/usr/share/.home.ph1/tty' [ Not found ]
[01:10:34] Phalanx Rootkit                                   [ Not found ]
[01:10:34]
[01:10:34] Checking for Phalanx2 Rootkit...
[01:10:34]   Checking for file '/etc/khubd.p2/.p2rc'         [ Not found ]
[01:10:34]   Checking for file '/etc/khubd.p2/.phalanx2'     [ Not found ]
[01:10:34]   Checking for file '/etc/khubd.p2/.sniff'        [ Not found ]
[01:10:34]   Checking for file '/etc/khubd.p2/sshgrab.py'    [ Not found ]
[01:10:34]   Checking for file '/etc/lolzz.p2/.p2rc'         [ Not found ]
[01:10:34]   Checking for file '/etc/lolzz.p2/.phalanx2'     [ Not found ]
[01:10:34]   Checking for file '/etc/lolzz.p2/.sniff'        [ Not found ]
[01:10:34]   Checking for file '/etc/lolzz.p2/sshgrab.py'    [ Not found ]
[01:10:34]   Checking for file '/etc/cron.d/zupzzplaceholder' [ Not found ]
[01:10:34]   Checking for file '/usr/lib/zupzz.p2/.p-2.3d'   [ Not found ]
[01:10:35]   Checking for file '/usr/lib/zupzz.p2/.p2rc'     [ Not found ]
[01:10:35]   Checking for directory '/etc/khubd.p2'          [ Not found ]
[01:10:35]   Checking for directory '/etc/lolzz.p2'          [ Not found ]
[01:10:35]   Checking for directory '/usr/lib/zupzz.p2'      [ Not found ]
[01:10:35] Phalanx2 Rootkit                                  [ Not found ]
[01:10:35]
[01:10:35] Checking for Phalanx2 Rootkit (extended tests)...
[01:10:35]   Checking for directory '/etc/khubd.p2'          [ Not found ]
[01:10:35]   Checking for directory '/etc/lolzz.p2'          [ Not found ]
[01:10:35]   Checking for directory '/usr/lib/zupzz.p2'      [ Not found ]
[01:10:35] Phalanx2 Rootkit (extended tests)                 [ Not found ]
[01:10:35]
[01:10:35] Checking for Portacelo Rootkit...
[01:10:35]   Checking for file '/var/lib/.../.ak'            [ Not found ]
[01:10:35]   Checking for file '/var/lib/.../.hk'            [ Not found ]
[01:10:35]   Checking for file '/var/lib/.../.rs'            [ Not found ]
[01:10:35]   Checking for file '/var/lib/.../.p'             [ Not found ]
[01:10:35]   Checking for file '/var/lib/.../getty'          [ Not found ]
[01:10:35]   Checking for file '/var/lib/.../lkt.o'          [ Not found ]
[01:10:35]   Checking for file '/var/lib/.../show'           [ Not found ]
[01:10:35]   Checking for file '/var/lib/.../nlkt.o'         [ Not found ]
[01:10:36]   Checking for file '/var/lib/.../ssshrc'         [ Not found ]
[01:10:36]   Checking for file '/var/lib/.../sssh_equiv'     [ Not found ]
[01:10:36]   Checking for file '/var/lib/.../sssh_known_hosts' [ Not found ]
[01:10:36]   Checking for file '/var/lib/.../sssh_pid'       [ Not found ]
[01:10:36]   Checking for file '~/.sssh/known_hosts'         [ Not found ]
[01:10:36] Portacelo Rootkit                                 [ Not found ]
[01:10:36]
[01:10:36] Checking for R3dstorm Toolkit...
[01:10:36]   Checking for file '/var/log/tk02/see_all'       [ Not found ]
[01:10:36]   Checking for file '/var/log/tk02/.scris'        [ Not found ]
[01:10:36]   Checking for file '/bin/.../sshd/sbin/sshd1'    [ Not found ]
[01:10:36]   Checking for file '/bin/.../hate/sk'            [ Not found ]
[01:10:36]   Checking for file '/bin/.../see_all'            [ Not found ]
[01:10:36]   Checking for directory '/var/log/tk02'          [ Not found ]
[01:10:36]   Checking for directory '/var/log/tk02/old'      [ Not found ]
[01:10:36]   Checking for directory '/bin/...'               [ Not found ]
[01:10:36] R3dstorm Toolkit                                  [ Not found ]
[01:10:36]
[01:10:36] Checking for RH-Sharpe's Rootkit...
[01:10:36]   Checking for file '/bin/lps'                    [ Not found ]
[01:10:36]   Checking for file '/usr/bin/lpstree'            [ Not found ]
[01:10:36]   Checking for file '/usr/bin/ltop'               [ Not found ]
[01:10:37]   Checking for file '/usr/bin/lkillall'           [ Not found ]
[01:10:37]   Checking for file '/usr/bin/ldu'                [ Not found ]
[01:10:37]   Checking for file '/usr/bin/lnetstat'           [ Not found ]
[01:10:37]   Checking for file '/usr/bin/wp'                 [ Not found ]
[01:10:37]   Checking for file '/usr/bin/shad'               [ Not found ]
[01:10:37]   Checking for file '/usr/bin/vadim'              [ Not found ]
[01:10:37]   Checking for file '/usr/bin/slice'              [ Not found ]
[01:10:37]   Checking for file '/usr/bin/cleaner'            [ Not found ]
[01:10:37]   Checking for file '/usr/include/rpcsvc/du'      [ Not found ]
[01:10:37] RH-Sharpe's Rootkit                               [ Not found ]
[01:10:37]
[01:10:37] Checking for RSHA's Rootkit...
[01:10:37]   Checking for file '/bin/kr4p'                   [ Not found ]
[01:10:37]   Checking for file '/usr/bin/n3tstat'            [ Not found ]
[01:10:37]   Checking for file '/usr/bin/chsh2'              [ Not found ]
[01:10:37]   Checking for file '/usr/bin/slice2'             [ Not found ]
[01:10:37]   Checking for file '/usr/src/linux/arch/alpha/lib/.lib/.1proc' [ Not found ]
[01:10:37]   Checking for file '/etc/rc.d/arch/alpha/lib/.lib/.1addr' [ Not found ]
[01:10:37]   Checking for directory '/etc/rc.d/rsha'         [ Not found ]
[01:10:38]   Checking for directory '/etc/rc.d/arch/alpha/lib/.lib' [ Not found ]
[01:10:38] RSHA's Rootkit                                    [ Not found ]
[01:10:38]
[01:10:38] Checking for Scalper Worm...
[01:10:38]   Checking for file '/tmp/.a'                     [ Not found ]
[01:10:38]   Checking for file '/tmp/.uua'                   [ Not found ]
[01:10:38] Scalper Worm                                      [ Not found ]
[01:10:38]
[01:10:38] Checking for Sebek LKM...
[01:10:38]   Checking for kernel symbol 'adore or sebek'     [ Not found ]
[01:10:38] Sebek LKM                                         [ Not found ]
[01:10:38]
[01:10:38] Checking for Shutdown Rootkit...
[01:10:38]   Checking for file '/usr/man/man5/..<SP>/.dir/scannah/asus' [ Not found ]
[01:10:38]   Checking for file '/usr/man/man5/..<SP>/.dir/see' [ Not found ]
[01:10:38]   Checking for file '/usr/man/man5/..<SP>/.dir/nscd' [ Not found ]
[01:10:38]   Checking for file '/usr/man/man5/..<SP>/.dir/alpd' [ Not found ]
[01:10:38]   Checking for file '/etc/rc.d/rc.local<SP>'      [ Not found ]
[01:10:38]   Checking for directory '/usr/man/man5/..<SP>/.dir' [ Not found ]
[01:10:39]   Checking for directory '/usr/man/man5/..<SP>/.dir/scannah' [ Not found ]
[01:10:39]   Checking for directory '/etc/rc.d/rc0.d/..<SP>/.dir' [ Not found ]
[01:10:39] Shutdown Rootkit                                  [ Not found ]
[01:10:39]
[01:10:39] Checking for SHV4 Rootkit...
[01:10:39]   Checking for file '/etc/ld.so.hash'             [ Not found ]
[01:10:39]   Checking for file '/lib/libext-2.so.7'          [ Not found ]
[01:10:39]   Checking for file '/lib/lidps1.so'              [ Not found ]
[01:10:39]   Checking for file '/lib/libproc.a'              [ Not found ]
[01:10:39]   Checking for file '/lib/libproc.so.2.0.6'       [ Not found ]
[01:10:39]   Checking for file '/lib/ldd.so/tks'             [ Not found ]
[01:10:39]   Checking for file '/lib/ldd.so/tkp'             [ Not found ]
[01:10:39]   Checking for file '/lib/ldd.so/tksb'            [ Not found ]
[01:10:39]   Checking for file '/lib/security/.config/sshd'  [ Not found ]
[01:10:39]   Checking for file '/lib/security/.config/ssh/ssh_host_key' [ Not found ]
[01:10:39]   Checking for file '/lib/security/.config/ssh/ssh_host_key.pub' [ Not found ]
[01:10:39]   Checking for file '/lib/security/.config/ssh/ssh_random_seed' [ Not found ]
[01:10:39]   Checking for file '/usr/include/file.h'         [ Not found ]
[01:10:39]   Checking for file '/usr/include/hosts.h'        [ Not found ]
[01:10:39]   Checking for file '/usr/include/lidps1.so'      [ Not found ]
[01:10:40]   Checking for file '/usr/include/log.h'          [ Not found ]
[01:10:40]   Checking for file '/usr/include/proc.h'         [ Not found ]
[01:10:40]   Checking for file '/usr/sbin/xntps'             [ Not found ]
[01:10:40]   Checking for file '/dev/srd0'                   [ Not found ]
[01:10:40]   Checking for directory '/lib/ldd.so'            [ Not found ]
[01:10:40]   Checking for directory '/lib/security/.config'  [ Not found ]
[01:10:40]   Checking for directory '/lib/security/.config/ssh' [ Not found ]
[01:10:40] SHV4 Rootkit                                      [ Not found ]
[01:10:40]
[01:10:40] Checking for SHV5 Rootkit...
[01:10:40]   Checking for file '/etc/sh.conf'                [ Not found ]
[01:10:40]   Checking for file '/lib/libproc.a'              [ Not found ]
[01:10:40]   Checking for file '/lib/libproc.so.2.0.6'       [ Not found ]
[01:10:40]   Checking for file '/lib/lidps1.so'              [ Not found ]
[01:10:40]   Checking for file '/lib/libsh.so/bash'          [ Not found ]
[01:10:40]   Checking for file '/usr/include/file.h'         [ Not found ]
[01:10:40]   Checking for file '/usr/include/hosts.h'        [ Not found ]
[01:10:40]   Checking for file '/usr/include/log.h'          [ Not found ]
[01:10:40]   Checking for file '/usr/include/proc.h'         [ Not found ]
[01:10:40]   Checking for file '/lib/libsh.so/shdcf2'        [ Not found ]
[01:10:40]   Checking for file '/lib/libsh.so/shhk'          [ Not found ]
[01:10:41]   Checking for file '/lib/libsh.so/shhk.pub'      [ Not found ]
[01:10:41]   Checking for file '/lib/libsh.so/shrs'          [ Not found ]
[01:10:41]   Checking for file '/usr/lib/libsh/.bashrc'      [ Not found ]
[01:10:41]   Checking for file '/usr/lib/libsh/shsb'         [ Not found ]
[01:10:41]   Checking for file '/usr/lib/libsh/hide'         [ Not found ]
[01:10:41]   Checking for file '/usr/lib/libsh/.sniff/shsniff' [ Not found ]
[01:10:41]   Checking for file '/usr/lib/libsh/.sniff/shp'   [ Not found ]
[01:10:41]   Checking for file '/dev/srd0'                   [ Not found ]
[01:10:41]   Checking for directory '/lib/libsh.so'          [ Not found ]
[01:10:41]   Checking for directory '/usr/lib/libsh'         [ Not found ]
[01:10:41]   Checking for directory '/usr/lib/libsh/utilz'   [ Not found ]
[01:10:41]   Checking for directory '/usr/lib/libsh/.backup' [ Not found ]
[01:10:41] SHV5 Rootkit                                      [ Not found ]
[01:10:41]
[01:10:41] Checking for Sin Rootkit...
[01:10:41]   Checking for file '/dev/.haos/haos1/.f/Denyed'  [ Not found ]
[01:10:41]   Checking for file '/dev/ttyoa'                  [ Not found ]
[01:10:41]   Checking for file '/dev/ttyof'                  [ Not found ]
[01:10:41]   Checking for file '/dev/ttyop'                  [ Not found ]

Continuation:

[01:10:41]   Checking for file '/dev/ttyos'                  [ Not found ]
[01:10:42]   Checking for file '/usr/lib/.lib'               [ Not found ]
[01:10:42]   Checking for file '/usr/lib/sn/.X'              [ Not found ]
[01:10:42]   Checking for file '/usr/lib/sn/.sys'            [ Not found ]
[01:10:42]   Checking for file '/usr/lib/ld/.X'              [ Not found ]
[01:10:42]   Checking for file '/usr/man/man1/...'           [ Not found ]
[01:10:42]   Checking for file '/usr/man/man1/.../.m'        [ Not found ]
[01:10:42]   Checking for file '/usr/man/man1/.../.w'        [ Not found ]
[01:10:42]   Checking for directory '/usr/lib/sn'            [ Not found ]
[01:10:42]   Checking for directory '/usr/lib/man1/...'      [ Not found ]
[01:10:42]   Checking for directory '/dev/.haos'             [ Not found ]
[01:10:42] Sin Rootkit                                       [ Not found ]
[01:10:42]
[01:10:42] Checking for Slapper Worm...
[01:10:42]   Checking for file '/tmp/.bugtraq'               [ Not found ]
[01:10:42]   Checking for file '/tmp/.uubugtraq'             [ Not found ]
[01:10:42]   Checking for file '/tmp/.bugtraq.c'             [ Not found ]
[01:10:42]   Checking for file '/tmp/httpd'                  [ Not found ]
[01:10:42]   Checking for file '/tmp/.unlock'                [ Not found ]
[01:10:42]   Checking for file '/tmp/update'                 [ Not found ]
[01:10:42]   Checking for file '/tmp/.cinik'                 [ Not found ]
[01:10:42]   Checking for file '/tmp/.b'                     [ Not found ]
[01:10:43] Slapper Worm                                      [ Not found ]
[01:10:43]
[01:10:43] Checking for Sneakin Rootkit...
[01:10:43]   Checking for directory '/tmp/.X11-unix/.../rk'  [ Not found ]
[01:10:43] Sneakin Rootkit                                   [ Not found ]
[01:10:43]
[01:10:43] Checking for 'Spanish' Rootkit...
[01:10:43]   Checking for file '/dev/ptyq'                   [ Not found ]
[01:10:43]   Checking for file '/bin/ad'                     [ Not found ]
[01:10:43]   Checking for file '/bin/ava'                    [ Not found ]
[01:10:43]   Checking for file '/bin/server'                 [ Not found ]
[01:10:43]   Checking for file '/usr/sbin/rescue'            [ Not found ]
[01:10:43]   Checking for file '/usr/share/.../chrps'        [ Not found ]
[01:10:43]   Checking for file '/usr/share/.../chrifconfig'  [ Not found ]
[01:10:43]   Checking for file '/usr/share/.../netstat'      [ Not found ]
[01:10:43]   Checking for file '/usr/share/.../linsniffer'   [ Not found ]
[01:10:43]   Checking for file '/usr/share/.../charbd'       [ Not found ]
[01:10:43]   Checking for file '/usr/share/.../charbd2'      [ Not found ]
[01:10:43]   Checking for file '/usr/share/.../charbd3'      [ Not found ]
[01:10:43]   Checking for file '/usr/share/.../charbd4'      [ Not found ]
[01:10:43]   Checking for file '/usr/man/tmp/update.tgz'     [ Not found ]
[01:10:44]   Checking for file '/var/lib/rpm/db.rpm'         [ Not found ]
[01:10:44]   Checking for file '/var/cache/man/.cat'         [ Not found ]
[01:10:44]   Checking for file '/var/spool/lpd/remote/.lpq'  [ Not found ]
[01:10:44]   Checking for directory '/usr/share/...'         [ Not found ]
[01:10:44] 'Spanish' Rootkit                                 [ Not found ]
[01:10:44]
[01:10:44] Checking for Suckit Rootkit...
[01:10:44]   Checking for file '/sbin/initsk12'              [ Not found ]
[01:10:44]   Checking for file '/sbin/initxrk'               [ Not found ]
[01:10:44]   Checking for file '/usr/bin/null'               [ Not found ]
[01:10:44]   Checking for file '/usr/share/locale/sk/.sk12/sk' [ Not found ]
[01:10:44]   Checking for file '/etc/rc.d/rc0.d/S23kmdac'    [ Not found ]
[01:10:44]   Checking for file '/etc/rc.d/rc1.d/S23kmdac'    [ Not found ]
[01:10:44]   Checking for file '/etc/rc.d/rc2.d/S23kmdac'    [ Not found ]
[01:10:44]   Checking for file '/etc/rc.d/rc3.d/S23kmdac'    [ Not found ]
[01:10:44]   Checking for file '/etc/rc.d/rc4.d/S23kmdac'    [ Not found ]
[01:10:44]   Checking for file '/etc/rc.d/rc5.d/S23kmdac'    [ Not found ]
[01:10:44]   Checking for file '/etc/rc.d/rc6.d/S23kmdac'    [ Not found ]
[01:10:44]   Checking for directory '/dev/sdhu0/tehdrakg'    [ Not found ]
[01:10:44]   Checking for directory '/etc/.MG'               [ Not found ]
[01:10:45]   Checking for directory '/usr/share/locale/sk/.sk12' [ Not found ]
[01:10:45]   Checking for directory '/usr/lib/perl5/site_perl/i386-linux/auto/TimeDate/.packlist' [ Not found ]
[01:10:45] Suckit Rootkit                                    [ Not found ]
[01:10:45]
[01:10:45] Checking for Superkit Rootkit...
[01:10:45]   Checking for file '/usr/man/.sman/sk/backsh'    [ Not found ]
[01:10:45]   Checking for file '/usr/man/.sman/sk/izbtrag'   [ Not found ]
[01:10:45]   Checking for file '/usr/man/.sman/sk/sksniff'   [ Not found ]
[01:10:45]   Checking for file '/var/www/cgi-bin/cgiback.cgi' [ Not found ]
[01:10:45]   Checking for directory '/usr/man/.sman/sk'      [ Not found ]
[01:10:45] Superkit Rootkit                                  [ Not found ]
[01:10:45]
[01:10:45] Checking for TBD (Telnet BackDoor)...
[01:10:45]   Checking for file '/usr/lib/.tbd'               [ Not found ]
[01:10:45] TBD (Telnet BackDoor)                             [ Not found ]
[01:10:45]
[01:10:45] Checking for TeLeKiT Rootkit...
[01:10:45]   Checking for file '/usr/man/man3/.../TeLeKiT/bin/sniff' [ Not found ]
[01:10:45]   Checking for file '/usr/man/man3/.../TeLeKiT/bin/telnetd' [ Not found ]
[01:10:45]   Checking for file '/usr/man/man3/.../TeLeKiT/bin/teleulo' [ Not found ]
[01:10:45]   Checking for file '/usr/man/man3/.../cl'        [ Not found ]
[01:10:45]   Checking for file '/dev/ptyr'                   [ Not found ]
[01:10:45]   Checking for file '/dev/ptyp'                   [ Not found ]
[01:10:46]   Checking for file '/dev/ptyq'                   [ Not found ]
[01:10:46]   Checking for file '/dev/hda06'                  [ Not found ]
[01:10:46]   Checking for file '/usr/info/libc1.so'          [ Not found ]
[01:10:46]   Checking for directory '/usr/man/man3/...'      [ Not found ]
[01:10:46]   Checking for directory '/usr/man/man3/.../lsniff' [ Not found ]
[01:10:46]   Checking for directory '/usr/man/man3/.../TeLeKiT' [ Not found ]
[01:10:46] TeLeKiT Rootkit                                   [ Not found ]
[01:10:46]
[01:10:46] Checking for T0rn Rootkit...
[01:10:46]   Checking for file '/dev/.lib/lib/lib/t0rns'     [ Not found ]
[01:10:46]   Checking for file '/dev/.lib/lib/lib/du'        [ Not found ]
[01:10:46]   Checking for file '/dev/.lib/lib/lib/ls'        [ Not found ]
[01:10:46]   Checking for file '/dev/.lib/lib/lib/t0rnsb'    [ Not found ]
[01:10:46]   Checking for file '/dev/.lib/lib/lib/ps'        [ Not found ]
[01:10:46]   Checking for file '/dev/.lib/lib/lib/t0rnp'     [ Not found ]
[01:10:46]   Checking for file '/dev/.lib/lib/lib/find'      [ Not found ]
[01:10:46]   Checking for file '/dev/.lib/lib/lib/ifconfig'  [ Not found ]
[01:10:46]   Checking for file '/dev/.lib/lib/lib/pg'        [ Not found ]
[01:10:46]   Checking for file '/dev/.lib/lib/lib/ssh.tgz'   [ Not found ]
[01:10:46]   Checking for file '/dev/.lib/lib/lib/top'       [ Not found ]
[01:10:46]   Checking for file '/dev/.lib/lib/lib/sz'        [ Not found ]
[01:10:47]   Checking for file '/dev/.lib/lib/lib/login'     [ Not found ]
[01:10:47]   Checking for file '/dev/.lib/lib/lib/in.fingerd' [ Not found ]
[01:10:47]   Checking for file '/dev/.lib/lib/lib/1i0n.sh'   [ Not found ]
[01:10:47]   Checking for file '/dev/.lib/lib/lib/pstree'    [ Not found ]
[01:10:47]   Checking for file '/dev/.lib/lib/lib/in.telnetd' [ Not found ]
[01:10:47]   Checking for file '/dev/.lib/lib/lib/mjy'       [ Not found ]
[01:10:47]   Checking for file '/dev/.lib/lib/lib/sush'      [ Not found ]
[01:10:47]   Checking for file '/dev/.lib/lib/lib/tfn'       [ Not found ]
[01:10:47]   Checking for file '/dev/.lib/lib/lib/name'      [ Not found ]
[01:10:47]   Checking for file '/dev/.lib/lib/lib/getip.sh'  [ Not found ]
[01:10:47]   Checking for file '/usr/info/.torn/sh*'         [ Not found ]
[01:10:47]   Checking for file '/usr/src/.puta/.1addr'       [ Not found ]
[01:10:47]   Checking for file '/usr/src/.puta/.1file'       [ Not found ]
[01:10:47]   Checking for file '/usr/src/.puta/.1proc'       [ Not found ]
[01:10:47]   Checking for file '/usr/src/.puta/.1logz'       [ Not found ]
[01:10:47]   Checking for file '/usr/info/.t0rn'             [ Not found ]
[01:10:47]   Checking for directory '/dev/.lib'              [ Not found ]
[01:10:47]   Checking for directory '/dev/.lib/lib'          [ Not found ]
[01:10:47]   Checking for directory '/dev/.lib/lib/lib'      [ Not found ]
[01:10:48]   Checking for directory '/dev/.lib/lib/lib/dev'  [ Not found ]
[01:10:48]   Checking for directory '/dev/.lib/lib/scan'     [ Not found ]
[01:10:48]   Checking for directory '/usr/src/.puta'         [ Not found ]
[01:10:48]   Checking for directory '/usr/man/man1/man1'     [ Not found ]
[01:10:48]   Checking for directory '/usr/man/man1/man1/lib' [ Not found ]
[01:10:48]   Checking for directory '/usr/man/man1/man1/lib/.lib' [ Not found ]
[01:10:48]   Checking for directory '/usr/man/man1/man1/lib/.lib/.backup' [ Not found ]
[01:10:48] T0rn Rootkit                                      [ Not found ]
[01:10:48]
[01:10:48] Checking for trNkit Rootkit...
[01:10:48]   Checking for file '/usr/lib/libbins.la'         [ Not found ]
[01:10:48]   Checking for file '/usr/lib/libtcs.so'          [ Not found ]
[01:10:48]   Checking for file '/dev/.ttpy/ulogin.sh'        [ Not found ]
[01:10:48]   Checking for file '/dev/.ttpy/tcpshell.sh'      [ Not found ]
[01:10:48]   Checking for file '/dev/.ttpy/bupdu'            [ Not found ]
[01:10:48]   Checking for file '/dev/.ttpy/buloc'            [ Not found ]
[01:10:48]   Checking for file '/dev/.ttpy/buloc1'           [ Not found ]
[01:10:48]   Checking for file '/dev/.ttpy/buloc2'           [ Not found ]
[01:10:48]   Checking for file '/dev/.ttpy/stat'             [ Not found ]
[01:10:48]   Checking for file '/dev/.ttpy/backps'           [ Not found ]
[01:10:49]   Checking for file '/dev/.ttpy/tree'             [ Not found ]
[01:10:49]   Checking for file '/dev/.ttpy/topk'             [ Not found ]
[01:10:49]   Checking for file '/dev/.ttpy/wold'             [ Not found ]
[01:10:49]   Checking for file '/dev/.ttpy/whoold'           [ Not found ]
[01:10:49]   Checking for file '/dev/.ttpy/backdoors'        [ Not found ]
[01:10:49] trNkit Rootkit                                    [ Not found ]
[01:10:49]
[01:10:49] Checking for Trojanit Kit...
[01:10:49]   Checking for file '/bin/.ls'                    [ Not found ]
[01:10:49]   Checking for file '/bin/.ps'                    [ Not found ]
[01:10:49]   Checking for file '/bin/.netstat'               [ Not found ]
[01:10:49]   Checking for file '/usr/bin/.nop'               [ Not found ]
[01:10:49]   Checking for file '/usr/bin/.who'               [ Not found ]
[01:10:49] Trojanit Kit                                      [ Not found ]
[01:10:49]
[01:10:49] Checking for Tuxtendo Rootkit...
[01:10:49]   Checking for file '/lib/libproc.so.2.0.7'       [ Not found ]
[01:10:49]   Checking for file '/usr/bin/xchk'               [ Not found ]
[01:10:49]   Checking for file '/usr/bin/xsf'                [ Not found ]
[01:10:49]   Checking for file '/dev/tux/suidsh'             [ Not found ]
[01:10:49]   Checking for file '/dev/tux/.addr'              [ Not found ]
[01:10:49]   Checking for file '/dev/tux/.cron'              [ Not found ]
[01:10:50]   Checking for file '/dev/tux/.file'              [ Not found ]
[01:10:50]   Checking for file '/dev/tux/.log'               [ Not found ]
[01:10:50]   Checking for file '/dev/tux/.proc'              [ Not found ]
[01:10:50]   Checking for file '/dev/tux/.iface'             [ Not found ]
[01:10:50]   Checking for file '/dev/tux/.pw'                [ Not found ]
[01:10:50]   Checking for file '/dev/tux/.df'                [ Not found ]
[01:10:50]   Checking for file '/dev/tux/.ssh'               [ Not found ]
[01:10:50]   Checking for file '/dev/tux/.tux'               [ Not found ]
[01:10:50]   Checking for file '/dev/tux/ssh2/sshd2_config'  [ Not found ]
[01:10:50]   Checking for file '/dev/tux/ssh2/hostkey'       [ Not found ]
[01:10:50]   Checking for file '/dev/tux/ssh2/hostkey.pub'   [ Not found ]
[01:10:50]   Checking for file '/dev/tux/ssh2/logo'          [ Not found ]
[01:10:50]   Checking for file '/dev/tux/ssh2/random_seed'   [ Not found ]
[01:10:50]   Checking for file '/dev/tux/backup/crontab'     [ Not found ]
[01:10:50]   Checking for file '/dev/tux/backup/df'          [ Not found ]
[01:10:50]   Checking for file '/dev/tux/backup/dir'         [ Not found ]
[01:10:50]   Checking for file '/dev/tux/backup/find'        [ Not found ]
[01:10:50]   Checking for file '/dev/tux/backup/ifconfig'    [ Not found ]
[01:10:50]   Checking for file '/dev/tux/backup/locate'      [ Not found ]
[01:10:50]   Checking for file '/dev/tux/backup/netstat'     [ Not found ]
[01:10:51]   Checking for file '/dev/tux/backup/ps'          [ Not found ]
[01:10:51]   Checking for file '/dev/tux/backup/pstree'      [ Not found ]
[01:10:51]   Checking for file '/dev/tux/backup/syslogd'     [ Not found ]
[01:10:51]   Checking for file '/dev/tux/backup/tcpd'        [ Not found ]
[01:10:51]   Checking for file '/dev/tux/backup/top'         [ Not found ]
[01:10:51]   Checking for file '/dev/tux/backup/updatedb'    [ Not found ]
[01:10:51]   Checking for file '/dev/tux/backup/vdir'        [ Not found ]
[01:10:51]   Checking for directory '/dev/tux'               [ Not found ]
[01:10:51]   Checking for directory '/dev/tux/ssh2'          [ Not found ]
[01:10:51]   Checking for directory '/dev/tux/backup'        [ Not found ]
[01:10:51] Tuxtendo Rootkit                                  [ Not found ]
[01:10:51]
[01:10:51] Checking for URK Rootkit...
[01:10:51]   Checking for file '/dev/prom/sn.l'              [ Not found ]
[01:10:51]   Checking for file '/usr/lib/ldlibps.so'         [ Not found ]
[01:10:51]   Checking for file '/usr/lib/ldlibnet.so'        [ Not found ]
[01:10:51]   Checking for file '/dev/pts/01/uconf.inv'       [ Not found ]
[01:10:51]   Checking for file '/dev/pts/01/cleaner'         [ Not found ]
[01:10:51]   Checking for file '/dev/pts/01/bin/psniff'      [ Not found ]
[01:10:51]   Checking for file '/dev/pts/01/bin/du'          [ Not found ]
[01:10:52]   Checking for file '/dev/pts/01/bin/ls'          [ Not found ]
[01:10:52]   Checking for file '/dev/pts/01/bin/passwd'      [ Not found ]
[01:10:52]   Checking for file '/dev/pts/01/bin/ps'          [ Not found ]
[01:10:52]   Checking for file '/dev/pts/01/bin/psr'         [ Not found ]
[01:10:52]   Checking for file '/dev/pts/01/bin/su'          [ Not found ]
[01:10:52]   Checking for file '/dev/pts/01/bin/find'        [ Not found ]
[01:10:52]   Checking for file '/dev/pts/01/bin/netstat'     [ Not found ]
[01:10:52]   Checking for file '/dev/pts/01/bin/ping'        [ Not found ]
[01:10:52]   Checking for file '/dev/pts/01/bin/strings'     [ Not found ]
[01:10:52]   Checking for file '/dev/pts/01/bin/bash'        [ Not found ]
[01:10:52]   Checking for file '/usr/man/man1/xxxxxxbin/du'  [ Not found ]
[01:10:52]   Checking for file '/usr/man/man1/xxxxxxbin/ls'  [ Not found ]
[01:10:52]   Checking for file '/usr/man/man1/xxxxxxbin/passwd' [ Not found ]
[01:10:52]   Checking for file '/usr/man/man1/xxxxxxbin/ps'  [ Not found ]
[01:10:52]   Checking for file '/usr/man/man1/xxxxxxbin/psr' [ Not found ]
[01:10:52]   Checking for file '/usr/man/man1/xxxxxxbin/su'  [ Not found ]
[01:10:52]   Checking for file '/usr/man/man1/xxxxxxbin/find' [ Not found ]
[01:10:52]   Checking for file '/usr/man/man1/xxxxxxbin/netstat' [ Not found ]
[01:10:52]   Checking for file '/usr/man/man1/xxxxxxbin/ping' [ Not found ]
[01:10:53]   Checking for file '/usr/man/man1/xxxxxxbin/strings' [ Not found ]
[01:10:53]   Checking for file '/usr/man/man1/xxxxxxbin/bash' [ Not found ]
[01:10:53]   Checking for file '/tmp/conf.inv'               [ Not found ]
[01:10:53]   Checking for directory '/dev/prom'              [ Not found ]
[01:10:53]   Checking for directory '/dev/pts/01'            [ Not found ]
[01:10:53]   Checking for directory '/dev/pts/01/bin'        [ Not found ]
[01:10:53]   Checking for directory '/usr/man/man1/xxxxxxbin' [ Not found ]
[01:10:53] URK Rootkit                                       [ Not found ]
[01:10:53]
[01:10:53] Checking for Vampire Rootkit...
[01:10:53]   Checking for kernel symbol 'new_getdents'       [ Not found ]
[01:10:53]   Checking for kernel symbol 'old_getdents'       [ Not found ]
[01:10:54]   Checking for kernel symbol 'should_hide_file_name' [ Not found ]
[01:10:54]   Checking for kernel symbol 'should_hide_task_name' [ Not found ]
[01:10:54] Vampire Rootkit                                   [ Not found ]
[01:10:54]
[01:10:54] Checking for VcKit Rootkit...
[01:10:54]   Checking for directory '/usr/include/linux/modules/lib.so' [ Not found ]
[01:10:54]   Checking for directory '/usr/include/linux/modules/lib.so/bin' [ Not found ]
[01:10:54] VcKit Rootkit                                     [ Not found ]
[01:10:54]
[01:10:54] Checking for Volc Rootkit...
[01:10:54]   Checking for file '/usr/bin/volc'               [ Not found ]
[01:10:54]   Checking for file '/usr/lib/volc/backdoor/divine' [ Not found ]
[01:10:54]   Checking for file '/usr/lib/volc/linsniff'      [ Not found ]
[01:10:54]   Checking for file '/etc/rc.d/rc1.d/S25sysconf'  [ Not found ]
[01:10:54]   Checking for file '/etc/rc.d/rc2.d/S25sysconf'  [ Not found ]
[01:10:55]   Checking for file '/etc/rc.d/rc3.d/S25sysconf'  [ Not found ]
[01:10:55]   Checking for file '/etc/rc.d/rc4.d/S25sysconf'  [ Not found ]
[01:10:55]   Checking for file '/etc/rc.d/rc5.d/S25sysconf'  [ Not found ]
[01:10:55]   Checking for directory '/var/spool/.recent'     [ Not found ]
[01:10:55]   Checking for directory '/var/spool/.recent/.files' [ Not found ]
[01:10:55]   Checking for directory '/usr/lib/volc'          [ Not found ]
[01:10:55]   Checking for directory '/usr/lib/volc/backup'   [ Not found ]
[01:10:55] Volc Rootkit                                      [ Not found ]
[01:10:55]
[01:10:55] Checking for Xzibit Rootkit...
[01:10:55]   Checking for file '/dev/dsx'                    [ Not found ]
[01:10:55]   Checking for file '/dev/caca'                   [ Not found ]
[01:10:55]   Checking for file '/dev/ida/.inet/linsniffer'   [ Not found ]
[01:10:55]   Checking for file '/dev/ida/.inet/logclear'     [ Not found ]
[01:10:55]   Checking for file '/dev/ida/.inet/sense'        [ Not found ]
[01:10:55]   Checking for file '/dev/ida/.inet/sl2'          [ Not found ]
[01:10:55]   Checking for file '/dev/ida/.inet/sshdu'        [ Not found ]
[01:10:55]   Checking for file '/dev/ida/.inet/s'            [ Not found ]
[01:10:55]   Checking for file '/dev/ida/.inet/ssh_host_key' [ Not found ]
[01:10:55]   Checking for file '/dev/ida/.inet/ssh_random_seed' [ Not found ]
[01:10:55]   Checking for file '/dev/ida/.inet/sl2new.c'     [ Not found ]
[01:10:56]   Checking for file '/dev/ida/.inet/tcp.log'      [ Not found ]
[01:10:56]   Checking for file '/home/httpd/cgi-bin/becys.cgi' [ Not found ]
[01:10:56]   Checking for file '/usr/local/httpd/cgi-bin/becys.cgi' [ Not found ]
[01:10:56]   Checking for file '/usr/local/apache/cgi-bin/becys.cgi' [ Not found ]
[01:10:56]   Checking for file '/www/httpd/cgi-bin/becys.cgi' [ Not found ]
[01:10:56]   Checking for file '/www/cgi-bin/becys.cgi'      [ Not found ]
[01:10:56]   Checking for directory '/dev/ida/.inet'         [ Not found ]
[01:10:56] Xzibit Rootkit                                    [ Not found ]
[01:10:56]
[01:10:56] Checking for zaRwT.KiT Rootkit...
[01:10:56]   Checking for file '/dev/rd/s/sendmeil'          [ Not found ]
[01:10:56]   Checking for file '/dev/ttyf'                   [ Not found ]
[01:10:56]   Checking for file '/dev/ttyp'                   [ Not found ]
[01:10:56]   Checking for file '/dev/ttyn'                   [ Not found ]
[01:10:56]   Checking for file '/rk/tulz'                    [ Not found ]
[01:10:56]   Checking for directory '/rk'                    [ Not found ]
[01:10:56]   Checking for directory '/dev/rd/s'              [ Not found ]
[01:10:56] zaRwT.KiT Rootkit                                 [ Not found ]
[01:10:56]
[01:10:56] Checking for ZK Rootkit...
[01:10:56]   Checking for file '/usr/share/.zk/zk'           [ Not found ]
[01:10:56]   Checking for file '/usr/X11R6/.zk/xfs'          [ Not found ]
[01:10:57]   Checking for file '/usr/X11R6/.zk/echo'         [ Not found ]
[01:10:57]   Checking for file '/etc/1ssue.net'              [ Not found ]
[01:10:57]   Checking for file '/etc/sysconfig/console/load.zk' [ Not found ]
[01:10:57]   Checking for directory '/usr/share/.zk'         [ Not found ]
[01:10:57]   Checking for directory '/usr/X11R6/.zk'         [ Not found ]
[01:10:57] ZK Rootkit                                        [ Not found ]
[01:10:57]
[01:10:57] Info: Starting test name 'additional_rkts'
[01:10:57] Performing additional rootkit checks
[01:10:57]
[01:10:57]   Performing Suckit Rootkit additional checks
[01:10:57]     Checking hard link count on '/sbin/init'      [ OK ]
[01:10:57]     Checking for hidden file extensions           [ None found ]
[01:10:57]     Running skdet command                         [ Skipped ]
[01:10:57] Info: Unable to find the 'skdet' command
[01:10:57]   Suckit Rootkit additional checks                [ OK ]
[01:10:57]
[01:10:57] Info: Starting test name 'possible_rkt_files'
[01:10:57]   Performing check of possible rootkit files and directories
[01:10:57]     Checking for file '/dev/sdr0'                 [ Not found ]
[01:10:57]     Checking for file '/dev/pisu'                 [ Not found ]
[01:10:57]     Checking for file '/dev/xdta'                 [ Not found ]
[01:10:58]     Checking for file '/dev/saux'                 [ Not found ]
[01:10:58]     Checking for file '/dev/hdx'                  [ Not found ]
[01:10:58]     Checking for file '/dev/hdx1'                 [ Not found ]
[01:10:58]     Checking for file '/dev/hdx2'                 [ Not found ]
[01:10:58]     Checking for file '/dev/ptyy'                 [ Not found ]
[01:10:58]     Checking for file '/dev/ptyu'                 [ Not found ]
[01:10:58]     Checking for file '/dev/ptyv'                 [ Not found ]
[01:10:58]     Checking for file '/dev/hdbb'                 [ Not found ]
[01:10:58]     Checking for file '/tmp/.syshackfile'         [ Not found ]
[01:10:58]     Checking for file '/tmp/.bash_history'        [ Not found ]
[01:10:58]     Checking for file '/usr/info/.clib'           [ Not found ]
[01:10:58]     Checking for file '/usr/sbin/tcp.log'         [ Not found ]
[01:10:58]     Checking for file '/usr/bin/take/pid'         [ Not found ]
[01:10:58]     Checking for file '/sbin/create'              [ Not found ]
[01:10:59]     Checking for file '/dev/ttypz'                [ Not found ]
[01:10:59]     Checking for file '/var/log/tcp.log'          [ Not found ]
[01:10:59]     Checking for file '/usr/include/audit.h'      [ Not found ]
[01:10:59]     Checking for file '/usr/bin/sourcemask'       [ Not found ]
[01:10:59]     Checking for file '/usr/bin/ras2xm'           [ Not found ]
[01:10:59]     Checking for file '/dev/xmx'                  [ Not found ]
[01:10:59]     Checking for file '/usr/sbin/gpm.root'        [ Not found ]
[01:10:59]     Checking for file '/bin/vobiscum'             [ Not found ]
[01:10:59]     Checking for file '/bin/psr'                  [ Not found ]
[01:10:59]     Checking for file '/dev/kdx'                  [ Not found ]
[01:10:59]     Checking for file '/dev/dkx'                  [ Not found ]
[01:10:59]     Checking for file '/usr/sbin/sshd3'           [ Not found ]
[01:10:59]     Checking for file '/usr/sbin/jcd'             [ Not found ]
[01:10:59]     Checking for file '/usr/sbin/atd2'            [ Not found ]
[01:11:00]     Checking for file '/home/httpd/cgi-bin/linux.cgi' [ Not found ]
[01:11:00]     Checking for file '/home/httpd/cgi-bin/psid'  [ Not found ]
[01:11:00]     Checking for file '/home/httpd/cgi-bin/void.cgi' [ Not found ]
[01:11:00]     Checking for file '/etc/rc.d/init.d/system'   [ Not found ]
[01:11:00]     Checking for file '/etc/rc.d/rc3.d/S93users'  [ Not found ]
[01:11:00]     Checking for file '/tmp/.ush'                 [ Not found ]
[01:11:00]     Checking for file '/usr/lib/libhidefile.so'   [ Not found ]
[01:11:00]     Checking for file '/etc/cron.d/kmod'          [ Not found ]
[01:11:00]     Checking for file '/usr/lib/dmis/dmisd'       [ Not found ]
[01:11:00]     Checking for file '/lib/secure/libhij.so'     [ Not found ]
[01:11:00]     Checking for file '/usr/sbin/sshd3'           [ Not found ]
[01:11:00]     Checking for file '/etc/rc.d/init.d/crontab'  [ Not found ]
[01:11:00]     Checking for file '/etc/rc.d/init.d/jcd'      [ Not found ]
[01:11:00]     Checking for file '/usr/sbin/atd2'            [ Not found ]
[01:11:01]     Checking for file '/etc/rc.d/rc5.d/S93users'  [ Not found ]
[01:11:01]     Checking for file '/usr/include/mysql/mysql.hh1' [ Not found ]
[01:11:01]     Checking for file '/etc/init.d/xfs3'          [ Not found ]
[01:11:01]     Checking for file '/usr/sbin/t.txt'           [ Not found ]
[01:11:01]     Checking for file '/usr/sbin/change'          [ Not found ]
[01:11:01]     Checking for file '/usr/sbin/s'               [ Not found ]
[01:11:01]     Checking for file '/bin/f'                    [ Not found ]
[01:11:01]     Checking for file '/bin/i'                    [ Not found ]
[01:11:01]     Checking for file '/lib/libncom.so.4.0.1'     [ Not found ]
[01:11:01]     Checking for file '/sbin/zinit'               [ Not found ]
[01:11:01]     Checking for file '/tmp/pass_ssh.log'         [ Not found ]
[01:11:01]     Checking for file '/usr/include/gpm2.h'       [ Not found ]
[01:11:01]     Checking for file '/etc/ssh/.sshd_auth'       [ Not found ]
[01:11:01]     Checking for file '/usr/lib/.sshd.h'          [ Not found ]
[01:11:02]     Checking for file '/var/run/.defunct'         [ Not found ]
[01:11:02]     Checking for file '/etc/httpd/run/.defunct'   [ Not found ]
[01:11:02]     Checking for file '/usr/share/pci.r'          [ Not found ]
[01:11:02]     Checking for file '/etc/cron.daily/dnsquery'  [ Not found ]
[01:11:02]     Checking for file '/usr/lib/libutil1.2.1.2.so' [ Not found ]
[01:11:02]     Checking for file '/usr/lib/libppopen.so'     [ Not found ]
[01:11:02]     Checking for file '/usr/include/libutil2.1.h' [ Not found ]
[01:11:02]     Checking for file '/usr/bin/munchhausen'      [ Not found ]
[01:11:02]     Checking for file '/bin/ceva'                 [ Not found ]
[01:11:02]     Checking for file '/sbin/syslogd<SP>'         [ Not found ]
[01:11:02]     Checking for file '/usr/include/shup.h'       [ Not found ]
[01:11:02]     Checking for file '/etc/rpm/sshdOLD'          [ Not found ]
[01:11:02]     Checking for file '/etc/rpm/sshOLD'           [ Not found ]
[01:11:02]     Checking for file '/usr/share/passwd.h'       [ Not found ]
[01:11:03]     Checking for file '/lib/.xsyslog'             [ Not found ]
[01:11:03]     Checking for file '/etc/.xsyslog'             [ Not found ]
[01:11:03]     Checking for file '/lib/.ssyslog'             [ Not found ]
[01:11:03]     Checking for file '/tmp/.sendmail'            [ Not found ]
[01:11:03]     Checking for file '/usr/share/sshd.sync'      [ Not found ]
[01:11:03]     Checking for file '/bin/zcut'                 [ Not found ]
[01:11:03]     Checking for file '/usr/bin/zmuie'            [ Not found ]
[01:11:03]     Checking for file '/lib/libkeyutils.so.1.9'   [ Not found ]
[01:11:03]     Checking for file '/lib64/libkeyutils.so.1.9' [ Not found ]
[01:11:03]     Checking for file '/usr/lib/libkeyutils.so.1.9' [ Not found ]
[01:11:03]     Checking for file '/usr/lib64/libkeyutils.so.1.9' [ Not found ]
[01:11:03]     Checking for file '/IptabLes'                 [ Not found ]
[01:11:03]     Checking for file '/.IptabLex'                [ Not found ]
[01:11:03]     Checking for file '/boot/.IptabLex'           [ Not found ]
[01:11:04]     Checking for file '/boot/.IptabLes'           [ Not found ]
[01:11:04]     Checking for file '/boot/IptabLes'            [ Not found ]
[01:11:04]     Checking for file '/tmp/IptabLes'             [ Not found ]
[01:11:04]     Checking for file '/etc/rc.d/init.d/IptabLex' [ Not found ]
[01:11:04]     Checking for file '/etc/rc.d/init.d/IptabLes' [ Not found ]
[01:11:04]     Checking for file '/etc/rc.d/rc0.d/S55IptabLex' [ Not found ]
[01:11:04]     Checking for file '/etc/rc.d/rc1.d/S55IptabLex' [ Not found ]
[01:11:04]     Checking for file '/etc/rc.d/rc2.d/S55IptabLex' [ Not found ]
[01:11:04]     Checking for file '/etc/rc.d/rc3.d/S55IptabLex' [ Not found ]
[01:11:04]     Checking for file '/etc/rc.d/rc4.d/S55IptabLex' [ Not found ]
[01:11:04]     Checking for file '/etc/rc.d/rc5.d/S55IptabLex' [ Not found ]
[01:11:04]     Checking for file '/etc/rc.d/rc6.d/S55IptabLex' [ Not found ]
[01:11:04]     Checking for file '/var/lib/update-rc.d/IptabLex' [ Not found ]
[01:11:04]     Checking for file '/delallmykkk'              [ Not found ]
[01:11:05]     Checking for file '/usr/.IptabLes'            [ Not found ]
[01:11:05]     Checking for file '/usr/IptabLes'             [ Not found ]
[01:11:05]     Checking for file '/tmp/.flush'               [ Not found ]
[01:11:05]     Checking for file '/var/log/.flush'           [ Not found ]
[01:11:05]     Checking for file '/usr/.flush'               [ Not found ]
[01:11:05]     Checking for file '/etc/init.d/bluetoothdaemon' [ Not found ]
[01:11:05]     Checking for file '/usr/bin/btdaemon'         [ Not found ]
[01:11:05]     Checking for file '/etc/rc1.d/S90bluetooth'   [ Not found ]
[01:11:05]     Checking for file '/etc/rc2.d/S90bluetooth'   [ Not found ]
[01:11:05]     Checking for file '/etc/rc3.d/S90bluetooth'   [ Not found ]
[01:11:05]     Checking for file '/etc/rc4.d/S90bluetooth'   [ Not found ]
[01:11:05]     Checking for file '/etc/rc5.d/S90bluetooth'   [ Not found ]
[01:11:05]     Checking for file '/etc/rc6.d/S90bluetooth'   [ Not found ]
[01:11:05]     Checking for file '/boot/pro'                 [ Not found ]
[01:11:06]     Checking for file '/boot/proh'                [ Not found ]
[01:11:06]     Checking for file '/etc/atdd'                 [ Not found ]
[01:11:06]     Checking for file '/etc/atddd'                [ Not found ]
[01:11:06]     Checking for file '/etc/cupsdd'               [ Not found ]
[01:11:06]     Checking for file '/etc/cupsddd'              [ Not found ]
[01:11:06]     Checking for file '/etc/cupsddh'              [ Not found ]
[01:11:06]     Checking for file '/etc/dsfrefr'              [ Not found ]
[01:11:06]     Checking for file '/etc/fdsfsfvff'            [ Not found ]
[01:11:06]     Checking for file '/etc/ferwfrre'             [ Not found ]
[01:11:06]     Checking for file '/etc/fwke.cfg'             [ Not found ]
[01:11:06]     Checking for file '/etc/gdmorpen'             [ Not found ]
[01:11:06]     Checking for file '/etc/gfhddsfew'            [ Not found ]
[01:11:06]     Checking for file '/etc/gfhjrtfyhuf'          [ Not found ]
[01:11:06]     Checking for file '/etc/ksapd'                [ Not found ]
[01:11:07]     Checking for file '/etc/ksapdd'               [ Not found ]
[01:11:07]     Checking for file '/etc/kysapd'               [ Not found ]
[01:11:07]     Checking for file '/etc/kysapdd'              [ Not found ]
[01:11:07]     Checking for file '/etc/rewgtf3er4t'          [ Not found ]
[01:11:07]     Checking for file '/etc/sdmfdsfhjfe'          [ Not found ]
[01:11:07]     Checking for file '/etc/sfewfesfs'            [ Not found ]
[01:11:07]     Checking for file '/etc/sfewfesfsh'           [ Not found ]
[01:11:07]     Checking for file '/etc/sksapd'               [ Not found ]
[01:11:07]     Checking for file '/etc/sksapdd'              [ Not found ]
[01:11:07]     Checking for file '/etc/skysapd'              [ Not found ]
[01:11:07]     Checking for file '/etc/skysapdd'             [ Not found ]
[01:11:07]     Checking for file '/etc/smarvtd'              [ Not found ]
[01:11:07]     Checking for file '/etc/whitptabil'           [ Not found ]
[01:11:07]     Checking for file '/etc/xfsdx'                [ Not found ]
[01:11:08]     Checking for file '/etc/xfsdxd'               [ Not found ]
[01:11:08]     Checking for file '/tmp/bill.lock'            [ Not found ]
[01:11:08]     Checking for file '/tmp/gates.lock'           [ Not found ]
[01:11:08]     Checking for file '/tmp/gates.lod'            [ Not found ]
[01:11:08]     Checking for file '/tmp/moni.lock'            [ Not found ]
[01:11:08]     Checking for file '/tmp/moni.lod'             [ Not found ]
[01:11:08]     Checking for file '/tmp/notify.file'          [ Not found ]
[01:11:08]     Checking for file '/usr/bin/.sshd'            [ Not found ]
[01:11:08]     Checking for file '/usr/bin/bsd-port/getty'   [ Not found ]
[01:11:08]     Checking for file '/usr/bin/bsd-port/getty.lock' [ Not found ]
[01:11:08]     Checking for file '/usr/bin/bsd-port/udevd.lock' [ Not found ]
[01:11:08]     Checking for file '/usr/bin/pojie'            [ Not found ]
[01:11:08]     Checking for file '/usr/lib/libamplify.so'    [ Not found ]
[01:11:08]     Checking for file '/etc/init.d/DbSecuritySpt' [ Not found ]
[01:11:09]     Checking for file '/etc/rc.d/init.d/DbSecuritySpt' [ Not found ]
[01:11:09]     Checking for file '/etc/cron.hourly/gcc.sh'   [ Not found ]
[01:11:09]     Checking for file '/root/2016ttfacai'         [ Not found ]
[01:11:09]     Checking for file '/proc/rs_dev'              [ Not found ]
[01:11:09]     Checking for file '/var/run/sftp.pid'         [ Not found ]
[01:11:09]     Checking for file '/var/run/udev.pid'         [ Not found ]
[01:11:09]     Checking for file '/var/run/mount.pid'        [ Not found ]
[01:11:09]     Checking for file '/etc/cron.hourly/cron.sh'  [ Not found ]
[01:11:09]     Checking for file '/etc/cron.hourly/udev.sh'  [ Not found ]
[01:11:09]     Checking for file '/etc/cron.hourly/udev.sh'  [ Not found ]
[01:11:09]     Checking for file '/lib/libgcc.so'            [ Not found ]
[01:11:09]     Checking for file '/lib/libgcc.so.bak'        [ Not found ]
[01:11:09]     Checking for file '/lib/libgcc4.so'           [ Not found ]
[01:11:09]     Checking for file '/lib/libgcc4.4.so'         [ Not found ]
[01:11:10]     Checking for file '/lib/udev/udev'            [ Not found ]
[01:11:10]     Checking for file '/lib/udev/debug'           [ Not found ]
[01:11:10]     Checking for directory '/dev/ptyas'           [ Not found ]
[01:11:10]     Checking for directory '/usr/bin/take'        [ Not found ]
[01:11:10]     Checking for directory '/usr/src/.lib'        [ Not found ]
[01:11:10]     Checking for directory '/usr/share/man/man1/.1c' [ Not found ]
[01:11:10]     Checking for directory '/lib/lblip.tk'        [ Not found ]
[01:11:10]     Checking for directory '/usr/sbin/...'        [ Not found ]
[01:11:10]     Checking for directory '/usr/share/.gun'      [ Not found ]
[01:11:10]     Checking for directory '/unde/vrei/tu/sa/te/ascunzi/in/server' [ Not found ]
[01:11:10]     Checking for directory '/usr/man/man1/..<SP><SP>/.dir' [ Not found ]
[01:11:10]     Checking for directory '/usr/X11R6/include/X11/...' [ Not found ]
[01:11:10]     Checking for directory '/usr/X11R6/lib/X11/.fonts/misc/...' [ Not found ]
[01:11:10]     Checking for directory '/tmp/.sys'            [ Not found ]
[01:11:11]     Checking for directory '/tmp/''               [ Not found ]
[01:11:11]     Checking for directory '/tmp/.,'              [ Not found ]
[01:11:11]     Checking for directory '/tmp/,.,'             [ Not found ]
[01:11:11]     Checking for directory '/dev/shm/emilien'     [ Not found ]
[01:11:11]     Checking for directory '/var/tmp/.log'        [ Not found ]
[01:11:11]     Checking for directory '/tmp/zmeu/...<SP>'    [ Not found ]
[01:11:11]     Checking for directory '/var/log/ssh'         [ Not found ]
[01:11:11]     Checking for directory '/dev/ida'             [ Not found ]
[01:11:11]     Checking for directory ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ [ Not found ]
[01:11:11]     Checking for directory '/usr/lib/libshtift'   [ Not found ]
[01:11:11]     Checking for directory '/usr/src/.poop'       [ Not found ]
[01:11:11]     Checking for directory '/dev/wd4'             [ Not found ]
[01:11:11]     Checking for directory '/var/run/.tmp'        [ Not found ]
[01:11:11]     Checking for directory '/usr/man/man1/lib/.lib' [ Not found ]
[01:11:12]     Checking for directory '/dev/portd'           [ Not found ]
[01:11:12]     Checking for directory '/dev/...'             [ Not found ]
[01:11:12]     Checking for directory '/usr/share/man/mansps' [ Not found ]
[01:11:12]     Checking for directory '/lib/.so'             [ Not found ]
[01:11:12]     Checking for directory '/lib/.sso'            [ Not found ]
[01:11:12]     Checking for directory '/usr/include/sslv3'   [ Not found ]
[01:11:12]     Checking for directory '/dev/shm/sshd'        [ Not found ]
[01:11:12]     Checking for directory '/usr/share/locale/mk/.dev/sk' [ Not found ]
[01:11:12]     Checking for directory '/usr/share/locale/mk/.dev' [ Not found ]
[01:11:12]     Checking for directory '/usr/include/netda.h' [ Not found ]
[01:11:12]     Checking for directory '/usr/include/.ssh'    [ Not found ]
[01:11:12]     Checking for directory '/usr/share/locale/jp/.<SP>' [ Not found ]
[01:11:12]     Checking for directory '/usr/share/.sqe'      [ Not found ]
[01:11:12]   Checking for possible rootkit files and directories [ None found ]
[01:11:13]
[01:11:13] Info: Starting test name 'possible_rkt_strings'
[01:11:13]   Performing check for possible rootkit strings
[01:11:13] Info: Using system startup paths: /etc/systemd/system
[01:11:13]     Checking for string 'LOGNAME=root'            [ Not found ]
[01:11:13]     Checking for string 'phalanx'                 [ Not found ]
[01:11:13]     Checking for string ■■■■■■■■■■■■■■■■■■        [ Not found ]
[01:11:13]     Checking for string ■■■■■■                    [ Not found ]
[01:11:13]     Checking for string 'backdoor'                [ Not found ]
[01:11:13]     Checking for string '/usr/bin/rcpc'           [ Not found ]
[01:11:13]     Checking for string '/usr/sbin/login'         [ Not found ]
[01:11:13]     Checking for string '/dev/ptyxx/.proc'        [ Not found ]
[01:11:13]     Checking for string 'vt200'                   [ Not found ]
[01:11:13]     Checking for string '/usr/bin/xstat'          [ Not found ]
[01:11:13]     Checking for string '/bin/envpc'              [ Not found ]
[01:11:13]     Checking for string 'L4m3r0x'                 [ Not found ]
[01:11:14]     Checking for string '/lib/libext'             [ Not found ]
[01:11:14]     Checking for string '/usr/sbin/login'         [ Not found ]
[01:11:14]     Checking for string '/usr/lib/.tbd'           [ Not found ]
[01:11:14]     Checking for string 'sendmail'                [ Not found ]
[01:11:14]     Checking for string 'cocacola'                [ Not found ]
[01:11:14]     Checking for string 'joao'                    [ Not found ]
[01:11:14]     Checking for string '/dev/ptyxx/.file'        [ Not found ]
[01:11:14]     Checking for string '/dev/ptyxx/.file'        [ Not found ]
[01:11:14]     Checking for string '/dev/sgk'                [ Not found ]
[01:11:14]     Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[01:11:14]     Checking for string '/usr/lib/.tbd'           [ Not found ]
[01:11:14]     Checking for string ■■■■■■■■■■■■■■■■■■        [ Not found ]
[01:11:14]     Checking for string '/lib/.sso'               [ Not found ]
[01:11:15]     Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[01:11:15]     Checking for string '/dev/caca'               [ Not found ]
[01:11:15]     Checking for string '/dev/ttyoa'              [ Not found ]
[01:11:15]     Checking for string '/usr/lib/ldlibns.so'     [ Not found ]
[01:11:15]     Checking for string '/dev/ptyxx/.addr'        [ Not found ]
[01:11:15]     Checking for string 'syg'                     [ Not found ]
[01:11:15]     Checking for string '/var/lock/subsys/...datafile...' [ Not found ]
[01:11:15]     Checking for string '/dev/pts/01'             [ Not found ]
[01:11:15]     Checking for string 'tw33dl3'                 [ Not found ]
[01:11:15]     Checking for string 'psniff'                  [ Not found ]
[01:11:15]     Checking for string 'uconf.inv'               [ Not found ]
[01:11:15]     Checking for string 'lib/ldlibps.so'          [ Not found ]
[01:11:15]     Checking for string '/usr/lib/ldlibpst.so'    [ Not found ]
[01:11:16]     Checking for string 'libproc.so.2.0.7'        [ Not found ]
[01:11:16]     Checking for string '/dev/ptyxx/.proc'        [ Not found ]
[01:11:16]     Checking for string '/dev/ptyxx/.proc'        [ Not found ]
[01:11:16]     Checking for string 'libproc.so.2.0.7'        [ Not found ]
[01:11:16]     Checking for string 'libproc.so.2.0.7'        [ Not found ]
[01:11:16]     Checking for string '/bin/bash'               [ Not found ]
[01:11:16]     Checking for string 'cant open log'           [ Not found ]
[01:11:16]     Checking for string 'sniff.pid'               [ Not found ]
[01:11:16]     Checking for string 'tcp.log'                 [ Not found ]
[01:11:16]     Checking for string '/dev/ptyxx'              [ Not found ]
[01:11:16]     Checking for string '/.config'                [ Not found ]
[01:11:16]     Checking for string '\$.*\$\!.*\!\!\        [ Not found ]
[01:11:17]     Checking for string 'backdoor.h'              [ Not found ]
[01:11:17]     Checking for string 'backdoor_active'         [ Not found ]
[01:11:17]     Checking for string 'magic_pass_active'       [ Not found ]
[01:11:17]     Checking for string '/usr/include/gpm2.h'     [ Not found ]
[01:11:17]     Checking for string '/usr/include/openssl'    [ Not found ]
[01:11:17]     Checking for string 'aion'                    [ Not found ]
[01:11:17]     Checking for string 'pcszPass'                [ Not found ]
[01:11:17]     Checking for string 'LogPass'                 [ Not found ]
[01:11:17]     Checking for string 'Login_Check'             [ Not found ]
[01:11:17]     Checking for string 'includes.h'              [ Not found ]
[01:11:17]     Checking for string 'DecodeString'            [ Not found ]
[01:11:17]     Checking for string 'EncodeString'            [ Not found ]
[01:11:17]     Checking for string 'libns2.so'               [ Not found ]
[01:11:18]     Checking for string 'libns5.so'               [ Not found ]
[01:11:18]     Checking for string 'libpw3.so'               [ Not found ]
[01:11:18]     Checking for string 'libpw5.so'               [ Not found ]
[01:11:18]     Checking for string 'libsbr.so'               [ Not found ]
[01:11:18]     Checking for string 'libslr.so'               [ Not found ]
[01:11:18]     Checking for string '/usr/lib/.tbd'           [ Not found ]
[01:11:18]     Checking for string '/dev/ptyxx/.proc'        [ Not found ]
[01:11:19]     Checking for string 'in.inetd'                [ Not found ]
[01:11:19]     Checking for string '#<HIDE_.*>'              [ Not found ]
[01:11:19]     Checking for string 'bin/xchk'                [ Not found ]
[01:11:19]     Checking for string 'bin/xsf'                 [ Not found ]
[01:11:19]     Checking for string '/usr/bin/ssh2d'          [ Not found ]
[01:11:20]     Checking for string '/usr/sbin/xntps'         [ Not found ]
[01:11:20]     Checking for string 'ttyload'                 [ Not found ]
[01:11:20]     Checking for string '/etc/rc.d/init.d/init'   [ Not found ]
[01:11:20]     Checking for string 'usr/bin/xfss'            [ Not found ]
[01:11:21]     Checking for string '/usr/sbin/rpc.netinet'   [ Not found ]
[01:11:21]     Checking for string '/usr/lib/.fx/cons.saver' [ Not found ]
[01:11:21]     Checking for string '/usr/lib/.fx/xs'         [ Not found ]
[01:11:21]     Checking for string '/ssh2d'                  [ Not found ]
[01:11:21]     Checking for string '/dev/kmod'               [ Not found ]
[01:11:22]     Checking for string '/crth.o'                 [ Not found ]
[01:11:22]     Checking for string '/crtz.o'                 [ Not found ]
[01:11:22]     Checking for string '/dev/dos'                [ Not found ]
[01:11:22]     Checking for string '/lpq'                    [ Not found ]
[01:11:22]     Checking for string '/usr/sbin/rescue'        [ Not found ]
[01:11:23]     Checking for string '/usr/lib/lpstart'        [ Not found ]
[01:11:23]     Checking for string '/volc'                   [ Not found ]
[01:11:23]     Checking for string 'sourcemask'              [ Not found ]
[01:11:23]     Checking for string '/bin/vobiscum'           [ Not found ]
[01:11:24]     Checking for string '/usr/sbin/in.telnet'     [ Not found ]
[01:11:24]     Checking for string '/usr/bin/hdparm?-t1?-X53?-p' [ Not found ]
[01:11:24]     Checking for string '/lib/.xsyslog'           [ Not found ]
[01:11:24]     Checking for string '/etc/.xsyslog'           [ Not found ]
[01:11:24]     Checking for string '/lib/.ssyslog'           [ Not found ]
[01:11:25]     Checking for string '/tmp/.sendmail'          [ Not found ]
[01:11:25]     Checking for string 'IptabLex'                [ Not found ]
[01:11:25]     Checking for string 'IptabLes'                [ Not found ]
[01:11:25]     Checking for string '/lib/ldd.so/tkps'        [ Not found ]
[01:11:25]     Checking for string 't0rnkit'                 [ Not found ]
[01:11:25]     Checking for string ■■■■■■■■■■■■■■■■■■        [ Not found ]
[01:11:25]     Checking for string 'backdoor.h'              [ Not found ]
[01:11:26]     Checking for string 'backdoor_active'         [ Not found ]
[01:11:26]     Checking for string 'magic_pass_active'       [ Not found ]
[01:11:26]     Checking for string '/usr/include/gpm2.h'     [ Not found ]
[01:11:26]     Checking for string 'libproc.so.2.0.7'        [ Not found ]
[01:11:26]     Checking for string '/usr/lib/ldlibct.so'     [ Not found ]
[01:11:26]     Checking for string '/usr/lib/ldlibct.so'     [ Not found ]
[01:11:26]     Checking for string '/usr/lib/ldlibdu.so'     [ Not found ]
[01:11:26]     Checking for string '/dev/ptyxx/.file'        [ Not found ]
[01:11:26]     Checking for string 'libproc.so.2.0.7'        [ Not found ]
[01:11:26]     Checking for string '/dev/ida/.inet'          [ Not found ]
[01:11:26]     Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[01:11:26]     Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[01:11:27]     Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[01:11:27]     Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[01:11:27]     Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[01:11:27]     Checking for string '/usr/include/mysql/mysql.hh1' [ Not found ]
[01:11:27]     Checking for string 'backconnect'             [ Not found ]
[01:11:27]     Checking for string 'magic?packet?received'   [ Not found ]
[01:11:27]   Checking for possible rootkit strings           [ None found ]
[01:11:27]
[01:11:27] Info: Starting test name 'malware'
[01:11:27] Performing malware checks
[01:11:27]
[01:11:27] Info: Test 'deleted_files' disabled at users request.
[01:11:27]
[01:11:27] Info: Starting test name 'running_procs'
[01:11:33]   Checking running processes for suspicious files [ None found ]
[01:11:34]
[01:11:34] Info: Test 'hidden_procs' disabled at users request.
[01:11:34]
[01:11:34] Info: Test 'suspscan' disabled at users request.
[01:11:34]
[01:11:34] Info: Starting test name 'login_backdoors'
[01:11:34]     Checking for '/bin/.login'                    [ Not found ]
[01:11:34]     Checking for '/sbin/.login'                   [ Not found ]
[01:11:34]   Checking for login backdoors                    [ None found ]
[01:11:34]
[01:11:34] Info: Starting test name 'sniffer_logs'
[01:11:34]     Checking for file '/usr/lib/libice.log'       [ Not found ]
[01:11:34]     Checking for file '/dev/prom/sn.l'            [ Not found ]
[01:11:34]     Checking for file '/dev/fd/.88/zxsniff.log'   [ Not found ]
[01:11:34]   Checking for sniffer log files                  [ None found ]
[01:11:34]
[01:11:34] Info: Starting test name 'tripwire'
[01:11:34]   Checking for software intrusions                [ Skipped ]
[01:11:34] Info: Check skipped - tripwire not installed
[01:11:34]
[01:11:34] Info: Starting test name 'susp_dirs'
[01:11:34]     Checking for directory '/usr/X11R6/bin/.,/copy' [ Not found ]
[01:11:34]     Checking for directory '/dev/rd/cdb'          [ Not found ]
[01:11:34]   Checking for suspicious directories             [ None found ]
[01:11:34]
[01:11:34] Info: Starting test name 'ipc_shared_mem'
[01:11:34] Info: The minimum shared memory segment size to be checked (in bytes): 1048576 (1,0MB)
[01:11:35]   Checking for suspicious (large) shared memory segments [ Warning ]
[01:11:35] Warning: The following suspicious (large) shared memory segments have been found:
[01:11:35]          Process: /usr/lib/xfce4/panel/wrapper-2.0    PID: 3376    Owner: mypc    Size: 32MB (configured size allowed: 1,0MB)
[01:11:35]          Process: /usr/bin/xfce4-terminal    PID: 7953    Owner: mypc    Size: 1,0MB (configured size allowed: 1,0MB)
[01:11:35]
[01:11:35] Info: Starting test name 'trojans'
[01:11:35] Performing trojan specific checks
[01:11:35]   Checking for enabled inetd services             [ Skipped ]
[01:11:35] Info: Check skipped - file '/etc/inetd.conf' does not exist.
[01:11:35]   Checking for enabled xinetd services            [ Skipped ]
[01:11:35] Info: Check skipped - file '/etc/xinetd.conf' does not exist.
[01:11:35]   Checking for Apache backdoor                    [ Not found ]
[01:11:35]
[01:11:35] Info: Starting test name 'os_specific'
[01:11:35]   Performing Linux specific checks
[01:11:35]     Checking loaded kernel modules                [ OK ]
[01:11:35] Info: Using modules pathname of '/lib/modules/6.6.19-1-MANJARO'
[01:11:35]     Checking kernel module names                  [ OK ]
[01:11:35]
[01:11:35] Info: Starting test name 'network'
[01:11:36] Checking the network...
[01:11:36]
[01:11:36] Performing checks on the network ports
[01:11:36] Info: Starting test name 'ports'
[01:11:36]   Performing check for backdoor ports
[01:11:36]     Checking for TCP port 1524                    [ Not found ]
[01:11:36]     Checking for TCP port 1984                    [ Not found ]
[01:11:36]     Checking for UDP port 2001                    [ Not found ]
[01:11:36]     Checking for TCP port 2006                    [ Not found ]
[01:11:36]     Checking for TCP port 2128                    [ Not found ]
[01:11:37]     Checking for TCP port 6666                    [ Not found ]
[01:11:37]     Checking for TCP port 6667                    [ Not found ]
[01:11:37]     Checking for TCP port 6668                    [ Not found ]
[01:11:37]     Checking for TCP port 6669                    [ Not found ]
[01:11:37]     Checking for TCP port 7000                    [ Not found ]
[01:11:37]     Checking for TCP port 13000                   [ Not found ]
[01:11:38]     Checking for TCP port 14856                   [ Not found ]
[01:11:38]     Checking for TCP port 25000                   [ Not found ]
[01:11:38]     Checking for TCP port 29812                   [ Not found ]
[01:11:38]     Checking for TCP port 31337                   [ Not found ]
[01:11:38]     Checking for TCP port 32982                   [ Not found ]
[01:11:38]     Checking for TCP port 33369                   [ Not found ]
[01:11:39]     Checking for TCP port 47107                   [ Not found ]
[01:11:39]     Checking for TCP port 47018                   [ Not found ]
[01:11:39]     Checking for TCP port 60922                   [ Not found ]
[01:11:39]     Checking for TCP port 62883                   [ Not found ]
[01:11:39]     Checking for TCP port 65535                   [ Not found ]
[01:11:39]   Checking for backdoor ports                     [ None found ]
[01:11:39]
[01:11:39] Info: Test 'hidden_ports' disabled at users request.
[01:11:39]
[01:11:39] Performing checks on the network interfaces
[01:11:40] Info: Starting test name 'promisc'
[01:11:40]   Checking for promiscuous interfaces             [ None found ]
[01:11:40]
[01:11:40] Info: Test 'packet_cap_apps' disabled at users request.
[01:11:40]
[01:11:40] Info: Starting test name 'local_host'
[01:11:40] Checking the local host...
[01:11:40]
[01:11:40] Info: Starting test name 'startup_files'
[01:11:40] Performing system boot checks
[01:11:40]   Checking for local host name                    [ Found ]
[01:11:40]
[01:11:40] Info: Starting test name 'startup_malware'
[01:11:40]   Checking for system startup files               [ Found ]
[01:11:41]   Checking system startup files for malware       [ None found ]
[01:11:41]
[01:11:41] Info: Starting test name 'group_accounts'
[01:11:41] Performing group and account checks
[01:11:41]   Checking for passwd file                        [ Found ]
[01:11:41] Info: Found password file: /etc/passwd
[01:11:41]   Checking for root equivalent (UID 0) accounts   [ None found ]
[01:11:41] Info: Found shadow file: /etc/shadow
[01:11:41]   Checking for passwordless accounts              [ None found ]
[01:11:41]
[01:11:41] Info: Starting test name 'passwd_changes'
[01:11:41]   Checking for passwd file changes                [ None found ]
[01:11:41]
[01:11:41] Info: Starting test name 'group_changes'
[01:11:42]   Checking for group file changes                 [ None found ]
[01:11:42]   Checking root account shell history files       [ None found ]
[01:11:42]
[01:11:42] Info: Starting test name 'system_configs'
[01:11:42] Performing system configuration file checks
[01:11:42]
[01:11:42] Info: Starting test name 'system_configs_ssh'
[01:11:42]   Checking for an SSH configuration file          [ Found ]
[01:11:42] Info: Found an SSH configuration file: /etc/ssh/sshd_config
[01:11:42] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
[01:11:42] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '0'.
[01:11:42]   Checking if SSH root access is allowed          [ Warning ]
[01:11:42] Warning: The SSH configuration option 'PermitRootLogin' has not been set.
           The default value may be 'yes', to allow root access.
[01:11:42]   Checking if SSH protocol v1 is allowed          [ Warning ]
[01:11:42] Warning: The SSH configuration option 'Protocol' has not been set.
           The default value may be '2,1', to allow the use of protocol version 1.
[01:11:42]   Checking for other suspicious configuration settings [ None found ]
[01:11:42]
[01:11:42] Info: Starting test name 'system_configs_syslog'
[01:11:42]   Checking for a running system logging daemon    [ Found ]
[01:11:42] Info: A running 'systemd-journald' daemon has been found.
[01:11:42] Info: Found a systemd configuration file: /etc/systemd/journald.conf
[01:11:42]   Checking for a system logging configuration file [ Found ]
[01:11:42]
[01:11:42] Info: Starting test name 'filesystem'
[01:11:42] Performing filesystem checks
[01:11:43] Info: SCAN_MODE_DEV set to 'THOROUGH'
[01:11:49]   Checking /dev for suspicious file types         [ None found ]
[01:11:49]   Checking for hidden files and directories       [ Warning ]
[01:11:49] Warning: Hidden file found: /etc/.updated: ASCII text
[01:11:49] Warning: Hidden file found: /usr/share/man/man5/.k5login.5.gz: gzip compressed data, max compression, from Unix, original size modulo 2^32 19
[01:11:49] Warning: Hidden file found: /usr/share/man/man5/.k5identity.5.gz: gzip compressed data, max compression, from Unix, original size modulo 2^32 22
[01:11:49]   Checking for missing log files                  [ Skipped ]
[01:11:49] Info: No missing log file names configured.
[01:11:49]   Checking for empty log files                    [ Skipped ]
[01:11:49] Info: No empty log file names configured.
[01:11:49]
[01:11:49] Info: Test 'apps' disabled at users request.
[01:11:49]
[01:11:49] System checks summary
[01:11:49] =====================
[01:11:49]
[01:11:49] File properties checks...
[01:11:49] Required commands check failed
[01:11:49] Files checked: 130
[01:11:49] Suspect files: 4
[01:11:50]
[01:11:50] Rootkit checks...
[01:11:50] Rootkits checked : 503
[01:11:50] Possible rootkits: 2
[01:11:50]
[01:11:50] Applications checks...
[01:11:50] All checks skipped
[01:11:50]
[01:11:50] The system checks took: 2 minutes and 12 seconds
[01:11:50]
[01:11:50] Info: End date is Mo 18. Mär 01:11:50 CET 2024

#6 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 34,434 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:05:38 AM

Posted 17 March 2024 - 07:40 PM

Nothing of note

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#7 leeroy_jenkins

leeroy_jenkins
  • Topic Starter

  • Avatar image
  • Members
  • 5 posts
  • OFFLINE
    •  
  • Local time:06:38 AM

Posted 17 March 2024 - 07:42 PM

Nothing of note

Thanks a lot, Dan.

 

All the best, I will inform you how it went with EndeavourOS.


#8 Dominique1

Dominique1

  • Avatar image
  • Members
  • 916 posts
  • ONLINE
    •  
  • Gender:Not Telling
  • Local time:12:38 AM

Posted 19 March 2024 - 04:01 PM

rkhunter is an interesting tool.  I just ran it.  Thanks cryptodan! :thumbup2:


#9 leeroy_jenkins

leeroy_jenkins
  • Topic Starter

  • Avatar image
  • Members
  • 5 posts
  • OFFLINE
    •  
  • Local time:06:38 AM

Posted 19 March 2024 - 07:34 PM

Install EndeavourOS and see if it happens there it's Arch based and is far better than Manjaro

Hello, Dan,

 

Just a feedback for you. I managed to install EndeavourOS, and I must say my fan is way less louder than it was on Manjaro. It's cool and an overall better system than Manjaro, and let's hope that even if there was a malware, it resolved the issue.

 

Also, one additional question, as I backed up data on my external hard drive. Just to make sure, what would be the safest way to transfer my data to my new system, without compromising it, in case there was a malware/bootkit?

 

Thanks a lot for everything.


Edited by leeroy_jenkins, 19 March 2024 - 07:35 PM.

#10 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 34,434 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:05:38 AM

Posted 19 March 2024 - 07:47 PM

Copy and paste it over

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#11 Dominique1

Dominique1

  • Avatar image
  • Members
  • 916 posts
  • ONLINE
    •  
  • Gender:Not Telling
  • Local time:12:38 AM

Posted 19 March 2024 - 08:42 PM

Data is ok to copy, executables NOT.  Anyways, any executable you need, EndeavourOS will provide them.


Back to Linux & Unix


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


  1. BleepingComputer Forums
  2. Alternative Operating Systems Support
  3. Linux & Unix
  4. Privacy Policy
  5. Rules ·