possible rootkit

Connection sharing, Firewall, Samba..etc
Forum rules
Before you post please read this

possible rootkit

Postby rowa on Sun Mar 17, 2013 10:15 am

hi all,
It's some days I have a problem with my pc, when I surf in internet first of all in flashplayer website the cpu raises the temperature to 90° and turn off the pc.

I try to: clean and replace the heatsink paste, reformat completely all and scan with clamav, rkhunter and chkrootkit. Rkhunter say me that the system is perfect, but chkrootkit say me this:

Code: Select all
Searching for rootkit RSHA's default files...               nothing found
Searching for rootkit RH-Sharpe's default files...          nothing found
Searching for Ambient's rootkit (ark) default files and dirs... nothing found
Searching for suspicious files and dirs, it may take a while... The following suspicious files and directories were found: 
/usr/lib/pymodules/python2.7/.path /usr/lib/jvm/.java-1.7.0-openjdk-amd64.jinfo /usr/lib/python2.7/dist-packages/PyQt4/uic/widget-plugins/.noinit


with clamav the first time it say me that I have 4 file infected, I deleted them.

so is it possible that is a rootkit or is a positive false? in the first case. how can eliminated them seen I just format the system?
rowa
Level 1
Level 1
 
Posts: 6
Joined: Sun Mar 17, 2013 9:28 am

Linux Mint is funded by ads and donations.
 

Re: possible rootkit

Postby viking777 on Sun Mar 17, 2013 1:06 pm

The only one not on my system is the .noinit file. They are probably all false positives. The trouble with chkrootkit is that nobody actually knows for sure what its results really mean.
Fujitsu Lifebook AH532. Intel i5 processor, 6Gb ram, Intel HD3000 graphics, Intel Audio/wifi. Realtek RTL8111/8168B Ethernet.Lubuntu 13.10,Ubuntu12.10 (Unity), Mint16 (Cinnamon), Manjaro (Xfce).
Image
User avatar
viking777
Level 14
Level 14
 
Posts: 5153
Joined: Mon Dec 01, 2008 11:21 am

Re: possible rootkit

Postby rowa on Sun Mar 17, 2013 1:53 pm

thanks, but the fact is that now also clamav say me that I have a rootkit WIN32, but I can't delete it...:)
rowa
Level 1
Level 1
 
Posts: 6
Joined: Sun Mar 17, 2013 9:28 am

Re: possible rootkit

Postby rowa on Fri Mar 22, 2013 9:38 am

rootkit fixed, the problem it's not solved, close this please
rowa
Level 1
Level 1
 
Posts: 6
Joined: Sun Mar 17, 2013 9:28 am


Return to Other networking topics

Who is online

Users browsing this forum: No registered users and 2 guests