Code: Select all
root@debian:~# rkhunter -c --enable all --disable none --rwo
Warning: The following processes are using deleted files:
Process: /usr/lib/tracker/tracker-extract PID: 1442 File: /home/hans/.local/share/gvfs-metadata/root
Process: /usr/lib/gnome-terminal/gnome-terminal-server PID: 27002 File: /tmp/#29622298
Warning: Process '/sbin/dhclient' (PID 997) is listening on the network.
Warning: Suspicious file types found in /dev:
/dev/shm/pulse-shm-3798098583: data
/dev/shm/pulse-shm-3995757986: data
/dev/shm/pulse-shm-3812361329: data
/dev/shm/pulse-shm-1526989350: data
/dev/shm/pulse-shm-61889942: data
/dev/shm/pulse-shm-2174947809: data
/dev/shm/pulse-shm-505689004: data
Warning: Hidden directory found: /etc/.java
chkrootkit
Searching for anomalies in shell history files... nothing found
Checking `asp'... not infected
Checking `bindshell'... not infected
Checking `lkm'... chkproc: nothing detected
chkdirs: nothing detected
Checking `rexedcs'... not found
Checking `sniffer'... lo: not promisc and no packet sniffer sockets
eth0: PACKET SNIFFER(/sbin/dhclient[997])
Checking `w55808'... not infected
Checking `wted'... chkwtmp: nothing deleted
Checking `scalper'... not infected
Checking `slapper'... not infected
Checking `z2'... user hans deleted or never logged from lastlog!
Checking `chkutmp'... The tty of the following user process(es) were not found
in /var/run/utmp !
! RUID PID TTY CMD
! root 741 tty7 /usr/bin/Xorg :0 -novtswitch -background none -noreset -verbose 3 -auth /var/run/gdm3/auth-for-Debian-gdm-18XKkD/database -seat seat0 -nolisten tcp vt7
chkutmp: nothing deleted
Checking `OSX_RSPLUG'... not infected