View previous topic :: View next topic |
Author |
Message |
krelh n00b
Joined: 05 Jun 2024 Posts: 23
|
Posted: Tue Jul 23, 2024 7:23 am Post subject: [solved] chkrootkit hat einen Trojaner entdeckt |
|
|
Hallo zusammen,
ich habe mir chkrootkit mein System überprüft und dabei folgende Meldung erhalten:
Quote: |
ROOTDIR is `/'
Checking `amd'... not found
Checking `basename'... not infected
Checking `biff'... not found
Checking `chfn'... not infected
Checking `chsh'... not infected
Checking `cron'... not infected
Checking `crontab'... not infected
Checking `date'... not infected
Checking `du'... not infected
Checking `dirname'... not infected
Checking `echo'... not infected
Checking `egrep'... not infected
Checking `env'... not infected
Checking `find'... not infected
Checking `fingerd'... not found
Checking `gpm'... not infected
Checking `grep'... not infected
Checking `hdparm'... not infected
Checking `su'... not infected
Checking `ifconfig'... not infected
Checking `inetd'... not tested
Checking `inetdconf'... not found
Checking `identd'... not found
Checking `init'... not infected
Checking `killall'... not infected
Checking `ldsopreload'... not infected
Checking `login'... not infected
Checking `ls'... not infected
Checking `lsof'... not infected
Checking `mail'... not found
Checking `mingetty'... not found
Checking `netstat'... not infected
Checking `named'... not found
Checking `passwd'... not infected
Checking `pidof'... not infected
Checking `pop2'... not found
Checking `pop3'... not found
Checking `ps'... not infected
Checking `pstree'... not infected
Checking `rpcinfo'... not infected
Checking `rlogind'... not found
Checking `rshd'... not found
Checking `slogin'... not found
Checking `sendmail'... not infected
Checking `sshd'... not found
Checking `syslogd'... not tested
Checking `tar'... not infected
Checking `tcpd'... not found
Checking `tcpdump'... not infected
Checking `top'... not infected
Checking `telnetd'... not found
Checking `timed'... not found
Checking `traceroute'... not found
Checking `vdir'... not infected
Checking `w'... not infected
Checking `write'... not found
Checking `aliens'...
/dev/input/ckb1/pollrate
Searching for sniffer's logs, it may take a while... nothing found
Searching for HiDrootkit's default dir... nothing found
Searching for t0rn's default files and dirs... nothing found
Searching for t0rn's v8 defaults... nothing found
Searching for Lion Worm default files and dirs... nothing found
Searching for RSHA's default files and dir... nothing found
Searching for RH-Sharpe's default files... nothing found
Searching for Ambient's rootkit (ark) default files and dirs... nothing found
Searching for suspicious files and dirs, it may take a while...
/usr/lib/systemd/user-generators/.keep_sys-apps_systemd-0 /usr/lib/systemd/system-shutdown/.keep_sys-apps_systemd-0 /usr/lib/systemd/system-sleep/.keep_sys-apps_systemd-0 /usr/lib/python3.12/site-packages/setuptools_scm/.git_archival.txt /usr/lib/python3.12/site-packages/glances/outputs/static/.prettierrc.js /usr/lib/python3.12/site-packages/glances/outputs/static/.gitignore /usr/lib/python3.12/site-packages/glances/outputs/static/.eslintrc.js /usr/lib/python3.11/site-packages/setuptools_scm/.git_archival.txt /usr/lib/modules-load.d/.keep_sys-apps_systemd-0 /usr/lib/locale/.keep_sys-apps_locale-gen-0 /usr/lib/lessfilter.d/.keep_sys-apps_less-0 /usr/lib/go/src/cmd/vendor/github.com/ianlancetaylor/demangle/.gitignore /usr/lib/go/src/cmd/vendor/golang.org/x/sys/unix/.gitignore /usr/lib/binfmt.d/.keep_sys-apps_systemd-0
Searching for LPD Worm files and dirs... nothing found
Searching for Ramen Worm files and dirs... nothing found
Searching for Maniac files and dirs... nothing found
Searching for RK17 files and dirs... nothing found
Searching for Ducoci rootkit... nothing found
Searching for Adore Worm... nothing found
Searching for ShitC Worm... nothing found
Searching for Omega Worm... nothing found
Searching for Sadmind/IIS Worm... nothing found
Searching for MonKit... nothing found
Searching for Showtee... nothing found
Searching for OpticKit... nothing found
Searching for T.R.K... nothing found
Searching for Mithra... nothing found
Searching for LOC rootkit... nothing found
Searching for Romanian rootkit... nothing found
Searching for Suckit rootkit... nothing found
Searching for Volc rootkit... nothing found
Searching for Gold2 rootkit... nothing found
Searching for TC2 Worm default files and dirs... nothing found
Searching for Anonoying rootkit default files and dirs... nothing found
Searching for ZK rootkit default files and dirs... nothing found
Searching for ShKit rootkit default files and dirs... nothing found
Searching for AjaKit rootkit default files and dirs... nothing found
Searching for zaRwT rootkit default files and dirs... nothing found
Searching for Madalin rootkit default files... nothing found
Searching for Fu rootkit default files... nothing found
Searching for Kenga3 rotkit default files... nothing found
Searching for ESRK rootkit default files... nothing found
Searching for rootedoor... nothing found
Searching for ENYELKM rootkit default files... nothing found
Searching for common ssh-scanners default files... nothing found
Searching for Linux/Ebury - Operation Windigo ssh... not tested
Searching for 64-bit Linux Rootkit ... nothing found
Searching for 64-bit Linux Rootkit modules... nothing found
Searching for Mumblehard Linux ... nothing found
Searching for Backdoor.Linux.Mokes.a ... nothing found
Searching for Malicious TinyDNS ... nothing found
Searching for Linux.Xor.DDoS ... nothing found
Searching for Linux.Proxy.1.0 ... nothing found
Searching for CrossRAT ... nothing found
Searching for Hidden Cobra ... nothing found
Searching for Rocke Miner ... nothing found
Searching for PWNLNX4 lkm... nothing found
Searching for PWNLNX6 lkm... nothing found
Searching for Umbreon lrk... nothing found
Searching for Kinsing.a backdoor... nothing found
Searching for RotaJakiro backdoor... nothing found
Searching for Syslogk LKM rootkit... nothing found
Searching for Kovid LKM rootkit... nothing found
Searching for Tsunami DDoS Malware.. nothing found
Searching for Linux BPF Door.. nothing found
Searching for suspect PHP files... /usr/sbin/find: ‘/var/tmp/systemd-private-a1713276a258481eaed28acfb72f5e77-systemd-timedated.service-6uTJPl’: Datei oder Verzeichnis nicht gefunden
/usr/sbin/find: ‘/var/tmp/systemd-private-a1713276a258481eaed28acfb72f5e77-geoclue.service-NFxLSP’: Datei oder Verzeichnis nicht gefunden
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/node/node_modules/flatted/php/flatted.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/memory_leak_test.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/GeneratedClassTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/GeneratedPhpdocTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/generated_previous/Previous/readonly.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/generated_previous/GPBMetadata/ProtoPrevious/TestPreviouslyUnreservedMessage.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/multirequest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/test_base.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/WellKnownTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/EncodeDecodeTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/DescriptorsTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/force_c_ext.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/PreviouslyGeneratedClassTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/ArrayTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/PhpImplementationTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/MapFieldTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/GeneratedServiceTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/test_util.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/tests/WrapperTypeSettersTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/GPBMetadata/Google/Protobuf/Struct.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/GPBMetadata/Google/Protobuf/FieldMask.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/GPBMetadata/Google/Protobuf/GPBEmpty.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/GPBMetadata/Google/Protobuf/Api.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/GPBMetadata/Google/Protobuf/Wrappers.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/GPBMetadata/Google/Protobuf/SourceContext.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/GPBMetadata/Google/Protobuf/Duration.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/GPBMetadata/Google/Protobuf/Any.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/GPBMetadata/Google/Protobuf/Internal/Descriptor.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/GPBMetadata/Google/Protobuf/Timestamp.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/GPBMetadata/Google/Protobuf/Type.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/EnumValue.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/UInt32Value.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Option.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Mixin.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Int64Value.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Syntax.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Struct.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/FieldMask.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/BoolValue.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/EnumDescriptor.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/GPBEmpty.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Api.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/BytesValue.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/ListValue.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/SourceContext.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/DescriptorPool.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Method.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Duration.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Descriptor.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Field_Cardinality.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/DoubleValue.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Field_Kind.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/FieldDescriptor.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/EnumValueDescriptor.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/NullValue.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Any.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Enum.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/FloatValue.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Field.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Value.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Field/Cardinality.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Field/Kind.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/OneofField.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FieldOptions_CType.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/MethodDescriptorProto.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/GPBType.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/ServiceOptions.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/EnumDescriptorProto.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FieldDescriptorProto/Label.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FieldDescriptorProto/Type.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/ServiceDescriptorProto.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/DescriptorProto.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/EnumOptions.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/OneofOptions.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/EnumValueOptions.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FieldDescriptorProto_Label.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/MethodOptions_IdempotencyLevel.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/EnumDescriptorProto/EnumReservedRange.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FileOptions_OptimizeMode.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FileDescriptorProto.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/GeneratedCodeInfo_Annotation.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/CodedInputStream.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/Message.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/OneofDescriptorProto.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/UninterpretedOption_NamePart.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/EnumDescriptor.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/MapFieldIter.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/GeneratedCodeInfo.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/RepeatedFieldIter.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/GPBWire.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FieldDescriptorProto_Type.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/DescriptorPool.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FieldOptions.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FieldDescriptorProto.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/MapEntry.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/EnumDescriptorProto_EnumReservedRange.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/RepeatedField.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/HasPublicDescriptorTrait.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/GPBLabel.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/UninterpretedOption.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FileDescriptor.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/UninterpretedOption/NamePart.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/TimestampBase.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/MethodOptions/IdempotencyLevel.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/Descriptor.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/SourceCodeInfo.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/SourceCodeInfo/Location.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/DescriptorProto_ReservedRange.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/RawInputStream.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/SourceCodeInfo_Location.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FieldDescriptor.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FileDescriptorSet.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FileOptions/OptimizeMode.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/AnyBase.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FieldOptions_JSType.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/DescriptorProto_ExtensionRange.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/EnumValueDescriptorProto.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/ExtensionRangeOptions.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/GPBJsonWire.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FieldOptions/CType.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FieldOptions/JSType.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/GPBUtil.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/MessageBuilderContext.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/GPBWireType.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/GeneratedCodeInfo/Annotation.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/DescriptorProto/ReservedRange.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/DescriptorProto/ExtensionRange.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/MethodOptions.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/OneofDescriptor.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/MapField.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/CodedOutputStream.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/FileOptions.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/GetPublicDescriptorTrait.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/MessageOptions.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/GPBDecodeException.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Internal/EnumBuilderContext.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/OneofDescriptor.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Timestamp.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/UInt64Value.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Type.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/StringValue.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/php/src/Google/Protobuf/Int32Value.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/benchmarks/php/autoload.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/benchmarks/php/PhpBenchmark.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/conformance/autoload.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/protobuf/conformance/conformance_php.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/libavifinfo/src/tests/avifinfo_test.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/libavifinfo/src/avifinfo.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/InParentNamespace.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/AnyAmbiguousAliases.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/Monster.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/Color.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/StructOfStructsOfStructs.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/Test.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/AnyUniqueAliases.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/Vec3.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/TestSimpleTableWithEnum.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/Referrable.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/Any.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/Race.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/Stat.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/TypeAliases.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/StructOfStructs.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/LongEnum.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example/Ability.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/MyGame/Example2/Monster.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/phpTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/phpUnionVectorTest.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/namespace_test/NamespaceC/TableInC.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/namespace_test/NamespaceA/NamespaceB/StructInNestedNS.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/namespace_test/NamespaceA/NamespaceB/UnionInNestedNS.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/namespace_test/NamespaceA/NamespaceB/TableInNestedNS.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/namespace_test/NamespaceA/NamespaceB/EnumInNestedNS.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/namespace_test/NamespaceA/TableInC.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/namespace_test/NamespaceA/TableInFirstNS.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/namespace_test/NamespaceA/SecondTableInA.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/union_vector/FallingTub.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/union_vector/Movie.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/union_vector/BookReader.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/union_vector/Attacker.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/union_vector/HandFan.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/union_vector/Rapunzel.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/union_vector/Gadget.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/tests/union_vector/Character.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/samples/SampleBinary.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/goldens/php/flatbuffers/goldens/Galaxy.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/goldens/php/flatbuffers/goldens/Universe.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/php/Table.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/php/Struct.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/php/Constants.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/php/ByteBuffer.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/flatbuffers/src/php/FlatbufferBuilder.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/OpenGL-Registry/index_sc.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/OpenGL-Registry/index_gl.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/OpenGL-Registry/extensions/glext.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/OpenGL-Registry/extensions/scext.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/OpenGL-Registry/extensions/arbext.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/OpenGL-Registry/extensions/esext.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/OpenGL-Registry/index.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/OpenGL-Registry/docs/update_policy.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/OpenGL-Registry/ABI/index.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/OpenGL-Registry/index_es.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/EGL-Registry/index.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/EGL-Registry/sdk/docs/man/bottom.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/EGL-Registry/sdk/docs/man/index.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/EGL-Registry/sdk/docs/man/top.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/EGL-Registry/sdk/docs/man/html/index.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/dawn/third_party/khronos/EGL-Registry/sdk/docs/man/html/indexflat.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/devtools-frontend/src/node_modules/flatted/php/flatted.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/blink/manual_tests/timeout-test.php
/var/tmp/notmpfs/portage/www-client/chromium-126.0.6478.182/work/chromium-126.0.6478.182/third_party/blink/manual_tests/eventsource/eventsource-loader-buffering.php
Searching for anomalies in shell history files... nothing found
Checking `asp'... not infected
Checking `bindshell'... not infected
Checking `lkm'... chkproc: nothing detected
chkdirs: nothing detected
Checking `rexedcs'... not found
Checking `sniffer'... wlp6s0: PF_PACKET(/usr/bin/dhcpcd, /usr/lib/systemd/systemd-networkd, /usr/bin/wpa_supplicant)
Checking `w55808'... not infected
Checking `wted'... 2 deletion(s) between Tue Jun 4 18:22:22 2024 and Tue Jun 4 19:11:49 2024
Checking `scalper'... not infected
Checking `slapper'... not infected
Checking `z2'... chklastlog: nothing deleted
Checking `chkutmp'... The tty of the following user process(es) were not found
in /var/run/utmp !
! RUID PID TTY CMD
! krelh 1309 pts/0 zsh
! krelh 1374 pts/0 sudo -s
! krelh 705012 pts/2 zsh
chkutmp: nothing deleted
Checking `OSX_RSPLUG'... not tested
chkrootkit 49 kB 13:02,06 (user: 8:13,87, kernel: 3:12,27)
|
Interessant ist für mich in dem Fall
Quote: |
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
chkproc: Warning: Possible LKM Trojan installed
|
Ein
ergibt folgende Ausgabe
Quote: |
PID TTY TIME CMD
1 ? 00:00:00 systemd
2 ? 00:00:00 kthreadd
3 ? 00:00:00 pool_workqueue_release
4 ? 00:00:00 kworker/R-rcu_g
5 ? 00:00:00 kworker/R-rcu_p
6 ? 00:00:00 kworker/R-slub_
7 ? 00:00:00 kworker/R-netns
10 ? 00:00:00 kworker/0:0H-events_highpri
13 ? 00:00:00 kworker/R-mm_pe
14 ? 00:00:00 rcu_tasks_kthread
15 ? 00:00:00 rcu_tasks_rude_kthread
16 ? 00:00:00 rcu_tasks_trace_kthread
17 ? 00:00:00 ksoftirqd/0
18 ? 00:00:00 rcu_preempt
19 ? 00:00:00 migration/0
20 ? 00:00:00 idle_inject/0
21 ? 00:00:00 cpuhp/0
22 ? 00:00:00 cpuhp/1
23 ? 00:00:00 idle_inject/1
24 ? 00:00:00 migration/1
25 ? 00:00:00 ksoftirqd/1
27 ? 00:00:00 kworker/1:0H-kblockd
28 ? 00:00:00 cpuhp/2
29 ? 00:00:00 idle_inject/2
30 ? 00:00:00 migration/2
31 ? 00:00:00 ksoftirqd/2
33 ? 00:00:00 kworker/2:0H-kblockd
34 ? 00:00:00 cpuhp/3
35 ? 00:00:00 idle_inject/3
36 ? 00:00:00 migration/3
37 ? 00:00:00 ksoftirqd/3
38 ? 00:00:00 kworker/3:0-events
39 ? 00:00:00 kworker/3:0H-events_highpri
40 ? 00:00:00 cpuhp/4
41 ? 00:00:00 idle_inject/4
42 ? 00:00:00 migration/4
43 ? 00:00:00 ksoftirqd/4
45 ? 00:00:00 kworker/4:0H-events_highpri
46 ? 00:00:00 cpuhp/5
47 ? 00:00:00 idle_inject/5
48 ? 00:00:00 migration/5
49 ? 00:00:00 ksoftirqd/5
51 ? 00:00:00 kworker/5:0H-events_highpri
52 ? 00:00:00 cpuhp/6
53 ? 00:00:00 idle_inject/6
54 ? 00:00:00 migration/6
55 ? 00:00:00 ksoftirqd/6
57 ? 00:00:00 kworker/6:0H-events_highpri
58 ? 00:00:00 cpuhp/7
59 ? 00:00:00 idle_inject/7
60 ? 00:00:00 migration/7
61 ? 00:00:00 ksoftirqd/7
63 ? 00:00:00 kworker/7:0H-events_highpri
64 ? 00:00:00 cpuhp/8
65 ? 00:00:00 idle_inject/8
66 ? 00:00:00 migration/8
67 ? 00:00:00 ksoftirqd/8
69 ? 00:00:00 kworker/8:0H-events_highpri
70 ? 00:00:00 cpuhp/9
71 ? 00:00:00 idle_inject/9
72 ? 00:00:00 migration/9
73 ? 00:00:00 ksoftirqd/9
75 ? 00:00:00 kworker/9:0H-kblockd
76 ? 00:00:00 cpuhp/10
77 ? 00:00:00 idle_inject/10
78 ? 00:00:00 migration/10
79 ? 00:00:00 ksoftirqd/10
81 ? 00:00:00 kworker/10:0H-events_highpri
82 ? 00:00:00 cpuhp/11
83 ? 00:00:00 idle_inject/11
84 ? 00:00:00 migration/11
85 ? 00:00:00 ksoftirqd/11
87 ? 00:00:00 kworker/11:0H-kblockd
88 ? 00:00:00 cpuhp/12
89 ? 00:00:00 idle_inject/12
90 ? 00:00:00 migration/12
91 ? 00:00:00 ksoftirqd/12
92 ? 00:00:00 kworker/12:0-events
93 ? 00:00:00 kworker/12:0H-kblockd
94 ? 00:00:00 cpuhp/13
95 ? 00:00:00 idle_inject/13
96 ? 00:00:00 migration/13
97 ? 00:00:00 ksoftirqd/13
99 ? 00:00:00 kworker/13:0H-kblockd
100 ? 00:00:00 cpuhp/14
101 ? 00:00:00 idle_inject/14
102 ? 00:00:00 migration/14
103 ? 00:00:00 ksoftirqd/14
104 ? 00:00:00 kworker/14:0-events
105 ? 00:00:00 kworker/14:0H-kblockd
106 ? 00:00:00 cpuhp/15
107 ? 00:00:00 idle_inject/15
108 ? 00:00:00 migration/15
109 ? 00:00:00 ksoftirqd/15
111 ? 00:00:00 kworker/15:0H-kblockd
112 ? 00:00:00 kdevtmpfs
113 ? 00:00:00 kworker/R-inet_
114 ? 00:00:00 kauditd
115 ? 00:00:00 kworker/8:1-events
116 ? 00:00:00 kworker/8:2-events
117 ? 00:00:00 kworker/u64:2-events_unbound
118 ? 00:00:00 oom_reaper
119 ? 00:00:00 kworker/R-write
120 ? 00:00:00 kcompactd0
121 ? 00:00:00 ksmd
122 ? 00:00:00 khugepaged
123 ? 00:00:00 kworker/R-crypt
124 ? 00:00:00 kworker/R-kinte
125 ? 00:00:00 kworker/R-kbloc
126 ? 00:00:00 kworker/R-blkcg
127 ? 00:00:00 kworker/R-tpm_d
128 ? 00:00:00 kworker/R-ata_s
129 ? 00:00:00 kworker/R-md
130 ? 00:00:00 kworker/R-md_bi
131 ? 00:00:00 kworker/R-edac-
132 ? 00:00:00 kworker/R-devfr
133 ? 00:00:00 watchdogd
134 ? 00:00:00 kworker/8:1H-kblockd
135 ? 00:00:00 irq/27-AMD-Vi
136 ? 00:00:00 kswapd0
137 ? 00:00:00 kworker/R-xfsal
138 ? 00:00:00 kworker/R-xfs_m
139 ? 00:00:00 kworker/R-kthro
140 ? 00:00:00 irq/29-aerdrv
141 ? 00:00:00 irq/30-aerdrv
142 ? 00:00:00 irq/31-aerdrv
143 ? 00:00:00 irq/32-aerdrv
144 ? 00:00:00 irq/33-aerdrv
145 ? 00:00:00 kworker/1:1-events
146 ? 00:00:00 kworker/2:1-mm_percpu_wq
148 ? 00:00:00 kworker/4:1-events
149 ? 00:00:00 kworker/5:1-mm_percpu_wq
150 ? 00:00:00 kworker/6:1-rcu_par_gp
151 ? 00:00:00 kworker/7:1-events
152 ? 00:00:00 kworker/9:1-events
153 ? 00:00:00 kworker/10:1-events
154 ? 00:00:00 kworker/11:1-events
156 ? 00:00:00 kworker/13:1-events
158 ? 00:00:00 kworker/15:1-events
159 ? 00:00:00 kworker/R-acpi_
160 ? 00:00:00 scsi_eh_0
161 ? 00:00:00 kworker/R-scsi_
162 ? 00:00:00 scsi_eh_1
163 ? 00:00:00 kworker/R-scsi_
164 ? 00:00:00 scsi_eh_2
165 ? 00:00:00 kworker/R-scsi_
166 ? 00:00:00 scsi_eh_3
167 ? 00:00:00 kworker/R-scsi_
168 ? 00:00:00 scsi_eh_4
169 ? 00:00:00 kworker/R-scsi_
170 ? 00:00:00 scsi_eh_5
171 ? 00:00:00 kworker/R-scsi_
172 ? 00:00:00 scsi_eh_6
173 ? 00:00:00 kworker/R-scsi_
174 ? 00:00:00 scsi_eh_7
175 ? 00:00:00 kworker/R-scsi_
176 ? 00:00:00 kworker/u64:3-events_unbound
178 ? 00:00:00 kworker/u64:5-ext4-rsv-conversion
184 ? 00:00:00 kworker/R-dm_bu
185 ? 00:00:00 kworker/R-mld
186 ? 00:00:00 kworker/R-ipv6_
193 ? 00:00:00 kworker/R-kstrp
194 ? 00:00:00 kworker/0:1H-kblockd
195 ? 00:00:00 kworker/u65:0-rb_allocator
199 ? 00:00:00 kworker/0:2-events
201 ? 00:00:00 kworker/0:4-rcu_par_gp
202 ? 00:00:00 irq/28-ACPI:Event
204 ? 00:00:00 kworker/11:1H-kblockd
205 ? 00:00:00 kworker/2:1H-kblockd
206 ? 00:00:00 kworker/14:1H-kblockd
207 ? 00:00:00 jbd2/sdb3-8
208 ? 00:00:00 kworker/R-ext4-
210 ? 00:00:00 kworker/13:1H-kblockd
214 ? 00:00:00 kworker/9:1H-kblockd
226 ? 00:00:00 kworker/15:1H-kblockd
227 ? 00:00:00 kworker/1:1H-kblockd
228 ? 00:00:00 kworker/7:1H-kblockd
235 ? 00:00:00 kworker/3:1H-kblockd
237 ? 00:00:00 kworker/4:1H-kblockd
240 ? 00:00:00 kworker/5:1H-kblockd
247 ? 00:00:00 systemd-journal
258 ? 00:00:00 kworker/12:1H-kblockd
260 ? 00:00:00 kworker/15:2-events
261 ? 00:00:00 kworker/11:2-events
263 ? 00:00:00 systemd-userdbd
283 ? 00:00:00 psimon
287 ? 00:00:00 kworker/9:2-events
292 ? 00:00:00 kworker/5:2-events
296 ? 00:00:00 systemd-udevd
299 ? 00:00:00 psimon
304 ? 00:00:00 systemd-network
322 ? 00:00:00 kworker/6:1H-kblockd
346 ? 00:00:00 kworker/10:1H-kblockd
359 ? 00:00:00 kworker/6:2-mm_percpu_wq
365 ? 00:00:00 kworker/R-nvme-
366 ? 00:00:00 kworker/R-nvme-
367 ? 00:00:00 kworker/R-nvme-
369 ? 00:00:00 kworker/R-nvme-
383 ? 00:00:00 kworker/R-cfg80
384 ? 00:00:00 kworker/4:2-events
393 ? 00:00:00 kworker/2:2-rcu_par_gp
399 ? 00:00:00 kworker/7:2-rcu_par_gp
403 ? 00:00:00 kworker/R-led_w
405 ? 00:00:00 irq/85-iwlwifi:default_queue
406 ? 00:00:00 irq/86-iwlwifi:queue_1
407 ? 00:00:00 irq/87-iwlwifi:queue_2
408 ? 00:00:00 irq/88-iwlwifi:queue_3
409 ? 00:00:00 irq/89-iwlwifi:queue_4
410 ? 00:00:00 irq/90-iwlwifi:queue_5
411 ? 00:00:00 irq/91-iwlwifi:queue_6
412 ? 00:00:00 irq/92-iwlwifi:queue_7
413 ? 00:00:00 irq/93-iwlwifi:queue_8
414 ? 00:00:00 irq/94-iwlwifi:queue_9
415 ? 00:00:00 irq/95-iwlwifi:queue_10
416 ? 00:00:00 irq/96-iwlwifi:queue_11
417 ? 00:00:00 irq/97-iwlwifi:queue_12
418 ? 00:00:00 irq/98-iwlwifi:queue_13
419 ? 00:00:00 irq/99-iwlwifi:queue_14
420 ? 00:00:00 irq/100-iwlwifi:exception
423 ? 00:00:00 kworker/u65:1-rb_allocator
425 ? 00:00:00 kworker/12:2-rcu_gp
448 ? 00:00:00 kworker/10:2-rcu_gp
454 ? 00:00:00 systemd-resolve
455 ? 00:00:00 kworker/13:2-events
465 ? 00:00:00 systemd-timesyn
469 ? 00:00:00 kworker/1:2-events
472 ? 00:00:00 bluetoothd
473 ? 00:00:00 ckb-next-daemon
474 ? 00:00:07 clamd
475 ? 00:00:00 dbus-daemon
479 ? 00:00:00 systemd-logind
483 ? 00:00:00 dhcpcd
510 ? 00:00:00 wpa_supplicant
513 ? 00:00:00 nv_queue
514 ? 00:00:00 nv_queue
515 ? 00:00:00 nv_open_q
519 ? 00:00:00 nvidia-modeset/kthread_q
520 ? 00:00:00 nvidia-modeset/deferred_close_kthread_q
521 ? 00:00:00 irq/105-nvidia
522 ? 00:00:00 nvidia
523 ? 00:00:03 nv_queue
537 ? 00:00:00 cupsd
552 ? 00:00:00 sddm
559 tty2 00:00:04 Xorg
569 ? 00:00:00 psimon
618 ? 00:00:00 polkitd
634 ? 00:00:00 freshclam
644 ? 00:00:00 sddm-helper
650 ? 00:00:00 systemd
652 ? 00:00:00 (sd-pam)
659 ? 00:00:00 pipewire
660 ? 00:00:00 wireplumber
663 ? 00:00:00 gnome-keyring-d
668 ? 00:00:00 gnome-session-b
670 ? 00:00:00 dbus-daemon
685 ? 00:00:00 gvfsd
690 ? 00:00:00 at-spi-bus-laun
696 ? 00:00:00 dbus-daemon
701 ? 00:00:00 UVM global queue
702 ? 00:00:00 UVM deferred release queue
703 ? 00:00:00 UVM Tools Event Queue
720 ? 00:00:00 gnome-session-c
722 ? 00:00:00 gnome-session-b
751 ? 00:00:11 gnome-shell
770 ? 00:00:00 nvidia-drm/timeline-a
772 ? 00:00:00 mutter-x11-fram
775 ? 00:00:00 at-spi2-registr
776 ? 00:00:00 colord
809 ? 00:00:00 xdg-permission-
810 ? 00:00:00 gnome-shell-cal
819 ? 00:00:00 accounts-daemon
820 ? 00:00:00 evolution-sourc
836 ? 00:00:00 goa-daemon
842 ? 00:00:00 upowerd
844 ? 00:00:00 gjs
862 ? 00:00:00 evolution-calen
887 ? 00:00:00 ibus-daemon
888 ? 00:00:00 gsd-a11y-settin
891 ? 00:00:00 gsd-color
893 ? 00:00:00 gsd-datetime
895 ? 00:00:00 gsd-housekeepin
896 ? 00:00:00 gsd-keyboard
897 ? 00:00:00 gsd-media-keys
901 ? 00:00:00 gsd-power
903 ? 00:00:00 gsd-print-notif
904 ? 00:00:00 gsd-rfkill
906 ? 00:00:00 gsd-screensaver
907 ? 00:00:00 gsd-sharing
911 ? 00:00:00 gsd-sound
913 ? 00:00:00 gsd-usb-protect
914 ? 00:00:00 gsd-xsettings
924 ? 00:00:00 evolution-addre
961 ? 00:00:00 gjs
984 ? 00:00:00 gsd-printer
1005 ? 00:00:00 ibus-dconf
1008 ? 00:00:01 ibus-extension-
1016 ? 00:00:00 ibus-x11
1017 ? 00:00:00 ckb-next
1030 ? 00:00:00 gvfs-udisks2-vo
1036 ? 00:00:00 ibus-portal
1038 ? 00:00:00 gsd-disk-utilit
1043 ? 00:00:00 evolution-alarm
1073 ? 00:00:00 udisksd
1097 ? 00:00:00 pipewire-pulse
1125 ? 00:00:00 xdg-desktop-por
1134 ? 00:00:00 xdg-document-po
1140 ? 00:00:00 fusermount3
1153 ? 00:00:00 gvfs-goa-volume
1179 ? 00:00:00 ibus-engine-sim
1189 ? 00:00:00 xdg-desktop-por
1204 ? 00:00:00 nvidia-drm/timeline-c
1205 ? 00:00:00 kworker/3:2-cgroup_destroy
1214 ? 00:00:00 gvfsd-trash
1221 ? 00:00:00 wpa_supplicant
1242 ? 00:00:00 rtkit-daemon
1245 ? 00:00:00 xdg-desktop-por
1261 ? 00:00:00 tracker-miner-f
1299 ? 00:00:00 gnome-terminal-
1309 pts/0 00:00:00 zsh
1374 pts/0 00:00:00 sudo
1378 pts/1 00:00:00 sudo
1379 pts/1 00:00:00 zsh
1435 pts/1 00:00:00 chkrootkit
2010 ? 00:00:24 firefox-bin
2074 ? 00:00:00 nvidia-drm/timeline-e
2080 ? 00:00:00 Socket Process
2098 ? 00:00:00 Privileged Cont
2132 ? 00:00:00 nvidia-drm/timeline-f
2156 ? 00:00:01 WebExtensions
2217 ? 00:00:00 Utility Process
2246 ? 00:00:03 Isolated Web Co
2790 pts/1 00:00:00 chkrootkit
2791 pts/1 00:01:03 find
2792 pts/1 00:00:02 grep
30401 ? 00:00:00 gvfsd-metadata
149026 ? 00:00:00 dconf-service
149226 ? 00:00:00 gvfsd-recent
170879 ? 00:00:00 kworker/14:2-inet_frag_wq
330269 ? 00:00:01 Isolated Web Co
339149 ? 00:00:00 RDD Process
366210 ? 00:00:00 systemd-userwor
366211 ? 00:00:00 systemd-userwor
366213 ? 00:00:00 systemd-userwor
496995 ? 00:00:00 kworker/6:0
498016 ? 00:00:00 Isolated Web Co
498220 ? 00:00:00 nvidia-drm/timeline-11
500947 ? 00:00:00 kworker/u65:2-rb_allocator
504367 ? 00:00:00 kworker/8:0-events
504405 ? 00:00:00 kworker/2:0-inet_frag_wq
589867 ? 00:00:02 Isolated Web Co
598288 ? 00:00:00 Isolated Web Co
598357 ? 00:00:00 kworker/5:0-events
607602 ? 00:00:00 kworker/0:0
607880 ? 00:00:00 Web Content
677507 ? 00:00:00 Web Content
692132 ? 00:00:00 Web Content
705012 pts/2 00:00:00 zsh
716049 ? 00:00:00 kworker/11:0
720184 pts/2 00:00:00 ps
|
Wie kann ich diesen Trojaner entfernen? Habt ihr eine Idee? Hattet ihr das Problem auch schonmal ? Oder ist es ein False Error?
Ich möchte ungern deswegen das ganze System neu aufsetzen.
Danke!
Grüße
Krelh
Last edited by krelh on Thu Jul 25, 2024 10:41 pm; edited 1 time in total |
|
Back to top |
|
|
krelh n00b
Joined: 05 Jun 2024 Posts: 23
|
Posted: Tue Jul 23, 2024 7:38 am Post subject: |
|
|
Ich habe auch mit rkhunter -c nochmal gepüft. Hier die Ausgabe:
Quote: |
[ Rootkit Hunter version 1.4.6 ]
Checking system commands...
Performing 'strings' command checks
Checking 'strings' command [ OK ]
Performing 'shared libraries' checks
Checking for preloading variables [ None found ]
Checking for preloaded libraries [ None found ]
Checking LD_LIBRARY_PATH variable [ Not found ]
Performing file properties checks
Checking for prerequisites [ Warning ]
/usr/bin/awk [ OK ]
/usr/bin/basename [ OK ]
/usr/bin/bash [ OK ]
/usr/bin/cat [ OK ]
/usr/bin/chattr [ OK ]
/usr/bin/chmod [ OK ]
/usr/bin/chown [ OK ]
/usr/bin/chroot [ OK ]
/usr/bin/cp [ OK ]
/usr/bin/curl [ OK ]
/usr/bin/cut [ OK ]
/usr/bin/date [ OK ]
/usr/bin/depmod [ OK ]
/usr/bin/df [ OK ]
/usr/bin/diff [ OK ]
/usr/bin/dirname [ OK ]
/usr/bin/dmesg [ OK ]
/usr/bin/du [ OK ]
/usr/bin/echo [ OK ]
/usr/bin/egrep [ Warning ]
/usr/bin/env [ OK ]
/usr/bin/fgrep [ Warning ]
/usr/bin/file [ OK ]
/usr/bin/find [ OK ]
/usr/bin/fsck [ OK ]
/usr/bin/fuser [ OK ]
/usr/bin/GET [ OK ]
/usr/bin/grep [ OK ]
/usr/bin/groupadd [ OK ]
/usr/bin/groupdel [ OK ]
/usr/bin/groupmod [ OK ]
/usr/bin/groups [ OK ]
/usr/bin/grpck [ OK ]
/usr/bin/head [ OK ]
/usr/bin/id [ OK ]
/usr/bin/ifconfig [ OK ]
/usr/bin/init [ OK ]
/usr/bin/insmod [ OK ]
/usr/bin/ip [ OK ]
/usr/bin/ipcs [ OK ]
/usr/bin/kill [ OK ]
/usr/bin/killall [ OK ]
/usr/bin/last [ OK ]
/usr/bin/lastlog [ OK ]
/usr/bin/ldd [ Warning ]
/usr/bin/less [ OK ]
/usr/bin/logger [ OK ]
/usr/bin/login [ OK ]
/usr/bin/ls [ OK ]
/usr/bin/lsattr [ OK ]
/usr/bin/lsmod [ OK ]
/usr/bin/lsof [ OK ]
/usr/bin/md5sum [ OK ]
/usr/bin/mktemp [ OK ]
/usr/bin/modinfo [ OK ]
/usr/bin/modprobe [ OK ]
/usr/bin/more [ OK ]
/usr/bin/mount [ OK ]
/usr/bin/mv [ OK ]
/usr/bin/netstat [ OK ]
/usr/bin/newgrp [ OK ]
/usr/bin/nologin [ OK ]
/usr/bin/passwd [ OK ]
/usr/bin/perl [ OK ]
/usr/bin/pgrep [ OK ]
/usr/bin/ping [ OK ]
/usr/bin/pkill [ OK ]
/usr/bin/ps [ OK ]
/usr/bin/pstree [ OK ]
/usr/bin/pwck [ OK ]
/usr/bin/pwd [ OK ]
/usr/bin/readlink [ OK ]
/usr/bin/rkhunter [ OK ]
/usr/bin/rmmod [ OK ]
/usr/bin/route [ OK ]
/usr/bin/runcon [ OK ]
/usr/bin/sed [ OK ]
/usr/bin/sh [ OK ]
/usr/bin/sha1sum [ OK ]
/usr/bin/sha224sum [ OK ]
/usr/bin/sha256sum [ OK ]
/usr/bin/sha384sum [ OK ]
/usr/bin/sha512sum [ OK ]
/usr/bin/size [ OK ]
/usr/bin/sort [ OK ]
/usr/bin/ssh [ OK ]
/usr/bin/sshd [ OK ]
/usr/bin/stat [ OK ]
/usr/bin/strings [ OK ]
/usr/bin/su [ OK ]
/usr/bin/sudo [ OK ]
/usr/bin/sulogin [ OK ]
/usr/bin/sysctl [ OK ]
/usr/bin/tail [ OK ]
/usr/bin/test [ OK ]
/usr/bin/top [ OK ]
/usr/bin/touch [ OK ]
/usr/bin/tr [ OK ]
/usr/bin/uname [ OK ]
/usr/bin/uniq [ OK ]
/usr/bin/useradd [ OK ]
/usr/bin/userdel [ OK ]
/usr/bin/usermod [ OK ]
/usr/bin/users [ OK ]
/usr/bin/vipw [ OK ]
/usr/bin/vmstat [ OK ]
/usr/bin/w [ OK ]
/usr/bin/watch [ OK ]
/usr/bin/wc [ OK ]
/usr/bin/wget [ OK ]
/usr/bin/whatis [ OK ]
/usr/bin/whereis [ OK ]
/usr/bin/which [ OK ]
/usr/bin/who [ OK ]
/usr/bin/whoami [ OK ]
/usr/bin/numfmt [ OK ]
/usr/bin/gawk [ OK ]
/usr/bin/kmod [ OK ]
/usr/bin/gfind [ OK ]
/usr/bin/lwp-request [ Warning ]
/usr/bin/gsed [ OK ]
/usr/lib/llvm/17/bin/size [ OK ]
/usr/lib/llvm/17/bin/strings [ OK ]
/usr/lib/llvm/17/bin/llvm-size [ OK ]
/usr/lib/llvm/17/bin/llvm-strings [ OK ]
/usr/lib/systemd/systemd [ OK ]
/usr/x86_64-pc-linux-gnu/binutils-bin/2.42/size [ OK ]
/usr/x86_64-pc-linux-gnu/binutils-bin/2.42/strings [ OK ]
[Press <ENTER> to continue]
Checking for rootkits...
Performing check of known rootkit files and directories
55808 Trojan - Variant A [ Not found ]
ADM Worm [ Not found ]
AjaKit Rootkit [ Not found ]
Adore Rootkit [ Not found ]
aPa Kit [ Not found ]
Apache Worm [ Not found ]
Ambient (ark) Rootkit [ Not found ]
Balaur Rootkit [ Not found ]
BeastKit Rootkit [ Not found ]
beX2 Rootkit [ Not found ]
BOBKit Rootkit [ Not found ]
cb Rootkit [ Not found ]
CiNIK Worm (Slapper.B variant) [ Not found ]
Danny-Boy's Abuse Kit [ Not found ]
Devil RootKit [ Not found ]
Diamorphine LKM [ Not found ]
Dica-Kit Rootkit [ Not found ]
Dreams Rootkit [ Not found ]
Duarawkz Rootkit [ Not found ]
Ebury backdoor [ Not found ]
Enye LKM [ Not found ]
Flea Linux Rootkit [ Not found ]
Fu Rootkit [ Not found ]
Fuck`it Rootkit [ Not found ]
GasKit Rootkit [ Not found ]
Heroin LKM [ Not found ]
HjC Kit [ Not found ]
ignoKit Rootkit [ Not found ]
IntoXonia-NG Rootkit [ Not found ]
Irix Rootkit [ Not found ]
Jynx Rootkit [ Not found ]
Jynx2 Rootkit [ Not found ]
KBeast Rootkit [ Not found ]
Kitko Rootkit [ Not found ]
Knark Rootkit [ Not found ]
ld-linuxv.so Rootkit [ Not found ]
Li0n Worm [ Not found ]
Lockit / LJK2 Rootkit [ Not found ]
Mokes backdoor [ Not found ]
Mood-NT Rootkit [ Not found ]
MRK Rootkit [ Not found ]
Ni0 Rootkit [ Not found ]
Ohhara Rootkit [ Not found ]
Optic Kit (Tux) Worm [ Not found ]
Oz Rootkit [ Not found ]
Phalanx Rootkit [ Not found ]
Phalanx2 Rootkit [ Not found ]
Phalanx2 Rootkit (extended tests) [ Not found ]
Portacelo Rootkit [ Not found ]
R3dstorm Toolkit [ Not found ]
RH-Sharpe's Rootkit [ Not found ]
RSHA's Rootkit [ Not found ]
Scalper Worm [ Not found ]
Sebek LKM [ Not found ]
Shutdown Rootkit [ Not found ]
SHV4 Rootkit [ Not found ]
SHV5 Rootkit [ Not found ]
Sin Rootkit [ Not found ]
Slapper Worm [ Not found ]
Sneakin Rootkit [ Not found ]
'Spanish' Rootkit [ Not found ]
Suckit Rootkit [ Not found ]
Superkit Rootkit [ Not found ]
TBD (Telnet BackDoor) [ Not found ]
TeLeKiT Rootkit [ Not found ]
T0rn Rootkit [ Not found ]
trNkit Rootkit [ Not found ]
Trojanit Kit [ Not found ]
Tuxtendo Rootkit [ Not found ]
URK Rootkit [ Not found ]
Vampire Rootkit [ Not found ]
VcKit Rootkit [ Not found ]
Volc Rootkit [ Not found ]
Xzibit Rootkit [ Not found ]
zaRwT.KiT Rootkit [ Not found ]
ZK Rootkit [ Not found ]
[Press <ENTER> to continue]
Performing additional rootkit checks
Suckit Rootkit additional checks [ OK ]
Checking for possible rootkit files and directories [ None found ]
Checking for possible rootkit strings [ None found ]
Performing malware checks
Checking running processes for suspicious files [ None found ]
Checking for login backdoors [ None found ]
Checking for sniffer log files [ None found ]
Checking for suspicious directories [ None found ]
Checking for suspicious (large) shared memory segments [ None found ]
Checking for Apache backdoor [ Not found ]
Performing Linux specific checks
Checking loaded kernel modules [ OK ]
Checking kernel module names [ OK ]
[Press <ENTER> to continue]
Checking the network...
Performing checks on the network ports
Checking for backdoor ports [ None found ]
Performing checks on the network interfaces
Checking for promiscuous interfaces [ None found ]
Checking the local host...
Performing system boot checks
Checking for local host name [ Found ]
Checking for system startup files [ Found ]
Checking system startup files for malware [ None found ]
Performing group and account checks
Checking for passwd file [ Found ]
Checking for root equivalent (UID 0) accounts [ None found ]
Checking for passwordless accounts [ None found ]
Checking for passwd file changes [ None found ]
Checking for group file changes [ None found ]
Checking root account shell history files [ OK ]
Performing system configuration file checks
Checking for an SSH configuration file [ Found ]
Checking if SSH root access is allowed [ Not allowed ]
Checking if SSH protocol v1 is allowed [ Warning ]
Checking for other suspicious configuration settings [ None found ]
Checking for a running system logging daemon [ Found ]
Checking for a system logging configuration file [ Found ]
Performing filesystem checks
Checking /dev for suspicious file types [ Warning ]
Checking for hidden files and directories [ Warning ]
[Press <ENTER> to continue]
System checks summary
=====================
File properties checks...
Required commands check failed
Files checked: 128
Suspect files: 4
Rootkit checks...
Rootkits checked : 501
Possible rootkits: 0
Applications checks...
All checks skipped
The system checks took: 1 minute and 22 seconds
All results have been written to the log file: /var/log/rkhunter.log
One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter.log)
rkhunter -c 59 kB 1:22,90 (user: 55,879, kernel: 25,516) |
Hier sind anscheinend auch ein paar Warnungen dabei. Auf einen Trojaner würde aber demnach nichts deuten. |
|
Back to top |
|
|
Banana Moderator
Joined: 21 May 2004 Posts: 1716 Location: Germany
|
|
Back to top |
|
|
kurisu Apprentice
Joined: 19 Jan 2011 Posts: 177 Location: Munich, Germany
|
Posted: Thu Jul 25, 2024 6:42 pm Post subject: |
|
|
Die Ausgabe von rkhunter ist jedenfalls unproblematisch. Falls Du das öfter verwendest solltest Du die False Positives in /etc/rkhunter.conf whitelisten. _________________ #1 Ryzen 7 2700 | Asus ROG Strix X470-F Gaming | G.Skill 32 GB DDR4-3000 | PowerColor Radeon RX 5700 Red Dragon | Samsung SSD 970 EVO Plus 1TB NVMe
#2 Ryzen 5 2400G | ASRock B450 Steel Legend | G.Skill 16 GB DDR4-3000 | Samsung SSD 850 PRO 512GB SATA |
|
Back to top |
|
|
krelh n00b
Joined: 05 Jun 2024 Posts: 23
|
Posted: Thu Jul 25, 2024 10:41 pm Post subject: |
|
|
Hallo,
inzwischen wird auch auf meienm System nichts mehr gefunden. Es scheint wohl wirklich eine Falschmeldung gewesen zu sein.
Vielen Dank für eure Rückmeldungen. |
|
Back to top |
|
|
|