Otherwise I'm not quite sure why you brought those kernel versions up. I still got the usual > "please check your system as it may be infected" this morning after > the rkhunter cronjob was ran. Code: rkhunter -h for more Splat Double Splat Triple Splat Earn Your Keep Don't mind me, I'm only passing through. My command line for running rkhunter is: /usr/sbin/rkhunter --cronjob --update --syslog --createlogfile -c -- Chris KeyID 0xE372A7DA98E6705C Re: [Rkhunter-users] Warnings after upgrading to Mandriva 2010.1 and rkhunter 1.3.6 From: Helmut Hullen check over here
The Volc rootkit itself was not picked up by rkhunter, and if the system had been compromised (from http://sourceforge.net/apps/trac/rkhunter/wiki/SPRKH) Code: However, a scan on an existing install will still reveal rootkits. Please help me out!System concerned:Windows 7, 64bit on Bootcamp partition on MacBook pro. An avast scan upon reboot seems to breakoff quickly without producing output, also with a freshly installed Avast pro.Hitman pro finds tracking cookies on first scan (HitmanPro_20121103_1703) and suspicious python scripts Member of UNITE (Unified Network of Instructors and Trained Eliminators) Back to top #4 teacup61 teacup61 Bleepin' Texan! https://www.bleepingcomputer.com/forums/t/256584/possible-rootkit-log-included/
Questions, tips, system compromises, firewalls, etc. Notices Welcome to LinuxQuestions.org, a friendly and active Linux Community. This means you don't > have to whitelist the files from all rootkit checks.) > > At the moment you will have to whitelist the files from all rootkit > checks
Thread Tools Show Printable Version Subscribe to this Thread… Display Linear Mode Switch to Hybrid Mode Switch to Threaded Mode September 29th, 2013 #1 CCgirl6690 View Profile View Forum Posts Private Performing checks on the network ports Checking for backdoor ports [ None found ] Checking for hidden ports [ Skipped ] Performing checks on the network interfaces Checking for promiscuous interfaces Free Antivirus Internet Security Avast for Business Free Mac Security Free Mobile Security for Android About Us Avast recommends using the FREE Chrome™ internet browser. Warning: SHV4 Rootkit [ Warning ] File '/usr/include/file.h' found Warning: Checking for possible rootkit strings [ Warning ] Found string 'hdparm' in file '/etc/rc.d/init.d/bootlogd'.
as well. Several functions may not work. Quote: Originally Posted by TommyC7 I did not find evidence of either the file /usr/bin/volc or directory /usr/lib/volc by hand or via rkhunter. https://forums.malwarebytes.com/topic/78380-possible-rootkit-logs-included/?do=findComment&comment=403472 Possible > > rootkit: Xzibit Rootkit > > Found string 'hdparm' in file '/etc/rc.d/rc.sysinit'.
Possible Rootkit (log included) Started by dscan , Sep 10 2009 12:35 AM This topic is locked 3 replies to this topic #1 dscan dscan Members 5 posts OFFLINE Local Possible > rootkit: Xzibit Rootkit That's perhaps a false alarm - using "hdparm" in these files is allowed. hello sandyd here is that log file , now what? LinuxQuestions.org > Forums > Linux Forums > Linux - Security [SOLVED] rkhunter 1.4.2 volc rootkit found & then gone?
Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password? http://computersciencehomeworkhelp.net/possible-rootkit/possible-rootkit-from-lan-party.html Do not mouse-click Combofix's window while it is running. Best regards, Thorsten Logged essexboy Malware removal instructor Avast Überevangelist Probably Bot Posts: 40699 Dragons by Sasha Re: Avast free warns for possible Rootkit, but does not remove or log. « Required commands check failed Files checked: 137 Suspect files: 137 Rootkit checks...
Error code: 2S136/C Contact Us Existing user? Lo and behold that program now becomes the "problem" and the possible rootkit is detected. i mark this as solved but plz if anyone else know what is these 3 warnings i get plz lemme know thanks again ..... this content Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List
Files checked: 136 Suspect files: 1 Rootkit checks... Logged thorstenl Newbie Posts: 8 Re: Avast free warns for possible Rootkit, but does not remove or log. « Reply #13 on: November 08, 2012, 08:27:02 AM » Right after posting THENDownload the latest version of TDSSKiller from here and save it to your Desktop.
thorstenl Newbie Posts: 8 Avast free warns for possible Rootkit, but does not remove or log. « on: November 04, 2012, 11:45:45 PM » Dear Avast, Avast free warns for possible Search this Thread 05-01-2014, 11:45 PM #1 TommyC7 Member Registered: Mar 2012 Distribution: Slackware, CentOS, OpenBSD, FreeBSD Posts: 454 Rep: rkhunter 1.4.2 volc rootkit found & then gone? Re-scanning (twice, hence my lack of the necessary log) produced 0 rootkit results. 5. Contact Us | Hack Forums | Lite (Archive) Mode | Staff | Awards | Legal Policies | Top FAQ Forum Quick Links Unanswered Posts New Posts View Forum Leaders FAQ Contact
Are you trying to access administrative pages or a resource that you shouldn't be? Terms Privacy Opt Out Choices Advertise Get latest updates about Open Source Projects, Conferences and News. Logged thorstenl Newbie Posts: 8 Re: Avast free warns for possible Rootkit, but does not remove or log. « Reply #12 on: November 08, 2012, 08:07:32 AM » I ran ComboFix http://computersciencehomeworkhelp.net/possible-rootkit/possible-rootkit-infection.html The only thing worrying me: Is it possible that "Parallels tools" or "Bootcamp assistant" could contain the infection?
and im on ubuntu 13.4 and here is my log , thank you Code: Checking system commands... Click here to Register a free account now! It even does the same thing in safe mode. any suggestion please?
Register now! Anyone have a suggestion? are all included here. Back to top #3 sempai sempai noypi Malware Response Team 5,288 posts OFFLINE Gender:Male Location:3 stars and a sun Local time:09:55 AM Posted 24 September 2009 - 08:28 AM Hello
All Rights Reserved. If we have ever helped you in the past, please consider helping us. Possible > rootkit: Xzibit Rootkit > Found string 'hdparm' in file '/etc/rc.d/rc.sysinit'. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Login Username/Email: Password: Gauth/2FA: Ignore if you have not enabled this feature on your account. If you accept cookies from this site, you will only be shown this dialog once!You can press escape or click on the X to close this box. Unable to logon to the system in normal boot mode (Windows XP - sp3). Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get this warning it is ok, just ignore"Rootkit Unhooker has detected a parasite inside