Re: chrootkit suspicious files and directories
Good time of the day, sp11.
You wrote:
> chrootkit gives following message:
>
> Searching for suspicious files and dirs, it may take a while...
>
> The following suspicious files and directories were found:
>
> /usr/lib/pymodules/python2.6/PyQt4/uic/widget-plugins/.noinit
> /usr/lib/pymodules/python2.6/.path
> /usr/lib/pymodules/python2.5/PyQt4/uic/widget-plugins/.noinit
> /usr/lib/pymodules/python2.5/.path
> /usr/lib/icedove/.autoreg
> /usr/lib/xulrunner-1.9.1/.autoreg
> /usr/lib/iceweasel/.autoreg
> /usr/lib/iceape/.autoreg
> /usr/lib/jvm/.java-6-openjdk.jinfo
> /usr/lib/jvm/java-1.5.0-gcj-4.4/.java-gcj-4.4.jinfo
> /lib/init/rw/.ramfs
>
> Running Squeeze on amd64.
>
> Any ideas?
After several false positives I removed the kit years ago, since that
slept peacefully.
Of course it does not mean that nothing should be done instead. All I
want to say is that it is not trustworthy - You just can not judge
right having its results.
Sthu.
Reply to: