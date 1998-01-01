ROOTDIR is `/'

Checking `amd'... not found

Checking `basename'... not infected

Checking `biff'... not found

Checking `chfn'... not infected

Checking `chsh'... not infected

Checking `cron'... not infected

Checking `crontab'... not infected

Checking `date'... not infected

Checking `du'... not infected

Checking `dirname'... not infected

Checking `echo'... not infected

Checking `egrep'... not infected

Checking `env'... not infected

Checking `find'... not infected

Checking `fingerd'... not found

Checking `gpm'... not infected

Checking `grep'... not infected

Checking `hdparm'... not infected

Checking `su'... not infected

Checking `ifconfig'... not infected

Checking `inetd'... not infected

Checking `inetdconf'... not found

Checking `identd'... not found

Checking `init'... not infected

Checking `killall'... not infected

Checking `ldsopreload'... not infected

Checking `login'... not infected

Checking `ls'... not infected

Checking `lsof'... not infected

Checking `mail'... not found

Checking `mingetty'... not found

Checking `netstat'... not infected

Checking `named'... not found

Checking `passwd'... not infected

Checking `pidof'... not infected

Checking `pop2'... not found

Checking `pop3'... not found

Checking `ps'... not infected

Checking `pstree'... not infected

Checking `rpcinfo'... not found

Checking `rlogind'... not found

Checking `rshd'... not found

Checking `slogin'... not infected

Checking `sendmail'... not found

Checking `sshd'... not infected

Checking `syslogd'... not tested

Checking `tar'... not infected

Checking `tcpd'... INFECTED

Checking `tcpdump'... not infected

Checking `top'... not infected

Checking `telnetd'... not found

Checking `timed'... not found

Checking `traceroute'... not found

Checking `vdir'... not infected

Checking `w'... not infected

Checking `write'... not infected

Checking `aliens'... no suspect files

Searching for sniffer's logs, it may take a while... nothing found

Searching for rootkit HiDrootkit's default files... nothing found

Searching for rootkit t0rn's default files... nothing found

Searching for t0rn's v8 defaults... nothing found

Searching for rootkit Lion's default files... nothing found

Searching for rootkit RSHA's default files... nothing found

Searching for rootkit RH-Sharpe's default files... nothing found

Searching for Ambient's rootkit (ark) default files and dirs... nothing found

Searching for suspicious files and dirs, it may take a while... The following suspicious files and directories were found:

/usr/lib/debug/.build-id /usr/lib/python2.7/dist-packages/PyQt4/uic/widget-plugins/.noinit /usr/lib/jvm/.java-1.8.0-openjdk-amd64.jinfo /usr/lib/python3/dist-packages/matplotlib/tests/baseline_images/.keep /lib/modules/4.10.0-35-generic/vdso/.build-id /lib/modules/4.10.0-36-generic/vdso/.build-id

/usr/lib/debug/.build-id /lib/modules/4.10.0-35-generic/vdso/.build-id /lib/modules/4.10.0-36-generic/vdso/.build-id

Searching for LPD Worm files and dirs... nothing found

Searching for Ramen Worm files and dirs... nothing found

Searching for Maniac files and dirs... nothing found

Searching for RK17 files and dirs... nothing found

Searching for Ducoci rootkit... nothing found

Searching for Adore Worm... nothing found

Searching for ShitC Worm... nothing found

Searching for Omega Worm... nothing found

Searching for Sadmind/IIS Worm... nothing found

Searching for MonKit... nothing found

Searching for Showtee... nothing found

Searching for OpticKit... nothing found

Searching for T.R.K... nothing found

Searching for Mithra... nothing found

Searching for LOC rootkit... nothing found

Searching for Romanian rootkit... nothing found

Searching for Suckit rootkit... nothing found

Searching for Volc rootkit... nothing found

Searching for Gold2 rootkit... nothing found

Searching for TC2 Worm default files and dirs... nothing found

Searching for Anonoying rootkit default files and dirs... nothing found

Searching for ZK rootkit default files and dirs... nothing found

Searching for ShKit rootkit default files and dirs... nothing found

Searching for AjaKit rootkit default files and dirs... nothing found

Searching for zaRwT rootkit default files and dirs... nothing found

Searching for Madalin rootkit default files... nothing found

Searching for Fu rootkit default files... nothing found

Searching for ESRK rootkit default files... nothing found

Searching for rootedoor... nothing found

Searching for ENYELKM rootkit default files... nothing found

Searching for common ssh-scanners default files... nothing found

Searching for Linux/Ebury - Operation Windigo ssh... nothing found

Searching for 64-bit Linux Rootkit ... nothing found

Searching for 64-bit Linux Rootkit modules... nothing found

Searching for suspect PHP files... nothing found

Searching for anomalies in shell history files... Warning: `//home/medved/.bashburn_history' file size is zero

Checking `asp'... not infected

Checking `bindshell'... not infected

Checking `lkm'... chkproc: nothing detected

chkdirs: nothing detected

Checking `rexedcs'... not found

Checking `sniffer'... lo: not promisc and no packet sniffer sockets

enp4s0: not promisc and no packet sniffer sockets

Checking `w55808'... not infected

Checking `wted'... chkwtmp: nothing deleted

Checking `scalper'... not infected

Checking `slapper'... not infected

Checking `z2'... chklastlog: nothing deleted

Checking `chkutmp'... The tty of the following user process(es) were not found

in /var/run/utmp !

! RUID PID TTY CMD

! medved 3502 pts/0 bash

! root 15050 pts/0 /bin/sh /usr/sbin/chkrootkit

! root 15708 pts/0 ./chkutmp

! root 15710 pts/0 ps axk tty,ruser,args -o tty,pid,ruser,args

! root 15709 pts/0 sh -c ps axk "tty,ruser,args" -o "tty,pid,ruser,args"

! root 15049 pts/0 sudo chkrootkit

! medved 3796 pts/1 bash

! root 15027 pts/1 nano /etc/passwd

! root 15026 pts/1 sudo nano /etc/passwd

! medved 3877 pts/2 bash

! medved 3951 pts/2 su

! root 3952 pts/2 bash

chkutmp: nothing deleted

Checking `OSX_RSPLUG'... not infected



V repozitáři je virus, je v balíku translate-shell. Odinstalování nepomůže. A to ani apt purge, aptitude purge ~c, apt autoremove.Nevím, jak se toho zbavit. Náhodně mi vkládá text ze schránky kamkoliv, do terminálu, do prohlížeče, atd. Vytváří plochy...ubuntu 17.04, je to v repozitáři multiverse