[ Rootkit Hunter version 1.4.6 ]
[1;33mChecking system commands...[0;39m
Performing 'strings' command checks
Checking 'strings' command[31C[ [1;32mOK[0;39m ]
Performing 'shared libraries' checks
Checking for preloading variables[24C[ [1;32mNone found[0;39m ]
Checking for preloaded libraries[25C[ [1;32mNone found[0;39m ]
Checking LD_LIBRARY_PATH variable[24C[ [1;32mNot found[0;39m ]
Performing file properties checks
Checking for prerequisites[31C[ [1;32mOK[0;39m ]
/usr/sbin/adduser[40C[ [1;32mOK[0;39m ]
/usr/sbin/chkconfig[38C[ [1;32mOK[0;39m ]
/usr/sbin/chroot[41C[ [1;32mOK[0;39m ]
/usr/sbin/depmod[41C[ [1;32mOK[0;39m ]
/usr/sbin/fsck[43C[ [1;32mOK[0;39m ]
/usr/sbin/groupadd[39C[ [1;32mOK[0;39m ]
/usr/sbin/groupdel[39C[ [1;32mOK[0;39m ]
/usr/sbin/groupmod[39C[ [1;32mOK[0;39m ]
/usr/sbin/grpck[42C[ [1;32mOK[0;39m ]
/usr/sbin/ifconfig[39C[ [1;32mOK[0;39m ]
/usr/sbin/ifdown[41C[ [1;32mOK[0;39m ]
/usr/sbin/ifup[43C[ [1;32mOK[0;39m ]
/usr/sbin/init[43C[ [1;32mOK[0;39m ]
/usr/sbin/insmod[41C[ [1;32mOK[0;39m ]
/usr/sbin/ip[45C[ [1;32mOK[0;39m ]
/usr/sbin/lsmod[42C[ [1;32mOK[0;39m ]
/usr/sbin/lsof[43C[ [1;32mOK[0;39m ]
/usr/sbin/modinfo[40C[ [1;32mOK[0;39m ]
/usr/sbin/modprobe[39C[ [1;32mOK[0;39m ]
/usr/sbin/nologin[40C[ [1;32mOK[0;39m ]
/usr/sbin/pwck[43C[ [1;32mOK[0;39m ]
/usr/sbin/rmmod[42C[ [1;32mOK[0;39m ]
/usr/sbin/route[42C[ [1;32mOK[0;39m ]
/usr/sbin/rsyslogd[39C[ [1;31mWarning[0;39m ]
/usr/sbin/runlevel[39C[ [1;32mOK[0;39m ]
/usr/sbin/sestatus[39C[ [1;32mOK[0;39m ]
/usr/sbin/sshd[43C[ [1;32mOK[0;39m ]
/usr/sbin/sulogin[40C[ [1;32mOK[0;39m ]
/usr/sbin/sysctl[41C[ [1;32mOK[0;39m ]
/usr/sbin/useradd[40C[ [1;32mOK[0;39m ]
/usr/sbin/userdel[40C[ [1;32mOK[0;39m ]
/usr/sbin/usermod[40C[ [1;32mOK[0;39m ]
/usr/sbin/vipw[43C[ [1;32mOK[0;39m ]
/usr/bin/awk[45C[ [1;32mOK[0;39m ]
/usr/bin/basename[40C[ [1;32mOK[0;39m ]
/usr/bin/bash[44C[ [1;32mOK[0;39m ]
/usr/bin/cat[45C[ [1;32mOK[0;39m ]
/usr/bin/chattr[42C[ [1;32mOK[0;39m ]
/usr/bin/chmod[43C[ [1;32mOK[0;39m ]
/usr/bin/chown[43C[ [1;32mOK[0;39m ]
/usr/bin/cp[46C[ [1;32mOK[0;39m ]
/usr/bin/curl[44C[ [1;32mOK[0;39m ]
/usr/bin/cut[45C[ [1;32mOK[0;39m ]
/usr/bin/date[44C[ [1;32mOK[0;39m ]
/usr/bin/df[46C[ [1;32mOK[0;39m ]
/usr/bin/diff[44C[ [1;32mOK[0;39m ]
/usr/bin/dirname[41C[ [1;32mOK[0;39m ]
/usr/bin/dmesg[43C[ [1;32mOK[0;39m ]
/usr/bin/dpkg[44C[ [1;32mOK[0;39m ]
/usr/bin/dpkg-query[38C[ [1;32mOK[0;39m ]
/usr/bin/du[46C[ [1;32mOK[0;39m ]
/usr/bin/echo[44C[ [1;32mOK[0;39m ]
/usr/bin/egrep[43C[ [1;32mOK[0;39m ]
/usr/bin/elinks[42C[ [1;32mOK[0;39m ]
/usr/bin/env[45C[ [1;32mOK[0;39m ]
/usr/bin/fgrep[43C[ [1;32mOK[0;39m ]
/usr/bin/file[44C[ [1;32mOK[0;39m ]
/usr/bin/find[44C[ [1;32mOK[0;39m ]
/usr/bin/GET[45C[ [1;32mOK[0;39m ]
/usr/bin/grep[44C[ [1;32mOK[0;39m ]
/usr/bin/groups[42C[ [1;32mOK[0;39m ]
/usr/bin/head[44C[ [1;32mOK[0;39m ]
/usr/bin/id[46C[ [1;32mOK[0;39m ]
/usr/bin/ipcs[44C[ [1;32mOK[0;39m ]
/usr/bin/kill[44C[ [1;32mOK[0;39m ]
/usr/bin/last[44C[ [1;32mOK[0;39m ]
/usr/bin/lastlog[41C[ [1;32mOK[0;39m ]
/usr/bin/ldd[45C[ [1;31mWarning[0;39m ]
/usr/bin/less[44C[ [1;32mOK[0;39m ]
/usr/bin/links[43C[ [1;32mOK[0;39m ]
/usr/bin/locate[42C[ [1;32mOK[0;39m ]
/usr/bin/logger[42C[ [1;32mOK[0;39m ]
/usr/bin/login[43C[ [1;32mOK[0;39m ]
/usr/bin/ls[46C[ [1;32mOK[0;39m ]
/usr/bin/lsattr[42C[ [1;32mOK[0;39m ]
/usr/bin/mail[44C[ [1;32mOK[0;39m ]
/usr/bin/md5sum[42C[ [1;32mOK[0;39m ]
/usr/bin/mktemp[42C[ [1;32mOK[0;39m ]
/usr/bin/more[44C[ [1;32mOK[0;39m ]
/usr/bin/mount[43C[ [1;32mOK[0;39m ]
/usr/bin/mv[46C[ [1;32mOK[0;39m ]
/usr/bin/netstat[41C[ [1;32mOK[0;39m ]
/usr/bin/newgrp[42C[ [1;32mOK[0;39m ]
/usr/bin/passwd[42C[ [1;32mOK[0;39m ]
/usr/bin/perl[44C[ [1;32mOK[0;39m ]
/usr/bin/pgrep[43C[ [1;32mOK[0;39m ]
/usr/bin/ping[44C[ [1;32mOK[0;39m ]
/usr/bin/pkill[43C[ [1;32mOK[0;39m ]
/usr/bin/ps[46C[ [1;32mOK[0;39m ]
/usr/bin/pwd[45C[ [1;32mOK[0;39m ]
/usr/bin/readlink[40C[ [1;32mOK[0;39m ]
/usr/bin/rkhunter[40C[ [1;32mOK[0;39m ]
/usr/bin/rpm[45C[ [1;32mOK[0;39m ]
/usr/bin/runcon[42C[ [1;32mOK[0;39m ]
/usr/bin/sed[45C[ [1;32mOK[0;39m ]
/usr/bin/sh[46C[ [1;32mOK[0;39m ]
/usr/bin/sha1sum[41C[ [1;32mOK[0;39m ]
/usr/bin/sha224sum[39C[ [1;32mOK[0;39m ]
/usr/bin/sha256sum[39C[ [1;32mOK[0;39m ]
/usr/bin/sha384sum[39C[ [1;32mOK[0;39m ]
/usr/bin/sha512sum[39C[ [1;32mOK[0;39m ]
/usr/bin/size[44C[ [1;32mOK[0;39m ]
/usr/bin/sort[44C[ [1;32mOK[0;39m ]
/usr/bin/ssh[45C[ [1;32mOK[0;39m ]
/usr/bin/stat[44C[ [1;32mOK[0;39m ]
/usr/bin/strings[41C[ [1;32mOK[0;39m ]
/usr/bin/su[46C[ [1;32mOK[0;39m ]
/usr/bin/sudo[44C[ [1;32mOK[0;39m ]
/usr/bin/tail[44C[ [1;32mOK[0;39m ]
/usr/bin/telnet[42C[ [1;32mOK[0;39m ]
/usr/bin/test[44C[ [1;32mOK[0;39m ]
/usr/bin/top[45C[ [1;32mOK[0;39m ]
/usr/bin/touch[43C[ [1;32mOK[0;39m ]
/usr/bin/tr[46C[ [1;32mOK[0;39m ]
/usr/bin/uname[43C[ [1;32mOK[0;39m ]
/usr/bin/uniq[44C[ [1;32mOK[0;39m ]
/usr/bin/users[43C[ [1;32mOK[0;39m ]
/usr/bin/vmstat[42C[ [1;32mOK[0;39m ]
/usr/bin/w[47C[ [1;32mOK[0;39m ]
/usr/bin/watch[43C[ [1;32mOK[0;39m ]
/usr/bin/wc[46C[ [1;32mOK[0;39m ]
/usr/bin/wget[44C[ [1;32mOK[0;39m ]
/usr/bin/whatis[42C[ [1;32mOK[0;39m ]
/usr/bin/whereis[41C[ [1;32mOK[0;39m ]
/usr/bin/which[43C[ [1;32mOK[0;39m ]
/usr/bin/who[45C[ [1;32mOK[0;39m ]
/usr/bin/whoami[42C[ [1;32mOK[0;39m ]
/usr/bin/numfmt[42C[ [1;32mOK[0;39m ]
/usr/bin/kmod[44C[ [1;32mOK[0;39m ]
/usr/bin/systemctl[39C[ [1;32mOK[0;39m ]
/usr/bin/gawk[44C[ [1;32mOK[0;39m ]
/usr/bin/mailx[43C[ [1;32mOK[0;39m ]
/usr/lib/systemd/systemd[33C[ [1;32mOK[0;39m ]
[Press <ENTER> to continue]
[1;33mChecking for rootkits...[0;39m
Performing check of known rootkit files and directories
55808 Trojan - Variant A[33C[ [1;32mNot found[0;39m ]
ADM Worm[49C[ [1;32mNot found[0;39m ]
AjaKit Rootkit[43C[ [1;32mNot found[0;39m ]
Adore Rootkit[44C[ [1;32mNot found[0;39m ]
aPa Kit[50C[ [1;32mNot found[0;39m ]
Apache Worm[46C[ [1;32mNot found[0;39m ]
Ambient (ark) Rootkit[36C[ [1;32mNot found[0;39m ]
Balaur Rootkit[43C[ [1;32mNot found[0;39m ]
BeastKit Rootkit[41C[ [1;32mNot found[0;39m ]
beX2 Rootkit[45C[ [1;32mNot found[0;39m ]
BOBKit Rootkit[43C[ [1;32mNot found[0;39m ]
cb Rootkit[47C[ [1;32mNot found[0;39m ]
CiNIK Worm (Slapper.B variant)[27C[ [1;32mNot found[0;39m ]
Danny-Boy's Abuse Kit[36C[ [1;32mNot found[0;39m ]
Devil RootKit[44C[ [1;32mNot found[0;39m ]
Diamorphine LKM[42C[ [1;32mNot found[0;39m ]
Dica-Kit Rootkit[41C[ [1;32mNot found[0;39m ]
Dreams Rootkit[43C[ [1;32mNot found[0;39m ]
Duarawkz Rootkit[41C[ [1;32mNot found[0;39m ]
Ebury backdoor[43C[ [1;32mNot found[0;39m ]
Enye LKM[49C[ [1;32mNot found[0;39m ]
Flea Linux Rootkit[39C[ [1;32mNot found[0;39m ]
Fu Rootkit[47C[ [1;32mNot found[0;39m ]
Fuck`it Rootkit[42C[ [1;32mNot found[0;39m ]
GasKit Rootkit[43C[ [1;32mNot found[0;39m ]
Heroin LKM[47C[ [1;32mNot found[0;39m ]
HjC Kit[50C[ [1;32mNot found[0;39m ]
ignoKit Rootkit[42C[ [1;32mNot found[0;39m ]
IntoXonia-NG Rootkit[37C[ [1;32mNot found[0;39m ]
Irix Rootkit[45C[ [1;32mNot found[0;39m ]
Jynx Rootkit[45C[ [1;32mNot found[0;39m ]
Jynx2 Rootkit[44C[ [1;32mNot found[0;39m ]
KBeast Rootkit[43C[ [1;32mNot found[0;39m ]
Kitko Rootkit[44C[ [1;32mNot found[0;39m ]
Knark Rootkit[44C[ [1;32mNot found[0;39m ]
ld-linuxv.so Rootkit[37C[ [1;32mNot found[0;39m ]
Li0n Worm[48C[ [1;32mNot found[0;39m ]
Lockit / LJK2 Rootkit[36C[ [1;32mNot found[0;39m ]
Mokes backdoor[43C[ [1;32mNot found[0;39m ]
Mood-NT Rootkit[42C[ [1;32mNot found[0;39m ]
MRK Rootkit[46C[ [1;32mNot found[0;39m ]
Ni0 Rootkit[46C[ [1;32mNot found[0;39m ]
Ohhara Rootkit[43C[ [1;32mNot found[0;39m ]
Optic Kit (Tux) Worm[37C[ [1;32mNot found[0;39m ]
Oz Rootkit[47C[ [1;32mNot found[0;39m ]
Phalanx Rootkit[42C[ [1;32mNot found[0;39m ]
Phalanx2 Rootkit[41C[ [1;32mNot found[0;39m ]
Phalanx2 Rootkit (extended tests)[24C[ [1;32mNot found[0;39m ]
Portacelo Rootkit[40C[ [1;32mNot found[0;39m ]
R3dstorm Toolkit[41C[ [1;32mNot found[0;39m ]
RH-Sharpe's Rootkit[38C[ [1;32mNot found[0;39m ]
RSHA's Rootkit[43C[ [1;32mNot found[0;39m ]
Scalper Worm[45C[ [1;32mNot found[0;39m ]
Sebek LKM[48C[ [1;32mNot found[0;39m ]
Shutdown Rootkit[41C[ [1;32mNot found[0;39m ]
SHV4 Rootkit[45C[ [1;32mNot found[0;39m ]
SHV5 Rootkit[45C[ [1;32mNot found[0;39m ]
Sin Rootkit[46C[ [1;32mNot found[0;39m ]
Slapper Worm[45C[ [1;32mNot found[0;39m ]
Sneakin Rootkit[42C[ [1;32mNot found[0;39m ]
'Spanish' Rootkit[40C[ [1;32mNot found[0;39m ]
Suckit Rootkit[43C[ [1;32mNot found[0;39m ]
Superkit Rootkit[41C[ [1;32mNot found[0;39m ]
TBD (Telnet BackDoor)[36C[ [1;32mNot found[0;39m ]
TeLeKiT Rootkit[42C[ [1;32mNot found[0;39m ]
T0rn Rootkit[45C[ [1;32mNot found[0;39m ]
trNkit Rootkit[43C[ [1;32mNot found[0;39m ]
Trojanit Kit[45C[ [1;32mNot found[0;39m ]
Tuxtendo Rootkit[41C[ [1;32mNot found[0;39m ]
URK Rootkit[46C[ [1;32mNot found[0;39m ]
Vampire Rootkit[42C[ [1;32mNot found[0;39m ]
VcKit Rootkit[44C[ [1;32mNot found[0;39m ]
Volc Rootkit[45C[ [1;32mNot found[0;39m ]
Xzibit Rootkit[43C[ [1;32mNot found[0;39m ]
zaRwT.KiT Rootkit[40C[ [1;32mNot found[0;39m ]
ZK Rootkit[47C[ [1;32mNot found[0;39m ]
[Press <ENTER> to continue]
Performing additional rootkit checks
Suckit Rootkit additional checks[25C[ [1;32mOK[0;39m ]
Checking for possible rootkit files and directories[6C[ [1;32mNone found[0;39m ]
Checking for possible rootkit strings[20C[ [1;32mNone found[0;39m ]
Performing malware checks
Checking running processes for suspicious files[10C[ [1;32mNone found[0;39m ]
Checking for hidden processes[28C[ [1;33mSkipped[0;39m ]
Checking for login backdoors[29C[ [1;32mNone found[0;39m ]
Checking for sniffer log files[27C[ [1;32mNone found[0;39m ]
Checking for suspicious directories[22C[ [1;32mNone found[0;39m ]
Checking for Apache backdoor[29C[ [1;32mNot found[0;39m ]
Performing Linux specific checks
Checking loaded kernel modules[27C[ [1;32mOK[0;39m ]
Checking kernel module names[29C[ [1;32mOK[0;39m ]
[Press <ENTER> to continue]
[1;33mChecking the network...[0;39m
Performing checks on the network ports
Checking for backdoor ports[30C[ [1;32mNone found[0;39m ]
Performing checks on the network interfaces
Checking for promiscuous interfaces[22C[ [1;32mNone found[0;39m ]
[1;33mChecking the local host...[0;39m
Performing system boot checks
Checking for local host name[29C[ [1;32mFound[0;39m ]
Checking for system startup files[24C[ [1;32mFound[0;39m ]
Checking system startup files for malware[16C[ [1;32mNone found[0;39m ]
Performing group and account checks
Checking for passwd file[33C[ [1;32mFound[0;39m ]
Checking for root equivalent (UID 0) accounts[12C[ [1;32mNone found[0;39m ]
Checking for passwordless accounts[23C[ [1;32mNone found[0;39m ]
Checking for passwd file changes[25C[ [1;32mNone found[0;39m ]
Checking for group file changes[26C[ [1;32mNone found[0;39m ]
Checking root account shell history files[16C[ [1;32mOK[0;39m ]
Performing system configuration file checks
Checking for an SSH configuration file[19C[ [1;32mFound[0;39m ]
Checking if SSH root access is allowed[19C[ [1;32mAllowed[0;39m ]
Checking if SSH protocol v1 is allowed[19C[ [1;32mNot set[0;39m ]
Checking for other suspicious configuration settings[5C[ [1;32mNone found[0;39m ]
Checking for a running system logging daemon[13C[ [1;32mFound[0;39m ]
Checking for a system logging configuration file[9C[ [1;32mFound[0;39m ]
Checking if syslog remote logging is allowed[13C[ [1;32mNot allowed[0;39m ]
Performing filesystem checks
Checking /dev for suspicious file types[18C[ [1;32mNone found[0;39m ]
Checking for hidden files and directories[16C[ [1;32mNone found[0;39m ]
[Press <ENTER> to continue]
System checks summary
=====================
File properties checks...
Files checked: 133
Suspect files: 2
Rootkit checks...
Rootkits checked : 491
Possible rootkits: 0
Applications checks...
All checks skipped
The system checks took: 2 minutes and 12 seconds
All results have been written to the log file: /var/log/rkhunter/rkhunter.log
One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter/rkhunter.log)