I’m running OpenSUSE 11.1. I just ran chkrootkit and it told me that top is infected. So I tried reloading the package procps, which contains top, but the problem persisted.
How can I tell if this is a real problem or an artifact?
I also got this from chkrootkit:
Checking `lkm'... You have 114 process hidden for readdir command
You have 114 process hidden for ps command
Warning: Possible LKM Trojan installed
On 2010-10-05 01:36, pwabrahams wrote:
>
> I’m running OpenSUSE 11.1. I just ran chkrootkit and it told me that
> top is infected. So I tried reloading the package procps, which
> contains top, but the problem persisted.
If you are really worried, download the rpm on another computer, expand it, and compare the binaries
from both systems (not running the suspect system, use a live or another partition)
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)