when i run my rkhunter i get suspicious files :(
 

whats up peeps every time u run a rk hunter check i get these results

Performing gruop and account checks
checking forpassward file change [warning]
checking for group files changes [warning]

performing filesystem checks
checking /dev for suspicous file types [warning]
checking for hidden files and directories [warning]

suspect files found ONE

can yall help me out or what :(

Have a look in /var/log/rkhunter.log You may get more info there. I ran this command as root
I got many of the same warnings. I assume rkhunter's philosophy is to err on the side of caution.
jdk

ty for the quick reply.
when i did my check root kit it said
searching for suckutrootkit warning :/sbin/init INFECTED

is there a root kit in my comp right now?

Please do not post the same problem on two different threads. I can find no match for "suckurrotkit" in rkhunter.log. The closest thing I see to that is
Is this some sort of joke?
jdk

na dude, im not kidding it said
searching for suckutrootkit warning :/sbin/init INFECTED, why would i joke about it??? is it what serious ima run it again give me a sec

i just chkrootkit again and it said
:searching for suckutrootkit warning :/sbin/init INFECTED
what doers this mean?

do i have some sort of soft ware floating around im my comp right now???

so from what i gathered, a root kit is a tool used by hackers to use stealth and sneak into a computer...... now that i detected it wtf can i do to get rid of it?

- Isolate the machine from the network,
- Optionally investigate how it got there,
- Save personal files,
- Install your OS from scratch,
- Properly harden your machine,
- Inspect and verify personal files before putting them back in,
- Regularly check for any problems.

BTW, you are running the current version of Rootkit Hunter are you?

i just installed ubuntuu yesterday, but if i have to ill do it again, from skratch
-how do i investigate this, is there like an ubuntuu antispyware or anti virus
-harden my computer how, just tell me the names of the program to help me harden it and ill research it
-for inspecting my file ill erase it all
-and yes i just installed it and updated it right after

and just so that i know whats good, chkrootkit found a suck it rootkit and so my comp is comprimised? to what extent is it
and thank u for the help, im correct in assuming there is a hacker in my comp right now?

it also said the following suspisious file was found
/usr/lib/pyton2.7/dist-packages/pyqt4/widget-plugins/.noinit/

the first thing i did was use my facebook and hotmail account. cound they have comprimised me on that?

and i ment say it is a suckit* rootkit

"SucKIT is a rootkit presented in Phrack issue 58, article 0x07 ("Linux on-the-fly kernel patching without LKM", by sd & devik). This is a fully working rootkit that is loaded through /dev/kmem (i.e. it does not need a kernel with support for loadable kernel modules. It provides a password protected remote access connect-back shell initiated by a spoofed packet (bypassing most of firewall configurations), and can hide processes, files and connections."

looks like the hackers busted oyt the big guns and there out in force :(

this text is at least 9 years old: http://www.forosdelweb.com/f41/que-t...ml#post1198506

Then it's more likely this is a false positive.
BTW I also asked you if are running the current version of Rootkit Hunter.


No, let's not assume. Start by posting relevant rkhunter.log details.