LKM Trojan
david walcroft
david_walcroft at yahoo.com.au
Wed Dec 1 00:05:14 UTC 2004
Hi,
yesterday chkrootkit logged this
Checking `lkm'...
You have 2 process hidden for readdir command
You have 2 process hidden for ps command
Warning: Possible LKM Trojan installed
Today it logs
Checking `lkm'...
You have 4 process hidden for readdir command
You have 4 process hidden for ps command
Warning: Possible LKM Trojan installed
Would these be a 'false positive' or for real and if so how do I
confirm and remove any infected process/trojan
Thanks david
More information about the fedora-list
mailing list