Мне кажется, в системе есть руткит.

На основании чего так кажется?

www.linux.org.ru/help/lorcode.md Начни с LORCODE

Надо бы кнопку «Поместить» делать активной после нажатия кнопки «Предпросмотр», а то эпидемия какая-то.

ты бы данные то свои прикрывал.
я уже питик с тваево счета снял, а мог бы и не питик. но я сегодня добрый.

иди пароли меняй теперь балбес

Лучше переносы строк нормально обрабатывать, тогда такие простыни будут неэстетичными, но хотя-бы читаемыми.

сам балбес

a@a-Lenovo-G580:~$ sudo chkrootkit [sudo] пароль для a: ROOTDIR is `/' Checking `amd'... not found

Checking `basename'... not infected

Checking `biff'... not found

Checking `chfn'... not infected

Checking `chsh'... not infected

Checking `cron'... not infected

Checking `crontab'... not infected

Checking `date'... not infected

Checking `du'... not infected

Checking `dirname'... not infected

Checking `echo'... not infected

Checking `egrep'... not infected

Checking `env'... not infected

Checking `find'... not infected

Checking `fingerd'... not found

Checking `gpm'... not found

Checking `grep'... not infected

Checking `hdparm'... not infected

Checking `su'... not infected

Checking `ifconfig'... not infected

Checking `inetd'... not infected

Checking `inetdconf'... not found

Checking `identd'... not found

Checking `init'... not infected

Checking `killall'... not infected

Checking `ldsopreload'... not infected

Checking `login'... not infected

Checking `ls'... not infected

Checking `lsof'... not infected

Checking `mail'... not infected

Checking `mingetty'... not found

Checking `netstat'... not infected

Checking `named'... not found

Checking `passwd'... not infected

Checking `pidof'... not infected

Checking `pop2'... not found

Checking `pop3'... not found

Checking `ps'... not infected

Checking `pstree'... not infected

Checking `rpcinfo'... not found

Checking `rlogind'... not found

Checking `rshd'... not found

Checking `slogin'... not infected

Checking `sendmail'... not infected

Checking `sshd'... not found

Checking `syslogd'... not tested

Checking `tar'... not infected

Checking `tcpd'... not infected

Checking `tcpdump'... not infected

Checking `top'... not infected

Checking `telnetd'... not found

Checking `timed'... not found

Checking `traceroute'... not found

Checking `vdir'... not infected

Checking `w'... not infected

Checking `write'... not infected

Checking `aliens'... no suspect files

Searching for sniffer's logs, it may take a while... nothing found

Searching for rootkit HiDrootkit's default files... nothing found

Searching for rootkit t0rn's default files... nothing found

Searching for t0rn's v8 defaults... nothing found

Searching for rootkit Lion's default files... nothing found

Searching for rootkit RSHA's default files... nothing found

Searching for rootkit RH-Sharpe's default files... nothing found

Searching for Ambient's rootkit (ark) default files and dirs... nothing found

Searching for suspicious files and dirs, it may take a while... The following suspicious files and directories were found: /usr/lib/debug/.build-id /lib/modules/4.4.0-21-generic/vdso/.build-id /lib/modules/4.4.0-47-generic/vdso/.build-id /usr/lib/debug/.build-id /lib/modules/4.4.0-21-generic/vdso/.build-id /lib/modules/4.4.0-47-generic/vdso/.build-id

Searching for LPD Worm files and dirs... nothing found

Searching for Ramen Worm files and dirs... nothing found

Searching for Maniac files and dirs... nothing found

Searching for RK17 files and dirs... nothing found

Searching for Ducoci rootkit... nothing found

Searching for Adore Worm... nothing found

Searching for ShitC Worm... nothing found

Searching for Omega Worm... nothing found

Searching for Sadmind/IIS Worm... nothing found

Searching for MonKit... nothing found

Searching for Showtee... nothing found

Searching for OpticKit... nothing found

Searching for T.R.K... nothing found

Searching for Mithra... nothing found

Searching for LOC rootkit... nothing found

Searching for Romanian rootkit... nothing found

Searching for Suckit rootkit... nothing found

Searching for Volc rootkit... nothing found

Searching for Gold2 rootkit... nothing found

Searching for TC2 Worm default files and dirs... nothing found

Searching for Anonoying rootkit default files and dirs... nothing found

Searching for ZK rootkit default files and dirs... nothing found

Searching for ShKit rootkit default files and dirs... nothing found

Searching for AjaKit rootkit default files and dirs... nothing found

Searching for zaRwT rootkit default files and dirs... nothing found

Searching for Madalin rootkit default files... nothing found

Searching for Fu rootkit default files... nothing found

Searching for ESRK rootkit default files... nothing found

Searching for rootedoor... nothing found

Searching for ENYELKM rootkit default files... nothing found

Searching for common ssh-scanners default files... nothing found

Searching for Linux/Ebury - Operation Windigo ssh... Possible Linux/Ebury - Operation Windigo installetd

Searching for 64-bit Linux Rootkit ... nothing found

Searching for 64-bit Linux Rootkit modules... nothing found

Searching for suspect PHP files... nothing found

Searching for anomalies in shell history files... nothing found

Checking `asp'... not infected

Checking `bindshell'... not infected

Checking `lkm'... chkproc: nothing detected chkdirs: nothing detected

Checking `rexedcs'... not found

Checking `sniffer'... lo: not promisc and no packet sniffer sockets

Checking `w55808'... not infected

Checking `wted'... chkwtmp: nothing deleted

Checking `scalper'... not infected

Checking `slapper'... not infected

Checking `z2'... user a deleted or never logged from lastlog!

Checking `chkutmp'... The tty of the following user process(es) were not found in /var/run/utmp ! ! RUID PID TTY CMD ! a 6686 pts/1 bash ! root 6700 pts/1 /bin/sh /usr/sbin/chkrootkit ! root 7366 pts/1 ./chkutmp ! root 7368 pts/1 ps axk tty,ruser,args -o tty,pid,ruser,args ! root 7367 pts/1 sh -c ps axk «tty,ruser,args» -o «tty,pid,ruser,args» ! root 6699 pts/1 sudo chkrootkit chkutmp: nothing deleted

Checking `OSX_RSPLUG'... not infected

И еще вот проверка

a@a-Lenovo-G580:~$ sudo rkhunter -c --sk [sudo] пароль для a: [ Rootkit Hunter version 1.4.2 ]

Checking system commands...

Performing 'strings' command checks Checking 'strings' command OK ]

Performing 'shared libraries' checks Checking for preloading variables None found ]

Checking for preloaded libraries None found ]

Checking LD_LIBRARY_PATH variable Not found ]

Performing file properties checks Checking for prerequisites OK ]

/usr/sbin/adduser OK ]

/usr/sbin/chroot OK ]

/usr/sbin/cron OK ]

/usr/sbin/groupadd OK ]

/usr/sbin/groupdel OK ]

/usr/sbin/groupmod OK ]

/usr/sbin/grpck OK ]

/usr/sbin/nologin OK ]

/usr/sbin/pwck OK ]

/usr/sbin/rsyslogd OK ]

/usr/sbin/tcpd OK ]

/usr/sbin/useradd OK ]

/usr/sbin/userdel OK ]

/usr/sbin/usermod OK ]

/usr/sbin/vipw OK ]

/usr/sbin/unhide OK ]

/usr/sbin/unhide-linux OK ]

/usr/sbin/unhide-posix OK ]

/usr/sbin/unhide-tcp OK ]

/usr/bin/awk OK ]

/usr/bin/basename OK ]

/usr/bin/chattr OK ]

/usr/bin/curl OK ]

/usr/bin/cut OK ]

/usr/bin/diff OK ]

/usr/bin/dirname OK ]

/usr/bin/dpkg OK ]

/usr/bin/dpkg-query OK ]

/usr/bin/du OK ]

/usr/bin/env OK ]

/usr/bin/file OK ]

/usr/bin/find OK ]

/usr/bin/GET OK ]

/usr/bin/groups OK ]

/usr/bin/head OK ]

/usr/bin/id OK ]

/usr/bin/killall OK ]

/usr/bin/last OK ]

/usr/bin/lastlog OK ]

/usr/bin/ldd OK ]

/usr/bin/less OK ]

/usr/bin/locate OK ]

/usr/bin/logger OK ]

/usr/bin/lsattr OK ]

/usr/bin/lsof OK ]

/usr/bin/mail OK ]

/usr/bin/md5sum OK ]

/usr/bin/mlocate OK ]

/usr/bin/newgrp OK ]

/usr/bin/passwd OK ]

/usr/bin/perl OK ]

/usr/bin/pgrep OK ]

/usr/bin/pkill OK ]

/usr/bin/pstree OK ]

/usr/bin/rkhunter OK ]

/usr/bin/runcon OK ]

/usr/bin/sha1sum OK ]

/usr/bin/sha224sum OK ]

/usr/bin/sha256sum OK ]

/usr/bin/sha384sum OK ]

/usr/bin/sha512sum OK ]

/usr/bin/size OK ]

/usr/bin/sort OK ]

/usr/bin/ssh OK ]

/usr/bin/stat OK ]

/usr/bin/strace OK ]

/usr/bin/strings OK ]

/usr/bin/sudo OK ]

продолжение

/usr/bin/tail OK ]

/usr/bin/telnet OK ]

/usr/bin/test OK ]

/usr/bin/top OK ]

/usr/bin/touch OK ]

/usr/bin/tr OK ]

/usr/bin/uniq OK ]

/usr/bin/users OK ]

/usr/bin/vmstat OK ]

/usr/bin/w OK ]

/usr/bin/watch OK ]

/usr/bin/wc OK ]

/usr/bin/wget OK ]

/usr/bin/whatis OK ]

/usr/bin/whereis OK ]

/usr/bin/which OK ]

/usr/bin/who OK ]

/usr/bin/whoami OK ]

/usr/bin/mawk OK ]

/usr/bin/lwp-request Warning ]

/usr/bin/bsd-mailx OK ]

/usr/bin/i686-linux-gnu-size OK ]

/usr/bin/i686-linux-gnu-strings OK ]

/usr/bin/telnet.netkit OK ]

/usr/bin/w.procps OK ]

/sbin/depmod OK ]

/sbin/fsck OK ]

/sbin/ifconfig OK ]

/sbin/ifdown OK ]

/sbin/ifup OK ]

/sbin/init OK ]

/sbin/insmod OK ]

/sbin/ip OK ]

/sbin/lsmod OK ]

/sbin/modinfo OK ]

/sbin/modprobe OK ]

/sbin/rmmod OK ]

/sbin/route OK ]

/sbin/runlevel OK ]

/sbin/sulogin OK ]

/sbin/sysctl OK ]

/bin/bash OK ]

/bin/cat OK ]

/bin/chmod OK ]

/bin/chown OK ]

/bin/cp OK ]

/bin/date OK ]

/bin/df OK ]

/bin/dmesg OK ]

/bin/echo OK ]

/bin/ed OK ]

/bin/egrep OK ]

/bin/fgrep OK ]

/bin/fuser OK ]

/bin/grep OK ]

/bin/ip OK ]

/bin/kill OK ]

/bin/less OK ]

/bin/login OK ]

/bin/ls OK ]

/bin/lsmod OK ]

/bin/mktemp OK ]

/bin/more OK ]

/bin/mount OK ]

/bin/mv OK ]

/bin/netstat OK ]

/bin/ping OK ]

/bin/ps OK ]

/bin/pwd OK ]

/bin/readlink OK ]

/bin/sed OK ]

/bin/sh OK ]

/bin/su OK ]

продолжение 2

/bin/touch OK ]

/bin/uname OK ]

/bin/which OK ]

/bin/kmod OK ]

/bin/systemd OK ]

/bin/systemctl OK ]

/bin/dash OK ]

/lib/systemd/systemd OK ]

Checking for rootkits...

Performing check of known rootkit files and directories

55808 Trojan - Variant A Not found ]

ADM Worm Not found ]

AjaKit Rootkit Not found ]

Adore Rootkit Not found ]

aPa Kit Not found ]

Apache Worm Not found ]

Ambient (ark) Rootkit Not found ]

Balaur Rootkit Not found ]

BeastKit Rootkit Not found ]

beX2 Rootkit Not found ]

BOBKit Rootkit Not found ]

cb Rootkit Not found ]

CiNIK Worm (Slapper.B variant) Not found ]

Danny-Boy's Abuse Kit Not found ]

Devil RootKit Not found ]

Dica-Kit Rootkit Not found ]

Dreams Rootkit Not found ]

Duarawkz Rootkit Not found ]

Enye LKM Not found ]

Flea Linux Rootkit Not found ]

Fu Rootkit Not found ]

Fuck`it Rootkit Not found ]

GasKit Rootkit Not found ]

Heroin LKM Not found ]

HjC Kit Not found ]

ignoKit Rootkit Not found ]

IntoXonia-NG Rootkit Not found ]

Irix Rootkit Not found ]

Jynx Rootkit Not found ]

KBeast Rootkit Not found ]

Kitko Rootkit Not found ]

Knark Rootkit Not found ]

ld-linuxv.so Rootkit Not found ]

Li0n Worm Not found ]

Lockit / LJK2 Rootkit Not found ]

Mood-NT Rootkit Not found ]

MRK Rootkit Not found ]

Ni0 Rootkit Not found ]

Ohhara Rootkit Not found ]

Optic Kit (Tux) Worm Not found ]

Oz Rootkit Not found ]

Phalanx Rootkit Not found ]

Phalanx2 Rootkit Not found ]

Phalanx2 Rootkit (extended tests) Not found ]

Portacelo Rootkit Not found ]

R3dstorm Toolkit Not found ]

RH-Sharpe's Rootkit Not found ]

RSHA's Rootkit Not found ]

Scalper Worm Not found ]

Sebek LKM Not found ]

Shutdown Rootkit Not found ]

SHV4 Rootkit Not found ]

SHV5 Rootkit Not found ]

Sin Rootkit Not found ]

продолжение 3

Slapper Worm Not found ]

Sneakin Rootkit Not found ]

'Spanish' Rootkit Not found ]

Suckit Rootkit Not found ]

Superkit Rootkit Not found ]

TBD (Telnet BackDoor) Not found ]

TeLeKiT Rootkit Not found ]

T0rn Rootkit Not found ]

trNkit Rootkit Not found ]

Trojanit Kit Not found ]

Tuxtendo Rootkit Not found ]

URK Rootkit Not found ]

Vampire Rootkit Not found ]

VcKit Rootkit Not found ]

Volc Rootkit Not found ]

Xzibit Rootkit Not found ]

zaRwT.KiT Rootkit Not found ]

ZK Rootkit Not found ]

Performing additional rootkit checks Suckit Rookit additional checks OK ]

Checking for possible rootkit files and directories [ None found ]

Checking for possible rootkit strings None found ]

Performing malware checks

Checking running processes for suspicious files None found ] Checking for login backdoors None found ]

Checking for suspicious directories None found ]

Checking for sniffer log files None found ] Suspicious Shared Memory segments None found ]

Performing Linux specific checks Checking loaded kernel modules OK ]

Checking kernel module names OK ]

Checking the network...

Performing checks on the network ports

Checking for backdoor ports None found ]

Checking for hidden ports None found ]

Performing checks on the network interfaces Checking for promiscuous interfaces None found ]

Checking the local host...

Performing system boot checks Checking for local host name Found ]

Checking for system startup files Found ]

Checking system startup files for malware None found ]

Performing group and account checks

Checking for passwd file Found ]

Checking for root equivalent (UID 0) accounts None found ]

Checking for passwordless accounts None found ]

Checking for passwd file changes None found ]

Checking for group file changes None found ]

Checking root account shell history files OK ]

Performing system configuration file checks

Checking for an SSH configuration file Not found ]

Checking for a running system logging daemon Found ]

Checking for a system logging configuration file Found ]

Checking if syslog remote logging is allowed Not allowed ]

Performing filesystem checks

Checking /dev for suspicious file types Warning ]

Checking for hidden files and directories None found ]

System checks summary

=====================

File properties checks...

Files checked: 149

Suspect files: 1

Rootkit checks...

Rootkits checked : 365

Possible rootkits: 0

Applications checks...

All checks skipped

The system checks took: 1 minute and 4 seconds

All results have been written to the log file: /var/log /rkhunter.log

One or more warnings have been found while checking the system. Please check the log file (/var/log/rkhunter.log)

a@a-Lenovo-G580:~$