我正在使用 Rkhunter 并且显示了这个。
[ Rootkit Hunter version 1.4.2 ]
File updated: searched for 175 files, found 141
baymax@vostro:~$ sudo rkhunter -c --enable all --disable none --rwo
Warning: The following processes are using deleted files:
Process: /sbin/upstart PID: 935 File: /home/baymax/.cache/upstart/at-spi2-registryd.log.1
Process: /usr/lib/i386-linux-gnu/bamf/bamfdaemon PID: 1079 File: /home/baymax/.local/share/gvfs-metadata/root
Process: /usr/bin/unity-scope-loader PID: 1970 File: /home/baymax/.cache/software-center/software-center-agent.db/record.DB
Process: /usr/lib/firefox/firefox PID: 2706 File: /var/tmp/etilqs_ZS8Z4Cd20kgd6uC
Warning: Process '/sbin/wpa_supplicant' (PID 755) is listening on the network.
Warning: Process '/sbin/dhclient' (PID 904) is listening on the network.
Warning: Suspicious file types found in /dev:
/dev/shm/pulse-shm-3832399606: data
/dev/shm/pulse-shm-3456808388: data
/dev/shm/pulse-shm-315771165: data
/dev/shm/pulse-shm-3931089998: data
/dev/shm/pulse-shm-3100407829: data
/dev/shm/pulse-shm-876765117: data
Warning: Hidden file found: /dev/.initramfs: symbolic link to `/run/initramfs'
我打开了 Firefox,由于我忘记安装 adbockplus,所以显示了一些广告,过了一会儿,Firefox 和一些其他应用程序也冻结了。
我听说恶意软件现在可以自动执行,无论是否启用/禁用广告。我只是想确保我没有被感染。
谢谢。
复制并粘贴到终端的命令:
sudo rkhunter --propupd
sudo rkhunter -c --enable all --disable none --rwo
答案1
根据您当前的rkhunter输出,您完全没问题。对于网络连接并正在运行的系统而言,这一切都非常正常。