I received the following output from chkrootkit today. I don't know where to begin in fixing the problem. Can someone help me?


Checking `ifconfig'... INFECTED
Checking `pstree'... INFECTED
Possible t0rn v8 \(or variation\) rootkit installed

/usr/lib/perl5/5.8.5/i386-linux-thread-multi/auto/Storable/.packlist /usr/lib/perl5/5.8.5/i386-linux-thread-multi/auto/Digest/.packlist /usr/lib/perl5/5.8.5/i386-linux-thread-multi/.packlist /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/auto/mod_perl2/.packlist /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/auto/Digest/SHA1/.packlist /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/auto/mod_perl/.packlist /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/auto/HTML/Parser/.packlist /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/auto/Mail/SpamAssassin/.packlist

Warning: Possible Showtee Rootkit installed
/usr/include/file.h /usr/include/proc.h
Warning: /sbin/init INFECTED
Warning: `//home/dmclees/domains/donnamclees.com/public_html/temp/.bash_history' file size is zero
chkproc: Warning: Possible LKM Trojan installed
The tty of the following user process(es) were not found
in /var/run/utmp !
! RUID PID TTY CMD
! root 9515 tty3 /sbin/mingetty tty3
! root 9587 tty4 /sbin/mingetty tty4
! root 9688 tty5 /sbin/mingetty tty5

I also ran rkhunter and got the attached output.

Seriously you have 2 options: hire a security expert and even he may not be able to fully clean the machine or format the drive and rebuild. Formatting the drive is the only way to ensure that the machine has been cleaned.

ok, thanks