Hello, I'm using: -chkrootkit version 0.48 -Rootkit Hunter version 1.3.4 -Ubuntu 9.10 I don't know much about computers. A) Yesterday I ran 'chkrootkit' and it indicated: - Searching for Suckit rootkit... Warning: /sbin/init INFECTED Then, I ran 'rkhunter -c' and it said my PC did not have Suckit: - Suckit Rootkit [ Not found ] B) So, I thought my PC might be infected. So I reinstalled from scratch. After re-installing Ubuntu I installed 'chkrootkit' and ran it and it said: - Searching for Suckit rootkit... nothing found C) Next, I updated the system with Synaptic Package Manager. And I re-ran 'chkrootkit'. This time it found it again and said: - Searching for Suckit rootkit... Warning: /sbin/init INFECTED I also re-ran 'rkhunter -c' - Suckit Rootkit [ Not found ] D) What would you suggest the next step be? Should I ignore this?
That's strange. It seems as if /sbin/init got updated, and chkrootkit doesn't know it and therefore thinks it's malware. Did you search Google if others have the same problem as well?
Thanks for your help. I just found out that it's a known issue: - https://bugs.launchpad.net/ubuntu/+source/chkrootkit/+bug/454566 - http://forums.gentoo.org/viewtopic-t-326062-highlight-suckit.html
