I went home over the weekend and left my computer on over break. When I got back I checked logs, and made sure everything was ok and ran chkrootkit. When it ran I found this:

Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM Trojan installed

How do I know if I have this trojan installed? The weird thing is I ran chkrootkit right after it told me this and it didn't find anything...

anyone know why it would do this?

This is a common one - I can't remember offhand the cause for it to come up, but it's unlikely to actually be a trojan. Do a google for LKM trojan and you'll probably find some details.

I run both chkrootkit and rkhunter to double-check, usually.

Originally posted by mrBen
This is a common one - I can't remember offhand the cause for it to come up, but it's unlikely to actually be a trojan. Do a google for LKM trojan and you'll probably find some details.

I run both chkrootkit and rkhunter to double-check, usually.

ok cool. I didn't know about the rkhunter program. I emerged it and ran it and it says my system is clean. I'm still going to google it and see what the trojan is about.

thanks.