Scary rkhunter output

[Dann]

So I ran rkhunter just to make sure things are on the up and up, and I found a couple of things that are suspect

When checking the network it came up with:

Performing filesystem checks
Checking /dev for suspicious file types [ Warning ]
Checking for hidden files and directories [ Warning ]

And when I cat the rkhunter.log, it gives me this info:

[19:09:08] Performing filesystem checks
[19:09:08] Info: Starting test name 'filesystem'
[19:09:08] Info: SCAN_MODE_DEV set to 'THOROUGH'
[19:09:35] Checking /dev for suspicious file types [ Warning ]
[19:09:35] Warning: Suspicious files found in /dev:
[19:09:35] /dev/shm/pulse-shm-1356685213: data
[19:09:35] /dev/shm/pulse-shm-249331996: data
[19:09:36] Checking for hidden files and directories [ Warning ]
[19:09:36] Warning: Hidden directory found: /etc/.java
[19:09:36] Warning: Hidden directory found: /dev/.static
[19:09:36] Warning: Hidden directory found: /dev/.udev
[19:09:36] Warning: Hidden directory found: /dev/.initramfs

Anything I should be worried about? Or is it just overly cautious like that time ClamAV said my gnome log in screen and all my large .pdf files were viruses?

[davidanand]

check when the file was modified ???

[anonymous1234]

check when the file was modified ???

Rootkits can hide that too.
If an attacker installed a decent rootkit then you're basically ****ed, reformat.

But it doesn't look too serious to me, just:

Code:

rm -rf /etc/.java /dev/.static /dev/.udev /dev/.initramfs /dev/shm/pulse-shm-1356685213 /dev/shm/pulse-shm-249331996