Vulnerability in NST

[jinverar]

My NST Clam AV scan hit some viruses....what happenes next? I continously keep eyes on my network. When I started using NST I noticed strange issues going on. Etherape goes wild. I noticed NST was doing ICMP redirects. I also noticed NST was pinging my other hosts. For months I have been trying to diagnose this issue. One scan resulted in nothing. A second scan resulted in the below out put. *Has anyone seen this>>?

/var/nst/snort/rules/emerging-activex.rules: cve_2011_2657 FOUND
/var/nst/snort/rules/emerging-current_events.rules: Html.Trojan.Blackhole-5 FOUND
WARNING: Can't open file /sys/fs/ext4/dm-1/trigger_fs_error: Permission denied
WARNING: Can't open file /sys/fs/ext4/sda2/trigger_fs_error: Permission denied
WARNING: Can't open file /sys/bus/cpu/uevent: Permission denied
WARNING: Can't open file /sys/bus/cpu/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/i2c/drivers/dummy/bind: Permission denied
WARNING: Can't open file /sys/bus/i2c/drivers/dummy/uevent: Permission denied
WARNING: Can't open file /sys/bus/i2c/drivers/dummy/unbind: Permission denied
WARNING: Can't open file /sys/bus/i2c/uevent: Permission denied
WARNING: Can't open file /sys/bus/i2c/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/apple/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/apple/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/apple/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/apple/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/ezkey/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/ezkey/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/ezkey/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/ezkey/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/ntrig/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/ntrig/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/ntrig/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/ntrig/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/cypress/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/cypress/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/cypress/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/cypress/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/a4tech/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/a4tech/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/a4tech/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/a4tech/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/hid-generic/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/hid-generic/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/hid-generic/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/hid-generic/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/belkin/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/belkin/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/belkin/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/belkin/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/cherry/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/cherry/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/cherry/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/cherry/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/monterey/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/monterey/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/monterey/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/monterey/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/kensington/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/kensington/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/kensington/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/kensington/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/logitech/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/logitech/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/logitech/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/logitech/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/microsoft/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/microsoft/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/microsoft/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/microsoft/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/chicony/bind: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/chicony/new_id: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/chicony/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers/chicony/unbind: Permission denied
WARNING: Can't open file /sys/bus/hid/uevent: Permission denied
WARNING: Can't open file /sys/bus/hid/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-sis/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-sis/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-sis/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-sis/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-sis/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-via/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-via/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-via/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-via/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-via/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ahci/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ahci/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ahci/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ahci/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ahci/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/e1000/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/e1000/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/e1000/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/e1000/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/e1000/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/uhci_hcd/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/uhci_hcd/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/uhci_hcd/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/uhci_hcd/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/uhci_hcd/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/virtio-pci/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/virtio-pci/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/virtio-pci/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/virtio-pci/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/virtio-pci/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/xen-platform-pci/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/xen-platform-pci/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/xen-platform-pci/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/xen-platform-pci/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/xen-platform-pci/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/pci-stub/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/pci-stub/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/pci-stub/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/pci-stub/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/pci-stub/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ohci_hcd/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ohci_hcd/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ohci_hcd/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ohci_hcd/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ohci_hcd/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ehci_hcd/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ehci_hcd/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ehci_hcd/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ehci_hcd/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ehci_hcd/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/pcieport/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/pcieport/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/pcieport/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/pcieport/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/pcieport/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ioapic/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ioapic/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ioapic/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ioapic/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ioapic/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/mptspi/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/mptspi/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/mptspi/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/mptspi/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/mptspi/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/snd_ens1371/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/snd_ens1371/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/snd_ens1371/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/snd_ens1371/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/snd_ens1371/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/serial/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/serial/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/serial/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/serial/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/serial/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/shpchp/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/shpchp/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/shpchp/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/shpchp/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/shpchp/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/vmwgfx/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/vmwgfx/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/vmwgfx/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/vmwgfx/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/vmwgfx/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-intel/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-intel/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-intel/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-intel/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/agpgart-intel/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/piix4_smbus/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/piix4_smbus/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/piix4_smbus/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/piix4_smbus/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/piix4_smbus/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/parport_pc/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/parport_pc/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/parport_pc/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/parport_pc/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/parport_pc/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ata_piix/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ata_piix/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ata_piix/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ata_piix/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/ata_piix/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/xhci_hcd/bind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/xhci_hcd/new_id: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/xhci_hcd/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/xhci_hcd/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers/xhci_hcd/remove_id: Permission denied
WARNING: Can't open file /sys/bus/pci/rescan: Permission denied
WARNING: Can't open file /sys/bus/pci/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/rtc_cmos/bind: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/rtc_cmos/uevent: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/rtc_cmos/unbind: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/serial/bind: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/serial/uevent: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/serial/unbind: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/system/bind: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/system/uevent: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/system/unbind: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/i8042 aux/bind: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/i8042 aux/uevent: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/i8042 aux/unbind: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/i8042 kbd/bind: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/i8042 kbd/uevent: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/i8042 kbd/unbind: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/parport_pc/bind: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/parport_pc/uevent: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers/parport_pc/unbind: Permission denied
WARNING: Can't open file /sys/bus/pnp/uevent: Permission denied
WARNING: Can't open file /sys/bus/pnp/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/hub/bind: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/hub/uevent: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/hub/unbind: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usb/bind: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usb/uevent: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usb/unbind: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbfs/bind: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbfs/uevent: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbfs/unbind: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbserial/bind: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbserial/uevent: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbserial/unbind: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbhid/bind: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbhid/uevent: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbhid/unbind: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbserial_generic/bind: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbserial_generic/uevent: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers/usbserial_generic/unbind: Permission denied
WARNING: Can't open file /sys/bus/usb/uevent: Permission denied
WARNING: Can't open file /sys/bus/usb/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/xen/uevent: Permission denied
WARNING: Can't open file /sys/bus/xen/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/usb-serial/drivers/generic/bind: Permission denied
WARNING: Can't open file /sys/bus/usb-serial/drivers/generic/uevent: Permission denied
WARNING: Can't open file /sys/bus/usb-serial/drivers/generic/unbind: Permission denied
WARNING: Can't open file /sys/bus/usb-serial/uevent: Permission denied
WARNING: Can't open file /sys/bus/usb-serial/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/ac97/uevent: Permission denied
WARNING: Can't open file /sys/bus/ac97/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/ac/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/ac/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/ac/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/ec/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/ec/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/ec/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/fan/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/fan/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/fan/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/hpet/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/hpet/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/hpet/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/power/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/power/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/power/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/container/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/container/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/container/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/thermal/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/thermal/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/thermal/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/button/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/button/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/button/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/pci_link/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/pci_link/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/pci_link/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/pci_root/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/pci_root/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/pci_root/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/hardware_error_device/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/hardware_error_device/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/hardware_error_device/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/processor/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/processor/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/processor/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/battery/bind: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/battery/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers/battery/unbind: Permission denied
WARNING: Can't open file /sys/bus/acpi/uevent: Permission denied
WARNING: Can't open file /sys/bus/acpi/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/node/uevent: Permission denied
WARNING: Can't open file /sys/bus/node/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/scsi/drivers/sd/bind: Permission denied
WARNING: Can't open file /sys/bus/scsi/drivers/sd/uevent: Permission denied
WARNING: Can't open file /sys/bus/scsi/drivers/sd/unbind: Permission denied
WARNING: Can't open file /sys/bus/scsi/drivers/sr/bind: Permission denied
WARNING: Can't open file /sys/bus/scsi/drivers/sr/uevent: Permission denied
WARNING: Can't open file /sys/bus/scsi/drivers/sr/unbind: Permission denied
WARNING: Can't open file /sys/bus/scsi/uevent: Permission denied
WARNING: Can't open file /sys/bus/scsi/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/clocksource/uevent: Permission denied
WARNING: Can't open file /sys/bus/clocksource/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/serio/drivers/atkbd/bind: Permission denied
WARNING: Can't open file /sys/bus/serio/drivers/atkbd/uevent: Permission denied
WARNING: Can't open file /sys/bus/serio/drivers/atkbd/unbind: Permission denied
WARNING: Can't open file /sys/bus/serio/drivers/psmouse/bind: Permission denied
WARNING: Can't open file /sys/bus/serio/drivers/psmouse/uevent: Permission denied
WARNING: Can't open file /sys/bus/serio/drivers/psmouse/unbind: Permission denied
WARNING: Can't open file /sys/bus/serio/uevent: Permission denied
WARNING: Can't open file /sys/bus/serio/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/machinecheck/uevent: Permission denied
WARNING: Can't open file /sys/bus/machinecheck/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/event_source/uevent: Permission denied
WARNING: Can't open file /sys/bus/event_source/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/pcmcia/uevent: Permission denied
WARNING: Can't open file /sys/bus/pcmcia/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/pci_express/drivers/aer/bind: Permission denied
WARNING: Can't open file /sys/bus/pci_express/drivers/aer/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci_express/drivers/aer/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci_express/drivers/pcie_pme/bind: Permission denied
WARNING: Can't open file /sys/bus/pci_express/drivers/pcie_pme/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci_express/drivers/pcie_pme/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci_express/drivers/pciehp/bind: Permission denied
WARNING: Can't open file /sys/bus/pci_express/drivers/pciehp/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci_express/drivers/pciehp/unbind: Permission denied
WARNING: Can't open file /sys/bus/pci_express/uevent: Permission denied
WARNING: Can't open file /sys/bus/pci_express/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/virtio/drivers/virtio_console/bind: Permission denied
WARNING: Can't open file /sys/bus/virtio/drivers/virtio_console/uevent: Permission denied
WARNING: Can't open file /sys/bus/virtio/drivers/virtio_console/unbind: Permission denied
WARNING: Can't open file /sys/bus/virtio/uevent: Permission denied
WARNING: Can't open file /sys/bus/virtio/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/i8042/uevent: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/alarmtimer/bind: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/alarmtimer/uevent: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/alarmtimer/unbind: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/coretemp/bind: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/coretemp/uevent: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/coretemp/unbind: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/serial8250/bind: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/serial8250/uevent: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/serial8250/unbind: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/vesafb/uevent: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/parport_pc/bind: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/parport_pc/uevent: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers/parport_pc/unbind: Permission denied
WARNING: Can't open file /sys/bus/platform/uevent: Permission denied
WARNING: Can't open file /sys/bus/platform/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/mdio_bus/drivers/Generic PHY/bind: Permission denied
WARNING: Can't open file /sys/bus/mdio_bus/drivers/Generic PHY/uevent: Permission denied
WARNING: Can't open file /sys/bus/mdio_bus/drivers/Generic PHY/unbind: Permission denied
WARNING: Can't open file /sys/bus/mdio_bus/uevent: Permission denied
WARNING: Can't open file /sys/bus/mdio_bus/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/gameport/uevent: Permission denied
WARNING: Can't open file /sys/bus/gameport/drivers_probe: Permission denied
WARNING: Can't open file /sys/bus/xen-backend/uevent: Permission denied
WARNING: Can't open file /sys/bus/xen-backend/drivers_probe: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:00.0/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:00.0/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:01.0/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:01.0/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:01.0/pci_bus/0000:01/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.0/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.0/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.1/ata1/host0/scsi_host/host0/scan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.1/ata1/host0/scsi_host/host0/host_reset: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.1/ata2/host1/scsi_host/host1/scan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.1/ata2/host1/scsi_host/host1/host_reset: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.1/ata2/host1/target1:0:0/1:0:0:0/delete: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.1/ata2/host1/target1:0:0/1:0:0:0/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.1/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.1/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.2/usb1/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.2/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.2/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.3/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:07.3/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:10.0/host2/scsi_host/host2/scan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:10.0/host2/scsi_host/host2/host_reset: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:10.0/host2/target2:0:0/2:0:0:0/delete: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:10.0/host2/target2:0:0/2:0:0:0/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:10.0/host2/target2:0:0/spi_transport/target2:0:0/revalidate: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:10.0/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:10.0/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:11.0/reset: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:11.0/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:11.0/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:12.0/reset: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:12.0/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:12.0/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:13.0/reset: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:13.0/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:13.0/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:14.0/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:14.0/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:0f.0/remove: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/0000:00:0f.0/rescan: Permission denied
WARNING: Can't open file /sys/devices/pci0000:00/pci_bus/0000:00/rescan: Permission denied
WARNING: Can't open file /sys/devices/system/cpu/release: Permission denied
WARNING: Can't open file /sys/devices/system/cpu/probe: Permission denied
WARNING: Can't open file /sys/devices/system/cpu/microcode/reload: Permission denied
WARNING: Can't open file /sys/devices/system/node/node0/compact: Permission denied
WARNING: Can't open file /sys/devices/virtual/graphics/fbcon/rotate_all: Permission denied
WARNING: Can't open file /sys/devices/platform/i8042/serio0/drvctl: Permission denied
WARNING: Can't open file /sys/devices/platform/i8042/serio1/drvctl: Permission denied
WARNING: Can't open file /sys/module/sg/uevent: Permission denied
WARNING: Can't open file /sys/module/vt/uevent: Permission denied
WARNING: Can't open file /sys/module/drm/uevent: Permission denied
WARNING: Can't open file /sys/module/hid/uevent: Permission denied
WARNING: Can't open file /sys/module/snd/uevent: Permission denied
WARNING: Can't open file /sys/module/tpm/uevent: Permission denied
WARNING: Can't open file /sys/module/ttm/uevent: Permission denied
WARNING: Can't open file /sys/module/ecryptfs/uevent: Permission denied
WARNING: Can't open file /sys/module/ghash_clmulni_intel/uevent: Permission denied
WARNING: Can't open file /sys/module/8250/uevent: Permission denied
WARNING: Can't open file /sys/module/tcp_cubic/uevent: Permission denied
WARNING: Can't open file /sys/module/acpi/uevent: Permission denied
WARNING: Can't open file /sys/module/ahci/uevent: Permission denied
WARNING: Can't open file /sys/module/fuse/uevent: Permission denied
WARNING: Can't open file /sys/module/ipv6/uevent: Permission denied
WARNING: Can't open file /sys/module/loop/uevent: Permission denied
WARNING: Can't open file /sys/module/i2c_core/uevent: Permission denied
WARNING: Can't open file /sys/module/cpuidle/uevent: Permission denied
WARNING: Can't open file /sys/module/rcutree/uevent: Permission denied
WARNING: Can't open file /sys/module/nfnetlink/uevent: Permission denied
WARNING: Can't open file /sys/module/scsi_transport_spi/uevent: Permission denied
WARNING: Can't open file /sys/module/e1000/uevent: Permission denied
WARNING: Can't open file /sys/module/block/uevent: Permission denied
WARNING: Can't open file /sys/module/i8042/uevent: Permission denied
WARNING: Can't open file /sys/module/lockd/uevent: Permission denied
WARNING: Can't open file /sys/module/ppdev/uevent: Permission denied
WARNING: Can't open file /sys/module/uhci_hcd/uevent: Permission denied
WARNING: Can't open file /sys/module/snd_ac97_codec/uevent: Permission denied
WARNING: Can't open file /sys/module/efivars/uevent: Permission denied
WARNING: Can't open file /sys/module/i2c_piix4/uevent: Permission denied
WARNING: Can't open file /sys/module/libahci/uevent: Permission denied
WARNING: Can't open file /sys/module/snd_timer/uevent: Permission denied
WARNING: Can't open file /sys/module/snd_page_alloc/uevent: Permission denied
WARNING: Can't open file /sys/module/snd_pcm/uevent: Permission denied
WARNING: Can't open file /sys/module/snd_seq/uevent: Permission denied
WARNING: Can't open file /sys/module/snd_rawmidi/uevent: Permission denied
WARNING: Can't open file /sys/module/virtio_pci/uevent: Permission denied
WARNING: Can't open file /sys/module/crc32c_intel/uevent: Permission denied
WARNING: Can't open file /sys/module/spurious/uevent: Permission denied
WARNING: Can't open file /sys/module/sha256_generic/uevent: Permission denied
WARNING: Can't open file /sys/module/thermal/uevent: Permission denied
WARNING: Can't open file /sys/module/scsi_mod/uevent: Permission denied
WARNING: Can't open file /sys/module/usbserial/uevent: Permission denied
WARNING: Can't open file /sys/module/devres/uevent: Permission denied
WARNING: Can't open file /sys/module/nfnetlink_log/uevent: Permission denied
WARNING: Can't open file /sys/module/configfs/uevent: Permission denied
WARNING: Can't open file /sys/module/ehci_hcd/uevent: Permission denied
WARNING: Can't open file /sys/module/mptbase/uevent: Permission denied
WARNING: Can't open file /sys/module/netpoll/uevent: Permission denied
WARNING: Can't open file /sys/module/pci_slot/uevent: Permission denied
WARNING: Can't open file /sys/module/coretemp/uevent: Permission denied
WARNING: Can't open file /sys/module/soundcore/uevent: Permission denied
WARNING: Can't open file /sys/module/kernel/uevent: Permission denied
WARNING: Can't open file /sys/module/kgdboc/uevent: Permission denied
WARNING: Can't open file /sys/module/kgdbts/uevent: Permission denied
WARNING: Can't open file /sys/module/mousedev/uevent: Permission denied
WARNING: Can't open file /sys/module/libata/uevent: Permission denied
WARNING: Can't open file /sys/module/encrypted_keys/uevent: Permission denied
WARNING: Can't open file /sys/module/trusted/uevent: Permission denied
WARNING: Can't open file /sys/module/md_mod/parameters/new_array: Permission denied
WARNING: Can't open file /sys/module/md_mod/uevent: Permission denied
WARNING: Can't open file /sys/module/mptspi/uevent: Permission denied
WARNING: Can't open file /sys/module/acpiphp/uevent: Permission denied
WARNING: Can't open file /sys/module/pciehp/uevent: Permission denied
WARNING: Can't open file /sys/module/pcmcia/uevent: Permission denied
WARNING: Can't open file /sys/module/snd_ens1371/uevent: Permission denied
WARNING: Can't open file /sys/module/snd_seq_device/uevent: Permission denied
WARNING: Can't open file /sys/module/printk/uevent: Permission denied
WARNING: Can't open file /sys/module/pstore/uevent: Permission denied
WARNING: Can't open file /sys/module/dynamic_debug/uevent: Permission denied
WARNING: Can't open file /sys/module/rfkill/uevent: Permission denied
WARNING: Can't open file /sys/module/pcmcia_core/uevent: Permission denied
WARNING: Can't open file /sys/module/pcmcia_rsrc/uevent: Permission denied
WARNING: Can't open file /sys/module/shpchp/uevent: Permission denied
WARNING: Can't open file /sys/module/tcp_lp/uevent: Permission denied
WARNING: Can't open file /sys/module/sr_mod/uevent: Permission denied
WARNING: Can't open file /sys/module/sunrpc/uevent: Permission denied
WARNING: Can't open file /sys/module/uinput/uevent: Permission denied
WARNING: Can't open file /sys/module/mptscsih/uevent: Permission denied
WARNING: Can't open file /sys/module/processor/uevent: Permission denied
WARNING: Can't open file /sys/module/usbhid/uevent: Permission denied
WARNING: Can't open file /sys/module/usbcore/uevent: Permission denied
WARNING: Can't open file /sys/module/vmwgfx/uevent: Permission denied
WARNING: Can't open file /sys/module/battery/uevent: Permission denied
WARNING: Can't open file /sys/module/xz_dec/uevent: Permission denied
WARNING: Can't open file /sys/module/parport/uevent: Permission denied
WARNING: Can't open file /sys/module/ac97_bus/uevent: Permission denied
WARNING: Can't open file /sys/module/pcie_aspm/uevent: Permission denied
WARNING: Can't open file /sys/module/acpi_cpufreq/uevent: Permission denied
WARNING: Can't open file /sys/module/gameport/uevent: Permission denied
WARNING: Can't open file /sys/module/parport_pc/uevent: Permission denied
WARNING: Can't open file /sys/module/ata_piix/uevent: Permission denied
WARNING: Can't open file /sys/module/pcc_cpufreq/uevent: Permission denied
WARNING: Can't open file /sys/module/tpm_bios/uevent: Permission denied
WARNING: Can't open file /sys/module/vmw_balloon/uevent: Permission denied
WARNING: Can't open file /sys/module/bluetooth/uevent: Permission denied
WARNING: Can't open file /sys/module/microcode/uevent: Permission denied
WARNING: Can't open file /sys/module/intel_idle/uevent: Permission denied
WARNING: Can't open file /sys/module/hid_apple/uevent: Permission denied
WARNING: Can't open file /sys/module/hid_ntrig/uevent: Permission denied
WARNING: Can't open file /sys/module/keyboard/uevent: Permission denied
WARNING: Can't open file /sys/module/xhci_hcd/uevent: Permission denied
WARNING: Can't open file /sys/module/pci_hotplug/uevent: Permission denied
WARNING: Can't open file /sys/module/debug_core/uevent: Permission denied
WARNING: Can't open file /sys/module/psmouse/uevent: Permission denied

----------- SCAN SUMMARY -----------
Known viruses: 1474915
Engine version: 0.97.6
Scanned directories: 41423
Scanned files: 268640
Infected files: 2
Total errors: 11746
Data scanned: 6574.84 MB
Data read: 6597.97 MB (ratio 1.00:1)
Time: 2672.194 sec (44 m 32 s)

J:/>

[jinverar]

basically my last email came out a bit wrong...I need to make a error correction

Is this typical of NST?
Should read.
Has anyone else seen this on their NST? Do many people do ClamScans? I normally use Clamscan in my daily job also.

Didn't meen for the above post to come out wrong. I jumped the gun. I am now reverting back to snapshots. Updating my NST Clam av and running more scans. That will determine a time frame.

[jinverar]

went back to the next scan and have this to report....It's possible the scan is picking up the rules? not sure. Would be awsome if someone can confirm they have the same ClamAV scan.

/var/nst/snort/rules/emerging-activex.rules: cve_2011_2657 FOUND
/var/nst/snort/rules/emerging-activex.rules: moved to '/tmp/quarantine/emerging-activex.rules'
/var/nst/snort/rules/emerging-current_events.rules: Html.Trojan.Blackhole-5 FOUND
/var/nst/snort/rules/emerging-current_events.rules: moved to '/tmp/quarantine/emerging-current_events.rules'
/tmp/quarantine/emerging-activex.rules: cve_2011_2657 FOUND
/tmp/quarantine/emerging-activex.rules: moved to '/tmp/quarantine/emerging-activex.rules.001'
/tmp/quarantine/emerging-current_events.rules: Html.Trojan.Blackhole-5 FOUND
/tmp/quarantine/emerging-current_events.rules: moved to '/tmp/quarantine/emerging-current_events.rules.001'

[Paul Blankenbaker]

Hello Jinvar:

Here are some comments on your situation:

• The files you have listed are not part of the NST distribution itself. I'm guessing that they were downloaded and placed onto your system when you set up snort (the /var/nst/snort/rules directory doesn't exist until you download snort rules).
• I have downloaded what I think are the equivalent snort rules that you have installed (http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz), updated my clam av and ran a scan on the /var/nst/snort/rules directory.

• My scan reported the same two files as being suspicious.

  ---

  /var/nst/snort/rules/emerging-activex.rules: cve_2011_2657 FOUND
  /var/nst/snort/rules/emerging-current_events.rules: Html.Trojan.Blackhole-5 FOUND

  ----------- SCAN SUMMARY -----------
  Known viruses: 1484768
  Engine version: 0.97.6
  Scanned directories: 1
  Scanned files: 115
  Infected files: 2
  Data scanned: 25.37 MB
  Data read: 11.54 MB (ratio 2.20:1)
  Time: 29.063 sec (0 m 29 s)

So, in summary, I can reproduce your results.

However, since these files are used by snort to detect possible intrusion detection, it seems quite possible/reasonable to me that they may happen to contain "signatures" of something that Clam AV considers harmful. Try running the following command to examine one of these text files:

less /var/nst/snort/rules/emerging-activex.rules

It looks to me like these snort rules are attempting to identify undesirable fragments that may appear in network packets (it doesn't seem out of the question to me that some of the things snort is looking for might also be something that Clam AV looks for).

My recommendation would be that these snort rule files are OK and that you can leave them on your system. However, if you would feel better not to have them present, you can remove them (or temporarily relocate them) and then make sure that snort still runs as you have it configured.

Have a good day,
Paul