I was looking at a machine recently with a Suckit infection. I'd dd if=/dev/zero of=/dev/sda or whatever, both the hard drive on laptop and an external hard drive and formatted as fat32 then as a linux partition. The external drive was simply an extended linux partition.
A fresh install would report no chkrootkit using Kali.
GreetingsI am requesting assistance with a potential suckit rooktkit issue as stated by rkhunter. For reader convenience, this post is divided into system/softwareware problem background (how I attempted to fix it) and two questions.
There's a Rootkit in the Closet -- lovely explanation of finding and isolating a rootkit, reconstructing how it got there and deconstructing the rootkit to figure out what it did. It's a detective story, no less exciting than when Cliff Stohl wrote The Cuckoo's Egg. This and more in today's Four Short Links.