diff -Nur chkrootkit-0.48.orig/chkrootkit chkrootkit-0.48/chkrootkit
--- chkrootkit-0.48.orig/chkrootkit	2007-12-17 19:54:42.000000000 +0100
+++ chkrootkit-0.48/chkrootkit	2008-01-02 15:48:19.000000000 +0100
@@ -158,23 +158,23 @@
     fi
 
     if [ "${EXPERT}" = "t" ]; then
-        expertmode_output "./ifpromisc" -v
+        expertmode_output "/usr/bin/chkrootkit-ifpromisc" -v
         return 5
     fi
-    if [ ! -x ./ifpromisc ]; then
-      echo "not tested: can't exec ./ifpromisc"
+    if [ ! -x /usr/bin/chkrootkit-ifpromisc ]; then
+      echo "not tested: can't exec /usr/bin/chkrootkit-ifpromisc"
       return ${NOT_TESTED}
     else
-      [ "${QUIET}" != "t" ] && ./ifpromisc -v || ./ifpromisc -q
+      [ "${QUIET}" != "t" ] && /usr/bin/chkrootkit-ifpromisc -v || /usr/bin/chkrootkit-ifpromisc -q
     fi
 }
 
 chkutmp() {
-    if [ ! -x ./chkutmp ]; then
-      echo "not tested: can't exec ./chkutmp"
+    if [ ! -x /usr/bin/chkrootkit-chkutmp ]; then
+      echo "not tested: can't exec /usr/bin/chkrootkit-chkutmp"
       return ${NOT_TESTED}
     fi
-    if ./chkutmp
+    if /usr/bin/chkrootkit-chkutmp
     then
       if [ "${QUIET}" != "t" ]; then echo "chkutmp: nothing deleted"; fi
     fi
@@ -182,8 +182,8 @@
 }
 
 z2 () {
-    if [ ! -x ./chklastlog ]; then
-      echo "not tested: can't exec ./chklastlog"
+    if [ ! -x /usr/bin/chkrootkit-chklastlog ]; then
+      echo "not tested: can't exec /usr/bin/chkrootkit-chklastlog"
       return ${NOT_TESTED}
     fi
 
@@ -196,32 +196,32 @@
     fi
 
     if [ "${EXPERT}" = "t" ]; then
-        expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}"
+        expertmode_output "/usr/bin/chkrootkit-chklastlog -f ${WTMP} -l ${LASTLOG}"
         return 5
     fi
 
-    if ./chklastlog -f ${WTMP} -l ${LASTLOG}
+    if /usr/bin/chkrootkit-chklastlog -f ${WTMP} -l ${LASTLOG}
     then
       if [ "${QUIET}" != "t" ]; then echo "chklastlog: nothing deleted"; fi
     fi
 }
 
 wted () {
-    if [ ! -x ./chkwtmp ]; then
-      echo "not tested: can't exec ./chkwtmp"
+    if [ ! -x /usr/bin/chkrootkit-chkwtmp ]; then
+      echo "not tested: can't exec /usr/bin/chkrootkit-chkwtmp"
       return ${NOT_TESTED}
     fi
 
    if [ "$SYSTEM" = "SunOS" ]; then
-       if [ ! -x ./check_wtmpx ]; then
-          echo "not tested: can't exec ./check_wtmpx"
+       if [ ! -x /usr/bin/chkrootkit-check_wtmpx ]; then
+          echo "not tested: can't exec /usr/bin/chkrootkit-check_wtmpx"
        else
           if [ "${EXPERT}" = "t" ]; then
-             expertmode_output "./check_wtmpx"
+             expertmode_output "/usr/bin/chkrootkit-check_wtmpx"
               return 5
           fi
 	  if [ -f ${ROOTDIR}var/adm/wtmp ]; then
-             if ./check_wtmpx
+             if /usr/bin/chkrootkit-check_wtmpx
                 then
                 if [ "${QUIET}" != "t" ]; then \
                    echo "check_wtmpx: nothing deleted in /var/adm/wtmpx"; fi
@@ -232,12 +232,12 @@
        WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"`
 
        if [ "${EXPERT}" = "t" ]; then
-          expertmode_output "./chkwtmp -f ${WTMP}"
+          expertmode_output "/usr/bin/chkrootkit-chkwtmp -f ${WTMP}"
           return 5
        fi
     fi
 
-    if ./chkwtmp -f ${WTMP}
+    if /usr/bin/chkrootkit-chkwtmp -f ${WTMP}
     then
       if [ "${QUIET}" != "t" ]; then echo "chkwtmp: nothing deleted"; fi
     fi
@@ -275,8 +275,8 @@
     prog=""
     if [  \( "${SYSTEM}" = "Linux"  -o \( "${SYSTEM}" = "FreeBSD" -a \
        `echo ${V} | ${awk} '{ if ($1 > 4.3 || $1 < 6.0) print 1; else print 0 }'` -eq 1 \) \) -a "${ROOTDIR}" = "/" ]; then
-      [  -x ./chkproc -a "`find /proc | wc -l`" -gt 1 ] && prog="./chkproc"
-      [  -x ./chkdirs ] && prog="$prog ./chkdirs"
+      [  -x /usr/bin/chkrootkit-chkproc -a "`find /proc | wc -l`" -gt 1 ] && prog="/usr/bin/chkrootkit-chkproc"
+      [  -x /usr/bin/chkrootkit-chkdirs ] && prog="$prog /usr/bin/chkrootkit-chkdirs"
       if [ "$prog" = "" ]; then
          echo "not tested: can't exec $prog"
          return ${NOT_TESTED}
@@ -288,7 +288,7 @@
          PV=`$ps -V 2>/dev/null| $cut -d " " -f 3 |${awk} -F . '{ print $1 "." $2 $3 }' | ${awk} '{ if ($0 > 3.19) print 3; else if ($0 < 2.015) print 1; else print 2 }'`
          [ "$PV" = "" ] &&  PV=2
          [ "${SYSTEM}" = "SunOS" ] && PV=0
-         expertmode_output "./chkproc -v -v -p $PV"
+         expertmode_output "/usr/bin/chkrootkit-chkproc -v -v -p $PV"
          return 5
       fi
 
@@ -315,7 +315,7 @@
       if [ "${DEBUG}" = "t" ]; then
            ${echo} "*** PV=$PV ***"
       fi
-      if ./chkproc -p ${PV}; then
+      if /usr/bin/chkrootkit-chkproc -p ${PV}; then
          if [ "${QUIET}" != "t" ]; then echo "chkproc: nothing detected"; fi
       else
          echo "chkproc: Warning: Possible LKM Trojan installed"
@@ -324,7 +324,7 @@
       for i in /usr/share /usr/bin /usr/sbin /lib; do
          [ -d $i ] && dirs="$dirs $i"
       done
-      if ./chkdirs $dirs;  then
+      if /usr/bin/chkrootkit-chkdirs $dirs;  then
          if [ "${QUIET}" != "t" ]; then echo "chkdirs: nothing detected"; fi
       else
 	    echo "chkdirs: Warning: Possible LKM Trojan installed"
@@ -1690,18 +1690,18 @@
 
    if [ "${SYSTEM}" = "Linux" ]
    then
-      if [ ! -x ./strings-static ]; then
-        printn "can't exec ./strings-static, "
+      if [ ! -x /usr/bin/chkrootkit-strings-static ]; then
+        printn "can't exec /usr/bin/chkrootkit-strings-static, "
         return ${NOT_TESTED}
       fi
 
       if [ "${EXPERT}" = "t" ]; then
-          expertmode_output "./strings-static -a ${CMD}"
+          expertmode_output "/usr/bin/chkrootkit-strings-static -a ${CMD}"
           return 5
       fi
 
       ### strings must be a statically linked binary.
-      if ./strings-static -a ${CMD} > /dev/null 2>&1
+      if /usr/bin/chkrootkit-strings-static -a ${CMD} > /dev/null 2>&1
       then
          STATUS=${INFECTED}
       fi