Are these actual Trojans or legitimate files?

X

Xtreme2damax

New Member
I just ran the trojan horse scanner and it is claiming the following files are infected:

Possible Trojan - /usr/bin/xmlcatalog
Possible Trojan - /usr/bin/xmllint
Possible Trojan - /etc/cron.daily/logrotate
Possible Trojan - /usr/bin/xml2-config
Possible Trojan - /usr/lib/python2.4/site-packages/libxml2mod.la
Possible Trojan - /usr/lib/python2.4/site-packages/libxml2mod.so
Possible Trojan - /usr/bin/cpan
Possible Trojan - /usr/bin/instmodsh
Possible Trojan - /usr/bin/prove
Possible Trojan - /usr/sbin/pureauth

Are any/all of these legitimate files, what should I leave and remove?
 
Hello Xtreme2amax,

This is a brand new server isn't it? I would say that all are false positives. Many people will tell you not to even bother using the cPanel trojan scanner because of so many false positives.

What you can do is record the false positives that it finds now and then compare it to the list when you run it in the future, that might be useful.

I have Rkhunter run on a daily basis but it finds 7 false positives as well.
 
You must log in or register to reply here.
Top