Imunify360: lscpd, lsphp and mod_security = False positives or infected?

CyberPanel Project Bug Report
1

Hello everyone!

I’ve been running Imunify360 on my vps, and 5 files has been founded as “malicious”:

/usr/local/lscp/bin/lscpd
/usr/local/lscp/fcgi-bin/lsphp
/usr/local/lscp/modules/mod_security.so
/home/[my user ID]/cyberpanel/lscpd-0.2.7
/home/[my user ID]/cyberpanel/lscpd-0.3.1

All are tagged as “php_malware.id_SMW-HEUR-ELF”

Is there any chances the files are really infected?:astonished:
How can I make sure there are okay?

Thanks in advance for your comments,

2

Hi, the best way to check if the files in question are malicious is to install a fresh copy of cyberpanel on a new vps and then compare files between these two servers.

Hope that helps. Cheers!