診斷 ClamAV 報告的涉嫌木馬

不幸的是我對 Linux 的經驗很少。我們有一個運行 Debian 7.6 的 Amazon 實例，並收到來自 Amazon 的訊息，表示我們正在進行連接埠掃描。我們希望透過亞馬遜安全組限制出站流量來阻止這種情況，但作為調查的一部分，我們進行了：

sudo clamscan -r -i --bell

這表示可能存在以下感染：

/var/lib/tomcat7/update_temporary：發現 Unix.Trojan.Elknot

我能找到的關於這方面的資料很少（但有一些關於 ElkKnot 的東西，還有一個額外的 K - 它們是同一件事嗎？）

以下警告也會在輸出中出現多次：

WARNING: Can't open file /sys/module/nfnetlink_log/uevent: Permission denied
LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4077 bytes @ offset 19, got 0

所以我的問題是：我如何判斷報告的感染是真實的還是假陽性？我應該擔心所有 LibClamAV 警告嗎？它們是否表明出現了問題，或者 Debian 設定不正確？