Go to “/opt” and download the latest “maldet” source and untar it.
cd /opt wget http://www.rfxn.com/downloads/maldetect-current.tar.gz tar -xvf maldetect-current.tar.gz cd maldetect-1.4.2Install the maldet using the “install.sh” shell script.
./install.shNow open a new screen session and scan the whole system by running the below command.
maldet -a /( Please note that, this will take hours to complete depending on the disk usage in your system and that is the reason why we are running it in a screen session. )
You can detach and enter to screen session any time and check the status frequently.
If the scan complete. You will get a result as shown below.
Linux Malware Detect v1.4.2
(C) 2002-2013, R-fx Networks <proj@r-fx.org>
(C) 2013, Ryan MacDonald <ryan@r-fx.org>
inotifywait (C) 2007, Rohan McGovern <rohan@mcgovern.id.au>
This program may be freely redistributed under the terms of the GNU GPL v2
maldet(20920): {scan} signatures loaded: 11272 (9404 MD5 / 1868 HEX)
maldet(20920): {scan} building file list for /, this might take awhile...
/usr/bin/find: /proc/20974/task/20974/fdinfo/4: No such file or directory
/usr/bin/find: /proc/20974/fdinfo/4: No such file or directory
maldet(20920): {scan} file list completed, found 271615 files...
maldet(20920): {scan} 271615/271615 files scanned: 12 hits 0 cleaned
maldet(20920): {scan} scan completed on /: files 271615, malware hits 12, cleaned hits 0
maldet(20920): {scan} scan report saved, to view run: maldet --report 051913-1142.20920
maldet(20920): {scan} quarantine is disabled! set quar_hits=1 in conf.maldet or to quarantine results run: maldet -q 051913-1142.20920
From the result you will get the scan report ID. In this case, the scan report ID is – 051913-1142.20920. Run the below command to view the detailed report.
maldet --report 051913-1142.20920You can put the infected files to quarantine by running the below command.
maldet -q 051913-1142.20920( Please note that, these files will be removed from your system within 14 days. ) That’s it.You have completed the maldet scan. Your system is now malware free.
Thank you
