How to Install Maldet Malware Detect and clean malware with clamav on Debian / Ubuntu ?

Linux Malware Detect (LMD), popularly known as Maldet is an open-source malware scanner for Linux released under the GNU GPLv2 license. It is designed around the threats faced in shared hosted environments. Install, configure and run this free software to detect and clean malware on your system. 

Install Maldet

# cd /usr/local/src/
# curl -O http://www.rfxn.com/downloads/maldetect-current.tar.gz
# tar -zxvf maldetect-current.tar.gz
# cd maldetect-1.6.2/
# bash install.sh ( best for Ubuntu 16.04 )
# sudo ./install.sh ( for Ubuntu 20.04 )

Configuration: 

For configuring maldet, the configuration file at /usr/local/maldetect/conf.maldet has to be edited.

# vi /usr/local/maldetect/conf.maldet

Line no 16
# Enable Email Alerting
email_alert="1"

Line no 21
# Email Address in which you want to receive scan reports
email_addr="you@domain.com"

Line no 141
# Use with ClamAV
scan_clamscan="1"

Line no 173
# Enable scanning for root-owned files. Set 1 to disable.
scan_ignore_root="0"

Line no 207
# Move threats to quarantine
quarantine_hits="1"

Line 212
# Clean string based malware injections
quarantine_clean="1"

Line no 218
# Suspend user if malware found. 
quarantine_suspend_user="0"

Line no 222
# Minimum userid value that be suspended
quarantine_suspend_user_minuid="500"

:x (save & close ) 

Don't DO 

# apt-get install clamav-unofficial-sigs 

Linux Malware Detect with ClamAV 

LMD performs better with ClamAV, especially when it comes to scanning large file sets. ClamAV (Clam Antivirus) is an open source antivirus engine to detect the virus, malware, trojans & other malicious threats. To install ClamAv with Maldet Follow the Steps :

How to install ClamAv antivirus with rspamd on Ubuntu 16.04/20.04 LTS?

Scan with Linux Malware Detect 

Let us test the functionality of LMD by downloading sample virus signature from EICAR website.

# cd /tmp
# wget http://www.eicar.org/download/eicar_com.zip
# wget http://www.eicar.org/download/eicarcom2.zip 

# maildet -a /tmp

Linux Malware Detector Scan Report 

LMD stores its scan reports under /usr/local/maldetect/sess/. Use the maldet command along with SCAN ID to see the detailed scanning report.

# maldet --report 171026-1103.4209 

Update Linux Malware Detect 

Use the below command to update your LMD.

# maldet -d 

To update LMD signatures, run:

# maldet -u 

To uninstall

# sh /usr/local/maldetect/uninstall.sh

The Best Guide for me : 

https://hostpresto.com/community/tutorials/how-to-detect-and-clean-malware-from-your-linux-server-using-maldet/ 

https://www.itzgeek.com/how-tos/linux/debian/install-linux-malware-detect-on-debian-ubuntu-linuxmint-a-malware-scanner-for-linux-operating-system.html  

https://www.2daygeek.com/install-configure-linux-malware-detect-lmd-on-linux/

https://globedrill.com/how-to-remove-uninstall-maldet-linux-malware-detect-lmd-from-linux-server/