wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xzvf maldetect-current.tar.gz
cd maldetect-*
sh install.sh
maldet --scan-all /home/*/public_html/ ---> To scan
maldet --report 122111-1532.827 -----> To see the report
maldet -q 122111-1532.8272 ----> To remove the Infected files
maldet(7488): {scan} quarantine is disabled! set quar_hits=1 in conf.maldet or to quarantine results run: maldet -q 125211-1258.7488
Infected file lists in
cd /usr/local/maldetect/sess/
There is a file that start with session.
