Open VicDeo opened 1 year ago
By default maldet will ignore files owned as root as to prevent system damage from automatic quarantine. So change the ownership of the files before the scan or change the scan_ignore_root setting in the maldet config.
@Gazoo thanks. but this is non-default setup.... See the log above, r57 shell is detected on the same server (as well as the other malware). c99 is not. Obviously something is wrong with the signatures.
malware hits 0, cleaned hits 0, time 4s
For example r57 is successfully detected even in rar archive so the scanner configuration is ok, something is wrong with the signatures :
malware hits 1, cleaned hits 0, time 4s