linux-malware-detect icon indicating copy to clipboard operation
linux-malware-detect copied to clipboard

Published 20 hours ago verified publisher icon rfxn

Detecting wrong thing i guss

Open sharif221 opened this issue 1 year ago • 0 comments

I installed using your website and from install.sh script. http://www.rfxn.com/downloads/maldetect-current.tar.gz

It seems that the maldet find his own file as virus an I don't know why

maldet(455525): {quar} malware quarantined from '/usr/share/nmap/scripts/http-vuln-cve2012-1823.nse' to '/usr/local/maldetect/quarantine/http-vuln-cve2012-1823.nse.2829727646'
maldet(455525): {quar} malware quarantined from '/var/lib/clamav/rfxn.yara' to '/usr/local/maldetect/quarantine/rfxn.yara.30036903'
maldet(455525): {quar} malware quarantined from '/tmp/maldetect-current.tar.gz'
to '/usr/local/maldetect/quarantine/maldetect-current.tar.gz.1509611465'
maldet(455525): {quar} malware quarantined from '/tmp/maldetect-1.6.5/files/clean/gzbase64.inject.unclassed' to '/usr/local/maldetect/quarantine/gzbase64.inject.unclassed.2788213810'
maldet(455525): {quar} malware quarantined from '/tmp/maldetect-1.6.5/files/sigs/rfxn.yara' to '/usr/local/maldetect/quarantine/rfxn.yara.224835154'

Is it okay to have this behavior?

I changed ignore root file to 0 so root files checked in this call.

sharif221 avatar Dec 19 '23 10:12 sharif221