LMD's maldet daemon constantly monitors the directories that you specify in the /usr/local/maldetect/monitor_paths file. When it finds a file that it suspects might be malware, it automatically takes whatever action that you specified in the conf.maldet file. To see how this works, I'll create a simulated malware file in my home directory. Fortunately, that's easier than it sounds, because we have a website that will help us out.

Scroll down toward the bottom of the page until you see this line of text within a text box:

X5O!P%@AP[4PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Copy that line of text and insert it into a text file that you'll save to your home directory of either virtual machine. (You can name it anything you want, but I'll just name mine testing.txt.) Wait just a few moments, and you should see the file disappear. Then, look in the /usr/local/maldetect/logs/event_log file to verify that the LMD moved the file to quarantine:

Dec 09 19:03:43 localhost maldet(7192): {quar} malware quarantined from '/home/donnie/testing.txt' to '/usr/local/maldetect/quarantine/testing.txt.89513558'

There's still a bit more to LMD than what I can show you here. However, you can read all about it in the README file that comes with it.