diff --git a/modules/security/malware-scanner.sh b/modules/security/malware-scanner.sh
index d1c1118..d919651 100755
--- a/modules/security/malware-scanner.sh
+++ b/modules/security/malware-scanner.sh
@@ -1661,7 +1661,7 @@ for scanner in "${available_scanners[@]}"; do
 
             log_message "ImunifyAV: Starting on-demand scan"
             echo ""
-            echo "  📁 Scanning paths: ${SCAN_PATHS[@]}"
+            echo "  📁 Scanning paths: ${SCAN_PATHS[*]}"
             echo "  ⏳ Scanner: ImunifyAV"
             echo ""
 
@@ -1713,11 +1713,11 @@ for scanner in "${available_scanners[@]}"; do
                     # Success - validate the output and count lines
                     if [ -n "$malicious_output" ]; then
                         # Check if first line looks like header (contains "Path", "ID", "Threat", etc.)
-                        first_line=$(echo "$malicious_output" | head -1)
+                        first_line="${malicious_output%%$'\n'*}"
                         if [[ "$first_line" == *"Path"* ]] || [[ "$first_line" == *"ID"* ]] || [[ "$first_line" == *"Threat"* ]]; then
-                            IMUNIFY_INFECTED=$(echo "$malicious_output" | tail -n +2 | wc -l)
+                            IMUNIFY_INFECTED=$(printf '%s\n' "$malicious_output" | tail -n +2 | wc -l)
                         else
-                            IMUNIFY_INFECTED=$(echo "$malicious_output" | wc -l)
+                            IMUNIFY_INFECTED=$(printf '%s\n' "$malicious_output" | wc -l)
                         fi
                         # Ensure it's numeric
                         if ! [[ "$IMUNIFY_INFECTED" =~ ^[0-9]+$ ]]; then
@@ -1868,7 +1868,7 @@ for scanner in "${available_scanners[@]}"; do
 
             log_message "Maldet: Starting scan with live progress"
             echo ""
-            echo "  📁 Scanning path(s): ${SCAN_PATHS[@]}"
+            echo "  📁 Scanning path(s): ${SCAN_PATHS[*]}"
             echo "  ⏳ Scanner: Maldet/LMD (Linux-specific malware detection...)"
             echo ""
 
@@ -2138,20 +2138,20 @@ for scanner in "${available_scanners[@]}"; do
             if [ ! -s "$LOG_DIR/imunify.log" ]; then
                 log_message "WARNING: ImunifyAV log file is empty or missing"
                 echo "⚠️  WARNING: ImunifyAV scan may not have completed properly" >> "$SUMMARY_FILE"
-                ((validation_issues++))
+                validation_issues=$((validation_issues + 1))
             fi
             ;;
         clamav)
             if [ ! -s "$LOG_DIR/clamav.log" ]; then
                 log_message "WARNING: ClamAV log file is empty or missing"
                 echo "⚠️  WARNING: ClamAV scan may not have completed properly" >> "$SUMMARY_FILE"
-                ((validation_issues++))
+                validation_issues=$((validation_issues + 1))
             else
                 # Verify ClamAV reached the summary line
                 if ! grep -q "Scanned files:" "$LOG_DIR/clamav.log"; then
                     log_message "WARNING: ClamAV scan may have been interrupted (no summary found)"
                     echo "⚠️  WARNING: ClamAV scan may have been interrupted" >> "$SUMMARY_FILE"
-                    ((validation_issues++))
+                    validation_issues=$((validation_issues + 1))
                 fi
             fi
             ;;
@@ -2159,14 +2159,14 @@ for scanner in "${available_scanners[@]}"; do
             if [ ! -s "$LOG_DIR/maldet.log" ]; then
                 log_message "WARNING: Maldet log file is empty or missing"
                 echo "⚠️  WARNING: Maldet scan may not have completed properly" >> "$SUMMARY_FILE"
-                ((validation_issues++))
+                validation_issues=$((validation_issues + 1))
             fi
             ;;
         rkhunter)
             if [ ! -s "$LOG_DIR/rkhunter.log" ]; then
                 log_message "WARNING: RKHunter log file is empty or missing"
                 echo "⚠️  WARNING: RKHunter scan may not have completed properly" >> "$SUMMARY_FILE"
-                ((validation_issues++))
+                validation_issues=$((validation_issues + 1))
             fi
             ;;
     esac
@@ -2210,7 +2210,7 @@ else
                 false_positives_list="${false_positives_list}  • $file"$'\n'
             else
                 real_threats_list="${real_threats_list}📁 $file"$'\n'
-                ((real_threats_count++))
+                real_threats_count=$((real_threats_count + 1))
             fi
         done < "$RESULTS_DIR/infected_files.txt"
     fi
@@ -2320,9 +2320,9 @@ STANDALONE_EOF
     done
     paths_declaration+=")"
 
-    # Escape special characters for sed (handle /, \, &, |, $)
-    # CRITICAL FIX: Must escape the delimiter (|) as well since we use it in the sed command
-    escaped_paths=$(printf '%s\n' "$paths_declaration" | sed -e 's/[\/&|]/\\&/g')
+    # Escape special characters for sed (handle \, /, &, |, $)
+    # CRITICAL FIX: Must escape backslash first, then other special chars
+    escaped_paths=$(printf '%s\n' "$paths_declaration" | sed -e 's/\\/\\\\/g; s/[\/&|]/\\&/g')
 
     if ! sed -i "s|PLACEHOLDER_SCAN_PATHS|$escaped_paths|" "$session_dir/scan.sh"; then
         echo -e "${RED}ERROR: Failed to generate standalone scanner script${NC}"
@@ -2377,7 +2377,7 @@ STANDALONE_EOF
 
                 sleep 1
 
-                if ps -p $scan_pid > /dev/null 2>&1; then
+                if ps -p "$scan_pid" > /dev/null 2>&1; then
                     echo ""
                     echo -e "${GREEN}✓ Standalone scanner started successfully!${NC}"
                     echo ""
@@ -2389,7 +2389,7 @@ STANDALONE_EOF
                     echo "  tail -f $session_dir/logs/session.log"
                     echo ""
                     echo -e "${CYAN}Check if still running:${NC}"
-                    echo "  ps -p $scan_pid"
+                    echo "  ps -p \"$scan_pid\""
                     echo ""
                     echo -e "${GREEN}You can now safely delete the toolkit.${NC}"
                     echo -e "${GREEN}The scan will continue running independently.${NC}"