Da, pa stavi umesto /home /home/Downloads ili šta već želiš.
Inače možeš da mu kažeš da ti snimi sve u log sa -l ~/clamav-scan.log
ili možeš da izbaciš -v ako nećeš da vidiš ispis na ekranu, ili da dodaš -i da ti ispisuje samo ako nadje infekcije.
Jeste, učitani su dodatni osim dva, video sam ovde kako i šta treba :
https://github.com/extremeshok/clamav-unofficial-sigs
Piše kako da se prijaviš za MalwarePatrol i SecuriteInfo i gde da ubaciš to što treba.
Evo ga moj ispis :
Kod:
$ clamscan --debug 2>&1 /dev/null | grep "loaded"
LibClamAV debug: unrar support loaded from /usr/lib64/libclamunrar_iface.so.7.1.1 libclamunrar_iface_so_7_1
LibClamAV debug: /var/lib/clamav/sigwhitelist.ign2 loaded
LibClamAV debug: /var/lib/clamav/securiteinfo.ign2 loaded
LibClamAV debug: daily.info loaded
LibClamAV debug: daily.cfg loaded
LibClamAV debug: daily.hsb loaded
LibClamAV debug: daily.sfp loaded
LibClamAV debug: daily.crb loaded
LibClamAV debug: daily.ign2 loaded
LibClamAV debug: daily.pdb loaded
LibClamAV debug: daily.fp loaded
LibClamAV debug: daily.hdb loaded
LibClamAV debug: daily.wdb loaded
LibClamAV debug: daily.ndb loaded
LibClamAV debug: daily.cdb loaded
LibClamAV debug: daily.idb loaded
LibClamAV debug: daily.msb loaded
LibClamAV debug: daily.ldb loaded
LibClamAV debug: daily.ftm loaded
LibClamAV debug: daily.mdb loaded
LibClamAV debug: daily.ign loaded
LibClamAV debug: /var/lib/clamav/daily.cld loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.crimepack_jar
LibClamAV debug: load_oneyara: successfully loaded YARA.crimepack_jar3
LibClamAV debug: cli_loadyara: loaded 2 of 2 yara signatures from /var/lib/clamav/EK_Crimepack.yar
LibClamAV debug: /var/lib/clamav/EK_Crimepack.yar loaded
LibClamAV debug: /var/lib/clamav/hackingteam.hsb loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.bleedinglife2_adobe_2010_1297_exploit
LibClamAV debug: load_oneyara: successfully loaded YARA.bleedinglife2_adobe_2010_2884_exploit
LibClamAV debug: load_oneyara: successfully loaded YARA.bleedinglife2_jar2
LibClamAV debug: load_oneyara: successfully loaded YARA.bleedinglife2_java_2010_0842_exploit
LibClamAV debug: cli_loadyara: loaded 4 of 4 yara signatures from /var/lib/clamav/EK_BleedingLife.yar
LibClamAV debug: /var/lib/clamav/EK_BleedingLife.yar loaded
LibClamAV debug: /var/lib/clamav/bofhland_cracked_URL.ndb loaded
LibClamAV debug: /var/lib/clamav/antidebug_antivm.yar loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.zeroaccess_css
LibClamAV debug: load_oneyara: successfully loaded YARA.zeroaccess_css2
LibClamAV debug: load_oneyara: successfully loaded YARA.zeroaccess_htm
LibClamAV debug: load_oneyara: successfully loaded YARA.zeroaccess_js
LibClamAV debug: load_oneyara: successfully loaded YARA.zeroaccess_js2
LibClamAV debug: load_oneyara: successfully loaded YARA.zeroaccess_js3
LibClamAV debug: load_oneyara: successfully loaded YARA.zeroaccess_js4
LibClamAV debug: cli_loadyara: loaded 7 of 7 yara signatures from /var/lib/clamav/EK_ZeroAcces.yar
LibClamAV debug: /var/lib/clamav/EK_ZeroAcces.yar loaded
LibClamAV debug: /var/lib/clamav/rfxn.ndb loaded
LibClamAV debug: /var/lib/clamav/securiteinfoascii.hdb loaded
LibClamAV debug: /var/lib/clamav/malwarehash.hsb loaded
LibClamAV debug: /var/lib/clamav/phishtank.ndb loaded
LibClamAV debug: /var/lib/clamav/scam.ndb loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.sakura_jar
LibClamAV debug: load_oneyara: successfully loaded YARA.sakura_jar2
LibClamAV debug: cli_loadyara: loaded 2 of 2 yara signatures from /var/lib/clamav/EK_Sakura.yar
LibClamAV debug: /var/lib/clamav/EK_Sakura.yar loaded
LibClamAV debug: /var/lib/clamav/winnow_malware_links.ndb loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_html
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_html10
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_html11
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_html2
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_html3
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_html4
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_html5
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_html6
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_html7
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_html8
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_html9
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_jar
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_jar2
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_jar3
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_pdf
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_pdf2
LibClamAV debug: load_oneyara: successfully loaded YARA.phoenix_pdf3
LibClamAV debug: cli_loadyara: loaded 17 of 17 yara signatures from /var/lib/clamav/EK_Phoenix.yar
LibClamAV debug: /var/lib/clamav/EK_Phoenix.yar loaded
LibClamAV debug: /var/lib/clamav/porcupine.hsb loaded
LibClamAV debug: /var/lib/clamav/blurl.ndb loaded
LibClamAV debug: /var/lib/clamav/foxhole_generic.cdb loaded
LibClamAV debug: /var/lib/clamav/spamattach.hdb loaded
LibClamAV debug: /var/lib/clamav/winnow.attachments.hdb loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.eleonore_jar
LibClamAV debug: load_oneyara: successfully loaded YARA.eleonore_jar2
LibClamAV debug: load_oneyara: successfully loaded YARA.eleonore_jar3
LibClamAV debug: load_oneyara: successfully loaded YARA.eleonore_js
LibClamAV debug: load_oneyara: successfully loaded YARA.eleonore_js2
LibClamAV debug: load_oneyara: successfully loaded YARA.eleonore_js3
LibClamAV debug: cli_loadyara: loaded 6 of 6 yara signatures from /var/lib/clamav/EK_Eleonore.yar
LibClamAV debug: /var/lib/clamav/EK_Eleonore.yar loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.INDICATOR_IMPLANT_Loader
LibClamAV debug: load_oneyara: successfully loaded YARA.INDICATOR_Implant_Loader2
LibClamAV debug: load_oneyara: generic string: [File {0} has been uploaded in {1}] => [46696c65207b307d20686173206265656e2075706c6f6164656420696e207b317d]
LibClamAV debug: load_oneyara: successfully loaded YARA.IMPLANT2_3
LibClamAV debug: load_oneyara: successfully loaded YARA.CryptoWall_Resume_phish
LibClamAV debug: load_oneyara: successfully loaded YARA.docx_macro
LibClamAV debug: load_oneyara: successfully loaded YARA.java_JSocket_20151217
LibClamAV debug: cli_loadyara: loaded 6 of 6 yara signatures from /var/lib/clamav/winnow_malware.yara
LibClamAV debug: /var/lib/clamav/winnow_malware.yara loaded
LibClamAV debug: /var/lib/clamav/bofhland_malware_attach.hdb loaded
LibClamAV debug: /var/lib/clamav/winnow_bad_cw.hdb loaded
LibClamAV debug: /var/lib/clamav/EMAIL_Cryptowall.yar loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.Sanesecurity_Spam_test
LibClamAV debug: load_oneyara: successfully loaded YARA.Sanesecurity_Spam_pornspam
LibClamAV debug: cli_loadyara: loaded 2 of 2 yara signatures from /var/lib/clamav/Sanesecurity_spam.yara
LibClamAV debug: /var/lib/clamav/Sanesecurity_spam.yara loaded
LibClamAV debug: /var/lib/clamav/porcupine.ndb loaded
LibClamAV debug: /var/lib/clamav/securiteinfohtml.hdb loaded
LibClamAV debug: /var/lib/clamav/spamimg.hdb loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_jar
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_jar2
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_jar3
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_pdf
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole_basic
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole1_jar
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_css
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_htm
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_htm10
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_htm11
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_htm12
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_htm3
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_htm4
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_htm5
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_htm6
LibClamAV debug: load_oneyara: successfully loaded YARA.blackhole2_htm8
LibClamAV debug: cli_loadyara: loaded 16 of 16 yara signatures from /var/lib/clamav/EK_Blackhole.yar
LibClamAV debug: /var/lib/clamav/EK_Blackhole.yar loaded
LibClamAV debug: /var/lib/clamav/rogue.hdb loaded
LibClamAV debug: main.info loaded
LibClamAV debug: main.hdb loaded
LibClamAV debug: main.hsb loaded
LibClamAV debug: main.mdb loaded
LibClamAV debug: main.msb loaded
LibClamAV debug: main.ndb loaded
LibClamAV debug: main.fp loaded
LibClamAV debug: main.sfp loaded
LibClamAV debug: main.crb loaded
LibClamAV debug: /var/lib/clamav/main.cvd loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.zerox88_js2
LibClamAV debug: load_oneyara: successfully loaded YARA.zerox88_js3
LibClamAV debug: cli_loadyara: loaded 2 of 2 yara signatures from /var/lib/clamav/EK_Zerox88.yar
LibClamAV debug: /var/lib/clamav/EK_Zerox88.yar loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.fragus_htm
LibClamAV debug: load_oneyara: successfully loaded YARA.fragus_js
LibClamAV debug: load_oneyara: successfully loaded YARA.fragus_js2
LibClamAV debug: load_oneyara: successfully loaded YARA.fragus_js_flash
LibClamAV debug: load_oneyara: successfully loaded YARA.fragus_js_java
LibClamAV debug: load_oneyara: successfully loaded YARA.fragus_js_quicktime
LibClamAV debug: load_oneyara: successfully loaded YARA.fragus_js_vml
LibClamAV debug: cli_loadyara: loaded 7 of 7 yara signatures from /var/lib/clamav/EK_Fragus.yar
LibClamAV debug: /var/lib/clamav/EK_Fragus.yar loaded
LibClamAV debug: /var/lib/clamav/jurlbl.ndb loaded
LibClamAV debug: /var/lib/clamav/winnow_extended_malware.hdb loaded
LibClamAV debug: /var/lib/clamav/securiteinfoandroid.hdb loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.zeus_js
LibClamAV debug: cli_loadyara: loaded 1 of 1 yara signatures from /var/lib/clamav/EK_Zeus.yar
LibClamAV debug: /var/lib/clamav/EK_Zeus.yar loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.Sanesecurity_TestSig_Type4_Hdr_2
LibClamAV debug: load_oneyara: successfully loaded YARA.Sanesecurity_TestSig_Type3_Bdy_4
LibClamAV debug: load_oneyara: successfully loaded YARA.Sanesecurity_TestSig_Type4_Bdy_3
LibClamAV debug: load_oneyara: successfully loaded YARA.Sanesecurity_PhishingTestSig_1
LibClamAV debug: cli_loadyara: loaded 4 of 4 yara signatures from /var/lib/clamav/Sanesecurity_sigtest.yara
LibClamAV debug: /var/lib/clamav/Sanesecurity_sigtest.yara loaded
LibClamAV debug: /var/lib/clamav/phish.ndb loaded
LibClamAV debug: /var/lib/clamav/foxhole_filename.cdb loaded
LibClamAV debug: /var/lib/clamav/sanesecurity.ftm loaded
LibClamAV debug: /var/lib/clamav/bofhland_phishing_URL.ndb loaded
LibClamAV debug: /var/lib/clamav/javascript.ndb loaded
LibClamAV debug: /var/lib/clamav/securiteinfo.hdb loaded
LibClamAV debug: bytecode.info loaded
LibClamAV debug: 3986185.cbc loaded
LibClamAV debug: 3986187.cbc loaded
LibClamAV debug: 3986188.cbc loaded
LibClamAV debug: 3986206.cbc loaded
LibClamAV debug: 3986212.cbc loaded
LibClamAV debug: 3986214.cbc loaded
LibClamAV debug: 3986215.cbc loaded
LibClamAV debug: 3986216.cbc loaded
LibClamAV debug: 3986217.cbc loaded
LibClamAV debug: 3986218.cbc loaded
LibClamAV debug: 3986219.cbc loaded
LibClamAV debug: 3986220.cbc loaded
LibClamAV debug: 3986221.cbc loaded
LibClamAV debug: 3986222.cbc loaded
LibClamAV debug: 3986223.cbc loaded
LibClamAV debug: 3986224.cbc loaded
LibClamAV debug: 3986229.cbc loaded
LibClamAV debug: 3986230.cbc loaded
LibClamAV debug: 3986231.cbc loaded
LibClamAV debug: 3986232.cbc loaded
LibClamAV debug: 3986233.cbc loaded
LibClamAV debug: 3986234.cbc loaded
LibClamAV debug: 3986235.cbc loaded
LibClamAV debug: 3986236.cbc loaded
LibClamAV debug: 3986242.cbc loaded
LibClamAV debug: 3986244.cbc loaded
LibClamAV debug: 3986249.cbc loaded
LibClamAV debug: 3986259.cbc loaded
LibClamAV debug: 3986282.cbc loaded
LibClamAV debug: 3986283.cbc loaded
LibClamAV debug: 3986289.cbc loaded
LibClamAV debug: 3986292.cbc loaded
LibClamAV debug: 3986301.cbc loaded
LibClamAV debug: 3986303.cbc loaded
LibClamAV debug: 3986305.cbc loaded
LibClamAV debug: 3986306.cbc loaded
LibClamAV debug: 3986310.cbc loaded
LibClamAV debug: 3986318.cbc loaded
LibClamAV debug: 3986321.cbc loaded
LibClamAV debug: 3986322.cbc loaded
LibClamAV debug: 3986326.cbc loaded
LibClamAV debug: 3986327.cbc loaded
LibClamAV debug: 3986328.cbc loaded
LibClamAV debug: 3986334.cbc loaded
LibClamAV debug: 3986337.cbc loaded
LibClamAV debug: 4306126.cbc loaded
LibClamAV debug: 4306157.cbc loaded
LibClamAV debug: 4307467.cbc loaded
LibClamAV debug: 4310114.cbc loaded
LibClamAV debug: 4416867.cbc loaded
LibClamAV debug: 4510302.cbc loaded
LibClamAV debug: 4526683.cbc loaded
LibClamAV debug: 4553522.cbc loaded
LibClamAV debug: /var/lib/clamav/bytecode.cvd loaded
LibClamAV debug: /var/lib/clamav/rfxn.hdb loaded
LibClamAV debug: /var/lib/clamav/malwarepatrol.db loaded
LibClamAV debug: /var/lib/clamav/securiteinfopdf.hdb loaded
LibClamAV debug: load_oneyara: successfully loaded YARA.AnglerEKredirector
LibClamAV debug: load_oneyara: successfully loaded YARA.angler_flash
LibClamAV debug: load_oneyara: successfully loaded YARA.angler_flash2
LibClamAV debug: load_oneyara: successfully loaded YARA.angler_flash4
LibClamAV debug: load_oneyara: successfully loaded YARA.angler_flash5
LibClamAV debug: load_oneyara: successfully loaded YARA.angler_flash_uncompressed
LibClamAV debug: load_oneyara: successfully loaded YARA.angler_html
LibClamAV debug: load_oneyara: successfully loaded YARA.angler_html2
LibClamAV debug: load_oneyara: successfully loaded YARA.angler_jar
LibClamAV debug: load_oneyara: successfully loaded YARA.angler_js
LibClamAV debug: cli_loadyara: loaded 10 of 10 yara signatures from /var/lib/clamav/EK_Angler.yar
LibClamAV debug: /var/lib/clamav/EK_Angler.yar loaded
LibClamAV debug: /var/lib/clamav/winnow_malware.hdb loaded
LibClamAV debug: /var/lib/clamav/bofhland_malware_URL.ndb loaded
LibClamAV debug: /var/lib/clamav/junk.ndb loaded
što se configa tiče ja sam editovao /etc/clamav-unofficial-sigs/user.conf i tu skinuo # sa #user_configuration_complete="yes", dakle treba da ti bude :
user_configuration_complete="yes"
i /etc/clamav-unofficial-sigs/master.conf , tu sam ubacio onaj kod za malwarepatrol :
malwarepatrol_receipt_code = ""
znači kod ubaci izmedju navodnika i ostavi navodnike.
isto i ispod za securiteinfo_authorisation_signature="" za taj drugi sajt.
Možda je to bilo pod komentarom (#) ne mogu da se setim , ako je bilo skini komentar (#)
Možda je to sve moglo i u user.conf (ima i tamo za ta dva sajta), nisam siguran, svejedno.