Go to most recent revision | Blame | Last modification | View Log | Download | RSS feed
#!/bin/bash################################################################### Virus Scanner GUI for## - f-prot# - uvscan (McAfee)# - clamscan################################################################### Urs Beyerle, PSI## (some parts taken from f-prot_gui.sh by Fabian Franz)##################################################################MyVersion=0.3#################################################################clean_exit(){rm -rf /tmp/psi-scanvirus.$$}trap "clean_exit" EXIT### ------------------------------------------------------------### definitions### ------------------------------------------------------------### scan engine listENGINE_LIST=""### fprotFPROT=$(which f-prot)if [ $FPROT ]; thenFPROT_NAME="F-Prot"FPROT_OPT="-all -ai -archive -dumb -packed -list"FPROT_CHECKUPDATES=/usr/local/f-prot/tools/check-updates.plFPROT_ON="1"ENGINE_LIST="$ENGINE_LIST $FPROT_NAME $FPROT On"fi### uvscan (McAfee)UVSCAN=$(which uvscan)if [ $UVSCAN ]; thenUVSCAN_NAME="McAfee"UVSCAN_OPT="--secure -v -r --summary"UVSCAN_CHECKUPDATES=/usr/local/uvscan/update-datUVSCAN_ON="1"ENGINE_LIST="$ENGINE_LIST $UVSCAN_NAME $UVSCAN On"fi### clamscan (Clam)CLAM=$(which clamscan)if [ $CLAM ]; thenCLAM_NAME="Clam"CLAM_OPT="-r"if [ -x /usr/bin/psi-freshclam ]; thenCLAM_CHECKUPDATES=/usr/bin/psi-freshclamelseCLAM_CHECKUPDATES=/usr/bin/freshclamfiCLAM_ON="1"ENGINE_LIST="$ENGINE_LIST $CLAM_NAME $CLAM On"# Starting Clam AntiVirus Daemon/etc/init.d/clamd start >/dev/nullfi### tmpdirTMPDIR=/tmp/psi-scanvirus.$$TMP=$TMPDIR/dialogmkdir -p $TMPDIR### report dirREPORT_DIR="/var/log/psi-scanvirus"mkdir -p /var/log/psi-scanvirus### dialog or xdialog?DIALOG="dialog"XDIALOG_HIGH_DIALOG_COMPAT=1export XDIALOG_HIGH_DIALOG_COMPAT[ -n "$DISPLAY" ] && [ -x /usr/bin/Xdialog ] && DIALOG="Xdialog"; XDIALOG="yes"### titleTITLE="PSI Virus Scanner v$MyVersion"MENU_TITLE="PSI Virus Scanner v$MyVersion"### need root rights to run!### ------------------------------------------------------------if [ "$UID" -ne "0" ]; thenMESSAGE0="To use this program, you need to be root"$DIALOG --title "$TITLE" --msgbox "$MESSAGE0" 0 0exit 1fi### ------------------------------------------------------------### functions### ------------------------------------------------------------psi-freshclam()### ------------------------------------------------------------{echoecho "***************************************"echo "* Clam Antivirus Updater *"echo "***************************************"echoecho "Run /usr/bin/freshclam:"/usr/bin/freshclamecho}### ------------------------------------------------------------welcome_message(){WELCOME_MESSAGE=$( cat <<EOF--------------------------------------------\nWelcome to PSI Virus Scanner v$MyVersion\n--------------------------------------------\nPLEASE NOTE: No files will be delete.\n\nPress OK to continue\nEOF)[ $XDIALOG ] && echo $TITLE$DIALOG --title "$TITLE" --infobox "$WELCOME_MESSAGE" 0 0 8[ $? -ne 0 ] && exit}### ------------------------------------------------------------find_partitions(){PART_ALL=$(LC_ALL=C fdisk -l | sed 's/*//g' | egrep -v "swap|Extended|Ext." | awk '{ print $1 }' | grep "/dev/")PART_LIST=$(LC_ALL=C fdisk -l | sed 's/*//g' | egrep -v "swap|Extended|Ext." | awk '{ printf("%s %s-Partition off\n",$1,$6 $7 $8 $9) }' | grep "/dev/")# add "Select all"PART_LIST="$PART_LIST Select All off"}### ------------------------------------------------------------choose_parts(){MESSAGE2="Found partitions"$DIALOG --title "$TITLE" --checklist "$MESSAGE2" 0 0 0 $PART_LIST 2>$TMPPARTS=$(sed 's,",,g;s,//, /,g' $TMP)# all selected ?grep -q "Select" $TMPif [ "$?" = "0" ]; thenPARTS=$PART_ALLfi[ $XDIALOG ] && echo "Partition(s) selected:"[ $XDIALOG ] && echo $PARTS[ -n "$PARTS" ] && FILES=""}### ------------------------------------------------------------choose_dirfile(){$DIALOG --title $TITLE --fselect "$(pwd)/" 0 0 2>$TMPFILES=$(cat $TMP)[ -n "$FILES" ] && PARTS=""}### ------------------------------------------------------------choose_engine(){MESSAGE_ENGINE="Available Virus Scan Engine(s)"$DIALOG --title "$TITLE" --checklist "$MESSAGE_ENGINE" 0 0 4 $ENGINE_LIST 2>$TMP# create new engine listENGINE_LIST=""# deselect f-prot ?grep -q $FPROT_NAME $TMPif [ "$?" = "0" ]; thenENGINE_LIST="$ENGINE_LIST $FPROT_NAME $FPROT On"; FPROT_ON="1"elseENGINE_LIST="$ENGINE_LIST $FPROT_NAME $FPROT Off"; FPROT_ON=""fi# deselect uvscan ?grep -q $UVSCAN_NAME $TMPif [ "$?" = "0" ]; thenENGINE_LIST="$ENGINE_LIST $UVSCAN_NAME $UVSCAN On"; UVSCAN_ON="1"elseENGINE_LIST="$ENGINE_LIST $UVSCAN_NAME $UVSCAN Off"; UVSCAN_ON=""fi# deselect clamscan ?grep -q $CLAM_NAME $TMPif [ "$?" = "0" ]; thenENGINE_LIST="$ENGINE_LIST $CLAM_NAME $CLAM On"; CLAM_ON="1"elseENGINE_LIST="$ENGINE_LIST $CLAM_NAME $CLAM Off"; CLAM_ON=""fi}### ------------------------------------------------------------define_report(){DATE=$(date +"%Y-%m-%d")DIVIDER="------------------------------------------------------------------------------------------"DOTS=".........\n.........\n........."### where to reportREPORT_TMP=$REPORT_DIR/report.tmprm -rf $REPORT_TMPtouch $REPORT_TMPNR=$(ls $REPORT_DIR/$PREFIX* 2>/dev/null | wc -l | tr -d " ")if [ $FPROT_ON ]; thenFPROT_REPORT="$REPORT_DIR/report_fprot-$DATE-$NR.txt"FPROT_REPORT_MIN="$REPORT_DIR/report_fprot-$DATE-$NR.min.txt"echo $DIVIDER > $FPROT_REPORTecho "F-Prot Report:" >> $FPROT_REPORTcat $FPROT_REPORT > $FPROT_REPORT_MINfiif [ $UVSCAN_ON ]; thenUVSCAN_REPORT="$REPORT_DIR/report_mcafee-$DATE-$NR.txt"UVSCAN_REPORT_MIN="$REPORT_DIR/report_mcafee-$DATE-$NR.min.txt"echo $DIVIDER > $UVSCAN_REPORTecho "McAfee Report:" >> $UVSCAN_REPORTecho $DIVIDER >> $UVSCAN_REPORT$UVSCAN --version >> $UVSCAN_REPORTcat $UVSCAN_REPORT > $UVSCAN_REPORT_MINfiif [ $CLAM_ON ]; thenCLAM_REPORT="$REPORT_DIR/report_clam-$DATE-$NR.txt"CLAM_REPORT_MIN="$REPORT_DIR/report_clam-$DATE-$NR.min.txt"echo $DIVIDER > $CLAM_REPORTecho "Clam Report:" >> $CLAM_REPORTecho $DIVIDER >> $CLAM_REPORT$CLAM --version >> $CLAM_REPORTcat $CLAM_REPORT > $CLAM_REPORT_MINfi}### ------------------------------------------------------------report_fprot(){[ $XDIALOG ] && echo -n "Creating F-Prot report... "# create report (normal and min)# normal reportecho $DIVIDER >> $FPROT_REPORTecho $PART_TOSCAN >> $FPROT_REPORTecho $DIVIDER >> $FPROT_REPORTcat $REPORT_TMP >> $FPROT_REPORTecho $DIVIDER >> $FPROT_REPORTecho >> $FPROT_REPORT# min reportecho $DIVIDER >> $FPROT_REPORT_MINecho $PART_TOSCAN >> $FPROT_REPORT_MINecho $DIVIDER >> $FPROT_REPORT_MINhead -n 25 $REPORT_TMP >> $FPROT_REPORT_MINecho -e $DOTS >> $FPROT_REPORT_MINtail -n 20 $REPORT_TMP >> $FPROT_REPORT_MINecho $DIVIDER >> $FPROT_REPORT_MINgrep " Infection: " $REPORT_TMP >> $FPROT_REPORT_MINgrep " Infection: " $REPORT_TMPif [ "$?" = "0" ]; thenecho "VIRUS INFECTION FOUND !!!" >> $FPROT_REPORT_MIN[ $XDIALOG ] && echo "VIRUS INFECTION FOUND !!!"echo $DIVIDER >> $FPROT_REPORT_MINfiecho >> $FPROT_REPORT_MINrm -f $REPORT_TMPtouch $REPORT_TMP[ $XDIALOG ] && echo " done."}### ------------------------------------------------------------report_uvscan(){[ $XDIALOG ] && echo -n "Creating McAfee report... "# create report (normal and min)# normal reportecho $DIVIDER >> $UVSCAN_REPORTecho $PART_TOSCAN >> $UVSCAN_REPORTecho $DIVIDER >> $UVSCAN_REPORTcat $REPORT_TMP >> $UVSCAN_REPORTecho $DIVIDER >> $UVSCAN_REPORTecho >> $UVSCAN_REPORT# min reportecho $DIVIDER >> $UVSCAN_REPORT_MINecho $PART_TOSCAN >> $UVSCAN_REPORT_MINecho $DIVIDER >> $UVSCAN_REPORT_MINhead -n 10 $REPORT_TMP >> $UVSCAN_REPORT_MINecho -e $DOTS >> $UVSCAN_REPORT_MINtail -n 12 $REPORT_TMP >> $UVSCAN_REPORT_MINecho $DIVIDER >> $UVSCAN_REPORT_MINgrep " Found: " $REPORT_TMP >> $UVSCAN_REPORT_MINgrep " Found: " $REPORT_TMPif [ "$?" = "0" ]; thenecho "VIRUS INFECTION FOUND !!!" >> $UVSCAN_REPORT_MIN[ $XDIALOG ] && echo "VIRUS INFECTION FOUND !!!"echo $DIVIDER >> $UVSCAN_REPORT_MINfiecho >> $UVSCAN_REPORT_MINrm -f $REPORT_TMPtouch $REPORT_TMP[ $XDIALOG ] && echo " done."}### ------------------------------------------------------------report_clam(){[ $XDIALOG ] && echo -n "Creating Clam report... "# create report (normal and min)# normal reportecho $DIVIDER >> $CLAM_REPORTecho $PART_TOSCAN >> $CLAM_REPORTecho $DIVIDER >> $CLAM_REPORTcat $REPORT_TMP >> $CLAM_REPORTecho $DIVIDER >> $CLAM_REPORTecho >> $CLAM_REPORT# min reportecho $DIVIDER >> $CLAM_REPORT_MINecho $PART_TOSCAN >> $CLAM_REPORT_MINecho $DIVIDER >> $CLAM_REPORT_MINhead -n 5 $REPORT_TMP >> $CLAM_REPORT_MINecho -e $DOTS >> $CLAM_REPORT_MINtail -n 15 $REPORT_TMP >> $CLAM_REPORT_MINecho $DIVIDER >> $CLAM_REPORT_MINgrep " FOUND$" $REPORT_TMP >> $CLAM_REPORT_MINgrep " FOUND$" $REPORT_TMPif [ "$?" = "0" ]; thenecho "VIRUS INFECTION FOUND !!!" >> $CLAM_REPORT_MIN[ $XDIALOG ] && echo "VIRUS INFECTION FOUND !!!"echo $DIVIDER >> $CLAM_REPORT_MINfiecho >> $CLAM_REPORT_MINrm -f $REPORT_TMPtouch $REPORT_TMP[ $XDIALOG ] && echo " done."}### ------------------------------------------------------------show_reports(){### show report[ $FPROT_ON ] && $DIALOG --title "$TITLE: F-Prot Small Report" \--textbox $FPROT_REPORT_MIN 0 0[ $UVSCAN_ON ] && $DIALOG --title "$TITLE: McAfee Small Report" \--textbox $UVSCAN_REPORT_MIN 0 0[ $CLAM_ON ] && $DIALOG --title "$TITLE: Clam Small Report" \--textbox $CLAM_REPORT_MIN 0 0### info about report filesREPORT_MESSAGE="\nVirus Scan Reports can be found in $REPORT_DIR\n"$DIALOG --title "$TITLE" --no-close --infobox "$REPORT_MESSAGE" 0 0 5[ $XDIALOG ] && echo -e "$REPORT_MESSAGE"}### ------------------------------------------------------------scan(){if [ -z "$PARTS" -a -z "$FILES" ]; thenMESSAGE3="Please select partition(s) or directory/file first."$DIALOG --title "$TITLE" --msgbox "$MESSAGE3" 0 0returnfiif [ -z "$SCAN_WITH" ]; thenMESSAGE_SORRY="Sorry, either no scan engine selected or available."$DIALOG --title "$TITLE" --msgbox "$MESSAGE_SORRY" 0 0returnfi### mount partitionsTOSCAN=""for i in $PARTS; domkdir -p /mnt/${i/\/dev\//}# first umountumount $i 2>/dev/nullmount -o "ro" $i /mnt/${i/\/dev\//}if [ "$?" != "0" ]; thenMESSAGE_UMOUNT="Partiton $i could not be mounted."$DIALOG --title "$TITLE" --msgbox "$MESSAGE_UMOUNT" 0 0fiTOSCAN="$TOSCAN /mnt/${i/\/dev\//}"doneTOSCAN="$TOSCAN $FILES"MESSAGE4="Scanning files on"MESSAGE5="Searching for files, that will be scanned ..."### define where to reportdefine_report### watch $REPORT_TMPif [ $XDIALOG ]; thenxterm -sb -title "tail -F $REPORT_TMP" -e tail -F $REPORT_TMP &fi### scan each partitionfor PART_TOSCAN in $TOSCAN; do[ $XDIALOG ] && echo "Scanning $PART_TOSCAN... "### scan with FPROTif [ $FPROT_ON ]; then{ max=$(find $PART_TOSCAN -type f | wc -l )echo -e "XXX\nF-Prot: $MESSAGE4: $PART_TOSCAN\nXXX"$FPROT $FPROT_OPT -report=$REPORT_TMP $PART_TOSCAN | grep "^$PART_TOSCAN" | sed 's/->.*//g' | uniq | while read a; do count=$[count+1]; echo $[count*100/max]; done} | $DIALOG --title "$TITLE" --gauge "$MESSAGE5 $PART_TOSCAN" 10 40report_fprotfi### scan with UVSCAN (McAfee)if [ $UVSCAN_ON ]; then{ max=$(find $PART_TOSCAN | wc -l )echo -e "XXX\nMcAfee: $MESSAGE4: $PART_TOSCAN\nXXX"$UVSCAN $UVSCAN_OPT $PART_TOSCAN 2>/dev/null | tee $REPORT_TMP 2>/dev/null | grep "^Scanning" | grep -v "\.zip" | grep -v "\.tar" | grep -v ".\tgz" | while read a; do count=$[count+1]; echo $[count*100/max]; done} | $DIALOG --title "$TITLE" --gauge "$MESSAGE5 $PART_TOSCAN" 10 40report_uvscanfi### scan clamscan (Clam)if [ $CLAM_ON ]; then{ max=$(find $PART_TOSCAN -type f | wc -l )echo -e "XXX\nClam: $MESSAGE4: $PART_TOSCAN\nXXX"$CLAM $CLAM_OPT $PART_TOSCAN 2>/dev/null | tee $REPORT_TMP 2>/dev/null | grep "^$PART_TOSCAN" | while read a; do count=$[count+1]; echo $[count*100/max]; done} | $DIALOG --title "$TITLE" --gauge "$MESSAGE5 $PART_TOSCAN" 10 40report_clamfidone### unmount partitionsfor i in $PARTS; doumount /mnt/${i/\/dev\//}done### show reportsshow_reports}shutdown (){$DIALOG --title "$TITLE" --radiolist "Reboot or shutdown the PC?" 0 0 3 poweroff "" on reboot "" off 2>$TMPACTION=$(cat $TMP)if [ $ACTION ]; then$ACTIONexit 1fi}online_update (){# remove old temporary dirrm -rf /var/tmp/f-protif [ -n "$DISPLAY" ]; thenxterm -sb -e "$FPROT_CHECKUPDATES; $UVSCAN_CHECKUPDATES; $CLAM_CHECKUPDATES; echo 'Press a key to continue ...'; read -n1"else$FPROT_CHECKUPDATES; $UVSCAN_CHECKUPDATES; $CLAM_CHECKUPDATES; echo 'Press a key to continue ...'; read -n1firm -rf /var/tmp/f-prot}### ------------------------------------------------------------### Main Program### ------------------------------------------------------------### find partitonsfind_partitions### print welcome messagewelcome_message### menu### ------------------------------------------------------------MENU_1="Select partition(s)"MENU_2="(or: Select a directory/file)"MENU_3="Choose Scan Engine(s)"MENU_4="Start Scanning"MENU_5="Do Online-Update"MENU_6="Reboot/Shutdown"MENU_7="Quit"while true; doSCAN_WITH=""[ $FPROT_ON ] && SCAN_WITH=" $FPROT_NAME"[ $UVSCAN_ON ] && SCAN_WITH="$SCAN_WITH $UVSCAN_NAME"[ $CLAM_ON ] && SCAN_WITH="$SCAN_WITH $CLAM_NAME"$DIALOG --title "$TITLE" \--menu "$MENU_TITLE" 0 0 7\1 "$MENU_1"\2 "$MENU_2"\3 "$MENU_3" \4 "$MENU_4 (with$SCAN_WITH)" \5 "$MENU_5" \6 "$MENU_6" \7 "$MENU_7" \2> $TMP[ $? -ne 0 ] && breakCHOICE=$(cat $TMP)case "$CHOICE" in1)choose_parts;;2)choose_dirfile;;3)choose_engine;;4)scan;;5)online_update;;6)shutdown || break;;7)break;;esacdone