Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi,
I use avg free as antivirus scanner. I looked some time for a scanner to scan and remove viruses. Problem is avg 8.5 will only detect viruses, not remove them...
I use a oneliner looking like this:
Now I want to parse that file to pick the infected files and use mv to secure the system.. is there any way to acomplish that?
I guess I could start with looking for the lines starting with / evaluate them so when they get two spaces, then it cuts. (Filename comes first, then two spaces, then description of virus..)
then use the line to mv the file someware. For instance /var/quarantine/
I know there are problably other programs that do work. But it took me some time to install and figure out this one, and now when I got it working it seems like avg has stopped the healing function in this upgrade.. They are "working on it"..
If you have a tip about a free anti-virus software that is easy to figure out, it would be nice. But I would also like to learn some parsing. This was a bit tuff for me right now. But if someone please can get me started im shure I can figure it out. I know a bit of bash and php, not so much about pearl but anything is apreciated.
Well you have a few options; you can try this with Bash using a for loop and the cut command, or you can use your favourite scripting language, up to you.
A 30second script in python to do this simply:
Code:
#!/usr/bin/env python
#-* coding:utf-8 -*-
#
# Open the file, try and find viruses
# uses certain assumptions based on length of header in file
# and so on
report = open( "./avg_out", 'r' ).readlines()
for i in range( len( report ) ):
if not i <= 8:
if report[i] == "\n" or report[i][0] == "-" :
break
print report[i].split(" ")[0]
(Like I say, 30second, and only tested on that output of yours. You will have to change the print line to delete the file. Thats an exercise for you)
Tried it on some sample outputs, and it seems to work. Have to try a bit more. Dont know much about python, but I think i understood most of it, but I have to try to search a bit to understand how to use dates and to move files, but this is a good starter. Tx.
Well, python has an interactive shell; so type in 'python' at a terminal. Libraries are imported with 'import', and every library/module/$terminology, assuming documented properly, is can be called in 'help()' as so:
Code:
>>> import time
>>> help(time)
Help on module time:
NAME
time - This module provides various functions to manipulate time values.
<snip>
The module for moving files is 'shutil', so once again import and help. You'll pick it up as you go along, try http://diveintopython.org to learn it in a couple of hours, or just google.
But yes, there are neater and smaller ways, but the above is quick, efficient and easy enough to change and adapt.
EDIT:
Just realised I made a mess of the first example anyway;
Code:
#!/usr/bin/env python
#-*- coding:utf-8 -*-
report = open( "./avg_out", 'r' ).readlines()
for line in report[8:]:
if not line == "\n" and not line[0] == "-":
print line.split(" ")[0]
else: break
Last edited by jamescondron; 03-09-2010 at 08:50 AM.
Reason: re-post code
so I got the date like this 2010-03-10, instead of how Im used to write it: 20100310. I couldnt figure out how to get the date in that form with python But down I guess its a bit crude, but It passed som testfiles I did, I have to test it a couple of times more.
Code:
# Open the file, try and find viruses
# uses certain assumptions based on length of header in file
# and so on
import datetime
import subprocess
today = datetime.date.today()
scanlog = "./scanlog_" + str(today) + ".txt"
basedir = "/var/quarantine/"
report = open( scanlog, 'r' ).readlines()
for i in range( len( report ) ):
if not i <= 8:
if report[i] == "\n" or report[i][0] == "-" :
break
src = report[i].split(" ")[0]
fn = report[i].split(" ")[0]
fn = fn.strip()
dest = basedir + fn.replace('/','_')
print str(dest)
#subprocess.Popen("mv" + " " + src + " " + dest,shell=True)
#!/usr/bin/env python
#-* coding:utf-8 -*-
#
# Open the file, try and find viruses
# uses certain assumptions based on length of header in file
# and so on
import shutil, time
report_title = time.strftime( "%Y%m%d" )
report = open( "./scanlog_%s.txt" % report_title, 'r' ).readlines()
for line in report[8:]:
if not line == "\n" and not line[0] == "-":
file = line.split(" ")[0]
print "Quarantined: %s" % file
shutil.move( file, "/var/quarantine/%s" % file.split("/")[-1] )
else: break
I used time.strftime() to formate the time (using the time library) to the format you wanted, and I used shutil.move( src, dst ) to move the file to /var/qua.
You may find it easier, incidentally, to use %s in strings that are using variables; http://homepage.mac.com/andykopra/pd...n_strings.html has a quick skim on it if you're not a C programmer (Where we use this sort of thing a lot).
Basically, the first %s a string. We define this at the end:
Code:
s = "string"
print "this is a %s" % (s)
..
a = "hello"
b = "world"
print "%s %s" % (a,b)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
But down I guess its a bit crude, but It passed som testfiles I did, I have to test it a couple of times more.
