File::Scan isn't the best means of looking for virii but I thought it would be interesting.
And it was mentioned earlier in how to use file::scan.
#!/usr/bin/perl use strict; use warnings; use File::Find; use File::Scan; my $scandir = "c:\\"; # couldn't get it to work with 'c:/' my $results = "c:\\virusscan.txt"; open(VS, ">", $results); my $filescan = File::Scan->new(extension => 'bad', move => 'infected') +; find({ wanted => \&doscan, follow_skip => 2 }, $scandir); sub doscan { return if /^[.]+/; my $file = $File::Find::name; $file =~ s#\\##; print "$file\n"; return if (-d $file); $filescan->scan($file); if (my $e = $filescan->error()) { print "$file $e\n"; } if (my $c = $filescan->skipped()) { my @skip = ( "file not skipped", "file is not vulnerable", "file has zero size", "the size of file is small", "the text file size is greater that the 'max_txt_size' argument", "the binary file size is greater that the 'max_bin_size' argument" +, ); print VS "$file $skip[$c]\n" if ($c); # only print if the file was + skipped } if ($filescan->suspicious) { print VS "$file suspicious file\n"; } }
Update: Thanks to jdporter for pointing out using "c:\\" instead of "c:".
Added readmore tag, fixed some typos and formatting.
2nd Update: LTjake pointed out that I had an error in the return codes of File::Scan's skipped() method. I checked and found out that the HTML documentation built by the ActiveState distribution was saying one thing but the embedded pod was saying something else. I have updated the script to use the correct return codes for that method.
In reply to Perl Virus Scanner by Mr. Muskrat
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |