Jul 242012
The following will find malware and packed/obfuscated code along with javascript inside of pdf’s, etc recursively in the path you specify
#!/bin/bash
# By Ed Wiget
# this script scans path for virus, malware, etc
if [ "$1" = "" ]; then
echo "what is the path to scan? i.e. /www"
read cspath
else
cspath=$1
fi
echo "path to scan is ${cspath}"
/usr/bin/freshclam
if [ ! -d /tmp/virus ]; then
mkdir -p /tmp/virus
fi
/usr/bin/clamscan --recursive --infected --detect-pua=yes --algorithmic-detection=yes ${cspath} -l /var/log/clamscan.log --move=/tmp/virus