Esempio n. 1
0
def avp_log(log_name):

    dct = {}
    patt = re.compile(r'.*?\t(.*?)\tdetected\t.*?(\w+\.\w+\.\w+\..*)')
    with open(log_name,'r') as fp:
        pattern = patt.findall(fp.read())
        if pattern:
            for path, virus in pattern:
                path = re.sub("/.*", "", path)
                dct[path] = virus
                
    new_dct = rename.del_same_file(dct)
    for file_name, virus_name in new_dct.items():
        rename.copy_file(file_name,DstDir)
        new_path=os.path.join(DstDir,os.path.basename(file_name))
        rename.sample_rename(new_path, virus_name)
Esempio n. 2
0
def antivir_log(log_name):
    
    dct = {}
    pattern = re.compile(r"ALERT:\s\[(.*?)]\s(.*?)<<<.*")
    with open(log_name) as fp:
        patt = pattern.findall(fp.read())
        if patt:
            for virus, path in patt:
                virus = re.sub('\#.*','virus',virus)
                dct[path] = virus
                    
    new_dct = rename.del_same_file(dct)
    for file_name, virus_name in new_dct.items():
        rename.copy_file(file_name,DstDir)
        avp_name=NametoKav.NodtoKav().run(virus_name).strip()
        new_path=os.path.join(DstDir,os.path.basename(file_name))
        rename.sample_rename(new_path, avp_name)
Esempio n. 3
0
def nod_log(log_name):

    dct = {}
    patt=re.compile(r'name="(.*?)".*?threat="(.*?)".*')
    with open(log_name) as fp:
        pattern=patt.findall(fp.read())
        if pattern:
            for path,virus in pattern:
                path=re.sub("\s\?.*","",path)
                if virus:
                    dct[path] = virus
                    
    new_dct = rename.del_same_file(dct)
    for file_name, virus_name in new_dct.items():
        rename.copy_file(file_name,DstDir)
        avp_name=NametoKav.NodtoKav().run(virus_name).strip()
        new_name=os.path.join(DstDir,os.path.basename(file_name))
        rename.sample_rename(new_name, avp_name)
Esempio n. 4
0
def avg_log(log_name):
    
    dct = {}
    pattern=re.compile(r"(\w:\\.*?)(\:\\.*?|\s)(Trojan|Virus)\s(horse|identified)\s(.*)")
    with open(log_name) as fp:
        patt=pattern.findall(fp.read())
        if patt:
            for x1,x2,x3,x4,x5 in patt:
                path=x1
                virus=x3+re.sub('.*','.',x4)+x5.replace('/','.')
                dct[path] = virus
                
    new_dct = rename.del_same_file(dct)
    for file_name, virus_name in new_dct.items():
        rename.copy_file(file_name,DstDir)
        avp_name=NametoKav.NodtoKav().run(virus_name).strip()
        new_path=os.path.join(DstDir,os.path.basename(file_name))
        rename.sample_rename(new_path, avp_name)