Security Software Download Script
This is a long one.
At my last job, we had a file server that I’d set up that held a number of security tools we used during virus scans (as well as installs, general tools, etc.). Keeping all those tools updated was a bit of a pain, so I wrote a script that downloaded them all for us.
Note: this is basically a braindump of the script, so while I tried really hard to keep it reasonably portable while I was writing it, your mileage may vary…
#!/bin/sh
#calling any of the following as a command switch will download them individually
# a2
# ComboFix
# Avira
# Smitfraud
# SuperAntiSpyware
# SDFix
# VIPRE
# RKill
# DrWeb
# AVGRescue
# BitDefender
# Kaspersky
# Norman
# RootkitTools
#Otherwise, the DAILY or WEEKLY variables will work
DAILY="daily"
WEEKLY="weekly"
LOGFILE="/media/Data/SecuritySoftware.log"
CPDEST="/media/Data"
TOOLSDEST=$CPDEST"/Tools/Cleaning Tools/Malware Removal Tools"
CMBFXLOC="http://download.bleepingcomputer.com/sUBs/ComboFix.exe"
AVIRALOC="http://dlpro.antivir.com/package/rescue_system/common/en/rescue_system-common-en.iso"
SMITFRAUDLOC="http://siri.urz.free.fr/Fix/SmitfraudFix.exe"
SDLOC="http://www.bleepingcomputer.com/resources/link252.html"
VIPRELOC="http://live.sunbeltsoftware.com/Download/"
SUPERLOC="http://www.superantispyware.com/downloads/SASSAFERUN.COM"
RKILLLOC="http://download.bleepingcomputer.com/grinler/rkill.scr"
AVGRESCUELOC="http://www.avg.com/us-en/download-file-cd-arl-rar"
DRWEBLOC="http://www.freedrweb.com/download+cureit/gr/?lng=en"
BITDEFENDERLOC="http://download.bitdefender.com/rescue_cd/"
A2LOC="http://download11.emsisoft.com/EmsisoftEmergencyKit.zip"
KASPERSKYLOC="http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/"
NORMANLOC="http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe"
PRAGMALOC="http://noahdfear.net/downloads/PragmaFix.exe"
KasperskyTDSSKiller="http://support.kaspersky.com/downloads/utils/tdsskiller.exe"
EsageTDSSKiller="http://www.esagelab.com/files/tdss_remover_latest.rar"
NormanTDSSKiller="http://download.norman.no/public/Norman_TDSS_Cleaner.exe"
TDL3Razor="http://www.tizersecure.com/freedownloads/TDL3%20Razor.zip"
if [ -a $LOGFILE ]; then
rm $LOGFILE
touch $LOGFILE
fi
cd ~
RootkitTools ()
{
echo "########################Rootkit Tools Download########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE $TDL3Razor --output-document=TDL3Razor.zip -nH
if [ -a TDL3Razor.zip ]; then
unzip TDL3Razor.zip >> $LOGFILE
rm -v TDL3Razor.zip >> $LOGFILE
cp -uv TDL3\ Razor/* "$TOOLSDEST"/Rootkit\ Tools/TDL3Razor/ >> $LOGFILE
rm -rv TDL3\ Razor >> $LOGFILE
chmod -Rv 777 "$TOOLSDEST"/Rootkit\ Tools/TDL3Razor >> $LOGFILE
else
echo "TDL3 Razor download failed!" >> $LOGFILE
echo "Please check "$TDL3Razor >> $LOGFILE
fi
echo "Finished TDL3 Razor download" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE -N $PRAGMALOC -nH
if [ -a PragmaFix.exe ]; then
mv --force -v PragmaFix.exe "$TOOLSDEST"/Rootkit\ Tools/PragmaFix.exe >> $LOGFILE
chmod -v 777 "$TOOLSDEST"/Rootkit\ Tools/PragmaFix.exe >> $LOGFILE
else
echo "PragmaFix download failed!" >> $LOGFILE
echo "Please check "$PRAGMALOC >> $LOGFILE
fi
echo "Finished PragmaFix download" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE -N $KasperskyTDSSKiller -nH
if [ -a tdsskiller.exe ]; then
mv -fv tdsskiller.exe "$TOOLSDEST"/Rootkit\ Tools/TDSSKiller.exe >> $LOGFILE
chmod -v 777 "$TOOLSDEST"/Rootkit\ Tools/TDSSKiller.exe >> $LOGFILE
else
echo "Kaspersky TDSS Killer download failed!" >> $LOGFILE
echo "Please check "$KasperskyTDSSKiller >> $LOGFILE
fi
echo "Finished Kaspersky TDSS Killer download" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE -N $EsageTDSSKiller -nH
if [ -a tdss_remover_latest.rar ]; then
unrar x tdss_remover_latest.rar >> $LOGFILE
rm -v tdss_remover_latest.rar >> $LOGFILE
cp -uv tdss_remover_latest/* "$TOOLSDEST"/Rootkit\ Tools/EsageTDSS/ >> $LOGFILE
rm -rv tdss_remover_latest >> $LOGFILE
chmod -Rv 777 "$TOOLSDEST"/Rootkit\ Tools/EsageTDSS >> $LOGFILE
else
echo "Esage TDSS Killer download failed!" >> $LOGFILE
echo "Please check "$EsageTDSSKiller >> $LOGFILE
fi
echo "Finished Esage TDSS Killer download" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE -N $NormanTDSSKiller -nH
if [ -a Norman_TDSS_Cleaner.exe ]; then
mv --force -v Norman_TDSS_Cleaner.exe "$TOOLSDEST"/Rootkit\ Tools/Norman_TDSS_Cleaner.exe >> $LOGFILE
chmod -v 777 "$TOOLSDEST"/Rootkit\ Tools/Norman_TDSS_Cleaner.exe >> $LOGFILE
else
echo "Norman TDSS Cleaner download failed!" >> $LOGFILE
echo "Please check "$NormanTDSSKiller >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "########################Finished Rootkit Tools download!########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
a2()
{
echo "#########################A2-Free Cleaner Download##########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE $A2LOC -nH
if [ -a EmsisoftEmergencyKit.zip ]; then
unzip -d a2free -o EmsisoftEmergencyKit.zip >> $LOGFILE
rm -v EmsisoftEmergencyKit.zip >> $LOGFILE
mv -uv a2free/ "$TOOLSDEST"/a2free/ >> $LOGFILE
rm -rv a2free >> $LOGFILE
chmod -Rv 777 "$TOOLSDEST"/a2free >> $LOGFILE
else
echo "A2-Free Cleaner download failed!" >> $LOGFILE
echo "Please check "$A2LOC >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "######################Finished A2-Free Cleaner Download####################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
Norman()
{
echo "#########################Norman Malware Cleaner Download##########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE $NORMANLOC -nH
if [ -a Norman_Malware_Cleaner.exe ]; then
mv -vf Norman_Malware_Cleaner.exe "$TOOLSDEST"/NormanCleaner.exe >> $LOGFILE
chmod -v 777 "$TOOLSDEST"/NormanCleaner.exe >> $LOGFILE
else
echo "Norman Malware Cleaner download failed!" >> $LOGFILE
echo "Please check "$NORMANLOC >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "######################Finished Norman Malware Cleaner Download####################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
Kaspersky()
{
echo "#########################Kaspersky Cleaner Download##########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -R gif,html -A setup*.exe -nd -r -l0 -np -a $LOGFILE $KASPERSKYLOC
mv setup*.exe KasperskyCleaner.exe
if [ -a KasperskyCleaner.exe ]; then
mv -vf KasperskyCleaner.exe "$TOOLSDEST"/KasperskyCleaner.exe >> $LOGFILE
chmod -v 777 "$TOOLSDEST"/KasperskyCleaner.exe >> $LOGFILE
else
echo "Kaspersky Cleaner download failed!" >> $LOGFILE
echo "Please check "$KASPERSKYLOC >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "######################Finished Kaspersky Cleaner Download####################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
#$(date +%Y) returns the current 4-digit year
BitDefender()
{
echo "#########################BitDefender Download##########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -R gif,html -A *$(date +%Y).iso -nd -r -l0 -np -a $LOGFILE $BITDEFENDERLOC
mv *$(date +%Y).iso BitDefenderLive.iso
if [ -a BitDefenderLive.iso ]; then
mv -vf BitDefenderLive.iso $CPDEST/Disc\ Images/Tool\ Discs/BitDefenderLive.iso >> $LOGFILE
chmod -v 777 $CPDEST/Disc\ Images/Tool\ Discs/BitDefenderLive.iso >> $LOGFILE
else
echo "BitDefender Live CD download failed!" >> $LOGFILE
echo "Please check "$BITDEFENDERLOC >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "######################Finished BitDefender Download####################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
DrWeb()
{
echo "#########################Dr Web Cure-It Download##########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE $DRWEBLOC --output-document=DrWeb.exe -nH
if [ -a DrWeb.exe ]; then
mv -vf DrWeb.exe "$TOOLSDEST"/DrWeb.exe >> $LOGFILE
chmod -v 777 "$TOOLSDEST"/DrWeb.exe >> $LOGFILE
else
echo "Dr Web Cure-It download failed!" >> $LOGFILE
echo "Please check "$DRWEBLOC >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "######################Finished Dr Web Cure-It Download####################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
AVGRescue()
{
echo "#########################AVG Rescue CD Download###########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE $AVGRESCUELOC --output-document=AVGRescue.rar -nH
if [ -a AVGRescue.rar ]; then
mv -vf AVGRescue.rar $CPDEST/Disc\ Images/Tool\ Discs/AVGRescue.rar >> $LOGFILE
chmod -v 777 $CPDEST/Disc\ Images/Tool\ Discs/AVGRescue.rar >> $LOGFILE
else
echo "AVG Rescue CD download failed!" >> $LOGFILE
echo "Please check "$AVGRESCUELOC >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "######################Finished AVG Rescue CD Download####################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
RKill()
{
echo "#########################RKill Download###########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE -N $RKILLLOC -nH
if [ -a rkill.scr ]; then
mv -vf rkill.scr "$TOOLSDEST"/rkill.scr >> $LOGFILE
chmod -v 777 "$TOOLSDEST"/rkill.scr >> $LOGFILE
else
echo "RKill download failed!" >> $LOGFILE
echo "Please check "$RKILLLOC >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "######################Finished RKill Download####################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
SuperAntiSpyware()
{
echo "#####################Super Anti-Spyware Download#################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE -N $SUPERLOC -nH
if [ -a SASSAFERUN.COM ]; then
mv -vf SASSAFERUN.COM "$TOOLSDEST"/SuperClean.com >> $LOGFILE
chmod -v 777 "$TOOLSDEST"/SuperClean.com >> $LOGFILE
else
echo "Super Anti-Spyware download failed!" >> $LOGFILE
echo "Please check "$SUPERLOC >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "##################Finished Super Anti-Spyware Download###########" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
ComboFix ()
{
echo "########################ComboFix Download########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE -N $CMBFXLOC -nH
if [ -a ComboFix.exe ]; then
mv -vf ComboFix.exe "$TOOLSDEST"/CmbFx1587.exe >> $LOGFILE
chmod -v 777 "$TOOLSDEST"/CmbFx1587.exe >> $LOGFILE
else
echo "Combofix download failed!" >> $LOGFILE
echo "Please check "$CMBFXLOC >> $LOGFILE
rm -vf ComboFix.html >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "########################Finished Combofix download!########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
Avira ()
{
echo "########################Avira Rescue Disk Download########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE -N $AVIRALOC -nH
if [ -a rescue_system-common-en.iso ]; then
mv -vf rescue_system-common-en.iso $CPDEST/Disc\ Images/Tool\ Discs/AviraRescue.iso >> $LOGFILE
chmod -v 777 $CPDEST/Disc\ Images/Tool\ Discs/AviraRescue.iso >> $LOGFILE
else
echo "Avira Rescue Disk download failed!" >> $LOGFILE
echo "Please check "$AVIRALOC >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "########################Finished Avira Rescue Disk download!########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
Smitfraud ()
{
echo "########################Smitfraudfix Download########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE -N $SMITFRAUDLOC -nH
if [ -a SmitfraudFix.exe ]; then
mv -vf SmitfraudFix.exe "$TOOLSDEST"/ >> $LOGFILE
chmod -v 777 "$TOOLSDEST"/SmitfraudFix.exe >> $LOGFILE
else
echo "SmitfraudFix download failed!" >> $LOGFILE
echo "Please check "$SMITFRAUDLOC >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "#####################Finished SmitfraudFix download!#####################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
SDFix ()
{
echo "########################SDFix Download########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
wget -a $LOGFILE -N $SDLOC -nH
if [ -a SDFix.exe ]; then
mv -vf SDFix.exe "$TOOLSDEST"/ >> $LOGFILE
chmod -v 777 "$TOOLSDEST"/SDFix.exe >> $LOGFILE
else
echo "SDFix download failed!" >> $LOGFILE
echo "Please check "$SDLOC >> $LOGFILE
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "########################Finished SDFix download!########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
VIPRE ()
{
echo "########################VIPRE Rescue Scanner Download########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
cd ~/VipreScanner/
if [ -f 7zip.conf ]; then
rm -v 7zip.conf >> $LOGFILE
fi
mkdir Vipre
wget -a $LOGFILE $VIPRELOC --output-document=Vipre/VIPRERescue.exe -nH
cd Vipre
if [ -a VIPRERescue.exe ]; then
unzip -o VIPRERescue.exe >> $LOGFILE
FILE="$RANDOM.exe"
DIRECTORY="$RANDOM"
SCANFILE="$RANDOM.exe"
echo "[Global]" > vpr_dat.ini
echo "VipreDirectory="$DIRECTORY >> vpr_dat.ini
echo "VipreProgramName="$FILE >> vpr_dat.ini
echo "VipreGUIName="$SCANFILE >> vpr_dat.ini
echo "VipreDirectory="$DIRECTORY >> $LOGFILE
echo "VipreProgramName="$FILE >> $LOGFILE
echo "VipreGUIProgramName="$SCANFILE >> $LOGFILE
mv VIPRERescueScanner.exe $FILE >> $LOGFILE
rm -v VIPRERescue.exe >> $LOGFILE
rm -v deep_scan.bat >> $LOGFILE
cp -v ../files/subinacl.exe . >> $LOGFILE
cp -v ../files/VipreScanner.exe ./$SCANFILE >> $LOGFILE
cp -v ../files/processlist.ini . >> $LOGFILE
cp -v ../files/7z.exe . >> $LOGFILE
cp -v ../files/7z.dll . >> $LOGFILE
cp -v ../files/wget.exe . >> $LOGFILE
7z a -t7z -m0=lzma -mx=9 VIPREScanner.7z * >> $LOGFILE
cd ..
echo ";!@Install@!UTF-8!" > 7zip.conf
echo 'Title="Vipre Command-Line Virus Scanner"' >> 7zip.conf
echo 'ExecuteFile="'$SCANFILE'"' >> 7zip.conf
echo ";!@InstallEnd@!" >> 7zip.conf
cat 7zS.sfx 7zip.conf Vipre/VIPREScanner.7z > VIPRERescue.exe
echo cat 7zS.sfx 7zip.conf Vipre/VIPREScanner.7z >> $LOGFILE
cp -v VIPRERescue.exe "$TOOLSDEST"/ >> $LOGFILE
chmod 777 "$TOOLSDEST"/VIPRERescue.exe >> $LOGFILE
rm -v VIPRERescue.exe >> $LOGFILE
rm -v 7zip.conf >> $LOGFILE
rm -rv Vipre/ >> $LOGFILE
cd ..
else
echo "Vipre Rescue Scanner download failed!" >> $LOGFILE
echo "Please check "$VIPRELOC >> $LOGFILE
rm -rv Vipre/ >> $LOGFILE
cd ..
fi
echo "" >> $LOGFILE
echo "" >> $LOGFILE
echo "########################Finished VIPRE Rescue Scanner download!########################" >> $LOGFILE
echo "" >> $LOGFILE
echo "" >> $LOGFILE
}
case $1 in
$DAILY)
LOGFILE="/media/Data/SecuritySoftwareDaily.log"
if [ -a $LOGFILE ]; then
rm $LOGFILE
touch $LOGFILE
fi
ComboFix
Smitfraud
SuperAntiSpyware
SDFix
RKill
VIPRE
DrWeb
Kaspersky
Norman
RootkitTools
;;
$WEEKLY)
LOGFILE="/media/Data/SecuritySoftwareWeekly.log"
if [ -a $LOGFILE ]; then
rm $LOGFILE
touch $LOGFILE
fi
Avira
AVGRescue
BitDefender
a2
;;
"a2")
echo "Data stored in "$LOGFILE
a2
;;
"ComboFix")
echo "Data stored in "$LOGFILE
ComboFix
;;
"Avira")
echo "Data stored in "$LOGFILE
Avira
;;
"Smitfraud")
echo "Data stored in "$LOGFILE
Smitfraud
;;
"SuperAntiSpyware")
echo "Data stored in "$LOGFILE
SuperAntiSpyware
;;
"SDFix")
echo "Data stored in "$LOGFILE
SDFix
;;
"VIPRE")
echo "Data stored in "$LOGFILE
VIPRE
;;
"RKill")
echo "Data stored in "$LOGFILE
RKill
;;
"DrWeb")
echo "Data stored in "$LOGFILE
DrWeb
;;
"AVGRescue")
echo "Data stored in "$LOGFILE
AVGRescue
;;
"BitDefender")
echo "Data stored in "$LOGFILE
BitDefender
;;
"Kaspersky")
echo "Data stored in "$LOGFILE
Kaspersky
;;
"Norman")
echo "Data stored in "$LOGFILE
Norman
;;
"RootkitTools")
echo "Data stored in "$LOGFILE
RootkitTools
;;
*)
echo "Data stored in "$LOGFILE
ComboFix
Avira
Smitfraud
SuperAntiSpyware
SDFix
VIPRE
RKill
DrWeb
AVGRescue
BitDefender
Kaspersky
Norman
RootkitTools
a2
;;
esac
chmod 666 $LOGFILE
Another note: The Vipre Rescue Scanner portion of the script was designed to be used with a GUI I wrote for the Vipre Scanner (since Sunbelt didn’t think it was necessary). You can find downloads (and code) for that project here.
Edit: A brief recognition that with one or two lines at the beginning of the script, I could remove all of the » $LOGFILE bits in there and make it far more readable…I wish I would have noticed that then.