Skip to content
This repository has been archived by the owner on Sep 13, 2022. It is now read-only.
/ USB-Malware-Wiper Public archive

Simple tool that recursively removes files with a certain hash

License

Notifications You must be signed in to change notification settings

mohsin/USB-Malware-Wiper

Repository files navigation

USB Malware Remover

Introduction

My father kept having a particular malware worm found on his pen drives and systems. I thought installing an anti-virus should resolve it but weirdly it has not. I later found that despite me removing the malware from all his computers they kept occuring because he would use the pen drive in other printshop computers for getting printouts.

The worm I found seems to recursively keep a copy of itself on each folder, but it's content payload is always consistent and hence has a fixed hash b6ba31cd20869f2fc59082c178f06ca5c0572b382b6efffaaa5c30254a68b954. It appears that this particular worm that goes by WindowsFormsApplication5 or movies.exe exists 81.9% in India and 18.1% in Bangladesh. So I wrote this script so that anytime he can give the pen drive to me to run (I run a mac so these are PE executables that can't really run and infect) and recursively remove the malware before he can use it on his own system. I believe a good anti-virus should be a better solution but I have to check and find why the one I did install (Windows Defender) is failing. So this is a temporary solution.

Screenshot

Screenshot

About

Simple tool that recursively removes files with a certain hash

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages