Saturday, May 30, 2009

Remove gphone.exe virus by Java Program

import java.io.File;
import java.io.FilenameFilter;

/**
* This programs removes files created by the gphone.exe virus
*
* This virus creates duplicate copies of itself (gphone.exe) into every folder
* of your system with the name that folder.
* The common behavior is that all virus files share the same size
* and the same lastModified date.
*
* Notes:
* + You may have to change the virusFileSize and lastModified variables below.
* + un-comment the "files[i].delete()" below to enable the deletion.
* + on a unix machine, following command is also useful
* + find . -name "*.exe" -printf "%s\t\t%f\n"
*
* @author ujariya
* @version 1.0 (30th May 2009)
*/

public class VirusExeDelete
{
static int virusCounter = 0;
// 1232372178000 => Mon Jan 19 19:06:18 IST 2009
// This time is in milliseconds
static long lastModified = new Long("1232372178000").longValue();
static int virusFileSize = 349184;

public static void main(String[] args)
{
System.out.println("Searching and Removing");
//File root = new File("/mnt/S_VIDEO");

// Run the search into every partition / PEN drives
findAndDeleteVirusFiles(new File("/mnt/S_DATA"));
findAndDeleteVirusFiles(new File("/mnt/S_MISC"));
findAndDeleteVirusFiles(new File("/mnt/S_MOVIES"));
findAndDeleteVirusFiles(new File("/mnt/S_OPSYS"));
findAndDeleteVirusFiles(new File("/mnt/S_SANGEET"));
findAndDeleteVirusFiles(new File("/mnt/S_TEMP"));
findAndDeleteVirusFiles(new File("/mnt/S_VIDEO"));

System.out.println("virusCounter: "+ virusCounter);
}

static void findAndDeleteVirusFiles(File dir)
{
File[] files = dir.listFiles();
for(int i=0; i
{
// Iterate recursively
if(files[i].isDirectory())
{
findAndDeleteVirusFiles(files[i]);
}

// Search / Destroy the virus
else if(files[i].getName().toLowerCase().endsWith(".exe")
&& files[i].length() == virusFileSize)
{
System.out.println(files[i].length()+ " "+ files[i].lastModified()+" " +files[i].getPath());
// delete viruses
// files[i].delete();
virusCounter++;
}

// Searching other files having same last modified date (within one minute) / file size
/* else if(Math.abs(files[i].lastModified() - lastModified) <>
{
System.out.println(files[i].length()+ " "+ files[i].lastModified()+" " +files[i].getPath());
virusCounter++;
}
*/
}
}
}
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)