I read yesterday that they've figured out how to detect a computer infected
with Conficker using a port scanner.
I have found the attached program written by the people who discovered the
fingerprint. I got it from the following web site;
It is a windows executable, from the command prompt (Dos). Once it is
extracted go to the directory where you extracted it and run it followed
by the beginning IP address then the ending IP address of the range you
want looked at. A colligue seems to be having trouble running it on Win
2003, I've had success running it on XP Pro.
If all you see is No Response (the computers have to be on to be checked)
and Seems to be Clean then life is good.
The following is an automated message from UVM's email gateway: This email
message contained an attachment of a type that could carry a virus.
The attachment was an archive that contained a type of file that we don't
allow, so the entire attachment was been deleted.
Attachment name: scs.zip
UVM has decided to block certain well known executable file types at our
email gateway, to help reduce the risk of email viruses spreading on our
network. This message most likely contained a ZIP attachment. UVM
allows most ZIP attachments to be delivered, however if a ZIP contains
a file type that's known to be a common attack method for viruses, we
drop the ZIP attachment.
If you get this message, but want the attachment being sent to you,
we recommend you contact the sender and ask them to use the UVM file
transfer application at https://www.uvm.edu/filetransfer/ to send
the file to you.
This notification is being sent to you for informational purposes. To
keep nuisance factors and mail traffic under control, the original sender
of the message has NOT been notified -- you may want to let them know at
your discretion, if you feel the email you received is legitimate.
PureMessage Admin <[log in to unmask]>