illmob

Dan Kaminsky packaged a nice standalone .exe by the researchers with the HoneyNet Project (Tillmann Werner and Felix Leder) , that scans for infected conficker computers on the network. They recently discovered an easy way to identify infected systems remotely. Conficker attempts to patch the MS08-067 vulnerability during infection. A flaw in the patch causes the machine to respond differently than both an unpatched system and an officially patched system. Their scanner uses this knowledge to scan and identify the infected computers. McAfee, nCircle, Nmap, Qualys, and Tenable (Nessus) and most have already incorporated, or are about to incorporate, Conficker sigs for their scanners, but for now you can get

Dan’s .exe ::Here::

More info on the python script ::HERE::