Find Those MyDoom Infected Machines on your network...

Toggle sidebar Toggle sidebar
H

hevnsnt

Lifer
Mar 18, 2000
10,868
1
0
I have been putting together a small tool that will find & notify those MyDoom infected machines on your network..

If you want to check it out you can here

100% Virus Free

If you are looking for Mydoom.f or netsky read below!
This was posted for mydoom.a, if you are looking for mydoom.f update the batch file to scan for port 1080. Netsky.c cannot be found with this batch.
 
H

hevnsnt

Lifer
Mar 18, 2000
10,868
1
0
Originally posted by: FoBoT
is that port scanner (sl.exe) freeware? i could use it for some other stuff at work

neato
Click to expand...

Yes, it is ScanLine from Foundstone.com.. It is freeware & a nice fast scanner.
 
T

trmiv

Lifer
Oct 10, 1999
14,670
18
81
I ran it and it said it found infected machines, but the results just say:

Scan of 254 IPs started at Wed Jan 28 16:50:29 2004

Scan finished at Wed Jan 28 16:50:42 2004


What are the infected machines?

 
P

PowerMacG5

Diamond Member
Apr 14, 2002
7,701
0
0
Originally posted by: trmiv
I ran it and it said it found infected machines, but the results just say:

Scan of 254 IPs started at Wed Jan 28 16:50:29 2004

Scan finished at Wed Jan 28 16:50:42 2004


What are the infected machines?
Click to expand...

Yeah. It reports that there is an infected machine on my network, when I know there are none (I just ran norton).
 
H

hevnsnt

Lifer
Mar 18, 2000
10,868
1
0
Infected machines can be found in results.txt

If you hit "No" to the netsend, it will also give you the list.
 
P

PowerMacG5

Diamond Member
Apr 14, 2002
7,701
0
0
Originally posted by: hevnsnt
Infected machines can be found in results.txt

If you hit "No" to the netsend, it will also give you the list.
Click to expand...

Then why does it say infected machines found, and then there is no list either when I hit n or look in results?
 
H

hevnsnt

Lifer
Mar 18, 2000
10,868
1
0
crap, you just found a bug..

Anyone know how to pipe the result of grep -c (count) to a dos variable?

like grep -c -E yadayadayada results.txt = %myvariable
 
H

hevnsnt

Lifer
Mar 18, 2000
10,868
1
0
Ok, should be fixed now, re-download

Bug 1 Fixed: On those network which no machines are found, it now correctly identifies that
Bug 2 Fixed: nonefound != Notfound :eek:
 
G

glen

Lifer
Apr 28, 2000
15,995
1
81
so, I extract to a folder, then in "run" I type the file path for the scan.bat ?
Like this:
"C:\downloads\MDS-public\scan.bat"???
Then what?
 
H

hevnsnt

Lifer
Mar 18, 2000
10,868
1
0
Originally posted by: glen
so, I extract to a folder, then in "run" I type the file path for the scan.bat ?
Like this:
"C:\downloads\MDS-public\scan.bat"???
Then what?
Click to expand...

No, check out the readme

extract to folder
go to dos & run scan x.x.x.1 (x.x.x. = your subnet)
 
A

AndyHui

Administrator Emeritus<br>Elite Member<br>AT FAQ M
Oct 9, 1999
13,141
17
81
Good stuff.

May I suggest removing some of those CLS's. It's nice to see what is happening on the screen and some of the output results.
 
G

GRIFFIN1

Golden Member
Nov 10, 1999
1,403
6
81
It says I have an infected machine, but there is only one computer and the router running right now. It also didn't save a results.txt file.
 
H

hevnsnt

Lifer
Mar 18, 2000
10,868
1
0
Originally posted by: GRIFFIN1
It says I have an infected machine, but there is only one computer and the router running right now. It also didn't save a results.txt file.
Click to expand...

Did you d/l newest version?

Also I changed the results.txt to results-SUBNET.txt . So results will be saved in results-192.168.1.1.txt for example.
 
G

GRIFFIN1

Golden Member
Nov 10, 1999
1,403
6
81
I just realized that it was user error. I was typing scan 192.168.1.1/254

It worked fine after I read the readme file again.
 
R

Ramma2

Platinum Member
Jul 29, 2002
2,710
1
0
I just ran this, and now ALL 91 machines on my network have shut down, and all of my printers are spitting out reams of paper!!!

What have you done!?!




J/K! Nice program, network is clean. Kudos to you!
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom