E-mail Comment Del.icio.us Digg Reddit Technorati Furl

Aurora malware Inoculation Shot

Feb 15, 2010 Security News, Security Tools

Security company HBGary has released a “free utility that will scan for and, optionally, remove the Aurora malware from a Windows Domain.”

Enterprises can easily scan for infections and remove them. The Aurora inoculation shot is digitally signed by HBGary, Inc., and utilizes existing Windows management API’s to identify infected machines. No files are copies over the network, the scan and optional removal is completely remote. WMI must be enabled in your Enterprise for inoculation shot to work. Command line instructions are as follows:

To scan a single machine:
InoculateAurora.exe -scan 192.168.0.1
InoculateAurora.exe -scan MYBOXNAME

To scan multiple machines:
InoculateAurora.exe -range 192.168.0.1 192.168.0.254

To automatically attempt a clean operation:
InoculateAurora.exe -range 192.168.0.1 192.168.0.254 -clean

To scan a list of machines in a .txt file:
InoculateAurora.exe -list targets.txt

What are you waiting for? Go get it here.

This entry was posted on Monday, February 15th, 2010 at 16:35 and is filed under Security News, Security Tools. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>