Solutions Through IT

November 20, 2008

Spyware Detection – Quick Tip

Filed under: Uncategorized — solutionsthroughit @ 23:31

Here’s a quick tip that Troy Sorzano posted to a mailing list.

Use Microsoft forfiles.exe it is great for finding files on a machine. If
you know about the date of the infection you could search for any DLL’s or
EXE’ added to the server or workstaitons since that date.

find any DLL’s added since Friday to the system.

forfiles /P c:\ /M *.dll /D +11/14/2008


EDIT: This works on Vista/Server 2008 "out of the box" but will require an installation (likely from the resource kit) to do this on XP/2003.


1 Comment »

  1. forfiles can be used for lots of other file finding tasks.Here is a link to the syntax and switches

    Comment by Unknown — March 8, 2009 @ 06:57

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at

%d bloggers like this: