Download ScanAll: Scans entire disk (except for .SWP file(s)) for names of spyware apps and classes (NOTE: Use Command Prompt or Start->Run->command to enter the command. You must CD to the correct directory, e.g., CD "\scanall folder", before entering the command.)
IMPORTANT NOTE: The mere fact that a file happens to contain a sequence of characters that correspond to the name of a spyware program or class is not conclusive evidence in and of itself. No file should be deleted on this evidence alone!
For example, a Borland C++ Builder example file for printing contains the string "NetpAlloc" which tests positive for "netpal"! Also, your list file will show up as containing all the strings, since that is where they are specified.
Known bug - not yet fixed: If a string like "netnetpal" occurs when searching for "netpal", the first match will be rejected at the fourth character, but the program won't back up and try a new match at that character, thus causing it to be missed.
Click on these links to download the files you need:
NOTE: You may have to right-click and "Save Target As ..." for the .cpp and .txt files to have them download, rather than displaying (although you can just as easily copy and paste from the display).
The output of this program goes both to stdout and stderr. It is recommended that you redirect the stdout portion to a file for future viewing. (The purpose of the stderr output is to keep you informed as the program does its stuff!) To abort the program, simply press CTRL-C. Redirection of stdout is done by appending to the command line a greater-than (>) symbol followed by a filename, e.g.:
C:\scanall folder> scanall spyware.txt 2004-06-01 2004-06-15 > "my output.txt"
Usage: scanall <list-filespec> yyyy-mm-dd [yyyy-mm-dd]
<list-filespec>: the complete filespec of a file containing a list
of up to 20 strings, one per line
yyyy-mm-dd: the earliest date of interest
[yyyy-mm-dd]: the (optional) latest date of interest - if omitted,
all files up to the present will be scanned