Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Search containing two wildcards across multiple PCs

Posted on 2012-03-14
4
272 Views
Last Modified: 2012-03-19
Hi,

I'd like to perform the following search query on every running PC in our windows domain and like to have the results aggregated in one file: c:\Users\*\AppData\Local\Temp\*.exe
How can I achieve this using standard tools?

Regards,
Andreas
0
Comment
Question by:braunmiller
4 Comments
 
LVL 16

Accepted Solution

by:
ThinkPaper earned 125 total points
ID: 37726603
if you plan on using "standard tools" without using outside products, the only way I can think of doing this is using a script. Note that either way, this will be very time intensive as it will do a search for ALL machines that you specify.

You can use something of a VBS or powershell script to do the job:

http://www.activexperts.com/activmonitor/windowsmanagement/scripts/storage/filesystems/#SFUWQ.htm
0
 
LVL 8

Expert Comment

by:Brent Challis
ID: 37731797
Can you provide an example of your search query to inicate what information you are after from the computers?
0
 
LVL 15

Assisted Solution

by:qz8dsw
qz8dsw earned 125 total points
ID: 37732007
braunmiller,
ThinkPaper was correct, you can do this via VBS or windows scripting and his link gives good information on checking files.
But you will also beforehand need to enumerate the domain computers, check if they are up and if they are then run the check for exe's.

Checking all machines on a domain makes it difficult, better to have a part of the login script call the script that itterates through looking for c:\Users\*\AppData\Local\Temp\*.exe
Login scripts for the domain should run with admin access and hence have access to all profiles.
Are you just after the script with this question?
0
 

Author Closing Comment

by:braunmiller
ID: 37736585
Thank you all for the answers. We came across a trojan (troj_ransom.vtg) that seems to be inactive but we would like to know where it has spread it's component files. We know some file names and locations in c:\Users\<username>\AppData\Local\ and would have liked to know what clients still contain these files.
We will try the combined solution of using a custom VBS script being executed upon a user's domain login so we can get at least the files in this particular user's c:\Users\... hierarchy.

Best Regards,
Andreas
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
In this article, I will show you HOW TO: Install VMware Tools for Windows on a VMware Windows virtual machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, using the VMware Host Client. The virtual machine has Windows Server 2016 instal…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question