Okay not so much a problem but looking for some ideas. I have written a program in Excel which will audit a computer for files, sizes, etc.

It first searches the C: drive for .doc, .xls, .mde/mdb, .pdf, .exe, .bat, .vbs, and .jpg files.

It then searches the users network home drive and lists all files and a total size.

Then it lists all installed printers and all mapped network drives.

It records start, stop and total search times as well as computer and user names.


This is all to audit users to make sure that the home drive is under quota and doesn't contain anything it shouldn't, as well as monitors files on the local computer system. Users are not allowed to have any document files on their systems whatsoever due to the sensitive and personal nature of the information which we deal with.

I'm just seeing if any of you have any other ideas for files or things that would be good to grab on this report while I'm doing it.

I'm thinking I will also add in .txt and .rtf files as well.

In the future I also may incorporate a method of comparing the existing generated report to a report generated on a freshly imaged computer and only list the files that differ.

How about programmes (http://www.pc-magic.com/des.htm#mf) intented to hide such things? Also simple renaming .doc to .ddd would get around your logging routine.

csv, xlsx,xlsm to name but 3

How about programmes (http://www.pc-magic.com/des.htm#mf) intented to hide such things? Also simple renaming .doc to .ddd would get around your logging routine.
True but users will not be aware of such audits, and even then 95% are not computer savvy enough to even know what a file extension is.

It's just a method to make sure users are following correct procedures. It's more to get people doing things the correct way. If someone was going to compile data like that, they would likely just print stuff out or something like that which isn't really traceable.

As for unauthorized programs, all of that is managed and logged. If unauthorized programs are detected I and management will be notified, the program will be removed remotely and re-installation of said program will be disallowed.

Wouldn't it be easier to hide local drives completely from the user if they aren't supposed to store anything there?