Monitor Folders For File Changes with Spy the Spy
It is puzzling that Microsoft has not integrated a tool into Windows that allows users to monitor specific folders for file changes. It would ideally list all changes in a table or log file so that it would be easy to go through the recorded events and check for unauthorized changes done.
An application like this that might have an option to displays a popup in real time to inform the user that a file was changed or added to a monitored directory; thist would be useful in many situations (yes there should be a turn off switch and extensive configuration options).
Say you are surfing the web and suddenly the system informs you that an executable file has been replaced in the Windows folder. Should you be suspicious? Yes, absolutely. This could help fight spyware and malicious software right from the start.
Spy the Spy
Spy the Spy is a software program for Windows that monitors folders and subfolders (and even network folders) for file changes and new files.
Only selected file extensions are being monitored though. I was not able to find a list of all file extensions but a quick test revealed that .exe, .dll and .bat file extensions were monitored by the application. There are probably a few more that will initiate a warning as well.
By default, only the Windows folder and its subfolders are monitored by the application. Other folders can be added with ease though; it's probably a good idea to add the Program Files folder and the Documents and Settings folder, and other important folders as well.
Once a file gets added, changed or created in one of the monitored folders a warning will popup giving you a handful of options. The file can be moved to quarantine, the procedure can be logged, or a System File Check can be initiated.
Spy The Spy is limited to reporting file changes and has a few limitations that make it a great addition to spyware tools but not a tool that you may run without other forms of protection.
It cannot remove changes to the Windows Registry nor can it scan files to determine if they are indeed spyware or legit applications. Most importantly though it cannot deny read or write access to files and a file that produces a warning is already running on the system.
All in all though it is quite the useful application to make sure that changes to select folders on the system don't go by unnoticed.
A powerful alternative is WinPatrol which is not free but offers more monitoring options and features.
Spy-The-Spy is a nice program that I have used for years. Unfortunately, it has never been updated since its original release (1.0). I wouldn’t send the author any money since he has never updated the program.
>I was always puzzled that Microsoft did not integrate a software into Windows that would monitor specific folders for file changes
Doesn’t really sound like much needed function for me. :) Malware is way too smart for this nowadays.
When I need to monitor folder it is usually part of my self-made stuff so I just code it in for specific task.
And Sysinternals Proccess Monitor – great for analyzing file activity of specific program.
Thank you for another excellent article. The place else may anybody get that kind of info
in such a perfect approach of writing? I have a presentation subsequent week, and I’m at the look for such info.