Posted by: Dan O'Connor
You will want to follow this thread.
Really great idea, the lnk just points to the malware and all you have to do is a file scan of the directory with the file and your done. This also works on remote shares.
Here is the same link from the sans article, http://www.microsoft.com/technet/security/advisory/2286198.mspx.
And here is a link to the code if you are interested!