Here’s a very handy little command that will list files in any directory you choose by the latest date.The example below creates a list of all the files in c:\Windows\System32 arranged by latest date (this example does not include sub-directories. You can specify /S for recursive sub directory scanning/listing):
- Open a command prompt.
- Enter the following command – dir c:\windows\system32 /o:-d > c:\temp\new-files.txt
- Press Enter
- Open the text file in c:\temp to see the latest files created in system32.
While it’s not exactly easy to read a long list of files it does really allow you to narrow down suspicious files by seeing when they were created in the directory in question (which can then be uploaded to virus total for example).
Directories to run this command on:
C:\Windows
C:\Windows\System32
C:\Documents and Settings (must use /s switch)
C:\Users (must use /s switch)
No comments:
Post a Comment