frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Ask HN: What is the best way to see what files are being read in Windows?

4•jacobwilliamroy•6h ago
I am looking at migrating a Windows server (Windows Server 2012 R2 Standard) and I am wondering if there is some way to learn what files are being read. I know the operating system keeps this metadata but I have also learned that this metadata is unreliable. Is there a third party tool or some kind of powershell script I can use to track this data?

Comments

rolph•4h ago
generally you need a process, or file hook; or you want to monitor API calls of running processes

https://kevgo.dev/posts/fs_capture/

https://github.com/evandowning/windbg-trace

for reference, your goal is to detect operations on files and report file, i.e. build a process monitor that you can trust and have granular control.

https://learn.microsoft.com/en-us/windows/win32/api/fileapi/...

the system calls have consequences and results that you may use for your way of detecting file status. very oversimple example is just try to do something to a file, and look at results. if the file is unused, you will get results; if the file is busy, you will get some sort of exception or system flag.

return value:

https://learn.microsoft.com/en-us/windows/win32/api/fileapi/...

GetLastError:

https://learn.microsoft.com/en-us/windows/win32/api/errhandl...

also for reference :

https://learn.microsoft.com/en-us/windows/win32/api/

high_byte•2h ago
sysinternals
high_byte•2h ago
specifically procmon will probably be what you want
runjake•1h ago
The most approachable way is to use Procmon from the Sysinternals tools released by Microsoft.

https://learn.microsoft.com/en-us/sysinternals/downloads/pro...

Here's a good, basic video tutorial from Scott Hanselman, explainer extraordinaire:

https://www.youtube.com/watch?v=pjKNx41Ubxw

Ask HN: How are Markov chains so different from tiny LLMs?

101•JPLeRouzic•3d ago•60 comments

Ask HN: What is the best way to see what files are being read in Windows?

4•jacobwilliamroy•6h ago•4 comments

Ask HN: What is the current state of the art in BIG (>5TB) cloud backups?

19•jacobwilliamroy•1d ago•17 comments

Ask HN: Struggling founders, pls share your startup struggle

12•vieews•20h ago•10 comments

Facebook has made it impossible to delete Pages – dark patterns everywhere

43•ramharts•2d ago•14 comments

Tell HN: Cursor exposes side projects to your employer

29•throwawaybbbbbb•1d ago•20 comments

Official gRPC Benchmark

2•bijan7•1d ago•0 comments

Ask HN: Vitalik says that QC might break ECC before 2028. This is crazy, right?

9•jMyles•1d ago•5 comments

Ask HN: Have you ever seen a perfect codebase?

5•mcdow•1d ago•12 comments

Ask HN: Cloud providers are losing in favor of bare-metal?

34•clostao•4d ago•26 comments

Ask HN: What operating systems, apps, etc. had your favorite UI designs?

4•pixelworm•1d ago•4 comments

Why doesn't someone just send the Epstein files to WikiLeaks?

13•aniken•1d ago•10 comments

Ask HN: Does anyone else feel like a 'manager' now, with AI?

11•keepamovin•1d ago•12 comments

An exposed .git folder let us dox a phishing campaign

64•spirovskib•4d ago•21 comments

What is the most beautiful / highest quality code you've seen (or written)?

33•gooob•5d ago•17 comments

Built a Pomodoro timer for ADHD brains: always visible progress bar

17•raoarjun4•4d ago•3 comments

Ask HN: Why All the Indonesian Spam?

23•al2o3cr•3d ago•7 comments

Ask HN: What does "legacy code" mean to you?

7•Arperb•1d ago•15 comments

Ask HN: How does one stay motivated to grind through LeetCode?

93•blutoot•1w ago•111 comments

Ask HN: Why does Y Combinator seem to be consistently funding AI slop?

24•coldtrait•2d ago•14 comments

Ask HN: Am I the only one thinking ChatGPT 5.1 Thiking thinks for too long ?

5•davidguetta•1d ago•7 comments

Meta-algorithmic judicial reasoning engine

3•YuriKozlov•2d ago•0 comments

You've reached the end!