Skip to content

wardlee/dfh

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
dfh
dfh
 
 
libdfh
libdfh
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.bat
build.bat
 
 
dfh.sln
dfh.sln
 
 

Repository files navigation

Delete File Hook (dfh): A Windows tool for capturing file deletes originating from almost any process

Overview:

The dfh tool intercepts file deletes originating from most windows processes (any executable linked with User32.dll) and makes a backup copy of the deleted file in the C:\dfh directory before the file is deleted. It also saves a metadata file for each deleted file that includes a timestamp, the process id from which the delete originated, the original filename, and the backup copy filename.

Usage:

  1. Visit GitHub releases and download precompiled binaries for Microsoft Windows.
  2. Open a command prompt as Administrator and run the following command to get help: dfh.exe /?

Compile from source

Visual Studio 2012 Update 4 is required. To compile the source code run the following command:

build.bat

About

Delete File Hook

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

3 tags

Packages

No packages published

Languages

  • C 77.3%
  • C++ 15.7%
  • XML 6.6%
  • Other 0.4%