Watch 4 Folder v2.3

Watch 4 Folder v2.3 - a small (802kb), portable (no installation) and powerful monitoring tool to monitor folders and files activities.
It is simple to use and to set, it can monitor 15 types of events and trigger different actions in case an event occurs.

Main changes in this version:
- New command line parameter to start WF4 minimized to the system tray.
- Can use the changed shell object as an argument for the executed program, batch or script.
- Program to execute support now also *.cmd and *.vbs
- Can close the monitor while running.
- More info in the live log.
- Some minor improvements
- Add a user guide in english (rtf and pdf formats).

Notice: When using WF4 2.3, your OS can't be in "Classic Mode" because the software is using some advanced controls.
More details can be found in the included user guide.
Notice (29/05/2012): in case you experience an error when trying to monitor file rename events please download this fixed version of Watch 4 Folder 2.3, thanks to Kadien Elric who found this issue.

Homepage: http://leelusoft.blogspot.co.uk/2011/10/watch-4-folder-23.html
Homepage: http://leelusoft.blogspot.com/2011/10/watch-4-folder-23.html [v2.5]
Homepage: http://leelusoft.altervista.org/watch-4-folder.html

Скачать: Watch 4 Folder v2.3 / Watch 4 Folder v2.3 Fix / Watch 4 Folder v2.5.1

Folder Monitor v1.2.0.0

When something changes you can get popup’s and sound alerts.
You can also execute commands based on the changes.

You can monitor local drives and server shares.
If a remote location is not reachable for a while, FolderMonitor will try to reconnect to the folder.

Multiple locations can be monitored. Notifications can pop up like this (when a new file was created).

Homepage: https://www.nodesoft.com/foldermonitor

Скачать: Folder Monitor v1.1.1.1 / Folder Monitor v1.1.1.3 / Folder Monitor v1.2.0.0

File Activity Monitor Tool v1.0 (Beta)

File Activity Monitor Tool v1.0 (Beta) - is a free software offered by us. File Activity Monitor Tool v1.0 (Beta) logs real-time changes on the files stored on the Local Disk (C:\) drive. 

System requirements:
OS: Windows 7 or Windows Vista.
CPU: x86 or x64

Homepage: http://www.itknowledge24.com/downloads.html

Скачать: File Activity Monitor Tool v1.0 Beta

File Monitor v1.11 (Free)

Monitor file access easily

Moo0 File Monitor - lets you easily monitor the file access activities on your system.
Have you ever wondered what's going on with your disk system behind your watch? Why the disk is busy? What's scratching your HDD? You may find them out using this simple program.

Tips:
  You can open the containing folder by double-clicking the item.

Homepage: http://www.moo0.com/software/FileMonitor/

Скачать: Moo0 FileMonitor v1.11

SoftPerfect File Access Monitor v1.0.2

SoftPerfect File Access Monitor - is a multipurpose tool that monitors access to your files and provides detailed history of who read, wrote and manipulated them.

SoftPerfect File Access Monitor can be used on a file server to track network users activity, as well as on a local computer where it will track local users file access. It is similar in nature to Windows auditing features yet is much easier to use and provides flexible reporting capabilities and notifications.

Key features:
• Monitors file actions: creating, moving, deleting, reading and writing to files.
• Records remote user access to shared folders.
• Keeps track of local users as to what files they access.
• Features a powerful filter system to include or exclude certain activities.
• Self-contained, doesn’t require a database server alongside.

Homepage: https://www.softperfect.com/products/fileaccessmonitor/

Скачать: SoftPerfect File Access Monitor v1.0.2

FileActivityWatch v1.31

FileActivityWatch - is a tool for Windows that displays information about every read/write/delete operation of files occurs on your system. For every file, FileActivityWatch displays the number of read/write bytes, number of read/write/delete operations, first and last read/write timestamp, and the name/ID of the process responsible for the file operation.

System Requirements:
This tool works on any version of Windows, starting from Windows Vista and up to Windows 10. Both 32-bit and 64-bit systems are supported. Elevation ('Run As Administrator') is required to use this tool.

Start Using FileActivityWatch:
FileActivityWatch doesn't require any installation process or additional DLL files. In order to start using it, simply run the executable file - FileActivityWatch.exe
Immediately after running FileActivityWatch, the main window displays all read/write/delete operations made by applications running on your system. Under the Options menu you can choose which type of operation to trace: 'Capture Read Events', 'Capture Write Events', and 'Capture Delete Events'. You can also turn off all events tracing by unchecking the 'Capture Events' option (F2).

At any time, you can press Ctrl+X (Clear List) in order to clear all items accumulated in the main window of FileActivityWatch.

Mark Files With Active Read/Write:
When the 'Mark Files With Active Read/Write' option is turned on, every item with read/write/delete operation in the last few seconds is marked as follows:
• Green - Read operation
• Yellow - Write operation
• Red - Read+Write operation
• Blue - Delete operation

FileActivityWatch Columns:
• Filename:The filename that had read/write/delete operation.
• Process ID:The ID of the process responsible for the read/write/delete operation.
• Process Name:The name of the process responsible for the read/write/delete operation.
• Process Path:Full path of the process.
• Read Count:Number of read operations.
• Write Count:Number of write operations.
• Delete Count:Number of times that the file was deleted by the specified process.
• Read Bytes:Total number of bytes read from the specified file by the specified process.
• Write Bytes:Total number of bytes written to the specified file by the specified process.
• First Read Time:Date/time when the first read operation was detected.
• First Write Time:Date/time when the first write operation was detected.
• Last Read Time:Date/time when the last read operation was detected.
• Last Write Time:Date/time when the last write operation was detected.

Homepage: https://www.nirsoft.net/utils/file_activity_watch.html

Скачать: FileActivityWatch v1.31 / FileActivityWatch v1.40

FolderChangesView v2.27

FolderChangesView - is a simple tool that monitors the folder or disk drive that you choose and lists every filename that is being modified, created, or deleted while the folder is being monitored. 
You can use FolderChangesView with any local disk drive or with a remote network share, as long as you have read permission to the selected folder.

System Requirements:
This utility works on any version of Windows, starting from Windows 2000 and up to Windows 10. Both 32-bit and 64-bit systems are supported.

Start Using FolderChangesView:
FolderChangesView doesn't require any installation process or additional dll files. In order to start using it, simply run the executable file - FolderChangesView.exe
After you run FolderChangesView, you have to choose the desired folder that you want to monitor and then press the 'Ok' button. If you choose a root folder (For example c:\ ) and the 'Monitor all subfolders under the specified folder' option is turned on, FolderChangesView will monitor the changes of the entire drive.

After pressing the 'Ok' button, FolderChangesView starts to monitor the selected folder and displays all changes detected under this folder. The counter columns (Modified Count, Created Count, and Deleted Count) mention the type of change detected for every filename. For example, if a filename has a value of 10 for both 'Created Count' and 'Deleted Count', it means that the file has been deleted and created again 10 times.

Homepage: https://www.nirsoft.net/utils/folder_changes_view.html

Скачать: FolderChangesView v2.27 / FolderChangesView v2.31

NoVirusThanks PE Dropper Monitor v1.7

PE Dropper Monitor - is a useful Windows OS utility designed to monitor and log files of executable nature (PE files) which are “dropped” onto the hard disk. When a PE file is dropped in the system, the application logs the following details: date/time, the process filename which is responsible for dropping the PE file, the filename of the dropped file and the type of dropped file (EXE, SYS, DLL etc).

Track Executable Files:
This tool tracks all executable files dropped onto the hard disk. PE files are detected by validating the PE structure of the file dropped in the system and not by simply checking the file extension. This assures a better result in detecting real PE files of type library (DLL), executable (EXE) and driver (SYS). The program hooks some Windows APIs in user-mode to catch the files created in the system.

Monitor all PE files (EXE, DLL, SYS) dropped onto the hard disk.
Validate the PE structure of the file dropped in the system.
View detailed information about every PE file dropped in the system.
Show the type of the PE file, i.e library (DLL), executable (EXE) or driver (SYS).
The software application uses only a few MBs of memory, you will not even notice it.
The program is free from spyware, adware or other pests, nothing extra is installed.

For Windows XP, Vista, 7, 8, 10 (32\64-bit)

Homepage: https://www.novirusthanks.org/products/pe-dropper-monitor/

Скачать: PE Dropper Monitor v1.7

TheFolderSpy v2.1.2.0b

TheFolderSpy version - The ultimate, yet free, hard disk monitoring utility.

Ever found yourself in a position to know about a change in your hard disk?
Ever wanted to find (with proof) if your mischievous younger brother deleted your file?
Ever caught yourself wanting to spy on your friend's computer?

TheFolderSpy lets you do all these things easily.

[All the suggestions by various users included!]

- ITS FREE.
- Small size (60 KB download).
- Simple to use.
- Portable (No installation, carry in your thumb drive).
- Monitor any number of folders in real-time.
- Execute a file when a change is detected(plays wav files, executes other files).
- Fully automated (Run and forget).
- Monitor many types of changes: Creation,Deletion, Attributes changes, Access date, Filesize changes etc.
- Auto start (optional).
- Can write logs.
- Monitor specific files in a folder.
- INCOGNITO MODE.
- Send EMAIL when a change is detected. [custom SMTP also available!]
- And many many more...

[v2.1.2.0b: Beta: Improved resistance towards duplicate detection.]

Homepage: http://venussoftcorporation.blogspot.com/2010/05/thefolderspy.html

Скачать: TheFolderSpy v2.1.1.1 / TheFolderSpy v2.1.2.0b

Process Monitor v3.52 (ex FileMon)

Process Monitor - is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.

Overview of Process Monitor Capabilities
Process Monitor includes powerful monitoring and filtering capabilities, including:

• More data captured for operation input and output parameters
• Non-destructive filters allow you to set filters without losing data
• Capture of thread stacks for each operation make it possible in many cases to identify the root cause of an operation
• Reliable capture of process details, including image path, command line, user and session ID
• Configurable and moveable columns for any event property
• Filters can be set for any data field, including fields not configured as columns
• Advanced logging architecture scales to tens of millions of captured events and gigabytes of log data
• Process tree tool shows relationship of all processes referenced in a trace
• Native log format preserves all data for loading in a different Process Monitor instance
• Process tooltip for easy viewing of process image information
• Detail tooltip allows convenient access to formatted data that doesn't fit in the column
• Cancellable search
• Boot time logging of all operations

The best way to become familiar with Process Monitor's features is to read through the help file and then visit each of its menu items and options on a live system.

~ FileMon v7.04 for Windows XP [?] / [?] / [?] / [?]

Homepage: https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
Whats New: https://docs.microsoft.com/en-us/sysinternals/

Скачать: Process Monitor v3.50 / Process Monitor v3.52 | RUS / Process Monitor v3.53

Monitor File Events v1.03

Monitor File Events - is an activity sniffer on your system, it determines any change on any file or folder on your computer.

Possibility to scan up to 5 different directories and their relative sub-directories with search filters for directories and files, obtaining precise targets, without messing up the list with hundreds of processes in other paths that are not interest.

The selected filters determine what you are watching and thus, which events can be triggered. So what is going on in your system, something that even the Task Manager cannot say.

Quick Inspection of the Directory, with a double click on the Events or Processes displayed.

Saving of log activities in * .txt format, with a simple and clean reading, to easily compare the activities in order of time and scan, thanks to the time stamped in each line.

Window position selectable with switch activities in Top Most.

Automatic saving of last User Settings.

Features:
• Watch Process: processes activity with any process association in run mode or in background mode.
• Something has been Created: Occurs when a file or directory in the specified Path is created.
• Events Folders & Files: "Name-Dir" "Name-File" "Creation-Time" "Size-Change" "Security" "Attributes" "Last-Write" "Last-Access"
• Something is Changed: Occurs when a file or directory in the specified Path is changed.
• Something has been Created: Occurs when a file or directory in the specified Path is created.
• Something has been Deleted: Occurs when a file or directory in the specified Path is deleted.
• Something has been Renamed: Occurs when a file or directory in the specified Path is renamed.
• Attributes: The attributes of the file or folder.
• CreationTime: The time the file or folder was created.
• DirectoryName: The name of the directory.
• FileName: The name of the file.
• LastAccess: The date the file or folder was last opened.
• LastWrite: The date the file or folder last had anything written to it.
• Security: The security settings of the file or folder.
• Size: The size of the file or folder.
• Numerical counting of event activities based on the selected filters and running processes.

Source: https://sourceforge.net/projects/monitor-file-events-v1-0/

Скачать: Monitor File Events v1.03

Disk Pulse Ultimate & Enterprise v12.0.34

DiskPulse - is a real-time disk change monitoring solution allowing one to monitor one or more disks or directories, save reports and disk change monitoring statistics, export detected changes to a centralized SQL database, execute custom commands and send E-Mail notifications when unauthorized changes are detected in critical system files.

Key Features:
· Support for Long File Names
· Support for Unicode File Names
· Monitor Multiple Disks or Directories
· User-Selectable Monitoring Events
· File Categories and File Filters
· Option to Monitor Specific File Types
· Option to Send E-Mail Notifications
· Option to Execute Custom Commands
· HTML, Excel CSV and Text Reports
· Export Reports to an SQL Database
· Search Changes in the Database
· Disk Monitoring Command Line Utility
· Disk Pulse Server Command Line Tool

Homepage: https://www.diskpulse.com/index.html

Скачать: Disk Pulse Ultimate & Enterprise v12.0.34
Скачать: Disk Pulse Ultimate & Enterprise v12.1.24
Скачать: Disk Pulse Ultimate & Enterprise v12.2.16

Process Hacker v2.39.124 (Disk tab)

Process Hacker - A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.

MAIN FEATURES:
- A detailed overview of system activity with highlighting.
- Graphs and statistics allow you quickly to track down resource hogs and runaway processes.
- Can't edit or delete a file? Discover which processes are using that file.
- See what programs have active network connections, and close them if necessary.
- Get real-time information on disk access.

ADVANCED FEATURES:
- View detailed stack traces with kernel-mode, WOW64 and .NET support.
- Go beyond services.msc: create, edit and control services.
- And much more...

Homepage: https://processhacker.sourceforge.io
Nightly Builds: https://wj32.org/processhacker/nightly.php
Source code: https://github.com/processhacker/processhacker

Скачать: Process Hacker v2.38.343
Скачать: Process Hacker v2.39.124

System Informer v3.0.5520 (Disk tab)

System Informer:
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc.

System requirements:
Windows 7 or higher, 32-bit or 64-bit.

Features:
• A detailed overview of system activity with highlighting.
• Graphs and statistics allow you quickly to track down resource hogs and runaway processes.
• Can't edit or delete a file? Discover which processes are using that file.
• See what programs have active network connections, and close them if necessary.
• Get real-time information on disk access.
• View detailed stack traces with kernel-mode, WOW64 and .NET support.
• Go beyond services.msc: create, edit and control services.
• Small, portable and no installation required.
• 100% Free Software (MIT)

Settings:
If you are running System Informer from a USB drive, you may want to save System Informer's settings there as well. To do this, create a blank file named "SystemInformer.exe.settings.xml" in the same directory as SystemInformer.exe. You can do this using Windows Explorer:

1.Make sure "Hide extensions for known file types" is unticked in Tools > Folder options > View.
2.Right-click in the folder and choose New > Text Document.
3.Rename the file to SystemInformer.exe.settings.xml (delete the ".txt" extension).

Plugins:
Plugins can be configured from Options > Plugins.

If you experience any crashes involving plugins, make sure they are up to date.

Disk and Network information provided by the ExtendedTools plugin is only available when running System Informer with administrative rights.

Homepage: https://systeminformer.sourceforge.io
Source Code: https://github.com/winsiderss/systeminformer
Nightly Builds: https://systeminformer.sourceforge.io/nightly.php
Nightly Builds: https://processhacker.sourceforge.io/nightly.php
Last Builds: https://github.com/winsiderss/si-builds

Winsider Seminars & Solutions, Inc.: https://twitter.com/aionescu/status/1536494552105766912

Скачать: System Informer v3.0.5520
Скачать: System Informer v3.0.5527

Directory Monitor v2.13.5.4

Directory Monitor - can be used for the surveillance of directories and/or network shares and will notify you of file changes, access, deletions, modifications, new files and inactivity in real-time. Users and processes making the changes can also be detected. Directory Monitor also provides text logs, automation via script/application execution, emailing, writing to a database, sound notifications, printing and more.

System Requirements:
• .NET Framework 4.0 (automatically installed)
• Windows XP/Vista/7/8/10
• Windows Server 2003/2008/2012/2016

Homepage: http://brutaldev.com/page/Directory-Monitor.aspx
Homepage: https://directorymonitor.com

Скачать: Directory Monitor v2.13.1.1 / Directory Monitor v2.13.5.4

~Мониторинг файловой активности №2~