AW: [Vol-users] files-command missed

Hello Michael, you're right, the "-t"-Option is the better solution. Thank you! Michael Von: Michael Hale Ligh [mailto:michael.hale@gmail.com] Gesendet: Donnerstag, 11. August 2011 13:18 An: Michael Felber Cc: vol-users(a)volatilityfoundation.org Betreff: Re: [Vol-users] files-command missed Michael, The files command only showed info on files, but there are 20+ other types of objects. The handles command shows you all objects, including mutexes, events, desktops, registry keys, etc. If you only want to see files, without using grep, try "handles -p 816 -t File" Also see: http://code.google.com/p/volatility/wiki/CommandReference#handles MHL On Thu, Aug 11, 2011 at 5:12 AM, Michael Felber <MichaelFelber(a)gmx.net> wrote: Hi all, In v2.0 I miss the files-command. As a workaround I use C:\Python27\Scripts>python vol.py handles -p 816 -f . | grep -i "File" "files" was easier to use. Why it has gone? Cu Michael _______________________________________________ Vol-users mailing list Vol-users(a)volatilityfoundation.org http://lists.volatilityfoundation.org/mailman/listinfo/vol-users