Michael, <br>
<br>
The files command only showed info on files, but there are 20+ other 
types of objects. The handles command shows you all objects, including 
mutexes, events, desktops, registry keys, etc. If you only want to see 
files, without using grep, try &quot;handles -p 816 -t File&quot; <br>
<br>
Also see:<br>
<br>
<a href="http://code.google.com/p/volatility/wiki/CommandReference#handles">http://code.google.com/p/volatility/wiki/CommandReference#handles</a><br>
<br>
MHL<br><br><div class="gmail_quote">On Thu, Aug 11, 2011 at 5:12 AM, Michael Felber <span dir="ltr">&lt;<a href="mailto:MichaelFelber@gmx.net">MichaelFelber@gmx.net</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div link="blue" vlink="purple" lang="DE"><div><p class="MsoNormal"><span lang="EN-US">Hi all,<u></u><u></u></span></p><p class="MsoNormal"><span lang="EN-US">In v2.0 I miss the files-command.<u></u><u></u></span></p><p class="MsoNormal">
<span lang="EN-US">As a workaround I use<u></u><u></u></span></p><p class="MsoNormal"><span lang="EN-US"> C:\Python27\Scripts&gt;python vol.py handles -p 816 -f … | grep -i &quot;File&quot;</span><u></u><u></u></p><p class="MsoNormal">
<span lang="EN-US">„files“ was easier to use. Why it has gone?<u></u><u></u></span></p><p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p><p class="MsoNormal"><span lang="EN-US">Cu<u></u><u></u></span></p><p class="MsoNormal">
<span lang="EN-US"><u></u> <u></u></span></p><font color="#888888"><p class="MsoNormal"><span lang="EN-US">Michael</span><span style="font-size:8.0pt;color:#17365D"><u></u><u></u></span></p><p class="MsoNormal"><u></u> <u></u></p>
</font></div></div><br>_______________________________________________<br>
Vol-users mailing list<br>
<a href="mailto:Vol-users@volatilityfoundation.org">Vol-users@volatilesystems.com</a><br>
<a href="http://lists.volatilityfoundation.org/mailman/listinfo/vol-users" target="_blank">http://lists.volatilityfoundation.org/mailman/listinfo/vol-users</a><br>
<br></blockquote></div><br>