Is there a possibility to detect if a new file is created on Windows using Python programming language?
Maybe my questions sounds meaningless, but I need this information to develop a program that can detect if a new file is created on my computer by a given application (maybe a virus, or any other benign application).
Asked
Active
Viewed 802 times
1
-
1maybe [watchdog](https://pypi.python.org/pypi/watchdog) is what you need? – mata May 22 '14 at 17:46
-
Which version of Windows? – SJuan76 May 22 '14 at 17:47
-
do you want to check the whole C drive? – Padraic Cunningham May 22 '14 at 17:47
-
@mata Wow ! Thank you a lot ! That is a very interesting point to start with ! I hope I can get some similar useful information. – May 22 '14 at 17:48
-
@PadraicCunningham Yes, even more, the whole computer where I installed only Windows – May 22 '14 at 17:51
-
A similar question but for Linux OS. http://stackoverflow.com/q/1618853/2382792 – ρss May 22 '14 at 17:55
-
@begueradj, how long do you think this is going to take? – Padraic Cunningham May 22 '14 at 18:02
3 Answers
0
A script to check all files on your specified folder/drive and check for changes to the names or new files added.
import os
import pickle
from multiprocessing import Process
def scanner(root_dir, output):
temp = set()
#if not os.path.isfile(output): # if output does not exist create it
with open(output, 'a'):
pass
files = os.walk(root_dir) # go through all dirs and sub dirs
for root, dirs, f in files:
if f:
temp.update(f) # add all "f" files to the set
with open(output, 'rb') as data:
if os.path.getsize(output) > 0: # if the file has data, it is not the first run so load and compare
b = pickle.load(data)
print " Deleted files {}".format(b-temp) # if a file name has been changed been deleted
print "Amended or New files {}".format(temp-b) # if a file name has been changed or one added
with open(output, 'wb') as data: # write current files and save to output
pickle.dump(temp, data)
if __name__ == '__main__':
# start process for each drive
p1 = Process(target=scanner, args=("/path1", "data.pickle"))
p1.start()
p2 = Process(target=scanner, args=("/path2", "data1.pickle"))
p2.start()
Padraic Cunningham
- 176,452
- 29
- 245
- 321
0
from watchdog.observers import Observer
from watchdog.events import FileSystemEventHandler
import subprocess as sp
class MyHandler(FileSystemEventHandler):
def on_any_event(self, event):
print(event.event_type, event.src_path)
def on_created(self, event):
print("on_created", event.src_path)
print(event.src_path.strip())
if((event.src_path).strip() == ".\test.xml"):
print("Execute your logic here!")
event_handler = MyHandler()
observer = Observer()
observer.schedule(event_handler, path='.', recursive=False)
observer.start()
while True:
try:
pass
except KeyboardInterrupt:
observer.stop()
- pip install watchdog
- Create a scheduled task for this script in the Task scheduler and monitor the folder where the file will be created.
user3349907
- 317
- 3
- 3
-1
you would have to have/create a database of all files on the computer and scan through every possible name (go through all ASCII values for a char then ad add or increment the next char to a reasonable length) to see if it is there using this you could use the compare the old database and new database to see the changes
Edit: this could help Browse files and subfolders in Python (search in the C or default drive for everything and save its location)
-
1
-
If windows had a easy way to do it wouldn't their virus software do it and not be required to scan – deme72 May 22 '14 at 17:42
-
Thank you for the answer, but I think it is huge task, or even impossible, to list all the files that my operating system (windows) is hosting. – May 22 '14 at 17:43