How can I see if a file has been copied to an external device?

Check the creation/modification/access date on the files that may have been copied by going into the file properties.

When you're viewing files in explorer, view > details, it will give you the date when the file was last modified.

Sorry, for the duplication, ignore my post.

I could do that but that is no proof. And also, there are lots of files.

Why isn't it proof?  it clearly shows the times on the timestamp.

What you can do is CD into the directory through CMD

and do a DIR listing on the contents of the directory and send the output to a file.


ex..

dir > C:\file.txt

If you go to CMD and type DIR /? it will give you a list of switches and options you can use to filter out specific information such as creation date, ex... /T  (time field)    C is for Creation, A is for last Accessed, and W is for last written.

Hope this helps.

>>> And also, there are lots of files.<<<

When viewing them via file properties you can only see each file, but in explorer, when you rightclick anywhere on the right pane and click View > Details, and you can see all the files and their 'last modified' dates in one page.

The modify date of the file is not proof the file was copied.  For all he knows, the file was opened, a comma was added, then saved back to the original file name.  

I don't think you can get this type of historical info unless you had a process in place to monitor the file usage already.  

No, not a proof of course.
I don't know if there's anyway to prove that a file has been copied.

MikeKane:  Yea, that's 100% true.

Thank you all for your answers. Indeed, you need a 3rd party software already installed if you want to prove anything. Maybe the Sanctuary Software is an option here.