Domain Controller 2012 R2
Posted on 2014-11-11
Hey everyone I have a problem, can you help me solve.
A folder was created under my profile on the domain controller: c:\users\gsmith\Desktop
It is a folder on the desktop when I log in.
It was a folder I did NOT create.
I am trying to find out how it got there.
The events logs [security] do not go back to that date.
Right click > on the folder and it gives the date/time created & permissions.
Is there any tools, or any logs on the DC, I can check to see who created this folder on that particular date & time?