Hi, eveyone,

I know it is not exactly a TDS-related question but I hope to benefit from your cumulative expertise here.

I am trying to find out whether someone gained access to my computer through Terminal Services, Remote Desktop, Remote Assistance, or even IIS.

I need to open and read the Security.log in Windows/system32/config

But every time I try to open and read it (by clicking on it directly or through the Control Panel), I get:

"The process cannot access the file because it is being used by another process".

I disabled my firewall and my AV software but I keep getting this error message.

Any way around it?

Great many thanks!

Gorgelink

When things are not available the normal way you might like to try in safe mode (press F8 several times after reboot to get there). Dragging it into notepad didn't work either in normal mode; there must be better ways as a log has only functionallity if we can actually check them out.

you cannot view that log directly

open control panel/ administarative toools/ event viewer and look on the sections there but security only has who has logged on & when

As it isn't a TDS support issue I have moved you to software & services which seems the suitable location as I couldn't really think of anywhere else for this

Hi, dvk01,

My apologies for posting in the wrong forum and thank you for taking care of it.

As I indicated in my query:

But every time I try to open and read it (by clicking on it directly OR THROUGH THE CONTROL PANEL), I get:

"The process cannot access the file because it is being used by another process".

In other words, you cannot open security.log through the Control Panel either.

Security.log has who logged in, when, and from where (from the desktop or from a remote location). It has 10 codes (numbered 1-10) for various types of log-in and log-off.

Take care and thanks again

Gorgelink