Wanted: Simple, Straightforward Logging of File Opens and File Closes Per This Specification -- Is Windows Capable of This?
What is needed is for Windows to log every attempt to open any file on the system. The log shall contain a timestamp, name of file, the type of access required
(read only, write only, read and write, exclusive use, non-exclusive use), and name of the process or service that wants the file open. Also there must be a record of how the operating system disposed of the request. If the open is successful,
say so. If not, say so, and why. We had this info on the mainframe in 1972. It would be useful to log file close events, as well. The close event will disclose what the program did to the file. For example, did the program write into
the file? Did the program read from file? Did the program truncate the file and write? Did the program extend the file? Did the program change the name of the file? Did the program change any file attributes and, if so,
which ones? A file can have multiple streams. Disclose which streams were affected.
There is a Security Auditing feature in Windows that doesn't meet this specification. So that is not the answer. What is the answer?
MARK D ROCKMAN
I have downloaded Process Monitor and tried it on my lab computer. It certainly is comprehensive in its output. I'm going to try it on the production machines in hope of catching clues as to who does what to whom in the file system that is causing
3rd party software to reboot the computer. The author of the troublesome program claims he must reboot the computer at the drop of a hat. For example, some file he must open right now is "locked" by some other program, not his program mind you, some
other program. Okay. So what else is running on the production system that may be doing this? Prove that some other program is doing this. The fact that we must log all file system activity up to the moment of reboot poses a special issue.
Will the Process Monitor log lose any file system events because it cannot properly close the log as the system is being rebooted? It is interesting the Federal Government is fine with Microsoft delivering an operating system that has no comprehensive
file access logging capability. Process Monitor may do it. But one cannot run that behemoth 24/7/365. (I hear you saying "Oh. But we have Security Audits." A CISSP may be impressed with that one.)
MARK D ROCKMAN
Similar Messages
-
Comand prompt opens and the closes autmaticaly
comand prompt opens and the closes autmaticaly
Hi,
The command prompt opens and the closes autmaticaly, this may because you have run a .bat script in the task scheduler.
If this happen when you logon, please also check if you have applied any logon script deployed by Group Policy.
If there is anything else regarding this issue, please feel free to post back.
Best Regards,
Anna Wang
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
i have acrobat standard and it will not allow me to edit.. every file i go to open it says "there is a active file open and must close in acrobat" other times it says account cannot be validated after I have already paid for it.. please advise
Hi Timothy,
The account cannot be validated error was due to a glitch on our activation server that has been fixed now.
Please try using acrobat now and check if you are still facing the problem.
Regards,
Rave -
File Error: The Specified file is open and in use by this or another app...
I have imported a string of pictures and dragged them into the FCP timeline. I render them and it renders a certain percentage then it stops and says "File Error: The Specified file is open and in use by this or another application."
After reading this, I quit out of FCP, restarted my computer, opened FCP, nothing other program, tried to render again and same thing happened. It renders part of it then the error message pops up, then I can render again and it will do another percent then it will pop again and so on.
Suggestions, or does anyone know why this happened? Thank you very much for your time.
Aokay - don't know where you've got your scratch disc set but hopefully it's to another drive other than your boot.
The same drive where your render files should be located, ie some drive other than your boot drive.
Can you copy the jpegs over to that drive into a folder.
Delete them from your tl, delete them from your proj. Save your project. Close fcp.
If they're on your boot drive - delete them.
Reopen fcp and Reimport them from the new location.
Sorry for all the steps - but we have no idea how you have configured fcp or your level of experience. Trying to cover all the bases ... -
I've just updated OS to 10.10.1 and Finder keeps trying to open and then closes every 2 seconds with the message Finder is not Available. If Safari is opened with the window full screen it immediately closes and will only work with window smaller than maximum. Driving me mad! Any help please!!
Hi Linc
Thank you for your response.
I'm a bit of an amateur so I hope below is the information you've asked for:
Step 1
23/11/2014 09:19:14.007 ReportCrash[294]: Saved crash report for Finder[4349] version 10.10.1 (10.10.1) to /Users/AAAA/Library/Logs/DiagnosticReports/Finder_2014-11-23-091914_BBBB-MacBoo k-Pro-2.crash
23/11/2014 09:19:14.008 ReportCrash[294]: Removing excessive log: file:///Users/AAAA/Library/Logs/DiagnosticReports/Finder_2014-11-23-091840_BBBB -MacBook-Pro-2.crash
23/11/2014 09:19:14.000 kernel[0]: CODE SIGNING: cs_invalid_page(0x103809000): p=4357[Finder] final status 0x3000a00, denying page sending SIGKILL
23/11/2014 09:19:14.000 kernel[0]: CODE SIGNING: process 4357[Finder]: rejecting invalid page at address 0x103809000 from offset 0x3f000 in file "" (cs_mtime:0.0 == mtime:0.0) (signed:0 validated:1 tainted:1 wpmapped:0 slid:0)
23/11/2014 09:19:14.454 com.apple.xpc.launchd[1]: (com.apple.Finder[4357]) Binary is improperly signed.
23/11/2014 09:19:14.454 com.apple.xpc.launchd[1]: (com.apple.Finder) Service only ran for 0 seconds. Pushing respawn out by 1 seconds.
23/11/2014 09:19:15.584 Finder[4359]: assertion failed: 14B25: libxpc.dylib + 97940 [9437C02E-A07B-38C8-91CB-299FAA63083D]: 0x89
23/11/2014 09:19:15.000 kernel[0]: CODE SIGNING: cs_invalid_page(0x10bfbf000): p=4359[Finder] final status 0x3000a00, denying page sending SIGKILL
23/11/2014 09:19:15.000 kernel[0]: CODE SIGNING: process 4359[Finder]: rejecting invalid page at address 0x10bfbf000 from offset 0x3f000 in file "" (cs_mtime:0.0 == mtime:0.0) (signed:0 validated:1 tainted:1 wpmapped:0 slid:0)
Step 2
Process: Finder [4626]
Path: /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder
Identifier: com.apple.finder
Build Info: Finder_FE-932001003000000~1
Responsible: Finder [4626]
PlugIn Path: /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder
PlugIn Identifier: com.apple.finder
-0 sec CODE SIGNING: cs_invalid_page(0x10c9a5000): p=4626[Finder] final status 0x3000a00, denying page sending SIGKILL
-0 sec CODE SIGNING: process 4626[Finder]: rejecting invalid page at address 0x10c9a5000 from offset 0x3f000 in file "" (cs_mtime:0.0 == mtime:0.0) (signed:0 validated:1 tainted:1 wpmapped:0 slid:0)
-2 sec CODE SIGNING: cs_invalid_page(0x10c5b3000): p=4624[Finder] final status 0x3000a00, denying page sending SIGKILL
-2 sec CODE SIGNING: process 4624[Finder]: rejecting invalid page at address 0x10c5b3000 from offset 0x3f000 in file "" (cs_mtime:0.0 == mtime:0.0) (signed:0 validated:1 tainted:1 wpmapped:0 slid:0)
-3 sec CODE SIGNING: cs_invalid_page(0x10f4bd000): p=4622[Finder] final status 0x3000a00, denying page sending SIGKILL
-3 sec CODE SIGNING: process 4622[Finder]: rejecting invalid page at address 0x10f4bd000 from offset 0x3f000 in file "" (cs_mtime:0.0 == mtime:0.0) (signed:0 validated:1 tainted:1 wpmapped:0 slid:0)
-5 sec CODE SIGNING: cs_invalid_page(0x105ecf000): p=4620[Finder] final status 0x3000a00, denying page sending SIGKILL
-5 sec CODE SIGNING: process 4620[Finder]: rejecting invalid page at address 0x105ecf000 from offset 0x3f000 in file "" (cs_mtime:0.0 == mtime:0.0) (signed:0 validated:1 tainted:1 wpmapped:0 slid:0)
-7 sec CODE SIGNING: cs_invalid_page(0x1012cd000): p=4617[Finder] final status 0x3000a00, denying page sending SIGKILL
-7 sec CODE SIGNING: process 4617[Finder]: rejecting invalid page at address 0x1012cd000 from offset 0x3f000 in file "" (cs_mtime:0.0 == mtime:0.0) (signed:0 validated:1 tainted:1 wpmapped:0 slid:0)
--> __TEXT 000000010c966000-000000010ce55000 [ 5052K] r-x/rwx SM=COW /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder
__DATA 000000010ce55000-000000010cf53000 [ 1016K] rw-/rwx SM=COW /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder
0 com.apple.finder 0x000000010c9a521f 0x10c966000 + 258591
10 com.apple.finder 0x000000010c9977b5 0x10c966000 + 202677
11 com.apple.finder 0x000000010c988154 0x10c966000 + 139604
12 com.apple.finder 0x000000010c987e15 0x10c966000 + 138773
13 com.apple.finder 0x000000010c987d35 0x10c966000 + 138549
14 com.apple.finder 0x000000010c987cfd 0x10c966000 + 138493
28 com.apple.finder 0x000000010c96b960 0x10c966000 + 22880
1 com.apple.finder 0x000000010c98a69d 0x10c966000 + 149149
2 com.apple.finder 0x000000010c98aba7 0x10c966000 + 150439
3 com.apple.finder 0x000000010c9795d2 0x10c966000 + 79314
4 com.apple.finder 0x000000010c98aa0b 0x10c966000 + 150027
5 com.apple.finder 0x000000010c98a952 0x10c966000 + 149842
6 com.apple.finder 0x000000010c98a78a 0x10c966000 + 149386
7 com.apple.finder 0x000000010c979496 0x10c966000 + 78998
8 com.apple.finder 0x000000010c98a548 0x10c966000 + 148808
9 com.apple.finder 0x000000010c98a410 0x10c966000 + 148496
10 com.apple.finder 0x000000010c983df6 0x10c966000 + 122358
0x10c966000 - 0x10ce54ffb com.apple.finder (10.10.1 - 10.10.1) <33C3024A-4A16-3485-B2B1-89FA33B9558A> /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder
Many thanks
David -
I upgraded to firefox 4 and that started since then
when i happen to have 2 window open and i close 1 the other main one i have open with tabs ask me if i was sure i want to quit it too
and it asks 2 timesStart Firefox in <u>[[Safe Mode]]</u> to check if one of the extensions is causing the problem (switch to the DEFAULT theme: Firefox (Tools) > Add-ons > Appearance/Themes).
*Don't make any changes on the Safe mode start window.
*https://support.mozilla.com/kb/Safe+Mode
*https://support.mozilla.com/kb/Troubleshooting+extensions+and+themes -
How do iI close my apps I have over 20 open and cant close em down
How do I close my Apps I have over 20 open and cant close em down
Not all the apps are open. When you double tap the home button that just shows you apps that you have recently used. They are not all open and running.
If you want to clear this list, swipe up on the app screenshot. -
Hi, on my fathers pc sometimes when downloading multiple tabs start opening and I cannot stop this happening. Could anybody please help me? for example, trying to download TomTom Start 25 user manual
You get that problem if you select the Firefox program to handle a file if you get an "open with" dialog.
*https://support.mozilla.com/kb/Firefox+keeps+opening+many+tabs+or+windows -
<blockquote>Locking duplicate thread.<br>
Please continue here: [[/questions/880054]]</blockquote>
Question
Every time I try to open Firefox I get a popup saying it is already open, and to close it or restart; but it is NOT open, and restarting doesn't heDuplicate Thread LOCK please
* Continue here - https://support.mozilla.com/en-US/questions/880054 -
1. This happens at least once a day, and sometimes multiple times. Today it's happened twice, thus far. My home page is FoxNews.com and if I leave it up overnight or for longer periods during the day firefox doesn't allow the refresh of the home page it just goes to yahoo 404--error can't find the webpage. Then when I enter FoxNews.com it adds a /error to the url and doesn't allow me to go to MY homepage. So I close firefox and then if I try to reopen it and then I get the dialog box saying firefox is open and to close it or restart my computer. Very aggravating. 2. Also the Adobe flash drive update always fails. 3. Webpages get in loops and fail to load to the point I have to stop and refresh or close out and reopen.
One situation in which Command+w or Ctrl+w might not work is if the "focus" is in a plugin such as the Flash player used on Youtube after you interact with the player controls. Firefox will continue to send the keyboard input to the plugin until you move the focus back to the page. Does that account for any of the problem?
-
The window 8 store and all other app open and then close immediately .
The window 8 store and all other app open and then close immediately .I
have tried many methods like sfc /scannow,, powershell
-ExecutionPolicy Unrestricted Add-AppxPackage -DisableDevelopmentMode -Register $Env:SystemRoot\WinStore\AppxManifest.xml without the quotes but , changed registery entries but found no effect . kindly help me !Hi ObaidMaki,
This forum is to discuss problems of Windows Forms. Your question is not related to the topic of this forum.
I would suggest you posting it in the dedicated Windows Forum
http://answers.microsoft.com/en-us/windows for more efficient responses, where you can contact Windows experts.
Best regards,
Youjun Tang
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Adding javascript to page open and page close in acrobat 8.1.2
Reading the Acrobat Javascript Object Specification on page 22 it says that you can add javascript to the "page open" and "page close" events of a document.
It then says that under the menu "Document -> Set page action" you can add scripts for those events
I am using Acrobat 8.1.2 and under the document menu there is no "Set page action". And there is nowhere where I can find any "set page action" menu...
whats the deal?
How can i set the page open and page close events in acrobat professional 8.1.2?????????????
Marc- open the Navigation Panel 'Pages'
- select the page and open the page properties
- in the actions tab you can set the page actions -
When I have the downloads window open and I close the browser window, the next time I reopen the browser while the downloads are still going, it returns me to the last page I was on. All previous versions of Firefox would return me to my homepage which I would prefer. Please let me know if this is possible.
When you re-open Firefox and choose Restore Session, by default it picks up your most-recently-open window, and the other windows should then show up in Recently Closed Windows.
The Firefox add-on Session Manager lets you manage how many closed windows and closed tabs are saved, in case it's not enough. -
Spry Accordion - Tabs open and then close after page loads
I am using a Spry Accordion menu driven from a database.
The menu opens up during the page load and then closes.
I'm using SpryAccordion.js 1.6.1
And to open a preset tab, I'm using:
<script type="text/javascript">
<!--
var Accordion1 = new Spry.Widget.Accordion("Accordion1",{useFixedPanelHeights:false, enableAnimation: false, defaultPanel: 0 });
//-->
</script>
But, all of the tabs open and then close on page load.
My page: http://www.texashotjobs.us/00C01.aspx
Any fix for this??
Thanks, RonWell to both thanks. Actually I wasn't disappointed as I had a two part question...
I tested the 1.6 JS and remembered that I had to modify the 1.4 so that tabs actually would link. So I reverted back to 1.4.
So, going to 1.6 fixed the open panel on load but "unfixed" the panel tab from linking.....
So changing this in the 1.6 js fixed the link issue as well:
Spry.Widget.Accordion.prototype.onPanelTabClick = function(e, panel)
if (panel != this.currentPanel)
this.openPanel(panel);
else
this.closePanel();
if (this.enableKeyboardNavigation)
this.focus();
// if (e.preventDefault) e.preventDefault();
// else e.returnValue = false;
// if (e.stopPropagation) e.stopPropagation();
// else e.cancelBubble = true;
I t appears everything is working........
Thanks, Ron Gaddis
Visual Reality Productions -
Can anyone advise how to close apps with the new iOS? I have multiple open and cannot close them
Double-tap on the Home button. You will see a preview of the app above the actual icon. Slide the preview up to kill it.
Please get the iPhone User Guide (For iOS 7 Software)Sep 19, 2013 - 23 MB.
Maybe you are looking for
-
Hi I want to buy Openoffice in App Store but I can't find it. One month ago Openoffice was in App Store but now I don't find it and i need it to work. Can someone tell me if I downald Xtreme Writer or Word to go it will be the same or where I can fin
-
Some of the required files are missing" error when opening iTunes 7.5
Hi Grateful for some help. I'm getting this message when I try to open iTunes and Quicktime isn't working and there's an error 2093 appearing. I've found the help page on apple but it tells me to delete any iTunesSetup.exe files that I have so that I
-
All scheduled tasks stopped execute
Hi guys, We are using the version 11.1.1.5(BP 2) of OIM. Now all scheduled task, stoped execute. We clicked em "Run Now" but isn't inserted a line in grid Job History, in log doesn't show no errors. This happen for all scheduled tasks. What be should
-
K9A2 Platinum - Install to RAID - Memory issue
Hello all, I have a MSI K9A2 Platinum AM2+/AM2 AMD 790FX ATX AMD Motherboard with a AMD Phenom 9950 BLACK EDITION Agena 2.6GHz Socket AM2+ 140W Quad-Core Processor Model HD995ZFAGHBOX. I have (2) OCZ Platinum 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 106
-
Why does it say my iphone is linked to another library when trying to add ringtones
why does it say my phone is synced to another library, if I want to proceed with syncing music it asks to erase contents and sync with current info. How do I know all my contacts on my phone are saved if it wants to erase info?