Question : How can I track who deleted the files in XP?

We have had a case of files being delelted from a workgroup PC havinf XP.
How can I track who deleted the files?
What good utilities are there to recover the files?

there is no audit object is enabled

Answer : How can I track who deleted the files in XP?

If auditing is not enabled then you cannot track who deleted the files. You need to have auditing - or some form of logging - enabled at the time when the files were deleted, because retrospectively attempting to search a log of an event which does not exist will prove to be impossible.

In an XP Pro workgroup, I doubt proper security, usernames and passwords are being used anyway; rather, I would guess all users access this XP Pro machine using one user account, which would mean any log would prove unuseful anyway.

-tigermatt

Random Solutions

ORA - 01722 invalid number error occurring during varchar to number conversion

DBCC CHECKDB against suspect db

How to resolve: There are too many rows to output, based on the limitation specified by the output format or by Microsoft Office Access ?

Error- SSL Certificate server name is incorrect c103b404

Access VBA - Using Allowedits

GP aborted on Windows XP SP2 client on SBS 2003 R2 Server domain

Help with Shell Script: find and move duplicate files in a directory tree

Restore SQL .DAT back-up

"Out of locks" not shown in errorlog

Grant Permissions to Alter View