To those much more computer literate than me, I salute you and ask for some insight. On our server at work we have surf control, of course, with two staff members who have access codes. One person is on suspension and the other person, who is a friend of the person on suspension, says she did not download and print off another person’s e-mail. In this e-mail the person wrote her friend about some problems with the employee who’s suspended and it was printed off and given to another person mentioned in the e-mail. The only person currently working with the access code is saying she did not print it off. I know that anything flagged would be accessible to her, but is there anyway to tell who and where the e-mail was viewed and printed off? I agree that my co-worker who wrote the e-mail should not be talking about confidential staffing issues, even though she did not use names. I also think that the friend who printed it should take this stuff to the boss, not to another co-worker mentioned in the e-mail. She also said that maybe the person on suspension accessed the system remotely and printed off this e-mail. Also is there any way to tell if a keystroke program was put on our computers? Thanks for any answers.

We need to know a bit more information, like what server you are running, what version you are runnning, etc.

As far as keylogging and RAing goes, just a simple scan with your antivirus/antispyware program will help. Unless, of course, you didn't have one to begin with:eek:

Windows itself doesnt really have a print history per-say. You can however check the Windows event log provided the event log hasnt been wiped:


goto Start
goto Run
type: eventvwr.msc
Press ok


now click on System:
look for any event codes of 10 if you find any you can track back the time it was printed to both the user and date.




Document %1, %2 owned by %3 was printed on %4 through port %5. Size in bytes: %6. Pages printed: %7. No user action is required. %nTo stop logging information events for the print spooler, in Control Panel, open Printers, right-click a blank area of the window, click Server Properties, click the Advanced tab, and then clear the Log spooler information events check box.


the %1 - %n are information about the user and file that was printed such as filename, username, date printed, Printer Port used etc

additionally the printer or software that came with the printer may record print logs (some do) check your documentation if you can.