LastActivityView: some interesting functions you should discover!
The user-tracking program for NirSoft can now show you the recent connects and disconnects from a wireless network for the current system. This is really useful for PC forensics, since authorities can find out where a laptop (and particularly his user) has been in the last days.
The program has many other interesting functions: it records several other user actions, for instance opening and saving files, EXE files launches, installing software, crashes in system or applications, times for closing and starting up the system etc.
The list of Actions is generally arrange by time, though you can also select it to be sorted by field if you want to group common actions in one place. For instance, you can see all the opened files in one list. The advantage of this LastActivityView feature is that it doesn’t create the log of the information itself, but it gathers the data from the event logs in the Windows system and other sources. As such, you don’t have to install it on a system or keep it running in the background and consuming your resources. Simply launch the program once and it will compile a timeline of all the information it finds available on the machine.
However, if you intend to protect your machine from this kind of snooping around, you can disable the event logs. For instance, if you want to stop the operating system from logging the connects or disconnects to the wireless network, launch the Event Viewer, go to Applications/ Services Logs/ Microsoft/ Windows/ WLAN – AutoConfig. In the left hand pane you will find the option to expand the log, then click right on Operational, choose Clear Log, click right again and choose Disable Log.
Keep in mind that LastActivityView only runs on Windows 2000 and newer versions, though some features are only available with later versions.
RELATED STORIES TO CHECK OUT:
- Manage Event Log channels with Nirsoft’s EventLogChannelsView release
- NirSoft releases FullEventLogView and EventLogChannelsView apps
- CredentialsFileView allows you to access decrypted Credentials files in Windows
Windows 10 Insider Preview Build 18836 has recently been rolled out to all the Windows Insiders who are currently in the Skip Ahead ring. The release comes […]
The Java Virtual Machine fatal exception error pops up for some users when they try to launch software built on Java. The full error message […]