谁动了我的电脑 | R4nd0m99的个人博客

type

status

date

slug

summary

tags

category

icon

password

0x01 查看开关机记录：

事件查看器

Windows日志

系统

筛选当前日志

事件 ID	含义	常见原因
6005	系统启动	正常开机
6006	正常关机	用户点击关机/计划任务关机
6008	意外断电/强制关机	长按电源键/蓝屏/停电
1074	计划重启或关机	Windows更新/用户手动重启

软件实现

View the time / date ranges that your computer was turned on

Windows tool that allows you to view the time/date ranges that your computer was turned on

View the time / date ranges that your computer was turned on

https://www.nirsoft.net/utils/computer_turned_on_times.html

0x02 查看USB使用历史记录：

USBDeview

Download USBDeview for free. Utility that lists all USB devices connected to your computer. USBDeview is a small utility that lists all USB devices that currently connected to your computer, as well as all USB devices that you previously used. For each USB device, extended information is displayed: Device name/description, device type, serial number (for mass storage devices), the date/time that device was added, VendorID, ProductID, and more...

https://sourceforge.net/projects/usbdeview/

USBDeview

USBDriveLog

USB Drive Log For Windows 10 and Windows 11

USBDriveLog is a tool for Windows 10 and Windows 11 that displays a log of all USB drives plugged to your computer.

USB Drive Log For Windows 10 and Windows 11

https://www.nirsoft.net/utils/usb_drive_log.html

USB Drive Log For Windows 10 and Windows 11

二者配合基本可以完全溯源

Author:R4nd0m99
URL:https://www.loyce030.xyz/article/log
Copyright:All articles in this blog, except for special statements, adopt BY-NC-SA agreement. Please indicate the source!

Relate Posts

Lazy loaded image

Lazy loaded image

NewStar2024 Week1&2 WriteUp

Lazy loaded image

NewStar2024 Week3 WriteUp

Lazy loaded image

NewStar2024 Week4 WriteUp

Lazy loaded image

NewStar2024 Week5 WriteUp

Lazy loaded image

NCRE2 关于Bitcoin

Loading...

Catalog

0%

R4nd0m99

TEST

Latest posts

NewStar2024 Week4 WriteUp

Announcement

🎉个人博客已经上线🎉

-- 感谢您的支持 ---

Catalog

0%