🤨谁动了我的电脑

type
status
date
slug
summary
tags
category
icon
password

0x01 查看开关机记录:

事件查看器

Windows日志

系统

筛选当前日志
事件 ID
含义
常见原因
6005
系统启动
正常开机
6006
正常关机
用户点击关机/计划任务关机
6008
意外断电/强制关机
长按电源键/蓝屏/停电
1074
计划重启或关机
Windows更新/用户手动重启
 

软件实现

View the time / date ranges that your computer was turned on
Windows tool that allows you to view the time/date ranges that your computer was turned on
View the time / date ranges that your computer was turned on
https://www.nirsoft.net/utils/computer_turned_on_times.html
 

0x02 查看USB使用历史记录:

USBDeview

USBDeview
Download USBDeview for free. Utility that lists all USB devices connected to your computer. USBDeview is a small utility that lists all USB devices that currently connected to your computer, as well as all USB devices that you previously used. For each USB device, extended information is displayed: Device name/description, device type, serial number (for mass storage devices), the date/time that device was added, VendorID, ProductID, and more...
USBDeview
https://sourceforge.net/projects/usbdeview/
USBDeview

USBDriveLog

USB Drive Log For Windows 10 and Windows 11
USBDriveLog is a tool for Windows 10 and Windows 11 that displays a log of all USB drives plugged to your computer.
USB Drive Log For Windows 10 and Windows 11
https://www.nirsoft.net/utils/usb_drive_log.html
USB Drive Log For Windows 10 and Windows 11
 

二者配合基本可以完全溯源

Prev
C语言入门笔记
Next
Google搜索语法
Loading...