New utility that shows general computer activity

LastActivityView is a new utility for Windows operating system that collects information from various sources on a running system, and displays a log of actions made by the user and events occurred on this computer. The activity displayed by LastActivityView includes: Running .exe file, Opening open/save dialog-box, Opening file/folder from Explorer or other software, software installation, system shutdown/start, application or system crash, network connection/disconnection and more…

LastActivityView

LastActivityView

You can download this new utility from this Web page.

17 Comments

  1. Poli says:

    Really nice, I think Nir you should put it in Forensics category, i dig up my activity sisnce reinstaling System, history revealed 🙂

  2. Pierre says:

    Hello,

    i just want to know from where you find the “view folder in explorer” informations because i have some, the folder doesn’t exist anymore !?
    It’s not from the registry,not from the prefetch, so i want to know from where and if it’s possible to clean it (for security reasons) 🙂
    By the way, really nice job 🙂

    Thanks

  3. Joseph Dix says:

    Another great tool to help people see what they (or others) are doing on their computer. I especially like network connection and disconnection log. This may help in problem investigation and solving.

    Pulled from log.
    Action Time Description Filename Full Path More Information
    10/17/2012 9:51:58 AM Network Connected
    10/17/2012 9:42:03 AM Network Disconnected

  4. KopBuH91 says:

    it’s just beautiful!
    how did you do it?.
    this is the most necessary thing in the sysadmin to see what the user has done with the computer 🙂
    Nir – you are great!.

  5. Peter says:

    Hi Nir,

    I have an improvement request: I’d like to be able to filter the results.
    Now, there is a search functionality. Which already helps if I’m looking for specific “events”.
    But I loose the overview. It would be very neat if only the entries that apply to the filter criteria are listed.

  6. Mirek says:

    Hi,

    The obvious question is how can I delete all the activity record?

  7. David says:

    Thank you for providing me with all these software. 🙂 your a genius

  8. David says:

    do you have a compatible software like wirelesskeyview that can work on linux and ubuntu.? please

  9. DrTeeth says:

    This is spooky. Not only are the Nir programs so compact – I wonder where he gets the ideas for them from?

  10. Joe Hone says:

    What a program! It has become an indispensable tool almost from the moment I downloaded it. Even if you’ve never heard of this, you need it.

  11. al smith says:

    Nice program. What would be great would be the ability to see log of which programs are trying to access the internet – then search thru the list for suspicious programs or potential malware. Perhaps its not able to be done though.

  12. Col. Sanders says:

    Greetings
    As a long time automation analyst I long for someone with the coding skills to write a comprehensive utiliity which will kick in as Windows starts to load and timestamp-logs EVERY POSSIBLE action the system performs …
    e.g. dll and exe loads, network sends and responses, CPU and disk calls
    To help diagnose startup and login issues.
    Over the years Ive faced so many enterprise issues where it takes ages for the the windows login dialog to appear … Why? What was the machine doing? If it was waiting for something from the network, what was the last request issued? How long between the request and the response? What was the target device? what was the network path and timings (eg Traceroute) of the request/response packets?
    Continuing into Windows startup it would be great to log and baseline the time deltas between each of the steps displayed during “Applying machine settings” then the time taken from hitting OK at the UserName/PW dialog till the next “Applying policies” dialog. Then each of the steps in the appying policies. Then every thing that happens up to the pont that explorer is fully cached and the system has quiesced ready for a user to access all network and local resources.
    I’ve tried using Windows verbose logging and that provides some visibilty but is difficult to interpret as a daily baselining mechanism and misses key information.
    I reckon there would be a saleable market for a product like this!
    I only wish I had the skills to try writing it myself.

  13. Jacob S says:

    Wonderful tool, absolutely brilliant. Hopefully this tool will grow into something more and display logs and actions of astronomical numbers. You are a software dev revolutionary in your own right and I admire your efforts you put in your freeware (honourable). May I wish you the very best in your real life and please keep updating your tools, they are simply amazing!

    Regards

  14. Edward B says:

    Dear Nir,
    Thank you for all that you do for us!!
    I saw your Last Activity Viewer Utility, on the Gizmo Free Ware site, so I downloaded it.
    After reading the instructions, I highlighted an entry and then tried to delete it. Nothing.
    I checked everywhere, and there is No Delete function as you state in the Instructions. Any help would be appreciated.
    Thank you again, for all that you do for us.

  15. dooz says:

    Re: Col Sanders
    There’s Sysinternals’ Process Monitor which can do much of what you mention.
    http://technet.microsoft.com/en-us/sysinternals/bb896645

  16. George D says:

    Hello,

    Can LastActivityView be used to collect events such as “Open file or folder”, “Run .EXE file”, “View Folder in Explorer” for other users than the one being used to run the tool on the machine?

    Thanks,
    George

  17. Nicola says:

    Is it possible to use this wonderful tool to detect the activity of another offline PC, i.e. (like other NirSoft tools) specifying the letter/path of the disk containing the Windows installation to examine?
    Thanks in advance for your reply

Leave a Reply