I'm wondering if there's any log which stores information about a particular program such as when the program has started and closed manually on Windows such as MS Word, or Chrome. Any ideas?
Answer
Mark Russinovich and Thomas Garnier released a tool called SysMon which allows logging of started processes:
Sysmon includes the following capabilities:
- Logs process creation with full command line for both current and parent processes.
Analyze the log details in Eventviewer:
//Edit
Since End of May 2017, we see a lot of questions about a small command windows popping up. This is caused by OfficeBackgroundTaskHandlerRegistration scheduled task.
Disable this task in task scheduler under ask Scheduler -> Microsoft -> Office ->
No comments:
Post a Comment