User Actions and Events List


Created by using LastActivityView

Action Time Description Filename Full Path More Information File Extension
20/05/2017 17:33:21User Logon  TUBERCULOLAB\antonio 
20/05/2017 17:02:57System Started    
20/05/2017 15:10:11System Shutdown    
20/05/2017 14:10:05System Started    
20/05/2017 14:08:08System Shutdown    
20/05/2017 14:07:22System Started    
20/05/2017 13:51:57System Shutdown    
20/05/2017 13:51:57User Logoff  RABANOSRV\antonio 
20/05/2017 13:06:00Open file or folderWindows_Live_ResponseE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response  
20/05/2017 13:06:00Open file or folderforecopy_handy.logE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response\forecopy_handy.log log
20/05/2017 13:05:33Open file or folderREADME-Windows.txtE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response\README-Windows.txt txt
20/05/2017 13:05:09View Folder in ExplorerUserInfoE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response\RABANOSRV_20170520_130258\LiveResponseData\UserInfo  
20/05/2017 13:05:09View Folder in ExplorerLiveResponseDataE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response\RABANOSRV_20170520_130258\LiveResponseData  
20/05/2017 13:05:07View Folder in ExplorerPersistenceMechanismsE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response\RABANOSRV_20170520_130258\LiveResponseData\PersistenceMechanisms  
20/05/2017 13:05:01View Folder in ExplorerCopiedFilesE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response\RABANOSRV_20170520_130258\LiveResponseData\CopiedFiles  
20/05/2017 13:05:01View Folder in ExplorerusnjrnlE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response\RABANOSRV_20170520_130258\LiveResponseData\CopiedFiles\usnjrnl  
20/05/2017 13:04:59View Folder in ExplorermftE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response\RABANOSRV_20170520_130258\LiveResponseData\CopiedFiles\mft  
20/05/2017 13:04:53View Folder in ExplorereventlogsE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response\RABANOSRV_20170520_130258\LiveResponseData\CopiedFiles\eventlogs  
20/05/2017 13:04:53View Folder in ExplorerLogsE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response\RABANOSRV_20170520_130258\LiveResponseData\CopiedFiles\eventlogs\Logs  
20/05/2017 13:04:45View Folder in ExplorerRABANOSRV_20170520_130258E:\LiveResponseCollection-Bambiraptor\Windows_Live_Response\RABANOSRV_20170520_130258  
20/05/2017 13:04:41View Folder in ExplorerWindows_Live_ResponseE:\LiveResponseCollection-Bambiraptor\Windows_Live_Response  
20/05/2017 13:03:19Software Installationuninstall.exeC:\Program Files\WinPcap\uninstall.exeWinPcap 4.1.3exe
20/05/2017 13:03:18Software Installation  Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 
20/05/2017 13:03:18Windows Installer Ended    
20/05/2017 13:03:17Windows Installer Started    
20/05/2017 13:03:13Windows Installer Ended    
20/05/2017 13:03:04Windows Installer Started    
20/05/2017 12:54:25User Logon  TUBERCULOLAB\antonio 
20/05/2017 12:52:01User Logon  TUBERCULOLAB\RABANOSRV$ 
20/05/2017 12:51:48System Started    
20/05/2017 12:40:49System Shutdown    
20/05/2017 12:40:48User Logoff  RABANOSRV\antonio 
20/05/2017 12:33:20View Folder in ExplorerLiveResponseCollection-BambiraptorE:\LiveResponseCollection-Bambiraptor  
20/05/2017 12:33:16View Folder in Explorer E:\  
20/05/2017 11:53:15User Logon  TUBERCULOLAB\antonio 
20/05/2017 11:40:51User Logon  TUBERCULOLAB\RABANOSRV$ 
20/05/2017 11:40:39System Started    
20/05/2017 11:38:34System Shutdown    
20/05/2017 11:38:33User Logoff  RABANOSRV\antonio 
20/05/2017 11:14:34View Folder in ExplorerDatosC:\Datos  
20/05/2017 11:14:30View Folder in ExplorerTopSecretC:\Datos\TopSecret  
20/05/2017 11:02:21Open file or folderSecretoC:\Datos\Secreto  
20/05/2017 11:02:21Open file or folderRecetaSecreta.txtC:\Datos\Secreto\RecetaSecreta.txt txt
20/05/2017 10:38:25System Started    
20/05/2017 10:37:34System Shutdown    
20/05/2017 9:37:26System Started    
19/05/2017 20:39:01System Shutdown    
19/05/2017 19:38:56System Started    
19/05/2017 19:14:14System Shutdown    
19/05/2017 18:14:10System Started    
19/05/2017 17:21:02System Shutdown    
19/05/2017 16:20:41System Started    
05/05/2017 19:47:58System Shutdown    
03/05/2017 23:15:37System Started    
02/05/2017 14:38:07System Shutdown    
02/05/2017 10:01:12System Started    
29/04/2017 17:10:05System Shutdown    
29/04/2017 10:08:18View Folder in ExplorerSecretoC:\Datos\Secreto  
29/04/2017 10:07:54View Folder in ExplorerContabilidadC:\Datos\Contabilidad  
29/04/2017 9:54:51System Started    
29/04/2017 3:05:06System Shutdown    
29/04/2017 3:03:16System Started    
28/04/2017 22:56:01System Shutdown    
28/04/2017 19:38:27System Started    
28/04/2017 19:37:59System Shutdown    
28/04/2017 19:20:07System Started    
28/04/2017 19:19:26System Shutdown    
28/04/2017 19:19:22Windows Installer Ended    
28/04/2017 19:18:37Windows Installer Started    
28/04/2017 19:17:45Windows Installer Ended    
28/04/2017 19:17:42Windows Installer Started    
28/04/2017 19:17:39Windows Installer Ended    
28/04/2017 19:17:36Software Installation  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 
28/04/2017 19:17:07Windows Installer Started    
28/04/2017 19:16:34System Started    
28/04/2017 19:16:02System Shutdown    
28/04/2017 18:07:23System Started    
10/04/2014 23:45:42System Shutdown    
21/11/2010 4:34:57Software Installation  WIC 
14/07/2009 6:57:00Software Installation  DirectDrawEx 
14/07/2009 6:57:00Software Installation  Connection Manager 
14/07/2009 6:57:00Software Installation  IE40 
14/07/2009 6:57:00Software Installation  Fontcore 
14/07/2009 6:57:00Software Installation  AddressBook 
14/07/2009 6:57:00Software Installation  SchedulingAgent 
14/07/2009 6:57:00Software Installation  MobileOptionPack 
14/07/2009 6:57:00Software Installation  IEData 
14/07/2009 6:57:00Software Installation  IE5BAKEX 
14/07/2009 6:57:00Software Installation  IE4Data