You will need
- A computer running the Windows operating system
One of the ways that does not require any additional configuration – using information from the Prefetch file located in the Windows system folder. Open any file Manager Windows folder, which is located most often on the C drive. Locate and open the folder Prefetch. This folder stores files with the extension *.pf. File is created by the operating system at the time of the last run of any application. When you restart the program the old file is overwritten and new one is created. The file name contains the name of the executable file to run the program. In order to see the startup time of the program, click "View" on the toolbar and select "table".
But keep in mind that you can only learn about the last run of the application. For more complete information, you must configure the "Local security settings". Click the "start" button, select "control Panel – administrative tools, and then double-click Local security policy.
To change the element "Audit Policy" click in the console tree the node "Local policies". Go to the item "audit Policy. In the details pane, which is located in the right part of the window, select the entry "Audit process tracking". This security setting determines whether to track and record successful or unsuccessful attempts to launch applications. The default value of "No auditing". Double-click this entry.
In the dialog box "Properties", set the switch to "Success" on the tab "local security Setting". Confirm the changes by pressing the OK button.
Now selecting from context menu My computer - Manage - event Viewer, and opening the Security log in the right part of the window, you can control all running processes on your computer.