Jump to content

Recommended Posts

Not with a certainty.  Often malware will change file dates to be much older to give them the appearance they have been there a long time.

 

However, to some degree, one can make assumptions based upon folder date and times when the malware was installed.  When one cleans the PC they would have to do from a forensic POV.  Noting what was found, where and their associated dates.

Link to post
Share on other sites

  • Root Admin

If you have auditing enabled and a large enough database size for your Event Logs then you could tell from them in most cases however auditing is not enabled by default and few if any home users enable it. The Event Logs alone "might" show something but you'd have to scour it to check.

 

Certainly other tools and means but well beyond the scope of help or support here for doing forensic analysis

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.