G
Guest
We have a computer on a domain that the system event log is showing some
wierd entries. It skips about 8 months of logging. When you right click
system log under event viewer and select properties it shows the correct
creation date, but the modified and accessed dates are both the same-a week
ago. This is troubeling since the log shows events from the modified date up
through today. There is just the 8 months of data missing. There is concern
this system has been hacked by an employee known to do this type of stuff.
Management needs proof it was hacked in order to do anything to this
individual. We feel he did this to cover his track on some other stuff, since
a bunch of older logs are missing data or are gone altogether. Any ideas?
wierd entries. It skips about 8 months of logging. When you right click
system log under event viewer and select properties it shows the correct
creation date, but the modified and accessed dates are both the same-a week
ago. This is troubeling since the log shows events from the modified date up
through today. There is just the 8 months of data missing. There is concern
this system has been hacked by an employee known to do this type of stuff.
Management needs proof it was hacked in order to do anything to this
individual. We feel he did this to cover his track on some other stuff, since
a bunch of older logs are missing data or are gone altogether. Any ideas?