Obviously you can't do this on a running system, but the Windows Event Log format has been reverse engineered to the point that you could probably do it offline; perhaps somebody has written a tool for it. Here is one analysis.
Is it possible to inject events in the event viewer in an old date
-
17-01-2022 - |
Frage
I need to know if anyone can inject events in event viewer logs in an old date, how event viewer data are stored, and can anyone change them?
Lösung
Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow