Is it possible to find the origin of a virus?

security windows virus malware

Solution 1:

What you are asking looks very much like what forensic researchers do in criminal cases. You could make a copy of the disk and then with painstaking manual analysis and forensic tools try to find clues. You could maybe determine the time of infection, and if enough logs are left try to list the sources accessed around that time.

But success is definitely not guaranteed, for a number of reasons:

  • you did not have systematic logging active on an 'ordinarily configured' computer

  • the infection sources may have changed/gone; you do have some extra information here in cases where 'familiar' viruses have been distributed through a limited number of sites (not likely).

  • especially in your case is sound like an ordinary hard disk that has been used since the infection, thereby overwriting important information from around the time of infection.

So, for all practical purposes, the answer is 'very unlikely'.

Related

Should a Mac mount an USB external NTFS drive by default?
how to increase resolution of linux virtual box guest
Reset a network connection by name?
3TB SATA hard drives into an old Linux system
Windows 10, 32 GB eMMC laptop: `Windows can't be installed on drive 0 partition 1.`
How to limit internet traffic in some computers of my home network?
Does using Tor prevent my ISP/sysadmin from seeing what sites I visit?
Change Windows 8 start menu back to Windows 7 [duplicate]
Paginate Rows into Columns in Excel
Is there a difference between the original file and a hard link to it?
Thunderbird doesn't raise or give focus when you click "Write" or "Reply"
What file extensions does ffmpeg support?