<div>
Depends on the software. &nbsp;Sometimes there are artifacts that are created / left behind during install / uninstall.<br />
<br />
Can you provide any input about the actual software you're trying to prove? &nbsp;(name, etc?)
</div>


<div>
The software is custom made and is not public. &nbsp;It is only provided to organizations in a vertical market that need it. &nbsp;It was uninstalled through Programs and Features which leads me to believe that it must have registered with Windows in such a way as to appear there.
</div>


<div>
<i>&quot;For legal reasons&quot;</i><br />
<br />
How legal is this going to get? Before starting you may need to clone the machine as proof of how it was before forensic analysis. If this ends up in court you may need a Court approved investigator for any evidence to be admissible.<br />
<br />
Hopefully we're looking at something less formal than this but just something you might need to consider.<br />
<br />
Yes, installers and software all work slightly differently so knowing what package we're dealing with will make this a lot easier.
</div>


<div>
Thanks MASQ. &nbsp;I do have similar concerns. &nbsp;However, knowing the context and weight of the issue, I think it is unlikely to get too heavy as to need approved investigators and certified forensic analysis. &nbsp;If I only need to look at files on the drive then I might just attach the drive through a USB interface. &nbsp;If I need to interact with the OS software then I will likely clone it first.<br />
<br />
I will try to find what installer was used but it's unlikely.
</div>


<div>
@MASQ, your command might have led me on the path. &nbsp;From the wmic output I found the name of the software in the results. &nbsp;The installed date seems to be around the right time, but there is no uninstalled date. &nbsp;<br />
<br />
Other data that I took from the results led me to the installation path which was a temporary folder under content.ie5 and doesn't seem to contain any relevant files anymore.<br />
<br />
I found an msi under Windows\Installer (the file name is only random numbers) and a GUID which has a folder and an exe under Windows\Installer\{GUID}. &nbsp;The exe file starts with an underscore followed by a long string of numbers and letters.<br />
<br />
Since I think I have the GUID and the msi, could I go further and try to determine the uninstall date?
</div>


<div>
Thank you for all your good suggestions on how to find any remnants of software that was previously installed. &nbsp;I thought that I found the software I was searching for, but I was mistaken. &nbsp;All results were inconclusive, but we think that helps in this matter.
</div>


<div>
<div class="content wysiwyg-content">
For legal reasons, I am required to provide evidence of when a software application was installed or uninstalled from a Windows 7 PC. &nbsp;We know the software was uninstalled about 4 years ago from Programs and Features.<br />
<br />
What are some ways / methods / tools that I can use to find the existence of this software. &nbsp;Are there some obscure logs in Windows that record information that could help me? &nbsp;Anything in the registry?
</div>
</div>


For legal reasons, I am required to provide evidence of when a software application was installed or uninstalled from a Windows 7 PC.  We know the software was uninstalled about 4 years ago from Programs and Features.

What are some ways / methods / tools that I can use to find the existence of this software.  Are there some obscure logs in Windows that record information that could help me?  Anything in the registry?

Proof of Software Installation

Software is any set of instructions that directs a computer to perform specific tasks or operations. Computer software consists of programs, libraries and related non-executable data (such as documentation). Computer software is non-tangible, contrasted with computer hardware, which is the physical component of computers. Software written in a machine language is known as "machine code". However, in practice, software is usually written in high-level programming languages than machine language. High-level languages are translated into machine language using a compiler or interpreter or a combination of the two.

Software

Installation is the act of making a computer program program ready for execution. Because the process varies programs often come with a specialized program responsible for doing whatever is needed for their installation. Installation may be part of a larger software deployment process. Cross platform installer builders that produce installers for Windows, Mac OS X and Linux include InstallAnywhere, InstallBuilder and Install4J. Installers for Microsoft Windows include Windows Installer, InstallShield, and Wise Installation Studio; free installer-authoring tools include NSIS, IzPack, Clickteam, InnoSetup, InstallSimple and WiX. Mac OS X includes Installer, and also includes a separate software updating application.

Installation

This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.