What is Forensic Timeliner?

Document created by drossler Employee on May 11, 2017Last modified by jyamada on Jun 9, 2017
Version 2Show Document
  • View in full screen mode

Forensic Timeliner (timeliner.exe, or Timeliner) is a standalone feature that ships with Malwarebytes Breach Remediation. It is used to collect and export system timelines on Windows systems for forensic analysis.  The output is CSV or CEF event logging.  It is written in C++ using the Windows API, and is packaged as a single portable Windows executable (EXE).
Timeliner runs on Windows XP through Windows 10, 32 and 64-bit, and has no dependencies other than standard Windows DLLs. 


Note: It does not run on Mac OS.