Question for those who know more about computers/networking than us:

Avast anti-virus was installed on my-coworker's work computer on Monday. By Thursday, some strange issues like clicking on a program on the desktop would not open the program. The company uses Symantec as its normal anti-virus.

At the same time during the week, our IT contractors were changing permissions, credentials and accesses for reasons undisclosed, possibly due to adding a new employee and other organizational changes.

The company is now claiming Avast caused all the problems and is trying to blame the down-loader; the IT contractor has supposedly agreed in a report.

The co-worker suspects that perhaps other changes the contractor made in the background should also be considered in this situation.

Aren't there logs that could be examined to determine if this is true?
If he were to ask for the log for the week, could it possibly disclose additional info that he could use to defend himself?

__________________
1991 300E 124.030 103.983KE 722358 03 412178
207K

1979 240D 123.123 250K (Project car)

2000 Ford Ranger, 187K

2015 Dodge Ram 1500 EcoDiesel 37K