In event viewer, Is there a way to tell if the CD tray has been opened.

We have discovered that someone had put a bootable disc into a PC at a branch office. There is no legitimate reason for anyone to use CDs in this office. This PC now comes up on a virus scan. We are trying to find out when that might have happened so we can look at security tapes to find out who installed it. Is there a way in event viewer to see when the tray was opened or when any malicious software may have been installed?

Thanks in advance for any info.