Infection Investigation

  • Thread starter Thread starter markb
  • Start date Start date
M

markb

Recently a computer running Windows 2000 SP4 was infected with a worm. It
claimed to be the netsky32. I used the Malicious Software Removal Tool to
remove it. I need to find out when this system was infected. This particular
worm causes IE to launch and contact a website. So I was thinking of a tool
that will pull up a log and help me to interpret the results. I know the day
the infection occured, just not the time. The RegMon tool is great, but shows
real-time and I need to look back through the log to 14 days ago.

Please assist.
 
Hi Mark,

Without proper information on the infection and the symptoms, its very
difficult to give a reply. However, there are certain ways by which you can
assist us. There is a very good tool called HijackThis. It would be of much
help if you can send the log of your system saved with HijackThis. However,
if you use any AntiVirus, it is recommended that you update it with the
latest definition and then do a complete system scan from Safe Mode.

HijackThis log would be appreciated as we can analyze it to assist u better.
 
Back
Top