Hi
Some of my customer pc's with nod32 installed have been infected with the "Locky Ransomware" virus. Nod32 did not initially detect the infection our customer noticed a rouge file on a backup drive.
I would like to get more information such as the entry point etc. How can I find this?
On investigation I noticed that a nod32 scan seemed to detect the infection was introduced via a rouge email. I could only get a low res screen shot of this. Is it possible to find this info from the logs and if so where do I look?
Best regards,
D.
collector_log.txt
data_dir_list.txt
Processes.txt