One of the companies I do work for has a sister company that recently had a virus problem.
This is what I know and its all second hand knowledge. What there being told by there tech support is they were infected with some "steam" games on there network (8 PC's and a server) they had there modem fail and after they did some research and found that someone had accessed three old user profiles on the server (apparently novel user accounts which they no longer used) and using those user account there were downloading so much data from the server it crashed the modem. Again this what I was told not what I saw for myself. My question is how can I tell what data was downloaded off the server using those accounts that were compromised. 2003 server