It depends on what you have on that machine, do you have something other than the event log that would record traffic/connections to your machine? If not you should install something like the win32 port of Snort (http://www.snort.org/dl/binaries/win32/), I don't know if you can use MySQL and ACID like on Linux, but Snort records attacks into the MySQL database, and you use ACID to view what those attacks were. I also have awstats (http://awstats.sourceforge.net) interprets my Apache log files, where I can see some of the maclious url for exploits coming to my webserver. On my XP Pro boxes I have PC-cillin, which logs attacks like that and has the fire wall. Of course so does my home router. If you have all the registration numbers and CD's for your installed software, reinstall the OS, patch, reinstall application software and then harden your system. Then you will know you are safe.