|
|
#1
July 25th, 2008, 11:23 AM
|
||||
|
||||
Info on Win32/Spy.Agent.NES trojan
I would like more information on a recent activity log I received from a user's computer.
First I am unable to learn anything about this particular threat, what it is, what is does, etc. Second, as you can see I am unable to determine the location of the attempted infection. It says "invalid_name". If I knew more info on this particular malware I might know where to look for it. My biggest concern are the dates listed. It looks like it was detected during computer shutdown and again when the computer was booted the following morning. My concern is that something has infected the computer and is now being detected, but unable to remove. I am unable to reboot the computer at this time and will have to wait to see if this situation repeats itself. Any feedback appreciated. Column Name Value Alert Id Alert 548 Client Name ****** Primary Server xxx.xxx.xxx.xxx Date 2008-07-24 16:07:47 Received 2008-07-25 06:52:46 Module IMON Object archive Virus Win32/Spy.Agent.NES trojan Name invalid_name Action connection terminated Info Log Details Ready Comment Log Details invalid_name invalid_name »ZIP »INVOICE_8712.exe - Win32/Spy.Agent.NES trojan |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
