Can anyone tell me about the following, it came in my Sygate Security Log. [364] Agentless HTTP request to www.microsoft.com, possible BlackWorm infection dectected Is there something here I should be worried about? I have ran Nod32 and searched for the word in my files. If you have any help I will happy to get it. Thanks Twodogs44
A request to test connectivity to microsoft.com which has the same pattern as Blackworm. FYI Blackworm disables antivirus and adds itself to auto start list.
Thanks Meriadoc for your reply. My next question is as follows....Would Sygate not know the difference between the two?
Well this is why you see the log entry. Sygate is saying something has happened that has the same characteristics as this worm. Probably not but I have'nt seen the rest of your log and I'm not infront of the machine. I would say Sygate/Nod32 are doing their job but if you are worried google Blackworm and have a look at the symptoms of the worm or do a couple of online scans and get a second opinion. Second opinions Kaspersky activeX Ewido micro
