how to know threat source?

Hello,

Some malware infected files to others computer through Windows SMB protocol.. for example.. Win32/Alman virus, like the attach file. Although ESET could detect and clean the virus.. but if I can't fix the real been infected computer, I'll generate the log continue. So I'd like to know if possible and easy to know where is the threat source?

Thanks!

 

The question is why files in the Program files folder get infected. If there's another infected computer in LAN, you probably have administrative shares enabled and the admin accounts have no or weak password set.

 

In this case, it's a test system and only for explain this kind malware of situation. Sometime computers want to share some folders to users or have to grant access rights to users in the file servers.. If some computers been infected via Win32/Alman.xx or similar malware in the enterprise network, these are a lot of files been infected, ESET could protect these files very well, but don't record in log where is the threat source. So we don't know how to fix the threat source. Then we'll see a lot of log been generated. I known another antivirus software could show the source clearly, so I'd like to ask if ESET antivirus have these kind of information? or do I have other easy method to get the information?

Thanks for your replay.