Event ID - 4661

Port No4661
Service NameBackdoor.Nemog.D
RFC Doc0
ProtocolTCP
DescriptionBackdoor.Nemog.D is a backdoor Trojan horse program that allows an infected computer to be used as an email relay and http proxy. It also blocks access to several security-related Web sites.
Reference LinkPort Number:4661 Service Name:Backdoor.Nemog.D Port:TCP
AttackAccording to Symantec

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
Important: On computers running Norton AntiVirus 2005 or later, the QuickScan tool will automatically search for and remove malicious threats when new virus definitions are downloaded. While every effort has been made to ensure that the QuickScan tool removes all the traces of a malicious threat from an infected computer, we advise that you confirm that all the files and registry entries have been removed. We recommend following the manual removal steps and deleting any threat-related files or registry entries remaining on the computer.
1.Disable System Restore (Windows Me/XP).
2.Update the virus definitions.
3.Run a full system scan and delete all the files detected as Backdoor.Nemog.D.
4.Delete the value that was added to the registry.
5.To delete the added lines from the Windows Hosts file.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.