The following is the attack detaisl i received from the customer. Before contact cisco i posted here for your answers.
Time= 22:44:13 Arab Standard Time
SIGNAME= WWW WinNT cmd.exe Access
Please how can i solve this issue .