Trojan/Backdoor Detection - Conficker Detection

critical Nessus Network Monitor Plugin ID 4977

Synopsis

The remote host has been compromised and is running a 'backdoor' program.

Description

The remote host seems to be infected by the Conficker worm. This worm has several capabilities that allow an attacker to execute arbitrary code on the remote operating system. The remote host might also be attempting to propagate the worm to third-party hosts.

Solution

Update your antivirus and perform a full scan of the remote operating system.

See Also

http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker

http://support.microsoft.com/kb/962007

http://www.nessus.org/u?1f3900d3

Plugin Details

Severity: Critical

ID: 4977

Family: Backdoors

Published: 3/30/2009

Updated: 1/15/2016

Nessus ID: 36036