Synopsis
Nessus detected potentially unwanted processes on the remote host.
Description
The checksum of one or more running processes on the remote Windows host matches one of the signatures provided using the 'Additional MD5 hashes (optional)' preference (found under the 'Malicious Process Detection' Preference Type) in the scan policy.
Verify that the remote processes are legitimate and authorized in your environment.
Solution
Uninstall the remote software if it does not match your security policy, and investigate your network for further signs of a breach.
Plugin Details
File Name: wmi_malware_user_md5s.nbin
Agent: windows
Supported Sensors: Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/o:microsoft:windows
Required KB Items: malscan/enabled