Trojan/Backdoor Detection - Doly 2.0

critical Nessus Network Monitor Plugin ID 6224

Synopsis

The remote host has been compromised and is running a 'Backdoor' program

Description

The remote host seems to be running a trojan or 'backdoor' program - Doly 2.0. This is typically an indicator that the machine has been compromised and is now being remotely controlled

Solution

As the system appears to be compromised, you should both inspect and manually clean the remote system.

Plugin Details

Severity: Critical

ID: 6224

Family: Backdoors

Published: 1/6/2012

Updated: 11/23/2016