Windows Command Shell as Service

high Nessus Network Monitor Plugin ID 6230

Synopsis

When discovering a Windows command shell running as a service, it almost always indicates the system has been compromised.

Description

When discovering a Windows command shell running as a service, it almost always indicates the system has been compromised.

Solution

Treat this system as compromised

Plugin Details

Severity: High

ID: 6230

Family: Backdoors

Published: 1/6/2012

Updated: 6/1/2015