Malicious Process Detection: User Defined Malware Running

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.


Synopsis :

Nessus detected potentially unwanted processes on the remote host.

Description :

The md5sum of one or more running processes on the remote Windows host
matches one of the signatures provided using the 'Additional MD5
hashes (optional)' preference (found under the 'Malicious Process
Detection' Preference Type) in the scan policy.

Verify that the remote processes are legitimate and authorized in your
environment.

Solution :

Uninstall the remote software if it does not match your security
policy, and investigate your network for further signs of a breach.

Risk factor :

Critical

Family: Windows

Nessus Plugin ID: 65548 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now