Malicious Process Detection: User Defined Malware Running (Linux)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.

Synopsis :

Nessus detected potentially unwanted processes on the remote host.

Description :

The md5sum of one or more running processes on the remote Linux host
matches one of the signatures provided using the 'Provide your own
list of known bad MD5 hashes' preference (found under the 'Hash and
Whitelist Files' section) in the scan policy.

Verify that the remote processes are legitimate and authorized in your

Solution :

Uninstall the remote software if it does not match your security
policy, and investigate your network for further signs of a breach.

Risk factor :


Family: Backdoors

Nessus Plugin ID: 91223 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now