Trojan Horse Detection

medium Nessus Plugin ID 11157


The remote host might be infected by a Trojan / worm / malware.


An unknown service was found running on this port. Trojan Horses and other malware may sometimes open these ports to allow remote access to the machine.

Ensure that this port is intended to be open and controlled by legitimate software installed by the administrator.


If a Trojan Horse is found running, it is highly recommended that the operating system be reinstalled to ensure removal.

Plugin Details

Severity: Medium

ID: 11157

File Name: trojan_horses.nasl

Version: 1.73

Type: remote

Family: Backdoors

Published: 11/19/2002

Updated: 4/11/2022

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

Required KB Items: Settings/ParanoidReport