MoonLit Virus Backdoor Detection

Critical Nessus Plugin ID 15586


The remote host has a malicious application installed.


The system is infected by the MoonLit virus, the backdoor port is open.

Backdoor.Moonlit is a Trojan horse program that can download and execute files, and may act as a proxy server.


Ensure all MS patches are applied as well as the latest AV definitions.

See Also

Plugin Details

Severity: Critical

ID: 15586

File Name: moonlit_virus.nasl

Version: Revision: 1.12

Type: remote

Family: Backdoors

Published: 2004/10/30

Updated: 2013/01/30

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C