HTTP Backdoor Detection
Critical Nessus Plugin ID 35322
SynopsisThe remote host may be compromised.
DescriptionRegardless of the request that's made, the remote web server returns a Microsoft executable. This is highly suspicious and may be indication of a worm. For example, the Conficker.A / Downadup worm is known to propagate in this fashion.
SolutionCheck the host and disinfect / reinstall it if necessary.