Conficker P2P Service Detection

critical Nessus Plugin ID 36217


The remote host seems to be infected by a variant of the Conficker worm.


The remote host seems to be infected by the Conficker worm. This worm has several capabilities that allow an attacker to execute arbitrary code on the remote operating system.

The remote host might also be attempting to propagate the worm to third-party hosts.


Update the host's antivirus and perform a full scan of the remote operating system.

See Also

Plugin Details

Severity: Critical

ID: 36217

File Name: conficker_p2p_detect.nbin

Version: 1.88

Type: remote

Family: Backdoors

Published: 4/22/2009

Updated: 3/19/2024

Configuration: Enable thorough checks

Asset Inventory: true

Supported Sensors: Nessus

Risk Information


Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C