Trojan/Backdoor - JS.Scob.Trojan/Download.Ject Detection

Critical Nessus Network Monitor Plugin ID 1229

Synopsis

The remote host has a backdoor installed

Description

The remote web server is infected with JS.Scob.Trojan or Download.Ject Trojan. This Trojan installs malicious code on all web pages and infects clients as they browse the server. Specifically, the Trojan's dropper sets it as the document footer for all pages served.

Solution

Stop the IIS server and use an Antivirus product to remove the Trojan. Consider re-installing the operating system.

See Also

http://www.microsoft.com/security/incident/download_ject.mspx

Plugin Details

Severity: Critical

ID: 1229

Family: Backdoors

Published: 2004/08/20

Modified: 2016/01/15

Dependencies: 1442

Risk Information

Risk Factor: Critical