Trojan/Backdoor - DeepThroat Detection

Critical Nessus Network Monitor Plugin ID 1910

Synopsis

The remote host has a backdoor installed.

Description

DeepThroat is installed on the remote host. This backdoor allows anyone to partially take the control of the remote system. An attacker may use it to steal your password or prevent your computer from working properly.

Solution

Use RegEdit, and find 'SystemDLL32' in HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run. The value's data is the path of the file. If you are infected by DeepThroat 2 or 3, then the registry value is named 'SystemTray'.

See Also

http://xforce.iss.net/xforce/xfdb/2290

Plugin Details

Severity: Critical

ID: 1910

Family: Backdoors

Published: 2004/08/20

Modified: 2016/01/15

Nessus ID: 10053

Risk Information

Risk Factor: Critical