Virus / Backdoor Client Detection (deprecated)

Critical Nessus Network Monitor Plugin ID 4678


The remote host has been compromised and is running a 'backdoor' program.


The remote host appears to be infected with a backdoor. This strain of backdoor malware is known to change the browser 'User-Agent' string in order to identify itself to server machines.


Manually examine and clean the host.

Plugin Details

Severity: Critical

ID: 4678

File Name: 4678.prm

Family: Web Clients

Published: 2008/09/15

Modified: 2016/01/15

Dependencies: 1735, 8314

Risk Information

Risk Factor: Critical