Stuxnet Infected Host Detection
Critical Nessus Network Monitor Plugin ID 5738
SynopsisThe remote host has been compromised and is running a 'Backdoor' program
DescriptionThe remote host is running the Stuxnet trojan. This was determined based on the RPC UUID. Stuxnet is a Trojan which uses multiple vulnerabilities to infect and spread to nearby hosts. Ultimately, the Trojan attempts to gain access to a SCADA network.
SolutionManually clean the infected machine