Trojan/Backdoor Detection - Subseven

Critical Nessus Network Monitor Plugin ID 6226


The remote host has been compromised and is running a 'Backdoor' program


The remote host seems to be running a trojan or 'backdoor' program - BACKDOOR subseven 22. This is typically an indicator that the machine has been compromised and is now being remotely controlled.


Manually inspect and repair the infected host

Plugin Details

Severity: Critical

ID: 6226

File Name: 6226.prm

Family: Backdoors

Published: 2012/01/06

Modified: 2016/01/15

Risk Information

Risk Factor: Critical