Trojan/Backdoor Detection - Subseven

Critical Nessus Network Monitor Plugin ID 6226

Synopsis

The remote host has been compromised and is running a 'Backdoor' program

Description

The remote host seems to be running a trojan or 'backdoor' program - BACKDOOR subseven 22. This is typically an indicator that the machine has been compromised and is now being remotely controlled.

Solution

Manually inspect and repair the infected host

Plugin Details

Severity: Critical

ID: 6226

File Name: 6226.prm

Family: Backdoors

Published: 2012/01/06

Modified: 2016/01/15

Risk Information

Risk Factor: Critical