Trojan/Backdoor Detection - Windows Command Shell as Service

High Nessus Network Monitor Plugin ID 6229

Synopsis

The Windows command shell appears to be running as a service on this host.

Description

When discovering a Windows command shell running as a service, it almost always indicates the system has been compromised.

Solution

Treat this system as compromised

Plugin Details

Severity: High

ID: 6229

Family: Backdoors

Published: 2012/01/06

Modified: 2015/06/01

Risk Information

Risk Factor: High