A remote administration utility which bypasses normal security mechanisms to secretly control a program, computer or network.
Disinfection & Removal
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
Backdoor:W32/Ghost.gen!A is the Generic Detection for the Ghost backdoor program.Ghost originates from China.
The Server component of this program has the following settings:
- Max connections
- Connect through Socks5
- Use Proxy
- Username/Password support
- Service name/Descriptor name that appears in victim's machine
When using Ghost, a remote attacker can execute the following actions on an infected machine:
- Perform various file operations
- Perform screen captures
- Perform keylogging
- Execute a Remote Shell
- Process Manager
- Uninstall the backdoor from the machine
- Webcam view
- Perform Audio captures
- Download/execute files
- Update the server
- Open URLs