A remote administration utility which bypasses normal security mechanisms to secretly control a program, computer or network.
Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action.
More scanning & removal options
More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.
You may also refer to the Knowledge Base on the F-Secure Community site for more information.
Backdoor:W32/Ghost.gen!A is the Generic Detection for the Ghost backdoor program.Ghost originates from China.
The Server component of this program has the following settings:
- Max connections
- Connect through Socks5
- Use Proxy
- Username/Password support
- Service name/Descriptor name that appears in victim's machine
When using Ghost, a remote attacker can execute the following actions on an infected machine:
- Perform various file operations
- Perform screen captures
- Perform keylogging
- Execute a Remote Shell
- Process Manager
- Uninstall the backdoor from the machine
- Webcam view
- Perform Audio captures
- Download/execute files
- Update the server
- Open URLs