Bionet is a backdoor - hacker's remote access tool. It's not so advanced as Sub7 or BackOrifice or Netbus backdoors. It consists of server and client parts. The server part is usually hiddenly installed on a victim's computer and it can be controlled by a client part from another (hacker's) computer when both systems are on Internet.
Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.
A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:
Check for the latest database updates
First check if your F-Secure security program is using the latest updates, then try scanning the file again.
Submit a sample
After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.
Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.
Exclude a file from further scanning
If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.
Note: You need administrative rights to change the settings.
A victim usually gets infected with a server part by clicking on infected attachments that is sent to him by his on-line 'friends'. The server part when run gets installed as LIBUPDATE.EXE file into \Windows\ folder. It modifies Windows registry to be run during all windows sessions. Also the keylogging DLL named BNHOOK.DLL is dropped into the same folder.
The server part allows a hacker to perform the following actions on a remote system:
Open/close CD-Rom drive tray Capture screen of remote system Shutdown Window, reboot, power down a system Send messages to remote system and get replies Open file manager and execute, upload, download and delete files on remote system Show/hide Start button Set and trace position of mouse cursor on remote system Terminate certain applications Direct remote system webbrowser to any webpage Get server version info and remove it from a remote system Log all the events
To perform disinfection it is enough to delete the server part of this backdoor from a system. It's better to do it from pure DOS.
Ask questions in our Community .
Check the user guide for instructions.
Submit a Sample
Submit a file or URL for analysis.