Master's Paradise

Threat description



Master's Paradise is not a virus or a trojan. Actually things like NetBus, Back Orifice, Deep Throat, Master's Paradise and Hacker's Paradise are called 'backdoors' or hacker's remote access tools. These tools being purposely or unintentionally installed on any computer provide hidden access to this computer for hackers - i.e. open a 'backdoor' in remote computer system. These tools are quite widespread and used frequently to steal data and delete files on peoples machines.


Automatic action

Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action.

More scanning & removal options

More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

Technical Details

Master's Paradise has client and server parts. The server part has to be installed on remote system to provide access to it. Originally Master's Paradise was spread with the game called 'Pie Bill Gates'. When user runs the game (that was actually a self-extracting archive), the server part of Master's Paradise is installed on his system. Two files are copied to \Windows\ directory: SysEdit.EXE and KeyHook.DLL. Execution of SysEdit.EXE is added to Windows registry to the following key:


With these settings the server part of Master's Paradise will be launched each time Windows starts and will keep listening to certain TCP/IP ports for commands from client part. The client part allows a hacker to control remote computer system where the server part is installed and activated. The client part has dialog interface which makes it easier to manipulate remote system objects.

Capabilities of Master's Paradise and Hacker's Paradise include:

1. Access to all media available on target computer
2. Sending, receiving and deleting files
3. Creating and deleting folders
4. Sending and receiving keystrokes, blocking keyboard access
5. Sending messages and receiving answers from user
6. Controlling any application windows and all their components
7. Highlithing application windows (yellow flash)
8. Receiving screendump in multiple resolutions (can be saved to file)
9. Total or partial control over mouse in Full-Screen Control mode
10. Controlling server part: enabling, disabling, setting password, info
11. Restarting computer
12. Getting RAS information: provider, user name and password
13. Batch processing for automatic poll data from remote computers

Master's Paradise has some addons (depending on its version) - DNS Master, IP Master, Ping Bomber and Port Scanner. German and English interfaces are available.

Master's Paradise was created by Dan Lehmann from Munich Brain House, one of German's hacker groups.

Hacker's Paradise backdoor is a variant of Master's Paradise but it is lacking some bugs and is using different TCP/IP ports.

Submit a Sample

Suspect a file or URL was wrongly detected? Send it to our Labs for further analysis

Submit a Sample

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

More Info