Backdoor (Generic)

Classification

Category :

Malware

Type :

Backdoor

Aliases :

Backdoor (Generic), Backdoor.generic, Gen:variant.backdoor

Summary

A generic detection has identified a program or file that has features or behaviors similar to a backdoor.

Security programs use generic detections that look for broad patterns of code or behavior to identify similar programs or files. If you suspect the file was incorrectly detected, go to: Removal: Suspect a file is incorrectly detected (a False Positive)?.

Removal

Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.

A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:

  • Check for the latest database updates

    First check if your F-Secure security program is using the latest updates, then try scanning the file again.

  • Submit a sample

    After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.

    Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.

  • Exclude a file from further scanning

    If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.

    Note: You need administrative rights to change the settings.

Technical Details

A backdoor is a remote administration tool (RAT) that allows a user to access and control a computer, usually remotely over a network or the Internet.

While backdoors can be used for legitimate activities by authorized administrators, they can also be used by attackers to gain control of a computer or device without the knowledge or consent of its user or administrator.

Installation

Attackers can distribute a backdoor to potential victims in numerous ways - for example, as part of the payload for a worm or trojan; as a disguised file attached to a spam email; as a file shared on peer-to-peer (P2P) networks, and so on.

Attackers typically rely on either social engineering or exploiting a vulnerability to install the backdoor on a computer.

Impact

A backdoor is usually able to gain control of a system because it exploits undocumented processes or features in an operating system or installed program. Depending on how sophisticated a backdoor program is, it can perform actions such as:

  • Sending and receiving files
  • Browsing through the hard drives and network drives
  • Getting system information
  • Taking screenshots
  • Changing the date/time and settings
  • Playing tricks like opening and closing the DVD drive