Backdoor.Meciv

Backdoor.Meciv is a backdoor Trojan that creates critical security vulnerabilities to allow remote criminals to access your computer. Remote attacks that are caused by Backdoor.Meciv and similar infections are a source of DDoS attacks, theft of private information and potentially serious damage to your operating system. Some variants of Backdoor.Meciv will work in collusion with other Trojans, and any attempts to remove Backdoor.Meciv, you should make use of full system scan with an appropriate anti-virus program to detect and remove related PC threats.

Backdoor.Meciv's Three-Step Fake Document Attack

Backdoor.Meciv and related malicious programs were first seen in late 2010 and early 2011 and any anti-virus software that uses older threat databases may not be able to delete Backdoor.Meciv. The standard Backdoor.Meciv Trojan can attack most versions of Windows from 95 up to Vista, although attacks on Windows 7 haven't yet been confirmed.

Some variants of Backdoor.Meciv have been known to use a unique infiltration method that involves RTF file exploits. The RTF file (current samples contain Russian text relating to crime scandals or holiday greetings) will execute malicious code after being opened by Microsoft Word. This code then installs a dropper Trojan variant of Backdoor.Meciv and the dropper Trojan, in turn, installs Backdoor.Meciv.

Despite the inclusion of a Backdoor.Meciv installer, the RTF file in question may also function as a normal RTF file, complete with text or image-based content. Since there are no signs of Backdoor.Meciv being present on your PC, you may not realize that Backdoor.Meciv has been installed until it's too late.

Why You Need to Turn Your Back to Backdoor.Meciv's Holiday Greetings

Backdoor.Meciv's main goal is to disable your security by any means necessary to allow remote criminals to gain control over your PC. These attacks can manifest in the form of a changed port or firewall setting, disabled firewalls and other security-related programs, the appearance of unusual files, folders or memory processes or in excessive memory usage that slows down your computer.

Remote access of your PC can allow criminals to install other harm applications, steal personal information such as account passwords and force your computer to become part of a Distributed-Denial-of-Service botnet or destroy your PC outright.

You may be able to notice a Backdoor.Meciv attack by some of these common symptoms:

• Open network ports. Backdoor.Meciv may spontaneously open ports to allow itself to access IRC servers, websites and other external entities without your consent. By default, most ports should be closed unless you've deliberately opened them.
• Unfamiliar exceptions added to your firewall. Windows Firewall and other firewall programs allow you to add program-based exceptions that will ignore the firewall for traffic purposes. However, Backdoor.Meciv may add itself to the firewall without your permission, thus, keeping your firewall up while simultaneously making it worthless. There should be no exceptions in your firewall unless you've personally added them.
• A non-functioning firewall or other security program. Many backdoor Trojans such as Backdoor.Meciv will prevent certain programs from working at all, usually by deleting the program's associated Registry entries. You may also see fake error messages that (inaccurately) announce that the program is infected.