Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan backdoor on port 65000 Devil v.1.03 Stacheldraht


  • This topic is locked This topic is locked
3 replies to this topic

#1 GeekinPink

GeekinPink

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:28 AM

Posted 23 February 2017 - 01:16 AM

This issue has survived a new install of windows and continues to effect my ability to update windows. I think my browser is also infected.
I think it has changed authentication settings and it has made it so that my firewall and virus protection are pretty much worthless.
When I run a scan on the ports using avz I see the devil Trojan as well as one other Trojan.RemoteHack.
I have a bleep ton of established connections as well as listening ones. It appears nvcontainer.exe is associated with the devil Trojan.
I am afraid to plug in my Ethernet cord. My desktop icons flash a lot as well when I am connected.
Please help

BC AdBot (Login to Remove)

 


#2 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,332 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:10:28 AM

Posted 26 February 2017 - 12:33 PM

GeekinPink:

:welcome: to the Bleeping Computer Virus, Trojans, Spyware, and Malware Removal Logs Forum. My name is Phil and I would like to address you by your first name, if that is alright with you since we will be working together.

I will be assisting you with your computer issues. I will endeavor to respond within a reasonable time, normally 48 hours after your last post.

Please run follow the instructions in this post and run a FRST scan for me. Please copy and past the contents of the two logs (FRST.txt and Addition.txt) into your next reply. If your logs are large, you might need to paste one log in one reply, and the other, in another reply. This makes it much faster for me to analyze your logs.

Once I receive the logs, I will need some time to review your FRST logs. That could take a day or two.

PLEASE DO NOT RUN ANY ADDITIONAL SCANS OR ANTI-MALWARE REMOVAL TOOLS UNTIL YOU HAVE RECEIVED A RESPONSE FROM ME.
Doing so would complicate the situation and it would cause further delays in resolving your issues. It could also potentially result in harm to your computer because my "fix" will be based on the FRST scan logs you will submit.

Thank you and have a great day.

Regards,
-Phil


Member of the Unified Network of Instructors and Trusted Eliminators


#3 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,332 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:10:28 AM

Posted 01 March 2017 - 12:48 PM

GeekinPink:

 
Are you still there?  Do you still require assistance?  It has been three days since I last posted to you.
 
According to Forum policy, topics must be concluded after five days of non-response from the Topic Starter.
 
If I have not heard from you in another two days, I will conclude your topic.  You can always reopen it by sending a Personal Message to a Moderator.
 
Thank you and have a great day.
 
Regards,
-Phil

Member of the Unified Network of Instructors and Trusted Eliminators


#4 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,332 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:10:28 AM

Posted 03 March 2017 - 02:46 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Member of the Unified Network of Instructors and Trusted Eliminators





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users