12346 Netbus Backdoor trojan showing up on my girlfriends phone. - Thunderbolt General

So I did a search and couldn't really find any info on what this is. today I was scanning everything attached to my network with Fing and her phone came up with a TCP 12346 netbus backdoor trojan. Not sure where to go from here to find and remove it. my guess is she got it from using mp3 music downloader. any help is much appreciated.

Anyone????

What did you use to scan it with?
Sent from my ADR6400L using Tapatalk

Turd Furguson said:
What did you use to scan it with?
Sent from my ADR6400L using Tapatalk
Click to expand...
Click to collapse
look out security

Android NetBus backdoor trojan
Bump. I have seen this "12346 NetBus backdoor trojan" during a fing (overlooksoft) service scan. What does xda have to say about this?
Wikipedia gives a interesting article about theNetBus trojan horse.
The person that owns the phone claims that they clicked on a link in an email and the phone froze.
The only solution I have dug up is a factory reset. I did, ran another scan and it didnt change.
Ill be looking for feedback!

same 12346 netbus back Door trojan
Fing app tells me that my Phone has 12346 port open. Any advice? Thanks

For anyone still wondering
I also used Fing and found the same open port and it seems If you use the Rhapsody service then that is your answer if you dont then go fish, best of luck, hope this helps . . . . at least to anyone that uses Rhapsody

I also have Rhapsody/Napster and I also did a scan with the Fing app, and got the same Netbus backdoor trojan in the running services when scanning with Fing. This is totally a guess but if its Napster then it would make sense that the app keeps a port open so it can block the service if your subscription is canceled or suspended. My experience is that if you force Napster into offline mode before its cancelled or suspended it wont block the service because its not actively searching for the network. I have done this with Napster a few times.

Install TWRP and reformat the drive... then re-flash the stock firmware.

Related

ESET Mobile Antivirus (NOD32) - beta

you can download ESET Mobile Antivirus here. more info about beta testing can be found here.
it is still in beta phase, but you can try it, it is free.
features:
- starts automatically after soft reset
- real time monitor
- automatic update
- on-demand scan
...
this version is working on kaiser. only problem for me is lack of option to hide tray icon because i don't like tray on my today screen.
antihrist said:
you can download ESET Mobile Antivirus here.
looks like it is still in development phase, but you can try it
Click to expand...
Click to collapse
Is it freeee????
i couldn't find much info about this, but it installs on device with no problem and i don't see any registration info. on site there is no "buy" option, so i guess it is free for now. it looks like it is some beta version. i don't recall any eset mobile product, so i guess this is just start.
ok, this is beta. take a look at this site for details. you can also receive some discount coupon after beta testing is over.
eset
it has username and password required...?
Antivirus for mobile
They create the need, we think we need it, then they sell it to us!
I have never had any virus on my mobile and till it get´s extremely necessary I wont use one...
Just my opinion.
anyone ever got something like these? solved by hard resetting my device
they took it down would you mind uploading the file? also could you explain how to obtain the login credentials?
Went off the desktop version when I got a keylogger and it didn't detect it. The free AntiVir detected it and removed it fine, never looked back.
Don't currently run any AV on my android phone, think setting up droidwall would be a better idea that worrying about android viruses/malware
orb3000 said:
Antivirus for mobile
They create the need, we think we need it, then they sell it to us!
I have never had any virus on my mobile and till it get´s extremely necessary I wont use one...
Just my opinion.
Click to expand...
Click to collapse
You never know...as phones get more and more "smart" we have to be aware that it is more and more sensitive for attacks... SO choose a free one if you don't want ot pay...
Cheers

Kaspersky says trojan in SuperOneClick

Hi all,
I am a bit confused. I see lots of good responses to SuperOneClick and I would certainly like to root my SGS, but when I want to download the tool, Kaspersky kicks in and says it has a trojan. The downloaded file is then not usable anymore.
I've searched the net, but don't see anything about it. Anyone know what's up?
Why does Kaspersky say that SuperOneClick got a trojan? Tried several versions from this XDAsite.
Probably because phone carriers/manufacturers paid them to say so. Just disable kaspersky then download.
Sent from my HERO200 using XDA App
I do not believe that carriers/manufacturers payed Kaspersky to give that warning....Someone with more information?
Either what the other user said or a false positive, if you are worried test it through VirusTotal, just upload a file and itll scan it through a bunch of scanners.
reason why is
take it from someone whos knows anti viruses the one click root program alters boot sequence on an item doesn't have to be your computer virus's do the same some don't but the really nasty ones do so any thing that does such a thing is percived as a threat
Jbcarrera said:
take it from someone whos knows anti viruses the one click root program alters boot sequence on an item doesn't have to be your computer virus's do the same some don't but the really nasty ones do so any thing that does such a thing is percived as a threat
Click to expand...
Click to collapse
OK, not trying to be a gramme nazi, but your mini block of text is not coherent. I actually would like to know what you mean.
Sent from my SCH-I500 using XDA App
Mageta said:
OK, not trying to be a gramme nazi, but your mini block of text is not coherent. I actually would like to know what you mean.
Sent from my SCH-I500 using XDA App
Click to expand...
Click to collapse
Sorry force of habit when typing quickly.... What i was trying to say is that anti-viruses percive anything that changes code, I.E. boot sequence or O.S. (Operating System) main code as a threat. Computer viruses change code to do their damage, a trojan will change code to make a back door in to your computer or just delete code slowly till your computer is unbootable. Rooting your phone is to change the code originally set on your phone, so most anti-viruses will see one-click roots as a virus since it does all the work automatically and won't recognize simple zip files sinces they are lines of code that aren't being run in sequence to change code.......... any questions?

New internet virus - very dangerous

My firefox suddently started opening a popup asking what to do with a "frame.html" file from http://188.126.79.73
after opening the frame.html file here is it`s source:
Code:
<applet width='10' name='Adobe Flash Player Update' height='11' code='FlashPlayer.class' archive='http://188.126.79.73/FlashPlayer.jar'>
I believe this is a virus. EVERY firefox tab I have open produces one of those popups asking if I want to open with or save the frame.html file. If I refresh a tab it produces a new popup of the same type. This is a bad virus, really bad. I don`t have any clues on how to stop it from harassing my firefox. it seems to use some ICAP stuff to blow every firefox tab. I need some help here.
I'd reinstall Firefox and Flash before jumping to any conclusions. It may just be a bug. You could try running a couple of scans to be on the safe side. Malwarebytes and HijackThis will find anything nasty.
already did that, the website which it`s redirecting to download that "update" is not from adobe, so it's a virus... I just don't know how to clean it because it has infected all my firefox.
fscussel said:
already did that, the website which it`s redirecting to download that "update" is not from adobe, so it's a virus... I just don't know how to clean it because it has infected all my firefox.
Click to expand...
Click to collapse
Hello. Have you tried to uninstall and reinstall ff? yes you probably have...
Have you tried a restore point?
imo,humbly, If its as bad as you may think, and no scans are finding it, then you may have to go through your RegKeys and google them to locate anything uncommon.
I hope your wrong about it alltogether though!
good luck
chrisnk1 said:
Hello. Have you tried to uninstall and reinstall ff? yes you probably have...
Have you tried a restore point?
imo,humbly, If its as bad as you may think, and no scans are finding it, then you may have to go through your RegKeys and google them to locate anything uncommon.
I hope your wrong about it alltogether though!
good luck
Click to expand...
Click to collapse
no, I'm not wrong, I have AVIRA antivirus always on and update, I've tried that malware software which was suggested, both don't find anything, but now I just tried to access my router setup and I can't!!!! it says timeout, which is impossible. So what I have found out is that this virus put a layer between firefox and the webadress, like a proxy or something, probably some stuff called ICAP which I don't know what it is... and I don't know how to remove. All my address are being redirected... I get the webpage loaded but with this damn window "applet.html" which is the virus...
idk if you speak about phone or pc..
this will for sure work on pc, ,idk about phone..
find combofix from google..
it is free
be careful about the name as there are counterfeits
it Will fix browser probs where MWB and everything else ive ever seen fail..
after reseting my router everything went back to normal. Is there any virus which infects a router?
B4 doing something potentially damaging to a system...
Do a whois for that ip address. You will see that this ip address is a vpn service. Which means redirects are expected. Now did you install or configure any vpn recently? Try to disable it and see if you still get the popups. relax mate.
Sent from my HTC Desire HD using Tapatalk
lordskid said:
B4 doing something potentially damaging to a system...
Do a whois for that ip address. You will see that this ip address is a vpn service. Which means redirects are expected. Now did you install or configure any vpn recently? Try to disable it and see if you still get the popups. relax mate.
Sent from my HTC Desire HD using Tapatalk
Click to expand...
Click to collapse
if it was a vpn problem it would only happen in my pc, but was happening in every pc in the house. After rebooting the router the problem solved. Which I can only assume that my router was compromised.

mailvare, spyware, virus?

hi looking for an advice now as went on holidays and used my hotel network to connect to internet and now on the third day I got about 30 emaills saying MAIL DELIVERY FAILURE!!! Those emails were returned as not delivered but plenty were sent and got email from friend of mine asking whats going on with me as he got some adds from my address...
have three different mails and that particular one was remembered by browser the other two have set up on android gmail application but when saw these 30 failure delivery didnt go to android app...
so can some1 tell me whats that about ? is xoom really infected? i mean can android which is linux based get infected that way? what should i do? hard reset? i remember doing hard reset leaves all data like music etc so can any infected file stay here after reset?
got AVG antivir and after scanAVG says tablet is clean... installed DroidDream malvare detection and it also says tablet is clean... finally installed GuardX and it also says xoom is clean
so whats going on here virus? spyware? whats best advice u can give me ?
This happens to my Hotmail account not to long ago and was told to change password and check settings to make sure the vacation auto reply was not activated. Maybe while you were at the hotel some was monitoring and got your password. That is what I suggest. I haven't heard android getting viruses.
Hope this helps
Sent from my Xoom using XDA
Its yahoo mail...i hope its the case of password,'changing it now and will see in day or two if ay more spams out of my account ...
Thank you for reply
Good luck

[Q] Track a phone using the mobile #

I was recently told that there is an app that tracks any phone using the mobile number.
Apparently you dont need it installed on the phone your tracking all you need is to know their mobile phone number.
Is this even possible?
Can anyone tell me if this person is talking out of their A$$ or if this app ever existed? because it would be amazingly helpful in finding an Optimus G that was recently stolen from me. (I know who has it and know the # associated with their sim.)
If you can confirm this, can you also provide a link for download please? many thanks.
EDIT: I never wrote down my IMEI or serial #.. so Im kind of hooped.. Is there anyway to push an app to someone elses phone? or someway I can get this dealt with that I may not have thought of yet? My carrier has no log of the phone because I didnt buy it through them.
Tracking mobiles!
KXIX said:
I was recently told that there is an app that tracks any phone using the mobile number.
Apparently you dont need it installed on the phone your tracking all you need is to know their mobile phone number.
Is this even possible?
Can anyone tell me if this person is talking out of their A$$ or if this app ever existed? because it would be amazingly helpful in finding an Optimus G that was recently stolen from me. (I know who has it and know the # associated with their sim.)
If you can confirm this, can you also provide a link for download please? many thanks.
EDIT: I never wrote down my IMEI or serial #.. so Im kind of hooped.. Is there anyway to push an app to someone elses phone? or someway I can get this dealt with that I may not have thought of yet? My carrier has no log of the phone because I didnt buy it through them.
Click to expand...
Click to collapse
You can track a mobile using ANDROID DEVICE MANAGER which is pre-installed in mobiles if the play store gets updated.
ANDROID DEVICE MANAGER can be accessed through
SETTINGS --> SECURITY --> DEVICE ADMINISTRATORS
Once you activate ANDROID DEVICE MANAGER, you can track your mobile, erase datas from your lost mobile by logging in to ANDROID DEVICE MANAGER in a web browser by giving the email id and password which you used in your mobile.
However i dont recognize any app that tracks a mobile using IMEI number..
KXIX said:
I was recently told that there is an app that tracks any phone using the mobile number.
Apparently you dont need it installed on the phone your tracking all you need is to know their mobile phone number.
Click to expand...
Click to collapse
I'd be very very careful with apps advertized having this feature.
In theory, the mobile provider can track your phone, because they issued the SIM and phone number to you. But the providers don't supply this information to anyone but law enforcement/NSA/other three letter agency. Imagine the stalking possibilities...
Why I'd be very careful (as in: not downloading and installing at all...) about this is, that I've seen websites advertizing this service, and when you enter a phone number, you're asked to download and run an exe file. It probably won't work but infect your computer with malware.
I doubt it's any different with android apps.
If you install a tracking app on your phone yourself that reports to somewhere (e.g. google device tracking, "lost my iphone"), that's a whole different situation - you're voluntary giving your position to someone to keep, and that's sensor data acquired from your phone.
The truth
Everyone needs to know the truth that is sometimes hidden behind the most deceptive appearances. Everyone, too, needs to be certain of the sincerity of their relatives...
SpyBubble is likely to become the best smartphone application for that => phoneservicetracker.com
KXIX said:
I was recently told that there is an app that tracks any phone using the mobile number.
Apparently you dont need it installed on the phone your tracking all you need is to know their mobile phone number.
Is this even possible?
Can anyone tell me if this person is talking out of their A$$ or if this app ever existed? because it would be amazingly helpful in finding an Optimus G that was recently stolen from me. (I know who has it and know the # associated with their sim.)
If you can confirm this, can you also provide a link for download please? many thanks.
EDIT: I never wrote down my IMEI or serial #.. so Im kind of hooped.. Is there anyway to push an app to someone elses phone? or someway I can get this dealt with that I may not have thought of yet? My carrier has no log of the phone because I didnt buy it through them.
Click to expand...
Click to collapse
I don't think tracking a phone using the mobile number is possible for consumers, if you lodge a police complaint they may go through your mobile carrier and then track it (depending on how much effort the police in your country put in for a lost phone). But if you know who stole it and their phone number that's a good enough basis to talk to the cops, you're going to need some proof of purchase of the phone though...
Just in case the guy hasn't wiped the phone and one of your accounts is still active on it, you can push apps through that account on Google Play by going to the Google Play website on your pc and logging in with that account. Then you can push one of many tracking apps and figure out where your phone is. My personal favourite is an app called 'android lost' through which you can do the usual - track, wipe, ring, vibrate etc but you can also access the mic and the cameras.
Also, you can maybe play it smart with some social engineering. Get a girl to call up the guy and ask him out at some place and you'll find him there!
do u got a way for the Iphone too?
kavb1986 said:
You can track a mobile using ANDROID DEVICE MANAGER which is pre-installed in mobiles if the play store gets updated.
ANDROID DEVICE MANAGER can be accessed through
SETTINGS --> SECURITY --> DEVICE ADMINISTRATORS
Once you activate ANDROID DEVICE MANAGER, you can track your mobile, erase datas from your lost mobile by logging in to ANDROID DEVICE MANAGER in a web browser by giving the email id and password which you used in your mobile.
However i dont recognize any app that tracks a mobile using IMEI number..
Click to expand...
Click to collapse
do u got a way for the Iphone too?
Please give me download app
ishaang said:
Also, you can maybe play it smart with some social engineering. Get a girl to call up the guy and ask him out at some place and you'll find him there!
Click to expand...
Click to collapse
This.
ramiabouzahra said:
This.
Click to expand...
Click to collapse
As if they'd keep the original number? Can't call if the number has been changed.
Sent from my LGL84VL using Tapatalk

Categories

Resources