Event ID - 6671

Port No6671
Service NameDTV2
RFC Doc0
ProtocolTCP
DescriptionThis is a net hack tool similar to the Back Orifice virus. This virus is composed of a client-server combination of programs.

If the server portion of this virus is active in a computer connected to the Internet, a remote user with the correct IP address and the client part of this virus can connect and take control of the system. These combination of programs serve as a set of remote administration utilities and a hacker tool.

Once a remote user has taken control of an infected system, the remote user is capable of doing just about anything on the infected computer. The remote user can manipulate (and even delete) files in the infected system and it could modify just about all the settings of the computer system available through Windows. It is also capable of controlling the monitor and the mouse and it is capable of playing around with the system passwords.
Reference LinkDTV2
AttackDetails:

The system patcher (or server) component of the virus will drop the file called "systemio.exe" in the Windows SYSTEM subdirectory. If the said file exists, simply delete it.
The remote control (or client) component provides an interface for the remote user to control an infected system remotely. The interface is essentially a dialog box with a DOS-prompt like screen and numerous buttons. It is entitled "Deep Throat Remote Control".

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.