Results 1 to 7 of 7

Thread: sub7 protection?

  1. #1
    Join Date
    Jan 2002

    sub7 protection?

    i recently discovered i was infected with 2 versions of sub7
    i found them using nortan antivirus
    they were in my windows folder
    can anyone tell me how they got there

    i have both a firewall and norton antivirus yet they still showed up
    they were in the folder even though i haven't added anything to the folder for a few weeks

    please help me if you can

  2. #2
    Senior Member
    Join Date
    Dec 2001
    They could be one of the newer versions of the Sub7 virus, which claim go unnoticed by most antivirus scanners. You probably downloaded a file that had been binded with the virus, which would infect you with it. What firewall are you using, and has it brought up any messages of anyone trying to connect to you on the Sub7 port? Also, you might wanna go to Start-->Run and type in msconfig, then go to the Startup tab at the top, and look in that list for anything that is called just plain 'run=' or something similar. If so, uncheck it because that is almost definitely the trojan.

  3. #3
    Senior Member Ouroboros's Avatar
    Join Date
    Nov 2001
    Superior, WI USA
    or play with the Registry...

    "entia non sunt multiplicanda praeter necessitatem"

    "entities should not be multiplied beyond necessity."

    -Occam's Razor

  4. #4
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    You know if you run a decent personal firewall on your box (not ZoneAlarm) it would've informed you of that lil' program's activities(not ZoneAlarm). Even if you get infected by a trojan,(could be ZoneAlarm) software firewalls can block the outgoing connection when the app is executed.

    Sygate www.syagte.com
    Outpost www.agnitum.com
    Neowatch www.neoworx.com
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  5. #5
    Senior Member
    Join Date
    Feb 2002
    I think you can also get infected with sub7 through e-mail. Someone can mail you the server portion of the trojan disguised as part of a file. That won't show up on the firewall because your e-mail is allowed access through your firewall. If you opened an infected e-mail it's possible that you were infected yet your antivirus didn't detect for the reason previously noted by Jehnx. Yet another reason to be very sure e-mails you open come from a trusted source.
    For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
    (Romans 6:23, WEB)

  6. #6
    Flash M0nkey
    Join Date
    Sep 2001
    preacherman481 but surely in order to be infected from an email strug would have had to have ran the attached .exe?

    best ways to avoid getting a virus or trojan
    • Get a good virus checker and keep it updated
    • get a good firewall
    • If your unsure of something check it before you run it
    • If your sure of something check it anyways
    • once you have checked it - check it again
    • Be paranoid


  7. #7
    Download The Cleaner (you can get it here). It's quite a handy little tool with a heap of features. It'll even monitor your registry for trojan like additions. That comes in very handy when curiousity gets the better of you and you click those strange .exe files in your inbox....

    Also, firewalls that don't monitor about connections aren't really very protective. Here's a cut and paste from GRC-
    Your Internet connection flows both ways . . . so must your security.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts