May 9th, 2002, 10:38 PM
subseven file is in write protected area
I have Command AntiVirus 95 and when I did a hard drive scan, it detected a file in C:\_RESTORE (system restore because I have Windows ME) as a security risk or a backdoor program (I downloaded a gta 2 game off kazaa and when I ran the installation it installed the subseven server file). I have disabled system restore and restarted my computer and it still won't delete. I have scanned with McAfee VirusScan 6.02 (all defs updated) and it will not detect this file. My Command AntiVirus cannot delete it because it is on a system restore file (even with system restore disabled) and I cannot delete the file either. My McAfee doesn't detect it (even in DOS scan). I have even entered my windows in safe mode and it still won't delete. I don't know what else to do.
May 9th, 2002, 11:22 PM
Have you considered trying The Cleaner by MooSoft?
If you try it, how about posting back about any problems with uninstallation?
May 10th, 2002, 11:36 AM
My daughters machine managed to find itself with Netbus and Sub7 (OK win98) McAfee/PC-Cillin and Panda online scan couldn't detect it. but firewall logs reported repeated attempted access on ports 1120 and 1243 over several nights and all to her machines IP, as well as quater hourly attempted NetBios scans while her machine was running. My mistake I investigated what was going on, instead of just going in and removing the crap.
Now a Clean install and Reset BIOS later. no more entries on the firwall log.
hint: Trend Micro firewall sucks
Never had to try to delete a undeletable file in ME..
Make sure System restore is still off.
the Restore folder is a "hidden" "system" and so would the restore file. Are you able to change the attributes from windows of the file? if so, change then try to delete it.
If that fails, try changing the attributes of the "_Restore" folder once the system attribute is removed rename the bugger or delete it, and restart the machine..
other wise you may have to play in DOS or my solution when ID-ten-T errors made a mess.. or typical M$ decay of ME.. Reset BIOS, repartition and format hdd, then Insert our Custom restore CD..
see how ya go - I trust this did help..
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
May 10th, 2002, 10:23 PM
My Norton Personal Firewall 2002 keeps detecting attempts from Backdoor/SubSeven and keeps blocking them. Even with a firewall I still do not want these files on my system because what if the hacker finds some stealth tool and gets past it (not unless they have already). It won't even let me rename the file!
May 10th, 2002, 10:29 PM
Well if all else fails make a dos boot disk and delete if from there. Hope that helps