subseven file is in write protected area
Results 1 to 5 of 5

Thread: subseven file is in write protected area

  1. #1
    Banned
    Join Date
    Apr 2002
    Posts
    156

    subseven file is in write protected area

    I have Command AntiVirus 95 and when I did a hard drive scan, it detected a file in C:\_RESTORE (system restore because I have Windows ME) as a security risk or a backdoor program (I downloaded a gta 2 game off kazaa and when I ran the installation it installed the subseven server file). I have disabled system restore and restarted my computer and it still won't delete. I have scanned with McAfee VirusScan 6.02 (all defs updated) and it will not detect this file. My Command AntiVirus cannot delete it because it is on a system restore file (even with system restore disabled) and I cannot delete the file either. My McAfee doesn't detect it (even in DOS scan). I have even entered my windows in safe mode and it still won't delete. I don't know what else to do.

  2. #2
    Senior Member
    Join Date
    Feb 2002
    Posts
    253

    Wink

    HeyRyan:

    Have you considered trying The Cleaner by MooSoft?

    Cleaner Link

    If you try it, how about posting back about any problems with uninstallation?


  3. #3
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,743
    hmm Sub7,


    My daughters machine managed to find itself with Netbus and Sub7 (OK win98) McAfee/PC-Cillin and Panda online scan couldn't detect it. but firewall logs reported repeated attempted access on ports 1120 and 1243 over several nights and all to her machines IP, as well as quater hourly attempted NetBios scans while her machine was running. My mistake I investigated what was going on, instead of just going in and removing the crap.
    -
    Now a Clean install and Reset BIOS later. no more entries on the firwall log.

    hint: Trend Micro firewall sucks

    Never had to try to delete a undeletable file in ME..
    Make sure System restore is still off.
    the Restore folder is a "hidden" "system" and so would the restore file. Are you able to change the attributes from windows of the file? if so, change then try to delete it.
    If that fails, try changing the attributes of the "_Restore" folder once the system attribute is removed rename the bugger or delete it, and restart the machine..

    other wise you may have to play in DOS or my solution when ID-ten-T errors made a mess.. or typical M$ decay of ME.. Reset BIOS, repartition and format hdd, then Insert our Custom restore CD..

    see how ya go - I trust this did help..

    cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  4. #4
    Banned
    Join Date
    Apr 2002
    Posts
    156
    My Norton Personal Firewall 2002 keeps detecting attempts from Backdoor/SubSeven and keeps blocking them. Even with a firewall I still do not want these files on my system because what if the hacker finds some stealth tool and gets past it (not unless they have already). It won't even let me rename the file!

  5. #5
    Senior Member
    Join Date
    Aug 2001
    Location
    Pittsburgh
    Posts
    153
    Well if all else fails make a dos boot disk and delete if from there. Hope that helps

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •