May 19th, 2003, 01:06 PM
hi..... newbie needs help....
I have pccillin firewall telling me that my last attack was subseven coming from my own ip address????? does this mean have sub seven lurking in there somewhere or what???
May 19th, 2003, 01:15 PM
yes that means that you have subseven in your puter and need to get rid of it there are a couple fix at hackfix.org/subseven
May 19th, 2003, 01:33 PM
More than likely this means that you have downloaded a Sub seven trojan onto your system. Do you have any P2P programs?? More than likely you got it from there. I would uninstall any p2p programs on your system. Not to mention most P2P downloads are illegal. If you want to get rid of this trojan go to www.moosoft.com and download The cleaner and scan drive c:\ this should detect the trojan and remove it. Good Luck -Twisted-
May 19th, 2003, 02:58 PM
you can find some good trojan removal tools here
May 19th, 2003, 04:11 PM
That's bad news 4 u.
u should make a complete check on ur computer & not only remove sub seven.
I also advise u to check the personal data u keep on ur hard disk, like account details and take conter measure by telling ur bank.
[shadow] SHARING KNOWLEDGE[/shadow]
May 25th, 2003, 04:18 AM
While most virus scanners will find most notorious trojans, you should also consider adding a trojan scanner to your system.
One you may consider is BOClean, found at http://www.nsclean.com/boclean.html
The other is TDS-3, found at http://tds.diamondcs.com.au/
They're well worth the cost, and TDS-3 also includes some great network tools as well.
May 25th, 2003, 04:24 AM
Don't forget The Cleaner-->http://www.moosoft.com/
I use them both frequently, and i can vouch for their effectiveness.
May 25th, 2003, 02:15 PM
I have to agree with the above replys on using a good trojan scanner, antivirus sofware's are geared towards removing virus's and not trojans. Heres a new kid on the block, its detection rating is high on finding and disabling trojans give it a try. http://www.simplysup.com/tremover/download.html
May 26th, 2003, 12:57 AM
Yea like tsr said , www.simplysup.com is an excellent site.
But first go to dos and run netstat -a , and if you find port 27374 open , then your definetely infected.
"Serenity is not the absence of conflict, but the ability to cope with it."
May 26th, 2003, 01:46 AM
You can now configure Trojans to open up whatever port you want (ie. Trojans are not bound to the default port like 27374 fro SubSeven, or 12345 for NetBus), so doing a netstat is not an accurate reflection of if you are infected.
[glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]