Sub 7

**tekfrost** · February 16th, 2002, 12:59 AM

If you have been infected with sub 7 the whole ctl-alt-del and see what running is useless.
Look in your win.ini file and check your registry for the entries. With Sub 7 though the server can mask itself by looking like valid entries in both you sys files and your win.ini. In your registry the client exacuting entry is usually about 312 kb in size and is doubled up in the various run, run services folders in order to get it to start on boot up. Delete these and then reboot. Just be careful when messin with your registry. In your win.ini just delete the portion after run=. Such as run=sub7 (though it prob won't be called that). After all that reboot and get a better firewall and virus detection. Oh, also check your ICQ files if you have them. If the guy was on there long enough he could have changed your ICQ to altert him when your online and what your ip is (even if you have a dynamic IP) thus leaving you a target for future attacks even if sub7 is removed. Sub7 can do this by the sever installed on your puter as well but would be deleted when sub7 is removed.

If you really want to have some fun with the kiddie ******* that infected you and you don't know much go find 00Sub7. Its a kiddie hackers program that is made to attack sub7 servers instead of its clients. As they connect to you usin sub 7, 00 sub 7 redirect the command to their own computer. So as they think they are fu8kin some computer they are really only damageing their own..... Or so I've heard.

Peace out

Thread: Sub 7

Thread Tools

Display

Threaded View

Posting Permissions