|
-
April 4th, 2002, 01:10 AM
#1
Member
sub7 protection?
i recently discovered i was infected with 2 versions of sub7
i found them using nortan antivirus
they were in my windows folder
can anyone tell me how they got there
i have both a firewall and norton antivirus yet they still showed up
they were in the folder even though i haven't added anything to the folder for a few weeks
please help me if you can
-
April 4th, 2002, 01:14 AM
#2
They could be one of the newer versions of the Sub7 virus, which claim go unnoticed by most antivirus scanners. You probably downloaded a file that had been binded with the virus, which would infect you with it. What firewall are you using, and has it brought up any messages of anyone trying to connect to you on the Sub7 port? Also, you might wanna go to Start-->Run and type in msconfig, then go to the Startup tab at the top, and look in that list for anything that is called just plain 'run=' or something similar. If so, uncheck it because that is almost definitely the trojan.
-
April 4th, 2002, 01:47 AM
#3
or play with the Registry...
Ouroboros
"entia non sunt multiplicanda praeter necessitatem"
"entities should not be multiplied beyond necessity."
-Occam's Razor
-
April 4th, 2002, 01:59 AM
#4
You know if you run a decent personal firewall on your box (not ZoneAlarm) it would've informed you of that lil' program's activities(not ZoneAlarm). Even if you get infected by a trojan,(could be ZoneAlarm) software firewalls can block the outgoing connection when the app is executed.
Sygate www.syagte.com
Outpost www.agnitum.com
Neowatch www.neoworx.com
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
April 4th, 2002, 02:05 AM
#5
Strug,
I think you can also get infected with sub7 through e-mail. Someone can mail you the server portion of the trojan disguised as part of a file. That won't show up on the firewall because your e-mail is allowed access through your firewall. If you opened an infected e-mail it's possible that you were infected yet your antivirus didn't detect for the reason previously noted by Jehnx. Yet another reason to be very sure e-mails you open come from a trusted source. 
For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
(Romans 6:23, WEB)
-
April 4th, 2002, 02:17 AM
#6
preacherman481 but surely in order to be infected from an email strug would have had to have ran the attached .exe?
best ways to avoid getting a virus or trojan
- Get a good virus checker and keep it updated
- get a good firewall
- If your unsure of something check it before you run it
- If your sure of something check it anyways
- once you have checked it - check it again
- Be paranoid
v_Ln
-
April 4th, 2002, 02:28 AM
#7
Download The Cleaner (you can get it here). It's quite a handy little tool with a heap of features. It'll even monitor your registry for trojan like additions. That comes in very handy when curiousity gets the better of you and you click those strange .exe files in your inbox....
Also, firewalls that don't monitor about connections aren't really very protective. Here's a cut and paste from GRC-
Your Internet connection flows both ways . . . so must your security.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
