nexionly Posted January 20, 2002 Share Posted January 20, 2002 Norton Antivirus keeps telling me that backdoor/subseven is being blocked and it tells me it has been blocked for the past 30 minutes and such. thats all it tells me that and this ip number 24.66.172.10,27374 it won't tell me where the subseven/backdoor virus is on my computer or anything and it Id like to be able to get rid of it... any ideas? Link to comment Share on other sites More sharing options...
fr33k Posted January 20, 2002 Share Posted January 20, 2002 find the subseven and see if the guy who made it has a faq on how to remove it. you might want to look on the symantec website and cnet downloads too. + figure out what you put on your computer that the subseven came with and tell us so everyone can avoid it Link to comment Share on other sites More sharing options...
fr33k Posted January 20, 2002 Share Posted January 20, 2002 also go and do a trojan scan here http://scan.sygatetech.com/ and here http://hackyourself.com:4000/startdemo.dyn i'm curious to see if they say sub7 is useing port 27374 maybe this site has some info http://www.doshelp.com/trojanports.htm Link to comment Share on other sites More sharing options...
CloudEngineer Posted January 20, 2002 Share Posted January 20, 2002 if ur running ME or XP don't forget to turn off system restore and restart cause most likly the sub7 backdoor will be backed up Link to comment Share on other sites More sharing options...
CloudEngineer Posted January 20, 2002 Share Posted January 20, 2002 but if u r running Win ME don't forget to get a new os ;) Link to comment Share on other sites More sharing options...
fr33k Posted January 20, 2002 Share Posted January 20, 2002 this trojan scaner from lockdown looks good http://download.cnet.com/downloads/0-10093...lst-7-2.7720479 Link to comment Share on other sites More sharing options...
nexionly Posted January 20, 2002 Author Share Posted January 20, 2002 It has been on my computer for a long while, I just ignored it. but I started thinking that it could be the cause to my computer crashing, because it always crashes when I play Ragnarok Onine which an online rpg and I have to disable my firewall... I am running some scans and such, and will keep you informed. Link to comment Share on other sites More sharing options...
fr33k Posted January 20, 2002 Share Posted January 20, 2002 why would you ignore your computer being hacked? Link to comment Share on other sites More sharing options...
nexionly Posted January 20, 2002 Author Share Posted January 20, 2002 because the firewall is blocking it. so I hadn't really thought too much of it. and yes I know its stupid yeya. Link to comment Share on other sites More sharing options...
nexionly Posted January 20, 2002 Author Share Posted January 20, 2002 so apparently I have Executor, RingZero,Tiny Telnet Server. And thats just what I know of, Im going to download a few other virus scanners now and run them as I sleep. Link to comment Share on other sites More sharing options...
fr33k Posted January 20, 2002 Share Posted January 20, 2002 dude if those are trojans why waste your time? :ermm: just reformat and do a clean install Link to comment Share on other sites More sharing options...
nexionly Posted January 20, 2002 Author Share Posted January 20, 2002 Because I've got too much stuff on here to reformat. and that is more work than using a virus scanner to find and get rid of them.:disappoin Link to comment Share on other sites More sharing options...
nexionly Posted January 20, 2002 Author Share Posted January 20, 2002 It is becoming very frustrating as the online trojan scanner tells me I have Tiny Telnet Server, Executor, and Ring Zero trojans on my computer, but not virus scanners seem to be detecting them. Link to comment Share on other sites More sharing options...
YahoKa Posted January 20, 2002 Share Posted January 20, 2002 1. Reboot to SAFE MODE 2. Run your anti-virus software manually 3. Run a FULL system scan (and let it fully complete) 4. once it tells you where the files are you can get the software to delete them, or you can do it yourself. OR you can also get another trojan scanner... just make sure ur doing this in safe mode ;) Link to comment Share on other sites More sharing options...
[saint lucifer] Posted January 20, 2002 Share Posted January 20, 2002 Originally posted by DJ^TuRKiYe but if u r running Win ME don't forget to get a new os ;) LMAO Link to comment Share on other sites More sharing options...
nexionly Posted January 20, 2002 Author Share Posted January 20, 2002 Why is it so important to do it in safe mode, will it work then, and actually detect them? Link to comment Share on other sites More sharing options...
YahoKa Posted January 20, 2002 Share Posted January 20, 2002 In safe mode the trojan can't automatically start up (this makes it pretty much impossible to remove) Link to comment Share on other sites More sharing options...
mtgriffith Posted January 20, 2002 Share Posted January 20, 2002 I went to the site that freek recommended. It said that I have RingZero. I looked it up on Symantec's site. I searched for the files it drops (yes, I have show hidden files, etc. turned on) and could not find them. I also looked in the reg where it is supposed to be. Nothing there either. I tried scanning in Safe Mode like YahoKa suggested but NAV did not find any viruses. Do you think Sygate would be lying to get me to buy their firewall? Link to comment Share on other sites More sharing options...
nexionly Posted January 20, 2002 Author Share Posted January 20, 2002 It is quite possible. but I still have Executor... what ever that is. Link to comment Share on other sites More sharing options...
MxxCon Posted January 21, 2002 Share Posted January 21, 2002 run msconfig or autoruns to see what you have in startup Link to comment Share on other sites More sharing options...
Recommended Posts