Backdorr.SubSeven21 Trojan found!!!

Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.

starwolf39

Thread Starter
Joined
Jan 26, 2001
Messages
276
I have that virus on my comp in my quarantine, but its unrepairable... Is it dangerous to leave it there, and if not, how can I get rid of it??

By the way, I just deleted it to see what would happen, so now it looks as if its gone. Is it going to hurt me in any way?? I never ran the program and it doesnt seem like im in trouble.
 

TonyKlein

Malware Specialist
Joined
Aug 26, 2001
Messages
10,392
It's a nasty trojan, actually, but it appears your antivirus caught it.

Some info: http://www.symantec.com/avcenter/venc/dyn/11038.html

And:

"The SubSeven twist

U.S. computer security company iDefense Wednesday supported Netsec's findings, but only in relation to the SubSeven Trojan virus. Version 2.1 of SubSeven, and probably other releases, can use the Internet relay chat channels to launch "ping flood" denial-of-service attacks using IRC commands from infected servers, iDefense said in a statement.

This capability lets a malicious attacker launch a distributed denial-of-service attack using all the compromised machines logged onto the appropriate IRC channel at any given time, iDefense said.

This IRC command capacity is significant because corporate firewalls that are not configured to block IRC outbound traffic will not stop the commands; the commands also will flow freely from small businesses and homes furnished with permanent DSL and cable modem connections, the iDefense statement said.

Using this feature, attackers can command every compromised computer to send out thousands of large ping packets to a particular IP address at the same time. The iDefense statement made it clear that "this is not the same master and zombie/slave relationship that has come to be identified with distributed denial-of-service tools such as Trinoo and Stacheldraht, but SubSeven is capable of launching a denial-of-service attack distributed across potentially thousands of machines," without their owners noticing it."


Gtz.
 
Joined
Oct 9, 2001
Messages
9,396
www.moosoft.com "the cleaner" removes trojans.
i know ive posted this url a few times recently,but it seems trojans are quite common at the moment guys...good luck
 
Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top