I found a subseven virus on my PC. Now I'm being pinged by a certain IP address. What do I do?

[Doggiedog]

Stupid Norton 2002 missed this virus and I found this on my PC only after I tried other antivirus softwares.

It's a subseven v2.1 virus.

Now my ZoneAlarm is telling me 66.185.137.193 keeps pinging me.

Other than removing the virus, which I did, what should I do? Are my passwords all compromised now?

 

[djs1w]

stop downloading pr0n In all seriousness, I'd whipe your drive clean and start from scratch. No way in hell I'd be able to work on that computer, with any confidence, knowing that it had been compromised by subseven.

[edit] spelling.

 

[minendo]

<< Other than removing the virus, which I did, what should I do? Are my passwords all compromised now? >>


There is a chance that your passwords are compromised because the person pinging you or someone else may have already gotten through and connected to your computer using subseven. I take it you have removed the trojan by taking the necessary steps giving in the removal process. With it gone you should be fine.

 

[Doggiedog]

Would the hacker have been able to get through my router and zonealarm?

 

[iotone]

it's over. reformat. hehe

 

[Beau]

Hey, that's my IP It's an AOL IP. Maybe call AOL and report it.


WhoisSearch Results




<< Access to America Online, Inc.'s WHOIS service is for information
purposes. America Online, Inc. makes this service available "AS
IS" and does not guarantee its accuracy or availability. By
submitting a WHOIS query, you agree that you will use this service
and the information we provide only for lawful purposes and that,
under no circumstances will you use this service or the information
we provide to: (1) allow, enable, or otherwise support the transmission
of mass unsolicited, commercial advertising or solicitations via
email (spam); or (2) enable high volume, automated, electronic
processes that apply to America Online, Inc. (or its systems).
America Online, Inc. reserves the right to modify these terms at any
time. By accessing and using our WHOIS service, you agree to these terms.
Domain Name: ATDN.NET
Registrant:
America Online, Inc.
22000 AOL Way
Dulles, VA 20166
US
Created on..............: Nov 15, 1999
Expires on..............: Nov 15, 2001
Record Last Updated on..: Nov 16, 1999
Registrar...............: America Online, Inc.
http://whois.registrar.aol.com/whois/
Administrative Contact:
Domain Administration, AOL
America Online, Inc.
22000 AOL Way
Dulles, VA 20166
US
Email. domains@aol.net
Tel. 703 265 4670

Technical Contact:
Domain Administration, AOL
America Online, Inc.
22000 AOL Way
Dulles, VA 20166
US
Email. domains@aol.net
Tel. 703 265 4670

Domain servers:
dns-01.atdn.net
152.163.159.236
dns-02.atdn.net
205.188.157.236
WHOIS data is only provided by this server for domains ending
in .COM, .NET, and .ORG that were registered through
America Online, Inc's Domain Registration Service.

The previous information has been obtained either directly from the
registrant or a registrar of the domain name other than Network Solutions.
Network Solutions, therefore, does not guarantee its accuracy or
completeness. >>

 

[StageLeft]

Go buy a 6 pack of beer, then when you get home reboot into dos and

format c:

 

[n0cmonkey]

Backup, Format, Reinstall, Restore. Works everytime.

 

[Doggiedog]

Crap

 

[Beau]

You read up on it yet?

 

[JMaster]

install a software firewall too like zone alarm

 

[minendo]

<< install a software firewall too like zone alarm >>


Now my ZoneAlarm is telling me 66.185.137.193 keeps pinging me.

Above sentence is from his original post.

 

[bacillus]

<< Stupid Norton 2002 missed this virus >>


was your virus update definitions up to date??

 

[n0cmonkey]

<<

<< install a software firewall too like zone alarm >>


Now my ZoneAlarm is telling me 66.185.137.193 keeps pinging me.

Above sentence is from his original post. >>



You dont expect people to read the entire original post do you? We wont even go into reading the entire thread...

 

[Doggiedog]

How the hell can Norton 2002 not catch this old virus?

I even ran it a few minutes before and it didn't catch the virus. Then I tried something called swatit and it caught it instantly.

Edit: Yes, I always keep my definitions up to date.

 

[djs1w]

stop trying to save it IIIEIEIEIEIEIEIEIIEIEIEEIE.

fdisk all the way baby!

 

[kassy]

It is possible to remove the server by installing the subseven client, checking to see which port is open and listening. Put the right port# in the port field of the Sub7 client and click Connect.
If it connects go connections>server options then select remove server.
If it is passworded you will have to remove it manually.

 

[clarkmo]

Send it to Norton with a request for your moey back!

 

[Doggiedog]

Send it to Norton with a request for your moey back!

If I send the virus back to Norton, they won't be able to detect it!

 

[ToBeMe]

That's really odd......I've had a couple instances with customers this year managing to get subseven and Norton caught them........one was '01 and one was the '02 version..........makes me wonder now, I always put Norton A/V on my systems........:Q
EDIT: Sorry.......by this year, I meant the past 12 months.............

 

[JonnyBlaze]

<< Backup, Format, Reinstall, Restore. Works everytime. >>



the first & fourth step there kinda make the whole formatting thing silly now dosent it


JB

 

[Doggiedog]

This is the second time Norton missed a virus on my PC.

Just last week, it missed the dlder virus that was installed when I installed Limewire 2.12 on my PC.

 

[clarkmo]

If I send the virus back to Norton, they won't be able to detect it!

And....?


Then they'll get what they deserve.

 

[clarkmo]

<< Just last week, it missed the dlder virus that was installed when I installed Limewire 2.12 on my PC >>



I stopped downloading limewire at 1.65
You gotta be careful updating your file sharing proggies. A lot of them are trying to redfine "free".
The donkey still works for free and you can use sharereactor.com for direct links to particular files. My current personal favorite.

 

[EvilYoda]

Alright, I had similar problems lately, I have a few questions: At all times, would Norton and Tauscan at least be able to detect the virus? I just installed Zone Alarm (didn't run it before since it didn't originally work with XP), and keeps saying the IPs 192.168.123.2 and x.x.x.3 are trying to access my computer. I know those are my roommate's computers, but should they be doing that? I haven't run this in so long I don't even remember.