*URGENT* What to do about Sub-7 trojan?

[CromNogger]

Well? Tips? I'd like to know. I have reason to believe others have access to my system via some kind of Trojan, but NIS didn't do jack. What to do? thanks.

 

[CromNogger]

Serious answers PLEASE. I think the person has a keylogger setup, somehow. How is that possible? I'm positive I never ran anything bad. I run Win2K and NIS, NAV. Someone msg'd me randomly, magically knowing my email address. how did this person gain access? why? what can I do about it?

 

[rseraji]

type NETSTAT at a dos prompt and see who is connected to your system..

also.. you can re install your operating system to be sure.. or see what background processes are running.. but most advanced trojans can enbed themselves into other exes...

best bet is to re install and dont open anything your not sure of

 

[Elledan]

1) Format and reinstall OS.
2) Install Firewall
3) Install virusscanner
4) Install anti-trojan programs
5) Never download any software which might possibly contain a trojan/worm/virus.
6) Lock your PC when you're away from it (You should have installed either Win2k or Linux or comparable if you want a secure system)
7) Never allow anyone but yourself on your system
8) Never play online games
9) Close all ports except 80 and some other often used ports (FTP etc.)

By now you should have a reasonable secure system

 

[CromNogger]

1) Format and reinstall OS.
2) Install Firewall
3) Install virusscanner
4) Install anti-trojan programs
5) Never download any software which might possibly contain a trojan/worm/virus.
6) Lock your PC when you're away from it (You should have installed either Win2k or Linux or comparable if you want a secure system)
7) Never allow anyone but yourself on your system
8) Never play online games
9) Close all ports except 80 and some other often used ports (FTP etc.)

I already do all this. I run 2K. I don't open any suspicious files. I don't want to format cause I have tons of needed stuff. I don't want to reinstall OS! I shouldn't have to. I have a firewall and virus scanner, I'm getting more security shit right now. I don't download software that may possibly contain anything like a worm or trojan virus. I lock my PC when I'm away. I don't play online games anymore.

 

[Elledan]

Is NIS your firewall?

 

[CromNogger]

Yeah, and ZA

 

[pulpp]

if you are doing all that and still worried, then i think you need to relax alittle bit, take it easy, they are not after you

 

[CromNogger]

"Sub-7"..

btw, he's talking to me, so yeah, "he's after me" .. ooooooooh. yay. this is more fun than goin to sleep anyway

 

[CromNogger]

SubSeven 2.1/2.2 trojan
Trin00
Deltasource
Evil/Ugly FTP
etc etc

total of 63. 63 motherfucking things, in NIS' history. I'm pissed. Who would go through all the trouble of trying all those freakin attacks? and WHY? Now how can I uninfect myself, somehow I've been infected with Subseven, even though NIS blocked it. What can I do now?

 

[abu]

chill on the profanity man... it has no place on these boards, no matter how pissed you are.

Do you not have an Antivirus Program? I had certain trojans, which Nortons AV 2001 quaranteed, and later deleted. I'm running Win2k As well.


You're best bet is to re-install.... and btw, go into Zone alarm, and click on the 'Programs' Tab... see if you are allowing any such trojan activities.

 

[yakko]

Run Sub7 client and kill server.

 

[MrBond]

Do you use IRC? I find that going to DalNET or Undernet always nets me a slew of popular trojan connect attempts. And figuring out your email address isn't too hard from your IP mask. It's even easier if you put your real email address into mIRC. ZoneAlarm will not let connects through, unless you gave it access to the trojan itself.

 

[CromNogger]

Thanks for the info. Yakko YGPM.

IRC is scary. I have used it, it could be that. If all fails I will do a reinstall only - will that work?