(thing) by padre Thu Feb 08 2001 at 3:30:19

Sub7 is a trojan (or as its users like to call it "Remote Administration Tool") in the line of back orifice and netbus. It has the power of back orifice, the user-friendliness of netbus and the features of both.The program allows one to gain remote access to another computer if the other computer has a server running. The catch is that the victims do not know that the Sub7 servers running on their box. Once connected users can access files and change settings on the other computer as if it was their own. Their are also some fun extras such as the ability to log all keys typed, get screen captures, kill apps, etc.

I like it!
(thing) by Cybergoat Sat Jun 30 2001 at 16:16:38

Subseven, also known as Sub7, is a remote control program for PC computers. It is considered a trojan horse program as it is installed as an invisible application. While it can be used for legitimate remote control, it is commonly used by hackers to take over computers. It was developed by Mobman, and has been around for about three years. A Macintosh client has been developed, and a Macintosh server is in the works.

Subseven has many features, including: A keylogger, the ability to retrieve information about the computer, user information, and passwords, a chat feature, an FTP server, the ability to bring up webpages on the target computer, the ability to flip the screen on the target computer, and the ability to monitor the target computer's screen or webcam. Additional features include shutting down Windows, controlling the mouse, opening the CD ROM, and turning the monitor on or off. Subseven has become the most popular trojan horse virus, bypassing both Back Orifice and Netbus in terms of computers infected. The common port that Subseven operates on is 27374. It has also been found running on port 1243.

I like it! 1 C!
(idea) by kloc Mon Sep 30 2002 at 1:30:44
How to remove:

1. Run 'msconfig'(on windows 9*/ME).
2. Find the trojan in the start-up programs list.
3. Disable it and restart.
4. Delete the file.

on NT or 2k you'll probably have to find the start-up key in the registry(run 'regedit') in:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Now delete the key, restart and delete the file.

If you're on NT or 2k you might also want to check system.ini or win.ini for a 'RUN=' line. msconfig does this for you in 9x/ME.
I like it!

Log in or register to write something here or to contact authors.