sub7 probs
Phobos 26.10.2003 - 20:23 694 16
MightyMaz
hat nun auch einen Titel
|
der gute Alte Sub seven, fast so schön wie Bo und Netbus..das waren noch zeiten *nostalgischwerd* naja Info kriegste hier Files To Look For on an Infected Machine
Rundll1.exe
Systray.dl
Task_bar.exe
FAVPNMCFEE.dll
MVOKH_32.dll
Nodll.exe
Watching.dll
NOTE : these files can of course be renamed or different with modified versions....
Server.exe can also be found, this is the downloadable self extracting archive of the virus files.
HOWEVER this is also the name of the genuine server file of Lotus Notes(amongst others)! BE carefull!
Entries In Configuration Files To Look For
In the system.ini
An entry on the line containing "shell="
In Win.ini
An entry on the line containing "load=" or "run="
In the registry
HKLM\Software\Microsoft\Windows\Current\Version\Run
HKLM\Software\Microsoft\Windows\Curent\Version\RunServices
Any of the above mentioned files (apart from server.exe) in any of these areas should be removed.
Further Information
Variations and Aliases of Sub 7
BackDoor-EP
BackDoor-G2
BackDoor-G2.gen
BackDoor-G2.svr.20
BackDoor-G2.svr.gen
BackDoor.PolyDrop
Badman Trojan
Serbian Badman Trojan
Sub7 v2.x
SubSeven v2.0
SubSeven v2.1
SubSeven v2.1 Gold
SubSeven v2.12
SubSeven v2.13
TSB Trojan
|
Maehmann
OC Addicted
|
danke, des hat geholfen Freut mich 
|
Anmeldung