February 4th, 2003, 2:49am
While here for the last several hours I get this silly pop out of the side of my screen it states the following "Rule Default Block Backdoor/SubSeven Trojan horse matched"--- does anyone know what this means?
thanks for reading this!!!!!
February 4th, 2003, 3:41am
Sounds like your computer is infected and your firewall or anti-virus program caught it trying to phone home (or somewhere).
Go to www.mcafee.com and do a search for subseven - there's several varieties.
If you don't have anything anti-virus you can go to
and run their anti-virus option (it's free, they won't try to sell you anything). If you're on a Mac I don't know that their site will do you any good.
Here's what Symantec has to say (a LOT):
February 4th, 2003, 3:05pm
Tommy, you can also do a google search on "SubSeven Trojan horse" and see which of the many listed results match what happened to you. I'm unclear about when you said a pop up happened if it was from your Anti-virus program, or what. Maybe you also had your email client (the one that comes with your browser) open at the same time?
In general, Trojan Horse type viruses are serious enough to not be taken lightly, but most of them are only obtained by downloading a file, or depending on your settings, opening an email or program (eg. a multimedia file, word or text document) that has one embedded in it. I'm not aware of any normal webpages that can automatically infect your computer just by your viewing them (certainly not Online-Sweepstakes) but it's possible, I suppose, that if your browser's various security settings are wide open (with all java and Active X access allowed) that a malicious website could more easily stick it to ya. As I mentioned in my "Spam Bomb" thread, I did pick up a nasty by simply opening an email, without intentionally downloading anything...and I have most of my settings on "medium." But I do have outdated (well, not recently updated) antivirus software, and broadband (which makes downloading stuff happen very fast).
Spybot found and removed the whole megillah, in my case, quickly and (hopefully) thoroughly. My firewall (the free Zone Alarm) btw, apparently didn't do any good in this case...perhaps because it only looks for "new" attempts at any program to access the web...and the nature of a Trojan Horse is that tries to install the groundwork, as innocuously as possible, for a future attack. So far, 99% of the time, the only way to let one slip in is to download a large file attachment to an email...or download one of the many "free" programs (such as Gator or Kazaa) which have some variation of spyware (but which would not specifically be called Trojan Horses). Those clever rascals are, however, continuously looking for alternate channels, and I won't be surprised if it doesn't soon become quite feasible for a websurfer to involuntarily have a Trojan Horse placed on their computer simply by clicking on a URL to visit a webpage.
The FBI, for instance, was/is (?) working hard to produce such a program as part of their child pornography battle, called Magic Lantern. It's a part of their larger Carnivore internet surveillance efforts. One the one hand, internet security experts and privacy advocates have grave concerns about what such programs could mean to law abiding folks, given than LE agencies haven't always been, how shall we say, all that judicious in their use of technology (and if hackers could steal the program, their mischief could become *very* dangerous). But, most reasonable law-abiding types gotta recognize that the US must fight fire with fire, and LE should at least have access to appropriate tools. Hmm, wonder if they've just put me on a list somewhere? LOL.
February 5th, 2003, 2:03am
Thanks George and jaybat
I sure don't understand a lot of the stuff you two told me to read but I will say that trojan thing has not happened since yesterday when I posted.
It was the Nortan personal fire wall that stopped it.
The PC worked fine today should I concern myself with the fact that it might be in the pc somewhere even though its causing no problems at this time and I read on Symantic how to get rid of it but if I try that I am sure I will ---- this machine up big time.
Whats my next step here you two.
Again I wanna thank you both for your help.