Exterminate It! Antimalware

malpedia

Known threats:699,742 Last Update:October 27, 11:19

Testimonials

A Big thanks to you people, who have developed this product. My Windows XP Media Center OS was infected with Win32.Renos, Backdoor, XPAntivirus, Xta.kill trojans, spyware as I use rapidshare links a lot. I have licensed McAfee, which is good for nothing and was unable to protect my laptop from these malwares. I tried trial version of Bit Defender, Sunbelt Spyware, Claim Win, A-Squared, but they were unable to do a complete detection and removal of malwares. Exterminate listed all the malwares and registry changes done by them, like task manager, registry edit was disabled. I bought a single PC license, activated, scanned my system thrice and my system is now free from all malwares and viruses and running absolutely fine. I still have to use Mcafee as I have a licensed version but buying Exterminate IT is a worth of £20 spent on it. I will recommend this to everyone who use P2P sites or rapidshare or torrents. Now, I dont have to worry about any malware as I have Exterminate in my system.

Rajkumar P.

Subseven

Aliases of Subseven (AKA):

[Kaspersky]Backdoor.SubSeven.18, Backdoor.SubSeven.21.c, Backdoor.SubSeven.21.x, Backdoor.SubSeven.213.bonus, Backdoor.SubSeven.10.a, Backdoor.SubSeven.12, Backdoor.SubSeven.13, Backdoor.SubSeven.14, Backdoor.SubSeven, Backdoor.SubSeven.16.b, Backdoor.SubSeven.17, Backdoor.SubSeven.19, Backdoor.SubSeven.20, Backdoor.VB.gd, Constructor.BAT.Virugen, packed: Com2Exe, packed: UPX, Win95.Roma.1256, Backdoor.SubSeven.21.g, Backdoor.SubSeven.21.Muie, Backdoor.SubSeven.21, Backdoor.SubSeven.21.a, Backdoor.SubSeven.21.b, Backdoor.SubSeven.21.d, Backdoor.SubSeven.21.Gold, Backdoor.SubSeven.210, Backdoor.SubSeven.16.a, Backdoor.SubSeven.215, Backdoor.SubSeven.22.a
[Eset]Win32/SubSeven.2_1.X trojan, Win32/Subseven.1_0.A trojan, SubSeven.1_2 trojan, Win32/Subseven.1_3 trojan, Win32/SubSeven.1_4 trojan, Win32/Subseven.1_6 trojan, SubSeven.1_9 trojan, Win32/SubSeven trojan, Win32/Subseven.1_7_X trojan, Win32/SubSeven.1_9 trojan, SubSeven.1_8 trojan, Win32/SubSeven.1_8.A.Server trojan, Win32/Subseven.1_9.Apocalypse trojan, Win32/SubSeven.2_0 trojan, Win32/SubSeven.20 trojan, Win32/SubSeven.21.C trojan, SubSeven.213.Bonus trojan, Win32/SubSeven.2_1.G trojan, Win32/SubSeven.2_1.Muie trojan, SubSeven.2_1.A trojan, Win32/SubSeven.21.B trojan, Win32/SubSeven.21.Gold trojan, Win32/SubSeven.210.EditServer trojan, Win32/SubSeven.21.E.Server trojan, Win32/RDR trojan, Win32/VB.W trojan, Win32/SubSeven.001 trojan
[McAfee]BackDoor-Sub7, Generic, Generic BackDoor.b, Kit-Virugen, W95/Roma
[F-Prot]security risk or a "backdoor" program, SubSeven.backdoor.v20, SubSeven.backdoor.v10, SubSeven.backdoor.v13, destructive program, SubSeven.backdoor.v16, SubSeven.backdoor.v17, SubSeven.backdoor.v19, SubSeven.backdoor.v18, corrupted or intended virus, virus construction tool, SubSeven.backdoor.v213, SubSeven.backdoor.v21, SubSeven.backdoor.v21G, security risk named W32/Subseven.215.A
[Panda]Backdoor Program, Bck/Sub7.21.x, Trj/Sub7.v2.1(UPX), Trj/SubSeven.1.0, Bck/Sub7.1_2, Trj/SubSeven.1.3, Bck/Sub7.14, Backdoor Program.LC, Trj/Subseven.1.6, Bck/Sub7.1, Bck/Sub7.Apocalypse, Trj/Sub7.v17.Cfg, Trj/SubSeven.1.7, Trj/SubSeven.1.9, Bck/Sub7.18, Trj/Sub7.v18.Cfg, Bck/Sub7.19, Bck/Sub7.20.b, Trj/SubSeven.2.0, Virus Constructor, Bck/Sub7.21.g, Trj/Sub7.2.13.Bonus, Trj/Sub7.21.MUIE, Bck/Sub7.21.Gold, Bck/SubSeven, Trj/Sub7.21.Gold, Trj/Sub7.v2.1.B, Trj/Sub7.v2.1.C, Trj/Sub7.v16.Clt, Bck/Sub7, Bck/Subseven.F
[CA]Backdoor/Sub7X.21, Backdoor/SubSeven_Server_family, Backdoor/SubSeven!Client, Backdoor/Subseven.10!Server, Backdoor/SubSeven_Server, Win32.SubSeven.A, Win32.SubSeven.D, Win32/NetMaster!Server, Backdoor/SubSeven_1.3, Backdoor/SubSeven.1_6.B, Backdoor/SubSeven.A, Backdoor/SubSeven_1.9_Client, Backdoor/SubSeven_1.9_Server, Win32.SubSeven.V, Backdoor/SubSeven_1.8_Editor, Win32.SubSeven.I, Backdoor/HackTack!Server, Backdoor/SubSeven2000.DFS, Win32.SubSeven.J, Backdoor/SubSeven.21, Backdoor/VB.gd, Win32.SubSeven, Win95.Roma.1256.int, Win95/Roma.1256, Backdoor/SubSeven.21.Muie, Backdoor/SubSeven.Variant, Backdoor/SubSeven.7.20, Win32.SubSeven.N, Backdoor/SubSeven_1.6_Server, Backdoor/SubSeven.21.e, Backdoor/SubSeven.2_13!Client, Win32.TrojanRunner.Breakapart, Backdoor/Sub7Legend.2_15!EditSer, Backdoor/SubSeven.215!Server, Backdoor/SubSeven.2_2, Win32.SubSeven.22.D, Backdoor/SubSeven.DDoS, Win32.Subway, Backdoor/SubSeven!Server

How to Remove Subseven from Your Computer^

To completely purge Subseven from your computer, you need to delete the files and folders associated with Subseven. These files and folders are respectively listed in the Files and Folders sections on this page.

For instructions on deleting the Subseven files and folders, see the following section How to Delete Subseven Files (.exe, .dll, etc.).

How to Delete Subseven Files (.exe, .dll, etc.)^

The files and folders associated with Subseven are listed in the Files and Folders sections on this page.

To delete the Subseven files and folders:

  1. Using your file explorer, browse to each file and folder listed in the Folders and Files sections.
  2. Note: The paths use certain special folders (conventions) such as [%PROGRAM_FILES%]. Please note that these conventions are depending on Windows Version / Language. These conventions are explained here.
  3. Select the file or folder and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. IMPORTANT: If a file is locked (in use by some application), its deletion will fail (the Windows will display a corresponding message).You can delete such locked files with the RemoveOnReboot utility. To delete a locked file, right-click on the file, select Send To->Remove on Next Reboot on the menu and restart your computer. You can install the RemoveOnReboot utility from here.

Trojan

A trojan is a program that is disguised as legitimate software but is designed to carry out some harmful actions on the infected computer.

Unlike viruses and worms, trojans don’t replicate but they can be just as destructive.

These days trojans are very common. Trojans are divided into a number different categories based on their function or type of damage.

Be Aware of the Following Trojan Threats:

Pigeon.AVLK, Sshare, Cmpufon, Buendia, Win32.VB.hu.

Spyware

Spyware is designed to gather data from a computer and transfer it to a third party without the consent or knowledge of the computer’s owner. This includes collecting confidential information (passwords, credit card numbers, PIN numbers, etc.), monitoring key strokes, gathering e-mail addresses, or tracking surfing habits. Such resource-consuming activities slow down the system and generally impact the computer’s performance.

“Spyware” is an umbrella term for a diverse group of malware-related programs, rather than a clear-cut category. Most spyware definitions apply not only to adware, pornware and ‘riskware’ programs, but to many trojans as well.

Be Aware of the Following Spyware Threats:

Lop.com.RND, Bancos, Intelliflag, Agent.dg, BonziBuddy.

Backdoor

Of all trojans, backdoor trojans pose the greatest danger to users’ PCs because they give their authors remote control over infected computers. They are downloaded, installed, and run silently, without the user’s consent or knowledge. Upon installation, backdoor trojans can be instructed to send, receive, execute and delete files, gather and transfer confidential data from the computer, log all activity on the computer, and perform other harmful activities.

Be Aware of the Following Backdoor Threats:

mIRC.Flood.RmtCfg, Applets, Unknown, Throat, The.Revenger.

RAT

Remote Access Tool. A program that enables a hacker to remotely access and control other people’s computers. A RAT can serve a variety of malicious purposes, including hijacking and transferring private information, downloading files, running programs, and tampering with system settings.

Be Aware of the Following RAT Threats:

Nethief, Breach.Pro, Demon, IrcContact, NETObserve.

Hacker Tool

Hacker tools are utilities designed to help hackers gain control of remote computers in order to use them as zombies (in DoS attacks, for example), download other malicious programs into those computers, or use them for other malicious purposes.

Be Aware of the Following Hacker Tool Threats:

PMT.kit, Win32.Spammer.Uy, Killreg, Firehotcker, Spam.AnonMail.

DoS

A DoS (Denial of Service) attack is designed to disrupt or stop the normal running of a Web site, server, or other network resource. Hackers or malware writers resort to various ways to achieve this. A DoS attack can commonly result in a server being flooded with more network traffic than it is capable of processing. This hinders or prevents the server’s normal operation and sometimes causes its complete failure.

Unlike a DoS attack, a DDoS attack employs multiple PCs. The hacker or malware writer normally uses one infected computer - “master” - to centrally coordinate the attack across other, so-called “zombie”, computers. Typically, the malware writer gains control of both master and zombie computers by exploiting a weakness in an application or the operating system on those computers, in order to install a trojan or other malicious code.

Be Aware of the Following DoS Threats:

Oropax, SuperBoot, Kill.xfs, HLLP.PePe, Twin.

How Did My PC Get Infected with Subseven?^

The following are the most likely reasons why your computer got infected with Subseven:

  • Your operating system and Web browser's security settings are too lax.
  • You are not following safe Internet surfing and PC practices.

Downloading and Installing Freeware or Shareware

Small-charge or free software applications may come bundled with spyware, adware, or programs like Subseven. Sometimes adware is attached to free software to enable the developers to cover the overhead involved in created the software. Spyware frequently piggybacks on free software into your computer to damage it and steal valuable private information.

Using Peer-to-Peer Software

The use of peer-to-peer (P2P) programs or other applications using a shared network exposes your system to the risk of unwittingly downloading infected files, including malicious programs like Subseven.

Visiting Questionable Web Sites

When you visit sites with dubious or objectionable content, trojans-including Subseven, spyware and adware, may well be automatically downloaded and installed onto your computer.

Detecting Subseven^

The following symptoms signal that your computer is very likely to be infected with Subseven:

PC is working very slowly

Subseven can seriously slow down your computer. If your PC takes a lot longer than normal to restart or your Internet connection is extremely slow, your computer may well be infected with Subseven.

New desktop shortcuts have appeared or the home page has changed

Subseven can tamper with your Internet settings or redirect your default home page to unwanted web sites. Subseven may even add new shortcuts to your PC desktop.

Annoying popups keep appearing on your PC

Subseven may swamp your computer with pestering popup ads, even when you're not connected to the Internet, while secretly tracking your browsing habits and gathering your personal information.

E-mails that you didn't write are being sent from your mailbox

Subseven may gain complete control of your mailbox to generate and send e-mail with virus attachments, e-mail hoaxes, spam and other types of unsolicited e-mail to other people.