| Port No | 7000 |
| Service Name | SubSeven |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This is an updated version of the SubSeven backdoor package which carries out typical SubSeven backdoor activities such as:
send chat messages send system and user info change remote keyboards, mouse and desktop settings open a web site browse and executes programs download programs from infected machine scan IP addresses |
| Reference Link | SUB7 |
| Attack | Solution: Before proceeding to remove this malware, first identify the malware program. Scan your system with Trend Micro antivirus and NOTE all files detected as BKDR_SUB7.215.A. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall Terminating the Malware Program This procedure terminates the running malware process from memory. Open Windows Task Manager. On Windows 95/98/ME systems, press CTRL+ALT+DELETE On Windows NT/2000/XP systems, press CTRL+SHIFT+ESC, and click the Processes tab. In the list of running programs*, locate the process: Select the malware process, then press either the End Task or the End Process button, depending on the version of Windows on your system. To check if the malware process has been terminated, close Task Manager, and then open it again. Close Task Manager. Removing Other Malware Entries from the Registry Still in the Registry Editor, in the left panel, double-click the following: HKEY_LOCAL_MACHINE>Software> Still in the left panel, locate and delete the key: SubSeven Close Registry Editor. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.