SubSeven Trojan and Router - How Bad?

[trudi]

When I scanned my HD it found the SubSeven Trojan, I've read enough that this is an evil evil little program and I know I could have gotten it from a million places - probably not limited to my silly use of Limewire . I assume I should just reinstall Win2K to be sure that all is ok but I have a couple questions if anyone out there knows...
First - I have a cable router hooked up, while I know that this is not foolproof protection it should have offered me some protection. Just because the trojan was there doesn't mean anyone ever got in. I never had things randomly print or files move or any of that really really scary stuff. The only thing that would ever make me think someone else had access to my computer was that sometimes it wouldn't go into screensaver mode but I assumed that had to do with my hard drive and messed up OS settings. Is there anyway to find out if someone accessed my computer?
Second - Is everything I have file wise now contaminated? I just ripped my entire CD collection to MP3 and backed it up on CD (6 CDs better than 10 times that) plus I have assorted other files - are all of those tainted by association now?

 

[SaturnX]

I suggest when you reformat, install ZoneAlarm, it's a free firewall and does one great job, this'll stop things like Sub Seven from messing up your comp but not allowing it to connect anywhere.

Zone Labs: Zone Alarm

--Mark

 

[trudi]

OK I've got Zone Alarm and AVG. I guess my main issue was more about the files if they can be salvaged in anyway or if I need to get everything new from scratch. I have 2 HD and one was literally reformatted yesterday. I'd LOVE to just pop all of the files onto one of the HD and not lose everything because of this. I'm guessing this is unreasonable though.

 

[Chau]

nah your files aren't infected, sub7 is only a single executable file. u ever run a virus scanner to try and remove it? if not u can do it manually...check your startup options like win.ini (after where it says load= or run=), system.ini(check where it says shell=), and registry (software>microsoft>windows>currentversion> then check both run and run services), and see if these are loading any suspicious exe files, if they are, i'd suggest restarting into dos, and deleting the file there

 

[jobberd]

well, subseven itself cant infect your files, but anyone who connects to your computer with subseven can do whatever he wants, including rewrite a random executable to a virus. I dont know the chances of this happening, although im betting they are slim, so you probly shouldnt worry about anything of the sort. but even if you did catch a virus through subseven, your mp3 collect should be fine. the only thing that could've happened to them was that the malicious user erased / changed sum of them, or couldve placed a virus such as song.mp3.exe. but again, 1: the chances of sumone doing that to you are very small, and 2: if you have full file name viewing enabled, this shouldnt be a problem