Make your own free website on


ip toolz
Anti Virus Software
Key Loggers
Binary and other decompilers
sub7 help
Sub7 Frequently Asked Questions
sub7 Support

Sub7 Frequently Asked Questions

NEW RELEASE!!!! AK47 Released october 1'st 2007 (this trojan is undetected by virus scanners!!!) Click here to get AK47


Q.1 What is SubSeven?
Q.2 Why does ANTI-VIRUS detect SubSeven as a virus?
Q.3 What Does the client do in SubSeven?
Q.4 How do I connect to other Computers?
Q.5 How do I know the IP and Port and what are they?
Q.6 How come I receive a notify but I can't connect?
Q.7 After I connect to a system it doesn't respond why?
Q.8 Some features don't seem to work why?
Q.9 How can I bypass passworded servers?
Q.10 Does the remote system have to have ICQ to make ICQ notify work?


Q.1 Why do I need to edit the server?
Q.2 What is the best startup method?
Q.3 What is the best notify method?
Q.4 What is port number and what should I put?
Q.5 Why would I need a password on my server?
Q.6 What is the server name or should I choose random?
Q.7 why would I need melt/bind/fake error msg?
Q.8 SIN.exe and how I use it if I have a dynamic IP?


Q.1 How can I make people run my server?
Q.2 How can I make the server undetected?
Q.3 How do I find SubSeven servers?
Q.4 Sending SubSeven to my friend takes time on my Dialup?

A.1 SubSeven is a R.A.T ( Remote Administration Tool ) For Windows. Executing server.exe on Windows 9x/NTx system will allow full remote access on that system. SubSeven has many features which made it one of the best programs around. SubSeven contains a client, editserver, and server.

A.2 ANTI-VIRUS programs consider SubSeven as a virus because SubSeven is not a freeware/shareware. Also many users use it for illegal activities like packeting, stealing credit cards, stealing programs, etc. But it can be user legitimately for instance parents could use it to monitor their children activities and people can use it to control their PCs from home/work.

A.3 The SubSeven client allows you to connect to any windows system that ran server.exe before. The client contain tips on each button, also it has various options to give you full access on the remote system.

A.4 First, to be able to connect to any remote system. Make sure the server.exe is executed successfully on that PC. Then make sure you know the IP and port for that system.

A.5 To know the answer to this question, you need to know that every system connected to the internet has a unique IP address. Simply it is like each home/office/building on this earth got a unique mailing address. The port number is basically the door of that building. To know the IP and port, first you need to make sure that the server.exe is executed on that system. Also you need to know the settings of that server.exe. Consequently, you need to edit the server.exe before you execute it on any system. if you edited and saved your own settings on server.exe then you should get a notify ( ICQ , email , etc ) whenever it executed that contains the remote IP and port. If it is your first time, edit your own server.exe and executed on your own system then use the client to connect your system. (IP (port as you specified when you edited). then test all the features on your own PC. when you are done remove the server by using the client. DO NOT remove it manually unless you know what you are doing.

A.6 There are many reasons that might cause this problem. First make sure you have the right IP and port >> copy and paste them from the notify. Also make sure that the remote computer is alive >> use IP tools to ping the remote IP if it doesn't respond then its dead or unreachable. then make sure that the remote system is NOT behind a firewall >> use a port scanner to see if the server is listening on the port you provided when you edited it. if you do not have a port scanner then use telnet. go to start > run > type telnet IP Port. where IP and port are what you got in notify. if telnet connects then you need to close your client and reopen it again. Finally if the system you are trying to connect is in a network for instance you get IP like or then you can't connect to that system unless the router/hub/switch/firewall/gateway whatever in that network allows you.

A.7 Make sure that the system is alive >> ping it's IP. If it doesn't respond then it went offline. If it does respond then make sure you are not flooding the server by send it many commands in a short period of time >> close your client and wait for the server to shutdown that thread, then try and  reconnect. And always wait for the current process to finish, you have to be patient if the remote system is slow.

A.8 Many people update the programs installed on their system that might have changed some settings in their computer that disabled SubSeven from working properly.

A.9 You can't bypass the password. Some old versions have a masterpassword. But new versions doesn't have that anymore.

A.10 The remote system does NOT have to have ICQ to make the ICQ notify work. Because SubSeven server connects directly to the ICQ server and send you the notify.

A.1 The server would be worthless if you don't edit it. You have to have your own settings, so you could know who ran that server also what port was the port installed on. When you edit and save your own server copy, you disallow any foreign access to that server. I suggest you change the default settings like change your port from 27374 to something between (2048 - 65536). Then make sure each server has its own name. Finally always set a password on it, so other people wont be able to access it.

A.2 The best startup method is selecting all of them. By selecting all startup method you are making the server more secure cause some people know how to remove/disable the obvious startup method but they don't expect that you chose to have more than 1 startup method. Also make sure you know what Windows version the server is going to be executed on. Cause some startup methods support Win9x only others support WinNTx only. Make sure you know what the remote system is running. If you do not know then choose the safe startup methods that support all Windows versions.

A.3 The best notify method would be enabling all of them. Using ICQ, Email, IRC and SIN would give you more chances to know when is the server online.

A.4 SubSeven port number is basically the door you are going to use to enter any system that ran your server before. To be able to connect to your server you need to know the port and the IP. You should be getting these from your notifies. The best port number will be any number between (2048 - 65536). I highly recommend changing the default port number 27374.

A.5 SubSeven makes it easy for you to protect your server. I highly recommend that you set a password on your server so no one else we will be to access that server unless they know the password.

A.6 This feature allows you to make your server more random if you choose so. Random will be the best choice here unless you want to specify a name for your own purpose.

A.7 Each one of them has it's own purpose. Melt option will delete the server after execution, in fact it will install itself to windows/system folder then it will delete itself. Bind option allows you to join any EXE file to your server to make sure that the person who runs that server won't feel strange about it. Same thing for fake error msg.

A.8 SIN.exe is Static IP Notifier. Instead of using other dependent notifies like ICQ, Email, IRC. SIN allows you to use your own IP to make the remote system connects to your IP and notifies you when it's online. If you have a dynamic IP you might be able to make SIN work. (This method isn't tested) you need a free DNS website like dyndns, dns2go, easyDNS, etc. They are free and allow you to assign a host to your Dynamic IP each time you get on the internet. That way when you edit your server SIN put the host instead of your IP.

A.1 Lying/Forging facts to people will make it easy for you to make them execute your server. You could say it is your nude picture, you could say it's a nice game, you could say it is the best protection program ,etc. And to support you lie you need to use /bind/melt/fake error msg. options. It is not really hard to make people run your server. On the other hard you can use some exploits in IE, OE, IIS, etc. to execute SubSeven on that system. This subject is really huge to cover in a FAQ. you could check our help section.

A.2 There are many ways to do this. The easiest would be unpacking the original server that came with SubSeven and repack it with a different _unknown_ packer. Most Anti-Virus Programs are fooled by this method. Also you could Disassemble your, edit the ASM file, recompile your own server. For more info about this issue check our help section.

A.3 To find SubSeven Servers you need to use any subnet port scanner on port 27374. Start from your own ISP. If you couldn't find any of them. Then go to any IRC and whois any person in there then scan that subnet.

A.4 Some people find it hard to send SubSeven server through there Dialup connection to solve this problem. you might need to upload your edited server to a website and ask your friends to download it. Or you could send them an Uploader/Downloader ( A small program when it's executed will download a file from a website ). Uploaders are fairly small the smallest one I have ever seen is 1.5 KB. So instead of sending 50 KB or 370 KB server you will only send 1.5 KB uploader that will download and execute your SubSeven server.