Sub7 2.2b1 Info :

• click Start, and go to Run. In the box, type regedit and click OK.
  
• REMOVE This Registry Key
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
  CurrentVersion\Run Loader = "c:\windows\system\???
  (??? will be a random .exe name)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
  CurrentVersion\RunServicesLoader = "c:\windows\system\???
  (??? will be a random .exe name)
  
• Close regedit , saving changes and reboot
  
• Open win.ini
  At the top you'll see run=
  If that path includes the sub7 server name
  Delete it , make the line look like run=
  Close wini.ini , saving changes
  
• Open system.ini
  Look for this line Shell=explorer.exe
  If that path includes the sub7 server name
  Delete it , make the line look like Shell=explorer.exe
  Close system.ini , saving changes
  
• Reboot your computer
  
• Open C:\windows\system\
  Locate infected file and remove