If your infected with the Trojan virus caused by subseven, here is how you can delete it
Methods of Detection

Most Anti-virus software will detect SubSeven 2.2 as well as the client and edit server. Manual detection also includes recognizing some of SubSeven’s abilities as well as a seeing unknown ports open while running netstat and investigating them. SubSeven is designed not to show up when listing processes or programs running. This makes having a known base line of normal operation for each machine all the more important.



Removal

Step 1.
Click Start > Run and type Regedit.
Follow the paths using regedit and find:
HKEY_LOCAL_MACHINE
Software
Microsoft
Windows
CurrentVersion
Run

In the right window, look for look for the item titled:
Loader = "c:windowssystem***"
The *** will be a random file name. Write this down as it is the Sub7 server! Right click on that line and choose delete.

Step 2.
Follow the paths using regedit and find:
HKEY_LOCAL_MACHINE
Software
Microsoft
Windows
CurrentVersion
RunServices

In the right window, look for look for the item titled the same as above:
Loader = "c:windowssystem***"
Right click on that line and choose delete.

Step 3.
Exit the Registry.

Step 4.
Click Start > Run and type Sysedit.
Open the file Win.ini. Near to the top you will see a line with:
run=
If you see a path pointing to the Sub7 server here as well, delete it so the line only reads:
run=
Save and close file Win.ini.

Open the file System.ini. Look for a line starting with:
Shell=explorer.exe
If the Sub7 server name is after this, remove that file name so the line reads exactly:
Shell=explorer.exe
Save and close file System.ini.

Step 5.
Exit Sysedit and reboot your computer.

Step 6.
Click Start > Find/Files or Folders. Search all drives for files with the name "***". The random file you have found as the Sub7 server. Delete them all and empty your recycle bin.

Step 7.
Reboot your computer.