Disinfection
Automatic Disinfection
Disinfection of SubSeven is performed automatically by FSAV. You might need to restart your system to complete the disinfection of a locked server part of SubSeven that cannot be removed while it is active in Windows.
Note
Earlier versions of FSAV might not clean the "EXE-file startup" Registry entry, which is used by the latest SubSeven versions to re-install itself back to the system every time an EXE file is run. If problems occur with this registry key even after the disinfection and if you are unable to start EXE files in Windows, please download and run the special file from our ftp site, which will solve this problem:
- ftp://ftp.europe.F-Secure.com/anti-virus/tools/s7disinf.reg
You need to run (double-click or press 'Enter' when the cursor is placed on the file) the S7DISINF.REG file from Windows Explorer after you have downloaded it. Note that the .REG extension might not be visible if you do not have 'Show All Files' option on.
Alternatively, you can click on the 'Start' button, then on the 'Run' menu and either input the location of the S7DISINF.REG file manually (for example, C:\S7DISINF.REG) or to find it with the 'Browse' button. After you have entered the location, you need to click on the 'Ok' button and the REG file will be run.
Disinfection Utility
You can also use a free version of F-Prot for DOS to remove SubSeven.
- ftp://ftp.europe.F-Secure.com/anti-virus/free/
- ftp://ftp.europe.F-Secure.com/anti-virus/updates/f-prot/dos/
Notes: Disinfection must be performed from pure DOS; it is advisable to run the above shown REG file before exiting Windows. All SubSeven components (files) should be deleted from an infected system for successful disinfection.