Sub Seven Removal

C:\Windows\Win.ini
At the top, look for two lines reading:
run=msrexe.exe
load=msrexe.exe
If you see either file above (or the file reported by your antivirus software) then you will want to delete the lines in question.

Registry (You will need to run regedit to edit the registry.)
Follow the paths using regedit and find:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\
each containing (default key name) WinLoader = MSREXE.EXE
Both of these should be deleted (Right click and choose Delete.)

C:\Windows\System.ini
In the System.ini file, the line containing:
shell=explore.exe msrexe.exe
should be changed to
shell=explore.exe
(I.e. simply removing msrexe.exe from the end of the line.)

Registry (.exe filetype handler)
The last, and most cleverly hidden method, is now known.
Using this method, any time you run an .exe file, windows will also reload the trojan into memory.
An additional side effect of this is, if you delete the trojan, windows will not know how to run Any .exe file.

Below is steps to remove the trojan safely, and to repair the damage to windows so the system can run .exe files.

Restart your computer in MS-DOS mode. All of the steps below will be carried out in DOS.

You should be at a C:\windows\> prompt.

Any text in Bold below means you should type it on the DOS line.
Make sure you are at the C:\Windows\> prompt now.

rename windos.exe windos.___
This is the trojan, and renaming it keeps windows from loading it again.
From this point on, windows cannot run .exe files.

cd ..
Simply to move back one dir into C:\

regedit /e file.reg hkey_classes_root\exefile\shell\open\command
This will export the registry key that needs to be edited, and place it in a file.

edit file.reg
Opens the file in your text editor.

In this file, look for the line that reads:
@="WINDOS \"%1\" %*"
And edit so it reads: (Take out WINDOS and the space after)
@="\"%1\" %*"

Save the file and exit edit.

regedit file.reg
This imports the edit you just made Back into the registry.

exit
You will now be taken back to windows.

Verify that you can indeed run an .exe program, without windows asking to find windos.
If windows asks to find windos, you will need to attempt these directions again.

Be sure to delete the c:\windows\windos.___ file once removal is successful.

After a reboot, you will find two files in c:\windows\, one named MSREXE.EXE, the other WINDOS.EXE.
You should delete both.

Also, new with 2.1 gold, there is a DLL left (used for key logging) which should be deleted as well, located in C:\windows\system\systray.dll