The following lines were added (+) and removed (-):
kdn.exe== Removal ==It is possible to remove this malware without downloading any special removal tool. It was accomplished in our lab by using tools included with Microsoft Windows XP. * regedit.exe* System Restore* Task ManagerAn overview of the process involved using task manager to kill the rogue process from memory, repeatedly, throughout the rest of the procedure. The process restarts every 30 seconds or so, and must continuously be killed. Using the Windows Registry editor to remove the keys above. Navigating to the Application Data folder for every user and deleting the rogue executable. Reboot. Open file type associations and create new association for exe extension as "Application". Creating a shortcut on the windows desktop to System Restore, right clicking on the shortcut, and running it as "Administrator". Restoring to a checkpoint prior to the introduction of the rogue on the system.Process Explained in detail:Since it was impossible to run System Restore after the malware manipulated file type association for exe it had to be ran via a trick as described above. (more detail needed)Prevention:NoScript plugin for Firefox