Security+Alert++Backdoor.Snifula+D

Backdoor.Snifula.D is a Trojan that opens back doors on the PCs that it infects. It creates the following file on infected systems: In addition to creating these files, it also creates the following registry entries: Finding this file and these registry settings is an indication that you are infected with this Trojan. Before removing the infection, backup your registry following the steps here: https://www.windows-secrets.co.uk/backing-up-registry/
 * Security Alert: Backdoor.Snifula.D**
 * %UserProfile%\​Local Settings\​Temp\​[16 HEXADECIMAL CHARACTERS].tmp
 * HKEY_CURRENT_USER\​Software\​Microsoft\​Internet Explorer\​Main\​NoProtectedModeBanner
 * HKEY_CURRENT_USER\​Software\​AppDataLow\​{GUID}\​"s1" = "[HEXADECIMAL VALUE]"
 * HKEY_CURRENT_USER\​Software\​AppDataLow\​{GUID}\​"k1" = "[HEXADECIMAL VALUE]"
 * HKEY_CURRENT_USER\​Software\​AppDataLow\​{GUID}\​"k2" = "[HEXADECIMAL VALUE]"
 * HKEY_CURRENT_USER\​Software\​AppDataLow\​{GUID}\​"Version" = "[HEXADECIMAL VALUE]"
 * 1) Press [**Windows Key**] + [**R**], type **REGEDIT** and click **OK**.
 * 2) Delete the registry key: **HKEY_CURRENT_USER\​Software\​Microsoft\​Internet Explorer\​Main\​NoProtectedModeBanner**
 * 3) Navigate to the registry key: **HKEY_CURRENT_USER\​Software\​AppDataLow\​{GUID}**
 * 4) Delete the registry value: **s1 = "[HEXADECIMAL VALUE]"**
 * 5) Delete the registry value: **k1 = "[HEXADECIMAL VALUE]"**
 * 6) Delete the registry value: **k2 = "[HEXADECIMAL VALUE]"**
 * 7) Delete the registry value: **Version = "[HEXADECIMAL VALUE]"**
 * 8) Exit the Registry Editor.