Watch out for this one, it replaces files with an Octopus Icon, and I am not sure if there is a way to reverse it yet
The Japanese creator has been arrested.
Quads
Have you got samples to plya with?
It's a matter of seeing if there is any way to get the original files back that have been now replaced with the Octopus pic.
As the files are sent to the creators PC / Server (although the Japanese Police have it now)
But in theory there should be a way to get them back via HD recovery to find the "lost" files.
Quads
Would System FIle Checker do it?
However it may call for the intallation media and for most people that's likely to be a factory restore, if they have anything, and those probably would not work?
LOL Nope LOL
Otherwise there would be no need for expensive HD recovery software.
User states all my personal files are gone, Just use the SFC. 
I should tell the Police that when they are trying retrieve incrimination data on HD's, Just use SFC.
At least I got a laugh, while getting shaken.
Quads
Glad it's funny but if critical windows system files have been deleted or corrupted on a computer then system file checker should replace them -- http://support.microsoft.com/kb/929833
I've done it often enough in XP and a few times since but not as the result of a rootkit which is why I'm asking the question.
It's got Nothing to do with SFC, otherwise the 50,000+ systems that have been infected with it would have worked that out by now as well as others who have written about it.
I know what SFC is, Like Ramnit and using SFC, nope.
Quads
Do you have a sample so Symantec can benefit from it?
Thank you for finally answering my question ..... I don't need the sermon.