Thanks Phoon.

I had this on my daughter's PC.  It comes up as a pop-up and tells you you are infected.  When you try to close the pop-up, it launches the program.  Then entire pop-up is the "accept" button.  In other instances that it has come up, I've just killed it with Task Manager or shut down the PC.

The reason I asked about how it is picked up is I believe it tried to get to me by way of ImageShack the last couple of times I used it.

I have not had time to view Doc's video (will do so in a bit), but a friend got  a bug just like that one.  I was about to reformat and re-install! (not quite, I had other options, but you can see the frustration level).  But then I stumbled upon a way around it.

I tried to open a file that did not have an association.  So it let me pick something to open it with. I chose CMD.EXE (it would not let me go to the command line itself).  And it opened a command line!  I was then able to switch to the infected directory, rename the file (not delete it, it was running) and reboot - and then clean everythiing up!

So I guess the key is to leave a disassociated file on your desktop? 

As for how your friend got it, I have had many people tell me the same thing.  One thing I have read is that when the infecting popup shows up, the only "clean" way of closing it is to crash your browser.  Any other click was probably programmed in by the authors to be a "yes".

My companion is not sure how he got it, but he had been looking at a slide show that he got in an email, just before the thing popped up.

You can browse in https mode on facebood (highly recommended).

You can also browse in virtual mode using Sandboxie (sandboxie.com) for x32 and x64, or BufferZonePro (free) for x32.

They give you a red line around your browser window and seemed to bother a couple of skins (sandboxie).

This thing will infect more than just a few files. It will blow itself through the registry and many areas of your system. You got lucky!

I have avoided it before by pulling the plug on the PC... how-ev-errrrrr.... that is NOT advisable.

A few weeks ago I flipped a breaker that turned out to be the computer room. 1 system shut down and the OS was hosed upon attempted reboot.

Yeah.  Try the old task manager next time and kill whatever web browser you are using.  It's also a good idea to not have firefox set to reload the last page you were viewing or you might be right back at square 1.

Them dang slideshows are frought with peril.

I guess I'm lucky then.

*looking over shoulder warrily*

Be very wary of Imageshack...I've had it try to install 3 times from the http://imageshack.us/ website so far.

I'm savvy enough to keep it from installing...it would be very easy to make the mistake of letting it load, so be careful.

The best way to avoid these type of attacts is to surf via Virtual PC and discard the changes to your session when closing.

I had the very same experiene! I finally did a restore in safe mode to get rid of it! It was really annoying and very malicious! It held me captive until I finally outsmarted it! I have no idea how it got there either, but I never want to experience that again!

Also, one of the best step by step guides for removing malware can be found here... http://forums.majorgeeks.com/showthread.php?t=35407

Okay I downloaded Sandboxie and it is very easy to set up.  It also has a tutorial that walks you through it.  Do the tutorial if you download.  I'm using the Argon Theme and do not have any red line around the browser window, haven't tried it yet with other skins.  The price is right, free. 

Thank you everyone for this good security reminder.  It's crucial to revisit good computer security practices regularly.  I'm the one that keeps our five family computers running in tip-top shape, and these reminders/best practices threads help tremendously.