I just cleaned a copy of this beast out of my cousin's machine a few weeks ago. This thing does a pretty respectable job of locking down your system when you start trying to remove it. Half of the start menu gets disabled. No 'Run,' no 'Search' no access to root drives. 'Your system administrator has disabled task manager.' No problem, right? Just boot up in safe mode. But then I find there is some low level process killing explorer.exe every six seconds. In the end, I had to to mount the drive as a secondary on a different machine and scan it from there.

It does look pretty convincing. I can see where an average windows user would fall for it... maybe even a slightly above-average one. I had to laugh, though, when it kept telling me about these incoming hack attempts while it was off the network.

I had to dig it out of one of our sales rep's laptop a few weeks back. I sort of, in a round about way, accused him of surfing porn, but now it looks like he was hijacked from a Google maps search.

Just did the Boss-Man's Laptop, he got it from a news site.

There is a Free Utility that worked great for me. MBAM.exe Takes a while but worked on its own without a bunch of prompts to pay attention to.

This bad boy has earned me several american pesos from the folks who were lucky enough get it.

Thanks malware writers!?

I got it probably from a porn site but not totally sure... I got so mad I just wiped PC :)

Cool article. Still people are morons.