But I can't use Google at all; with IE or Firefox either one. All the links are hijacked by ads.
ThreatExpert has three reports of it. It seems to overwrite iexplore.exe, if I understood it right. I did uninstall and reinstall IE8 but I had a lot of problems doing that and it wouldn't let me delete some of the files; said they were in use by another program. So maybe the corrupted files weren't overwritten when I reinstalled.
From what I read on ThreatExpert, I think this thing maybe does a whole lot of over-writing of files. According to ThreatExpert, it also overwrites some Macromedia shockwave files.
And it never seems to do the same thing twice; the file names are different in each report. The name gwprimawega shows up in IE's Addon's, and in one of the Registry entries. Otherwise the DLL's are named differently. I found them by the timestamp.
I'm hoping somebody has an easy fix for this but I haven't come across any good news yet. I did manage to delete (or quarantine) a good share of it, using the info from ThreatExpert to find most of the files. But the damage done to IE and system files is another matter. I uninstalled Firefox completely and have not re-installed it yet.
One article said that malware is targeting Firefox: installs their malware as an Add-on. I was using Firefox when it happened, and I did get a message that a new Addon had been installed. A windows-update window was also open. I tried to stop it but it all happened rather quickly.
I recently switched to Firefox because it's supposedly better and safer, but now they're saying (in that article I read) that Firefox is vulnerable.