Wanted to contribute some info.
Had a client call me with this on Wednesday morning. I used my Acronis Rescue Media to create a disk backup onto an empty external drive then ran ESET SysRescue from a CD which found 1780 infections. Cleaning wasn't an option so I deleted them. Booting into Windows I had to re-enable a number of services which had been changed to disabled (Security Services and Windows Update to name 2). Microsoft Security Essentials was manhandled by the virus, it called the infection Crowti.A and Crowti.B in the detected items list and had them as "Quarantined". I have uninstalled and reinstalled MSE from a new download.
All of the docs, pics and such are corrupted. Fair to say as of right now, no chance of recovery?
I will hang onto the Acronis image for now, hopefully someone can develop a method of decrypting. If I can be of assistance, please let me know.
I have been using MSE pretty much since it was 1st introduced back in the day (on my systems and also recommending it for clients). Are there AV programs that were able to get in front of this? I am concerned that MSE was caught with it's pants down.
Hopefully I don't start getting a flood of calls ...