I have not had time to view Doc's video (will do so in a bit), but a friend got a bug just like that one. I was about to reformat and re-install! (not quite, I had other options, but you can see the frustration level). But then I stumbled upon a way around it.
I tried to open a file that did not have an association. So it let me pick something to open it with. I chose CMD.EXE (it would not let me go to the command line itself). And it opened a command line! I was then able to switch to the infected directory, rename the file (not delete it, it was running) and reboot - and then clean everythiing up!
So I guess the key is to leave a disassociated file on your desktop?
As for how your friend got it, I have had many people tell me the same thing. One thing I have read is that when the infecting popup shows up, the only "clean" way of closing it is to crash your browser. Any other click was probably programmed in by the authors to be a "yes".