Ho ho ho. I got a merry f***ing Christmas present from the internet - the 'Win 7 Antivirus 2012' virus. I have no idea hwo I got it or why my Anti-virus software didn't block it. I wasn't on any kind of a dodgy site, so my best guess is I accidentally clicked on an ad on Facebook that dropped this bomb on me. Regardless, the damage was done and I couldn't do squat on my computer. All of my shortcuts (e.g. Windows Explorer, Task Manager, Windows Firewall, Internet Explorer, etc.) only took me to the a pop-up from the stupid virus who kept telling me my computer is infected and I should purchase the full version of 'Win 7 Antivirus 2012.' Gotta hand it to them, as it looks almost official. If it weren't for that fact that I hadn't downloaded any Windows updates and that it broke everything on my computer, I may have almost believed it was a real Microsoft product.
Since I had difficulty openning anything, I had to open Task Manager by the menu item from Ctrl-Alt-Del. As I looked at the things that were running, sorted by either CPU or memory usage, I noticed one program, ihv.exe, that looked suspicious. Looking at its properties, it was described as a Profiler Script, created right about the time all this shit started happenned. It was located under C:/Users/Diana/AppData/Local. I killed the two instances of ihv.exe running in Task Manager, removed the file, and emptied the Recycle bin. This stopped the virus pop-up but all of my shortcuts were hosed. Instead of repointing everything, I restored my system to yesterday's configuration through Control Panel -> Recovery. This fixed all of the short cut problems and now everything seems to be working fine. I'm running the McAfee virus scan now as a check, but hopefully that took care of it.
Btw, Microsoft has a forum answer here on how to remove it also: http://answers.microsoft.com/en-us/windows/forum/windows_7-security/how-do-i-remove-win-7-anti-virus-2012/5957f0ae-a956-43d8-821b-2e2ea226859f. I didn't read it all, but there's a lot of info there that may help you too.
No comments:
Post a Comment