Win 7 2011 Security virus

Ollie Stench · Posted: Wed Mar 02, 2011 6:38 am Post subject: Win 7 2011 Security virus

Got hit with one of these at work this morning. It takes over your web browser and says that you have a shit ton of virii and trojans, and the only way to get rid of them is to buy their $59 spyware suite. I *think* this came in when I was prompted to install an update to Java.

In task manager it runs as msk.exe and has a description of "steam".

I ran our virus scanner (ESET) and the newewst version of Stinger (2-28-11) and neither have found the virus. I ran Eusing registry celaner, and am half way through running spybot. I've got a call into our IT people about it, hopefully they can figure out what to do.

Mild Thing · Joined: 18 Sep 2007 Posts: 2459

Sounds like you got hit with a FAKE Java update:
http://forums.malwarebytes.org/index.php?showtopic=71902

Ollie Stench · Posted: Wed Mar 02, 2011 11:31 am Post subject:

yup, that's the one.

The Notorious SLH · Joined: 11 Apr 2005 Posts: 1593

Did you try a rollback?

7734 · Joined: 19 Sep 2003 Posts: 4173

Google search "combofix"

Take the link that has "bleepingcomputer..."
Download Combo fix on another machine using a keydrive, put Combo fix on your desktop and rename it "iexplore.exe" then double click it and follow the program through until it is complete.

Ollie Stench · Posted: Thu Mar 03, 2011 4:11 am Post subject:

The IT guys we contract with were able to fix the box using malwarebytes. We had to create a new profile for me, as it seems that the virus took all my regkeys with it when it was removed.

7734 · Joined: 19 Sep 2003 Posts: 4173

Fixed 4 boxes using combofix, never had to do shit as far as user profiles and reg keys. .02