Hello I have a virus in my Pc there are a message will appear in top of each tool bar for every windows in O.S. this message is *BLUE STAR* and I am us Symantec antivirus. Any suggestion to How can erase this virus thnx
Why is this even a question? Flattening and rebuilding is the only viable option at all.
But why would you do so? Since the purpose of Symantec software is to make the system vulnerable, isn't being exploited the goal of your system?
[useful portion of Sebastian's post begins here
It's true. You can't trust the system any long after it's been infected with malware. The fastest way back to happy status is rebuilding the box from original media. Backup data first of course (external usb hard drive is handy for such), but you'll want to rebuild from original media, bring the system up to date with windows update as many times as it needs from behind a hardware firewall device of some sort, add back a good antivirus product like eset nod32, update it to the latest, attach the external disk with your (likely dirty data), scan it and then copy it over into a directory that you look upon VERY suspiciously.
[useful portion of Sebastian's post ends here]
If he ran as a non-admin user, then flattening and rebuilding the user account together will all the programs and data he had access to would be sufficient. The problem hereby is that he ran Symantec software, so most likely the system already exploited one of its privileged services directly, and even if not it could still trivially escalate privileges.
I think your system is been hitted by malware.. and while scanning with symantec you must got the idea where the malware residing in the pc. Rebuilding is a big task if you have lots of application running on your BOX
I suggest you clean the system with latest antimalware, you can try below i used it once its okay
Thanks..CK
Symantec is installed on the computer, is running, but still the computer got infected. Symantec has no clue, does it?
Of course. Unless you have good backups.
okay
Why do you think this virus uses "blue star" as text in the registry? Why do you think the virus uses "bluestar" as filename? Why do you think cleaning the registry would help at all?
Gerald
Syamntec in antivirus not a anti malware/spyware. Yes it happened with Symantec it dectects a threat but cannt clean or qurantine it but keep poping threat alert.
If data is infected thr is no use of backups at all . so leave this issue.
Symantec is not good as i stated above also.. Now if u now windows OS then you should know if windows is not genuine then bluestar servie wil pops up again and again stating to install genuine windows.
May be or may not be but whats bad in giving it a shot.
Cleaning the registry is needed. Every service which start at startup add itself automatically to regedit\\localmachinepolicy\\ So if u clean the machine it wont help u need to clean the startup registry as well
Rgds...CK
What is the difference between antivirus and antispyware?
Symantec advertises with
"# Detects and removes spyware and viruses # Blocks spyware and worms automatically"
for their antivirus product.
If you have a backup you can restore a clean system and compare your backed up data with the current one. This will show what has been modified.
Why do you think running some anti-something software will clean the computer from all malware?
The other security suites are not any better.
I know. How is that related to this virus?
Because it is futile. Either you check the whole registry looking for all suspicious changes (which is basically impossible) or you restore a clean backup. They won't call it "bluestar" neither in the registry nor the filesystem to make it easy for you to remove it.
If you have an infected computer you don't want to try a few things here and there "giving it a shot". Don't play around with infected machines. Reinstall the computer.
Any malware which is running quickly puts back the registry keys which you remove manually.
To clean the registry you must know very well what information is contained there, how it is related, and how to clean it without breaking the system. There are many registry cleaners out there which try to clean your registry to make the system perform better. Still frequently users run into issues afterwards that some software does not work at all or crashes. If they don't get it right I doubt the average user will be able to clean all remnants of some malware from the registry. Simply searching for "bluestar" in the registry won't get rid of it...
Gerald
go to C:\\Program Files\\bluestar and delete this folder. that's all - virus erased.
SCNR M
Hi All tthnx to you support but couldn't removed this till now. According to (M method) I am not found folder under "C:\\Program Files\\bluestar". Rgd
WTF? You formatted the harddisk and it's still not removed?
You wouldn't even recognize irony if if bites you in your a$$?
ridha, see SG's original response: "Flattening and rebuilding is the only viable option at all." The proposed action is supported:
You may wish to consult an expert (computer shop) who can help you re-building your OS.
Alternatively you could: Download David H. Lipman's MULTI_AV.EXE from the URL:
Once you've clicked this link, it will bring to:
If however the 'Download file' window does not appear don't panic, don't click, don't do anything, just look for:
Der Download started in wenigen Sekunden automatisch. Fall nicht, klicken Sie bitte -hier-.
Translated to English: The download process is going to start in a few seconds. If not, click -here-.
This should be pretty self-explanatory.
Additional Instructions:
Still no luck? Go to:
Read, comprehend and implement.
Good luck :)
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.