Re: Blue Star Virus

CK wrote:
Symantec is installed on the computer, is running, but still the
computer got infected. Symantec has no clue, does it?

Syamntec in antivirus not a anti malware/spyware.

What is the difference between antivirus and antispyware?

Symantec advertises with

"# Detects and removes spyware and viruses
# Blocks spyware and worms automatically"

for their antivirus product.

Of course. Unless you have good backups.
If data is infected thr is no use of backups at all . so leave this
issue.

If you have a backup you can restore a clean system and compare your
backed up data with the current one. This will show what has been
modified.

Why do you think the computer is clean afterwards? Some people posted

Why do you think running some anti-something software will clean the
computer from all malware?

about this virus that it plays nice games with antivirus software,
popping back right after its files have been removed. Symantec did not
catch it.

Symantec is not good as i stated above also.. Now if u now windows OS

The other security suites are not any better.

then you should know if windows is not genuine then bluestar servie
wil pops up again and again stating to install genuine windows.

I know. How is that related to this virus?

Why do you think this virus uses "blue star" as text in the registry?
Why do you think the virus uses "bluestar" as filename?
May be or may not be but whats bad in giving it a shot.

Because it is futile. Either you check the whole registry looking for
all suspicious changes (which is basically impossible) or you restore
a clean backup. They won't call it "bluestar" neither in the registry
nor the filesystem to make it easy for you to remove it.

If you have an infected computer you don't want to try a few things
here and there "giving it a shot". Don't play around with infected
machines. Reinstall the computer.

Why do you think cleaning the registry would help at all?
Cleaning the registry is needed. Every service which start at startup
add itself automatically to regedit\localmachinepolicy\
So if u clean the machine it wont help u need to clean the startup
registry as well

Any malware which is running quickly puts back the registry keys which
you remove manually.

To clean the registry you must know very well what information is
contained there, how it is related, and how to clean it without
breaking the system. There are many registry cleaners out there which
try to clean your registry to make the system perform better. Still
frequently users run into issues afterwards that some software does
not work at all or crashes. If they don't get it right I doubt the
average user will be able to clean all remnants of some malware from
the registry. Simply searching for "bluestar" in the registry won't
get rid of it...

Gerald
.

Relevant Pages

  • Re: Avast TRUE positive with DVD Region + CSS free
    ... now it's clean. ... Were there any symptoms of the infection, ... | How many AV programs actually can clean the registry and OS/programs ... Symantec has traditionally been bad at removing Registry modifications and is one of the ...
    (alt.comp.anti-virus)
  • Re: (OT) Computer Question
    ... I found 5 virii and one malware, but I still can't get to Automatic ... Aren't the malware and virus scans supposed to clean the Registry? ...
    (alt.autos.toyota)
  • Re: (OT) Computer Question
    ... >> Aren't the malware and virus scans supposed to clean the Registry? ... because I have a shrewd and frugal attitude towards how I spend my money. ...
    (alt.autos.toyota)
  • Re: Tool to search for changed reg keys
    ... And I removed the trojans and malware, ... It depends on what registry values you're talking about. ... the machine isn't really clean. ... Another possibility is to do a Repair Install, ...
    (microsoft.public.security)