locked
Blue Star Virus? RRS feed

  • Question

  •  

    There is an issue with current system files that have corrupted machines via autorun.inf

    The infected computers have ether a browser type hijack on IE7 or the "Blue Star" appears in the task bar. This has been an on going attack on our systems. Previously to this "blue star" attack machines were logging into a domain without authentication as if they had root priviliges. The system seemed to be running and the start menu was accessable, however the login "Press CTRL+ALT+DEL" screen remained. When you tried to use the machine the start menu had the terminal call "computername-$". The system was wide open microsoft?

    This system continued replicate across a domain using every trick possible? It is getting quite annoing that even the newest updates from McAfee, Panda, etc.. can not seem to find. Let it be known that this has been documented with the utmost care. Any thoughts on traking malformed arp cache?

     

     

    potential look-a-likes

    http://networks.daposts.com/thread/2342764

     

    Saturday, March 29, 2008 3:24 PM

Answers

  • Use a good antivirus program to protect against malware intrusion, such as Windows OneCare.  You can try it FREE for 90 days. http://onecare.live.com/standard/en-us/default.htm

     

     

     

    Sunday, March 30, 2008 7:26 PM
    Moderator
  • What would someone do if they bought the computer as a laptop you don't even get windows installation CD's...
    I will mark your attempt as the solution however it is pitiful that all windows can do is reply with is
    "Install again... sorry you should know this by now... "
    Thursday, April 3, 2008 5:09 PM

All replies

  • Your computer is massively infected with malware and requires a clean install
    of Windows.

    Cleaning a Compromised System
    http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx

     

     



    Saturday, March 29, 2008 4:31 PM
    Moderator
  • Codification,

     

    Carey is right....  Unfortunately the best way for eradicating maleware and virsus infestions is to re-image your computer. There are other options available. Please visit http://onecare.live.com/standard/en-us/default.htm and research Microsoft's One Care Live solution. This suite will help detect and eradicate both maleware and viruses from your system. Programs run behind the scenes while you work to detect problems.  Also you can use a variations of programs used as a cocktail to help thwart situations. Here are some programs I use which have helped:  Super Anti-Spyware, Avast Anti-Virus, Ad-Aware 2007 and Microsoft's Windows Defender. Hopefully this information will point you in the right direction. Please note that I am not endorsing in anyway the programs but only letting you know what has worked for me :-).

     

    Again I would wipe your system and then look @ the aforementioned programs for prevention methods.

     

     

    Stephen Holm

    WGA Forum Volunteer

    Sunday, March 30, 2008 4:14 AM
  • This is great for now this has been the standard approach however prevention seems unlikely? Any thoughts on how to stop the arp spoofing? This technolgical flaw has been documented as far back as your MSSE and MCSE NT learning kit. The documentation was provided purly as an explanation of what it is? So the hoards of anti-virus software are only effective after the infection. I have been told that the technological change in vista should help however at the lowest of levels I believe there has been no development, only link layer designs. (<- very nice) I am not in the field of security, however as a user when it is directly in your face you have no choice but to become a certified software specialist. When it purly seems to be a hardware related issue? enough said...

    Sunday, March 30, 2008 6:26 PM
  • Use a good antivirus program to protect against malware intrusion, such as Windows OneCare.  You can try it FREE for 90 days. http://onecare.live.com/standard/en-us/default.htm

     

     

     

    Sunday, March 30, 2008 7:26 PM
    Moderator
  • What would someone do if they bought the computer as a laptop you don't even get windows installation CD's...
    I will mark your attempt as the solution however it is pitiful that all windows can do is reply with is
    "Install again... sorry you should know this by now... "
    Thursday, April 3, 2008 5:09 PM