Singapore Expats Forum

istartsurf.com

Discuss about computers & Internet. Including mobile phones, home appliances & other gadgets. Read about Windows security risks or virus updates.
nanana
Chatter
Chatter
Posts: 261
Joined: Fri, 25 Apr 2008

istartsurf.com

Postby nanana » Sat, 27 Sep 2014 4:26 pm

HELP! how do i get rid of this hijacker that automatically changed my homepage and flooding me with tonnes of pop-up ads?

User avatar
sundaymorningstaple
Moderator
Moderator
Posts: 35103
Joined: Thu, 11 Nov 2004
Location: Still Fishing!
Contact:

Postby sundaymorningstaple » Sat, 27 Sep 2014 8:25 pm

You can try using this. It's a bit technical but all the instructions I've found are similar. Malwarebytes is good software as as they are using this in conjunction with their instructions, I would think it's a hopeful solution.

http://malwarerescue.com/knowledgebase/ ... e-removal/

User avatar
JR8
Immortal
Immortal
Posts: 16514
Joined: Wed, 24 Mar 2010
Location: K. Puki Manis

Postby JR8 » Sat, 27 Sep 2014 10:12 pm

I periodically sweep with Malwarebytes, as above.

When I'm doing a full clean-up, maybe monthly...

- Malwarebytes
- Hitman Pro
- Adwcleaner
- CCleaner
[Sometimes then also do a 'disk defrag/compact']

All of that is aimed at getting as much trash/debris off the HDD as possible. Then do a back up using Acronis True-Image to an external (in another room in fact) hard disk.

nanana
Chatter
Chatter
Posts: 261
Joined: Fri, 25 Apr 2008

Postby nanana » Sun, 28 Sep 2014 12:31 am

i can't seem to completely remove that virus. :(
at one point, after installed one of the software that claimed to be able to remove it (can't remember what's the name), I can't even use my browser anymore. it says ‘can't connect to proxy server'. what does tht mean?
anyway, just wonder if i uninstall my browser, and reinstall a new one, will it help?

or rather, where can i go to get this fix?

User avatar
JR8
Immortal
Immortal
Posts: 16514
Joined: Wed, 24 Mar 2010
Location: K. Puki Manis

Postby JR8 » Sun, 28 Sep 2014 8:50 am

nanana wrote:i can't seem to completely remove that virus. :(
at one point, after installed one of the software that claimed to be able to remove it (can't remember what's the name), I can't even use my browser anymore. it says ‘can't connect to proxy server'. what does tht mean?
anyway, just wonder if i uninstall my browser, and reinstall a new one, will it help?

or rather, where can i go to get this fix?


This reminds me of the 'Snap.do' browser hijacker, each time you thought you'd killed it, it came back again.... until you killed it the right way, for good. That involved amending Registry entries etc, ...

Google on 'help istartsurf'. There are a lot of hits there.

Sounds like the hijacker is redirecting you to it's site, the the site is overloaded... /ironic

Not much point installing an alt browser if the malware is still on your PC and your new browser is also susceptible to it.

User avatar
sundaymorningstaple
Moderator
Moderator
Posts: 35103
Joined: Thu, 11 Nov 2004
Location: Still Fishing!
Contact:

Postby sundaymorningstaple » Sun, 28 Sep 2014 9:48 am

You also have to clean your broswer shortcuts as if you check the properties of the shortcut you will see that they have also been corrupted. You need to open the properties of the shortcuts and correct them also.

I believe, after you have finished the cleaning you also have to reset your browser to all of it's default setting as well.

User avatar
zzm9980
Governor
Governor
Posts: 6841
Joined: Wed, 06 Jul 2011
Location: Once more unto the breach

Postby zzm9980 » Sun, 28 Sep 2014 10:29 am

Download, install, and use Google Chrome exclusively.

If you still have issues, create a new 'user' on your computer (in the control panel) and start using that. Move your documents over. Don't log in to the old one.

If you *still* have problems, you'll need to reinstall the OS or run some malware cleaning tools that will most likely need you to boot off a different disk. You'll probably need professional assistance for that.

nanana
Chatter
Chatter
Posts: 261
Joined: Fri, 25 Apr 2008

Postby nanana » Sun, 28 Sep 2014 12:09 pm

thanks guys. i created a new user on my laptop. and the browser seems to be working fine now.

so is that means the virus only affects my old browser? or i still need to do something about it to completely clean it?

i'm gonna move some files to this new user account. just afraid that if i'll move the virus along. how should i avoid that?

User avatar
zzm9980
Governor
Governor
Posts: 6841
Joined: Wed, 06 Jul 2011
Location: Once more unto the breach

Postby zzm9980 » Sun, 28 Sep 2014 12:33 pm

Most likely the 'virus' only changed your browser settings on the other account.

Did you install Google Chrome? It's a great browser with better default security settings which make it less likely for this to happen.

Moving your photos and office documents should be completely safe. Moving and then opening random things you downloaded with your old browser (especially EXEs) is dangerous.

eycoin
Newbie
Newbie
Posts: 9
Joined: Thu, 29 Sep 2011

Postby eycoin » Sun, 28 Sep 2014 3:37 pm

most likely you installed something that causes the changes.
Try finding the cause, install a antivirus.
Homepage can be changed back on any browser configuration.

User avatar
JR8
Immortal
Immortal
Posts: 16514
Joined: Wed, 24 Mar 2010
Location: K. Puki Manis

Postby JR8 » Sun, 28 Sep 2014 3:47 pm

eycoin wrote: Homepage can be changed back on any browser configuration.


Until it changes it back a short while later, and keeps on doing it over and over.

That gets boring very quickly. Another reason why it's best to root it out at source (it's deeeeepest source) ASAP...

nanana
Chatter
Chatter
Posts: 261
Joined: Fri, 25 Apr 2008

Postby nanana » Tue, 30 Sep 2014 9:39 pm

apparently my browser only worked for the first time in the new user account. the next time when i used it, it started to flood me with all sort of ads again, although this time istartsurf.com didnt appear in my homepage anymore.

i dont understand. i do have up-to-date McAfee installed. and that can't even protect me with this virus?! :mad:

so, is that means now i have to delete everything and start to re-install all the programs in my computer?

p/s i had google chrome installed. but it seems like it is affected by it too.

User avatar
Strong Eagle
Moderator
Moderator
Posts: 11044
Joined: Sat, 10 Jul 2004
Location: Off The Red Dot
Contact:

Postby Strong Eagle » Tue, 30 Sep 2014 10:25 pm

These kinds of malware can be quite clever. For example, it might start a service on reboot that copies and renames a file in your system32 folder, such that no matter how many times you delete it, the file will pop back up again. Or, there will be a buried registry entry that controls its propagation. Or there will be a rootkit.

If you don't want to reimage your PC, then you will have to go through a multi-step process that will investigate services, registry, temp files, windows shortcuts, startup folder, and browser extensions and plugins.

There are a handful of good sites where people will actually go through the steps to help you remove malware. Typically, they will ask you to install a piece of sniffer software, then post the results to the forum so that it can be investigated.

You might try this page for additional removal instructions: http://malwaretips.com/blogs/remove-istartsurf-virus/

Or this one: http://www.techsupportall.com/how-to-re ... oval-help/

You might also get help from this forum: https://forums.malwarebytes.org/index.p ... oval-help/

PS: I don't like MacAfee. You installed the stuff that is infecting your computer... it didn't magically jump onto it from an internet infection. This crap gets installed when you install some kind of freeware, and you fail to uncheck all the boxes about installing additional 'free', 'helpful' software... and sometimes the freeware just installs this crap anyway.

This stuff is called PUP - potentially unwanted program, and your anti-virus should be able to detect it in the download files for the install. I use Webroot, and it is almost a pain in the ass because it detects stuff as PUP that I do want to install.

Edit: A couple more forums where you can ask for help.

http://www.bleepingcomputer.com/forums/ ... oval-logs/

http://www.geekstogo.com/forum/forum/37 ... e-removal/

User avatar
zzm9980
Governor
Governor
Posts: 6841
Joined: Wed, 06 Jul 2011
Location: Once more unto the breach

Postby zzm9980 » Tue, 30 Sep 2014 11:39 pm

^- what SE said above. If the problem follows you to other user accounts then it is system wide. The only way to fully solve it is proper cleaning, or re-imaging your system. Don't take offense, but that would be difficult to walk someone without technical skills through. Find a smart nephew or something, or (shudder) take it to Sim Lim.

nanana
Chatter
Chatter
Posts: 261
Joined: Fri, 25 Apr 2008

Postby nanana » Thu, 02 Oct 2014 8:44 pm

strong eagle: thanks for the links. i followed some of the steps from it. I went through the multi-steps process to get rid of whatever nasty stuff that needed to be removed.

to those who are in similar situation:
I had the revo uninstaller pro installed. I removed a program called solus, and everything that came with it. at least by now, the 'free lotto to win' site never pop up again whenever i start a new page.

i'm yet to remove ads from adchoices. they are equally annoying.


Return to “Computer, Internet, Phone & Electronics”

Who is online

Users browsing this forum: No registered users and 2 guests