Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Information > "Startnow"

Reply
Thread Tools

"Startnow"

 
 
thekmanrocks@gmail.com
Guest
Posts: n/a
 
      03-22-2013
This is a known virus, and upon browsing the Norton AV community forums I learned about and ran Norton Power Eraser.

As usual it failed to find "Startnow" or any other virus, so if Power Eraser cannot find it on my machine I guess nothing can.
 
Reply With Quote
 
 
 
 
Paul
Guest
Posts: n/a
 
      03-22-2013
http://www.velocityreviews.com/forums/(E-Mail Removed) wrote:
> This is a known virus, and upon browsing the Norton AV community forums I learned about and ran Norton Power Eraser.
>
> As usual it failed to find "Startnow" or any other virus, so if Power Eraser cannot find it on my machine I guess nothing can.


When I search for it, StartNow is a "toolbar".
And the proof, is where it is showing up on your computer.

AV programs are not generally set up to "blast" every toolbar they find.
The toolbar writers know this. Toolbar writers are slime-balls,
if you hadn't noticed. Their lawyers would complain about
"restraint of trade", if an AV company blasted them. They're
saints after all.

If I were to "slag" the designers at StartNow, right now,
in a day or so, a poster from StartNow will show up, claim
all the staff at the company are St.Francis of Assisi (holy as
can be, spotlessly clean), and I'm being unnecessarily harsh
in my criticism.

(A toolbar writer at work...)

http://www.catholic.org/images/saints/francis.jpg

I've had this kind of thing happen before,
when I happened to comment on another toolbar someone was
having a problem with. Their tech support sniff around for
bad comments about their business practices.

The toolbar writers, they tread a fine line. They cannot
intrude too far into the computer innards, for fear they
get on the "AV company removal list". They must make their
product obnoxious enough, it can't be removed by mere humans.
But not too obnoxious, or the AV companies will blast it with
both guns.

I'd surprised lawyers aren't writing that software

You don't want the Norton AV forum, because this is not a virus.
If something you hate is a "toolbar", then you need a "toolbar solution".
Some browsers have an "Add-Ons" or "Plug-ins" interface in the
browser, where items can be disabled. You can Google for
something like "StartNow removal" and see if anyone has a
canned procedure for toolbar removal. If the program had an entry
in the "Add/Remove" control panel, you could try to remove it there,
but that seldom works well. And if worse comes to worse,
there are tools like this.

http://www.bleepingcomputer.com/download/adwcleaner/

If you read the release notes for that program, you can see the
classification of the removal tool. You see, the
AV companies had to invent the PUP or Potentially Unwanted Program
classification, to be able to describe despicable business practice,
without the opponents lawyers getting update. That's why we call
it a PUP. It's inoffensive as a term.

http://general-changelog-team.fr/~xp...Cleaner_EN.txt

"AdwCleaner - Adware / Toolbar / PUP Removal Tool"

I can't vouch for the tool, as I haven't used it. The first
thing I do with stuff like this, is upload to Virustotal.com
to have it checked. Then, I have to do extensive reputation
checking (to see if anyone got screwed by using it). You
don't just blindly download and run *anything* these days.
That's how my machine stays clean. I have never been tagged
by a toolbar (knock on wood). I use Wine on Linux, to pre-test
downloads that I am suspicious about. If a download is packed
with something like UPX, the alarm bells are already going off...
I am suspicious by nature.

Paul
 
Reply With Quote
 
 
 
 
thekmanrocks@gmail.com
Guest
Posts: n/a
 
      03-22-2013
On Friday, March 22, 2013 2:03:21 PM UTC-4, Paul wrote:
> .com wrote:
>
> > This is a known virus, and upon browsing the Norton AV community forums I learned about and ran Norton Power Eraser.

>
> >

>
> > As usual it failed to find "Startnow" or any other virus, so if Power Eraser cannot find it on my machine I guess nothing can.

>
>
>
> When I search for it, StartNow is a "toolbar".
>
> And the proof, is where it is showing up on your computer.
>
>
>
> AV programs are not generally set up to "blast" every toolbar they find.
>
> The toolbar writers know this. Toolbar writers are slime-balls,
>
> if you hadn't noticed. Their lawyers would complain about
>
> "restraint of trade", if an AV company blasted them. They're
>
> saints after all.
>
>
>
> If I were to "slag" the designers at StartNow, right now,
>
> in a day or so, a poster from StartNow will show up, claim
>
> all the staff at the company are St.Francis of Assisi (holy as
>
> can be, spotlessly clean), and I'm being unnecessarily harsh
>
> in my criticism.
>
>
>
> (A toolbar writer at work...)
>
>
>
> http://www.catholic.org/images/saints/francis.jpg
>
>
>
> I've had this kind of thing happen before,
>
> when I happened to comment on another toolbar someone was
>
> having a problem with. Their tech support sniff around for
>
> bad comments about their business practices.
>
>
>
> The toolbar writers, they tread a fine line. They cannot
>
> intrude too far into the computer innards, for fear they
>
> get on the "AV company removal list". They must make their
>
> product obnoxious enough, it can't be removed by mere humans.
>
> But not too obnoxious, or the AV companies will blast it with
>
> both guns.
>
>
>
> I'd surprised lawyers aren't writing that software
>
>
>
> You don't want the Norton AV forum, because this is not a virus.
>
> If something you hate is a "toolbar", then you need a "toolbar solution".
>
> Some browsers have an "Add-Ons" or "Plug-ins" interface in the
>
> browser, where items can be disabled. You can Google for
>
> something like "StartNow removal" and see if anyone has a
>
> canned procedure for toolbar removal. If the program had an entry
>
> in the "Add/Remove" control panel, you could try to remove it there,
>
> but that seldom works well. And if worse comes to worse,
>
> there are tools like this.
>
>
>
> http://www.bleepingcomputer.com/download/adwcleaner/
>
>
>
> If you read the release notes for that program, you can see the
>
> classification of the removal tool. You see, the
>
> AV companies had to invent the PUP or Potentially Unwanted Program
>
> classification, to be able to describe despicable business practice,
>
> without the opponents lawyers getting update. That's why we call
>
> it a PUP. It's inoffensive as a term.
>
>
>
> http://general-changelog-team.fr/~xp...Cleaner_EN.txt
>
>
>
> "AdwCleaner - Adware / Toolbar / PUP Removal Tool"
>
>
>
> I can't vouch for the tool, as I haven't used it. The first
>
> thing I do with stuff like this, is upload to Virustotal.com
>
> to have it checked. Then, I have to do extensive reputation
>
> checking (to see if anyone got screwed by using it). You
>
> don't just blindly download and run *anything* these days.
>
> That's how my machine stays clean. I have never been tagged
>
> by a toolbar (knock on wood). I use Wine on Linux, to pre-test
>
> downloads that I am suspicious about. If a download is packed
>
> with something like UPX, the alarm bells are already going off...
>
> I am suspicious by nature.
>
>
>
> Paul

___________________

Thanks for the explanation, as usual!

This http://community.norton.com/t5/Norto...us/td-p/482820 ironically is the site where start-now was referred to as a "virus".

Apparently the Power Eraser did remove it from his system and he was satisfied.

As for myself, it did show up in Add/Remove Programs and I was able to eliminated there. Haven't seen/heard a peep out of it since.

Thanks for the tips!
 
Reply With Quote
 
Paul
Guest
Posts: n/a
 
      04-21-2013
Julie Bove wrote:
> <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> This is a known virus, and upon browsing the Norton AV community forums I
>> learned about and ran Norton Power Eraser.
>>
>> As usual it failed to find "Startnow" or any other virus, so if Power
>> Eraser cannot find it on my machine I guess nothing can.

>
> Yep. My daughter got one that only attacks Windows 7. I can't remember now
> what the name was. She went to Facebook, did nothing other than that, just
> went there. Computer repair people said it was probably in an ad that was
> there. Some rogue thing popped up, pretending to be an AV and asking her to
> pay for it. It disabled not only whatever her AV is...Avast? Maybe, can't
> remember... But Malwarebytes too And disabled my ability to start it in
> safe mode. They said it was particularly pesky and there was nothing we
> could do to stop it.
>


Just keep collecting tools

The one I run occasionally, is a Kaspersky rescue disc.
It does an offline scan. The positive aspect of that
approach, is the malware can't block it (at least, until
multi-OS malwares are introduced, which will happen some
day). The negative aspect, is there is no ability to look
for behaviors. For example, there is a tool which searches
for botnet behavior, and it watches the kinds of IP connections
a computer makes while it is running Windows. And that one
doesn't use AV definitions (signatures). Instead, it uses
heuristics (for example, your computer is caught visiting
a Russian Business Network site).

Since Windows is not running, when the Kaspersky
disc is booted, it can't do any behavior-based checking.
All it can do, is check for signatures. Which is still good,
but not a complete form of protection.

http://support.kaspersky.com/8092

"Iso image of Kaspersky Rescue Disk 10 (237 MB)"

I've tried a couple other tools of that nature, and
never got a warm feeling from them.

You download the ISO9660 file, and use a burning application
like Imgburn, to prepare a bootable CD from it. On the day you
download it, the AV definitions will be no more than a week old.
When you boot the CD, the first thing it does is try to connect
to the Internet, to update the definitions. If for some reason
you cannot update the definitions, then the definitions provided
on the day of download will be used.

And obviously, that tool will do nothing to a "toolbar".
A program has to have a worse reputation than just being
a PUP, before that program will prompt you concerning
quarantine or deleting it.

Tools like Combofix, can remove a bunch of different
things, but it isn't recommended for end users to
wade in with a thing like that and use it. It's intended
for "guided" usage, where someone on one of the malware
removal forums tells you how to use it (feed it a script).

But some toolbars are far enough under the radar, you
might not (easily) find a solution. A search engine will
tell you all sorts of "just go to Add/Remove and remove it"
junk, but we all know that won't work. I like how the
search engine always prioritizes those (useless) references,
when the real cure is buried under pages of other links.

*******

facebook.com is the only site I block with my HOSTS file
I can't even visit there for a look. Bummer.
I just got tired of being tracked by them, when I visited
news sites and the like. There's probably about another
800 entries I could put in the HOSTS file, but that one
annoyed me.

Paul
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Advertisments