Remove Ikasutmi Chrome Extension (“Add Extension” Scam)

Can’t Remove Ikasutmi ads? This page includes detailed ads by Ikasutmi Removal instructions!

Ikasutmi pretends to be a useful extension for your browser. Yet, this app is nothing but a nasty browser hijacker. It is part of a massive “Add Extension” Scam. The scheme is simple. Your browser gets redirected to suspicious websites. There, a message reads “Are you sure to leave this site?.” Yet, you just loaded the page. You haven’t attempted to leave yet. The message is part of the design of the website. It is fake. If you click on either of the provided buttons “Leave” or “Stay”, the outcome will be absolutely the same. You will enable your browser’s full-screen mode. The website is trying to disorientate you. It will make your cursor blink and play audio alerts. This page also uses a special script to prevent you from closing it. If you are not sure what to do, use your Task Manager to close your web browser. The crooks behind Ikasutmi, use their app to exploit vulnerabilities in many advertising platforms. Once you install their pesky app, they will make money for every ad you click on. To generate bigger revenue, Ikasutmi will drown you in a sea of advertisements. Every website you visit will be covered in banners and in-text adverts. Your online videos will get paused for commercial breaks. On top of that, you will get constantly redirected to unknown websites. Unfortunately, your computer is already infected. Otherwise, you wouldn’t have ended up on Ikasutmi’s website. Somewhere around your system, an adware application is lurking. You must find it. This pest is ruining your browsing experience. Delete it upon discovery.

How did I get infected with?

There are many ways for a malicious program to travel the web. Spam emails, malvertising, torrents, freeware bundling, etc. These are just some of the most commonly used techniques. They have something in common, however. They rely on your carelessness. If you were a bit more careful, you could have prevented them from succeeding. Let’s take the bundling method for an example. When you install programs, opt for advanced installation. Only under it will you be able to see all traditional programs that are about to be installed. If you use the standard installation, however, all extras will be installed without your explicit approval. The standard installation is completely automatic. Once you initiate it, you lose control over it. The crooks often attach malicious programs to the installation files of many free programs. So, be extremely careful when you install free apps. Always choose the advanced method and read the terms and conditions/EULA. We know how annoying these steps are. Yet, there is no other way to spot breaches. Trust your instincts. If you feel that something looks suspicious, there probably is a good reason for that. Abort the installation.

Why is this dangerous?

Unfortunately, it is true. You have the Ikasutmi’s adware application installed on your computer. It is ruining your browsing experience by displaying numerous advertisements. It is also redirecting you to questionable websites. Yet, it appears to be more annoying than dangerous. Well, this is not true. The adware is not a program you should keep on your PC. It monitors your online activities and sells the data to third parties. Thus, if you use your computer to pay the bills and to make an online purchase, the adware will record your usernames, passwords, credit card details and billing address. You wouldn’t wish for this information to get exposed to the public, would you? Of course, not! But wait, there is more going on. The privacy issue is far not the only problem caused by the adware. This furtive app may lure you into downloading more malware. Just as you were about to install the Ikasutmi app. Hackers often use adware applications to spread corrupted links and adverts. One click on the wrong ad can download a virus directly on your machine. So, take immediate measures. Track this infection down and delete it on the spot!

How to Remove Ikasutmi virus

The Ikasutmi infection is specifically designed to make money to its creators one way or another. The specialists from various antivirus companies like Bitdefender, Kaspersky, Norton, Avast, ESET, etc. advise that there is no harmless virus.

If you perform exactly the steps below you should be able to remove the Ikasutmi infection. Please, follow the procedures in the exact order. Please, consider to print this guide or have another computer at your disposal. You will NOT need any USB sticks or CDs.

STEP 1: Track down Ikasutmi in the computer memory

STEP 2: Locate Ikasutmi startup location

STEP 3: Delete Ikasutmi traces from Chrome, Firefox and Internet Explorer

STEP 4: Undo the damage done by the virus

STEP 1: Track down Ikasutmi in the computer memory

• Open your Task Manager by pressing CTRL+SHIFT+ESC keys simultaneously
• Carefully review all processes and stop the suspicious ones.

• Write down the file location for later reference.

Step 2: Locate Ikasutmi startup location

Reveal Hidden Files

• Open any folder
• Click on “Organize” button
  
• Choose “Folder and Search Options”
• Select the “View” tab
• Select “Show hidden files and folders” option
• Uncheck “Hide protected operating system files”
• Click “Apply” and “OK” button

Clean Ikasutmi virus from the windows registry

• Once the operating system loads press simultaneously the Windows Logo Button and the R key.

• A dialog box should open. Type “Regedit”

• WARNING! be very careful when editing the Microsoft Windows Registry as this may render the system broken.

Depending on your OS (x86 or x64) navigate to:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] or
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] or
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

• and delete the display Name: [RANDOM]

• Then open your explorer and navigate to: %appdata% folder and delete the malicious executable.

Clean your HOSTS file to avoid unwanted browser redirection

Navigate to %windir%/system32/Drivers/etc/host

If you are hacked, there will be foreign IPs addresses connected to you at the bottom. Take a look below:

STEP 3 : Clean Ikasutmi traces from Chrome, Firefox and Internet Explorer

• Open Google Chrome

• In the Main Menu, select Tools then Extensions
• Remove the Ikasutmi by clicking on the little recycle bin
• Reset Google Chrome by Deleting the current user to make sure nothing is left behind

• Open Mozilla Firefox

• Press simultaneously Ctrl+Shift+A
• Disable the unwanted Extension
• Go to Help
• Then Troubleshoot information
• Click on Reset Firefox

• Open Internet Explorer

• On the Upper Right Corner Click on the Gear Icon
• Click on Internet options
• go to Toolbars and Extensions and disable the unknown extensions
• Select the Advanced tab and click on Reset

• Restart Internet Explorer

Step 4: Undo the damage done by Ikasutmi

This particular Virus may alter your DNS settings.

Attention! this can break your internet connection. Before you change your DNS settings to use Google Public DNS for Ikasutmi, be sure to write down the current server addresses on a piece of paper.

To fix the damage done by the virus you need to do the following.

• Click the Windows Start button to open the Start Menu, type control panel in the search box and select Control Panel in the results displayed above.
• go to Network and Internet
• then Network and Sharing Center
• then Change Adapter Settings
• Right-click on your active internet connection and click properties. Under the Networking tab, find Internet Protocol Version 4 (TCP/IPv4). Left click on it and then click on properties. Both options should be automatic! By default it should be set to “Obtain an IP address automatically” and the second one to “Obtain DNS server address automatically!” If they are not just change them, however if you are part of a domain network you should contact your Domain Administrator to set these settings, otherwise the internet connection will break!!!

You must clean all your browser shortcuts as well. To do that you need to

• Right click on the shortcut of your favorite browser and then select properties.

• in the target field remove Ikasutmi argument and then apply the changes.
• Repeat that with the shortcuts of your other browsers.
• Check your scheduled tasks to make sure the virus will not download itself again.

How to Permanently Remove Ikasutmi Virus (automatic) Removal Guide

Please, have in mind that once you are infected with a single virus, it compromises your system and let all doors wide open for many other infections. To make sure manual removal is successful, we recommend to use a free scanner of any professional antimalware program to identify possible registry leftovers or temporary files.