Portalne.ws “Virus” Removal (Firefox/Chrome)

Parasite may reinstall itself multiple times if you don't delete its core files. We recommend downloading SpyHunter to scan for malicious programs installed with it. This may save you hours and cut down your time to about 15 minutes. 

Download SpyHunter Anti-Malware

More information on SpyHunter, steps to uninstallEULAThreat Assessment Criteria, and Privacy Policy.

This page aims to help you remove Portalne.ws “Virus”. These Portalne.ws removal instructions work for Chrome, Firefox and Internet Explorer, as well as every version of Windows.

Portalne.ws and its “family” members

Portalne.ws has been categorized as a browser hijacker. Generally speaking, browser hijackers are programs that might modify the browsers of the affected user. No type of browser could skip an infection with a hijacker – neither Chrome, nor Firefox, or any of the other popular ones. The modification of the browsers that a hijacker like Portalne.ws might cause might happen in the following directions:

  • The affected browser might begin a mass production of diverse online advertisements such as banners, tabs, boxes and pop-ups.
  • The entire appearance of the affected browser could be altered – a new and completely unknown homepage and search engine could be set.
  • The victim browser may begin to redirect the user to locations and such redirecting could be unauthorized, a little annoying or downright intrusive.

Portalne.ws “Virus”?

Portalne.ws should not be classified as a virus. So far, no records of malicious activities caused by Portalne.ws or its family members have been made by cyber security specialists. Hijackers are not a type of malware. Their activities do NOT resemble the typical virus-based ones. An infection with a browser hijacker NEVER leads to the encryption of data (Ransomware), crashing of the whole system, corruption and/or destruction of data (Trojans). You cannot expect things like identity theft, unauthorized usage of private banking details or social media credentials as a result of the contamination with Portalne.ws.

How could a hijacker be caught?

There are actually many different sources of ad-producing programs like hijackers and Adware. They could be spread via spam emails. Other means of distribution could be torrents and shareware. The most common way of catching such an irritating program, though, appears to be the wrong way of installing a downloaded program bundle. Bundles are sets of apps, games and ad-generating programs, which are typically distributed for free on various file sharing websites. When such a group of programs is downloaded as a single package, very few users know how to install only separate pieces of the software in it. Most of the infections only happen because the entire content of the bundle is carelessly installed by using the wrong feature of the setup wizard. The ones that are considered NOT safe could be named Quick / Default / Typical / Easy / Automatic. They are very likely to incorporate the entire bundle into your system, so you should avoid them. Stick to the safe ones, which will disclose the contents of a given bundle and will allow you to opt out of installing those, which you don’t want. This feature will usually be called either Custom or Advanced.

Are such advertising programs legitimate?

In fact, all of the redirecting, browser setting alterations and ads that you may experience as a result of the contamination with Portalne.ws are legal means of promoting a web page, a search engine, a browser homepage, a service or other product. They might seem a little intrusive to you, but marketing often is. There is nothing wrong with these typical features, only you might find them disturbing. That’s why browser hijackers have been classified by some experts as potentially unwanted software. The main reason is that they may seriously get on the nerves of the affected users.

Is it possible to avoid Portalne.ws and its group members?

Luckily, prevention could help you against all kinds of ad-displaying software like Portalne.ws and most of the Adware versions as well. What you need to do is to be consistent in your actions. Firstly, master the way of installing programs mentioned in the paragraphs above. This could save you even from getting infected with malware. Then, your next action would be the installation of a powerful anti-virus program, which should be able to warn you about potentially dangerous webpages, malware threats, dangerous torrents and other possible sources of hijackers. A nice pop-up blocker could also be helpful in preventing page-hosted ads from being displayed. What else you can do is simply apply all the recommended updates to your entire OS and fix even the smallest problems immediately. Don’t leave your computer vulnerable. Protect it and it will serve you well.

Our guide on how to remove Portalne.ws

If you have somehow gotten infected with a hijacker, our removal guide will assist you in uninstalling the irritating program. Ensure that all the instructions are carefully read before proceeding with their implementation. Break a leg and free your PC from Portalne.ws!


Name Portalne.ws
Type Browser Hijacker
Danger Level Medium (nowhere near threats like Ransomware, but still a security risk)
Symptoms Modifying of all the browsers – causing redirection to unfamiliar domains, setting new search engines, producing big streams of ads.
Distribution Method Portalne.ws might come from fake ads, torrents, freeware, shareware, adware programs, bundles or infected websites.
Detection Tool

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you’ll need to purchase the full version.
More information about SpyHunter and steps to uninstall.


Portalne.ws “Virus” Removal (Firefox/Chrome)


Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).


To remove parasite on your own, you may have to meddle with system files and registries. If you were to do this, you need to be extremely careful, because you may damage your system.

If you want to avoid the risk, we recommend downloading SpyHunter
a professional malware removal tool.

More information on SpyHunter, steps to uninstallEULAThreat Assessment Criteria, and Privacy Policy.

Reveal All Hidden Files and Folders.

  • Do not skip this  – Portalne.ws may have hidden some of its files.

Hold together the Start Key and R. Type appwiz.cpl –> OK.


You are now in the Control Panel. Look for suspicious entries. Uninstall it/them.

Type msconfig in the search field and hit enter. A window will pop-up:


Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.


Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.

Open the start menu and search for Network Connections (On Windows 10 you just write it after clicking the Windows button), press enter.

  1. Right-click on the Network Adapter you are using —> Properties —> Internet Protocol Version 4 (ICP/IP), click  Properties.
  2. The DNS line should be set to Obtain DNS server automatically. If it is not, set it yourself.
  3. Click on Advanced —> the DNS tab. Remove everything here (if there is something) —> OK.



Right click on the browser’s shortcut —> Properties.

NOTE: We are showing Google Chrome, but you can do this for Firefox and IE (or Edge).


Properties —–> Shortcut. In Target, remove everything after .exe.

ie9-10_512x512  Remove Portalne.ws from Internet Explorer:

Open IE, click  IE GEAR —–> Manage Add-ons.

pic 3

Find the threat —> Disable. Go to IE GEAR —–> Internet Options —> change the URL to whatever you use (if hijacked) —> Apply.

firefox-512 Remove Portalne.ws from Firefox:

Open Firefoxclick  mozilla menu  ——-> Add-ons —-> Extensions.

pic 6

Find the adware/malware —> Remove.
chrome-logo-transparent-backgroundRemove Portalne.ws from Chrome:

Close Chrome. Navigate to:

 C:/Users/!!!!USER NAME!!!!/AppData/Local/Google/Chrome/User Data. There is a Folder called “Default” inside:

Rename the Folder to Backup Default

Rename it to Backup Default. Restart Chrome.

  • At this point the threat is gone from Chrome, but complete the entire guide or it may reappear on a system reboot.


Press CTRL + SHIFT + ESC simultaneously. Go to the Processes Tab. Try to determine which ones are dangerous. Google them or ask us in the comments.


We get asked this a lot, so we are putting it here: Removing parasite manually may take hours and damage your system in the process. We recommend downloading SpyHunter to see if it can detect parasite files for you.

Right click on each of the problematic processes separately and select Open File LocationEnd the process after you open the folder, then delete the directories you were sent to.



Type Regedit in the windows search field and press Enter.

Inside, press CTRL and F together and type the threat’s Name. Right click and delete any entries you find with a similar name. If they don’t show this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

Remember to leave us a comment if you run into any trouble!

Leave a Comment