Browser Redirect

Remove Pop-up “Virus” (Chrome/FF/IE)

How irritating is this problem? (8 votes, average: 5.00)

This page aims to help you remove Pop-up. Our removal instructions work for Chrome, Firefox and Internet Explorer, as well as every version of Windows.

Are you looking for effective instructions on how to remove and its annoying ads, pop-ups and page-redirects as well as its custom search engine and homepage from your favorite browser? Then, this is the page where you need to be. Here, we have published a detailed Removal Guide with screenshots and easy-to-follow instructions which will help you uninstall and delete all the related ad-generating scripts and changes which have recently been imposed to your Chrome, Firefox or Explorer browsers. And this is not everything. In the next lines, we will explain how this application has probably gotten installed on your computer and what the eventual risks if you keep it on the system might be. We recommend that you pay close attention to the information that follows because you will be dealing with a stubborn Browser hijacker. That’s why, in order to handle it, you need to understand its nature and the way it works.

What are the symptoms of a Browser hijacker?

It is really easy to spot a Browser hijacker on your system because this type of software usually doesn’t hide its presence like a virus and imposes some visible changes to your default browser. For instance, an application like may change the settings of your homepage or search engine, install some new toolbar or launch an automatic page-redirect service without your approval. As a result, you may be forced to deal with various sponsored ads, pop-ups, blinking boxes, banners and links every time you open your browser. Typically, most of the generated commercials may indicate as their source with the help of a small text stating something like “Ads delivered by” or “Powered by”. This is how you would know that you are dealing with an ad-generating software and that the ads aren’t actually coming from any of the sites that you’re visiting.

Remove Pop-up

If you have a Windows virus, continue with the guide below.

If you have a Mac virus, please use our How to remove Ads on Mac guide.

If you have an Android virus, please use our Android Malware Removal guide.

If you have an iPhone virus, please use our iPhone Virus Removal guide


Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).



Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab (the “Details” Tab on Win 8 and 10). Try to determine which processes are dangerous. 


Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Drag and Drop Files Here to Scan
Maximum file size: 128MB.

This scanner is free and will always remain free for our website's users. You can find its full-page version at:

Scan Results

Virus Scanner Result

After you open their folder, end the processes that are infected, then delete their folders. 

Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections. 


Hold together the Start Key and R. Type appwiz.cpl –> OK.


You are now in the Control Panel. Look for suspicious entries. Uninstall it/them.

Type msconfig in the search field and hit enter. A window will pop-up:


Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.


Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.

Open the start menu and search for Network Connections (On Windows 10 you just write it after clicking the Windows button), press enter.

  1. Right-click on the Network Adapter you are using —> Properties —> Internet Protocol Version 4 (ICP/IP), click  Properties.
  2. The DNS line should be set to Obtain DNS server automatically. If it is not, set it yourself.
  3. Click on Advanced —> the DNS tab. Remove everything here (if there is something) —> OK.



  • After you complete this step, the threat will be gone from your browsers. Finish the next step as well or it may reappear on a system reboot.

Right click on the browser’s shortcut —> Properties.

NOTE: We are showing Google Chrome, but you can do this for Firefox and IE (or Edge).


Properties —–> Shortcut. In Target, remove everything after .exe.

ie9-10_512x512  Remove from Internet Explorer:

Open IE, click  IE GEAR —–> Manage Add-ons.

pic 3

Find the threat —> Disable. Go to IE GEAR —–> Internet Options —> change the URL to whatever you use (if hijacked) —> Apply.

firefox-512 Remove from Firefox:

Open Firefoxclick  mozilla menu  ——-> Add-ons —-> Extensions.

pic 6

Find the adware/malware —> Remove.
chrome-logo-transparent-backgroundRemove from Chrome:

Close Chrome. Navigate to:

 C:/Users/!!!!USER NAME!!!!/AppData/Local/Google/Chrome/User Data. There is a Folder called “Default” inside:

Rename the Folder to Backup Default

Rename it to Backup Default. Restart Chrome.


Type Regedit in the windows search field and press Enter.

Inside, press CTRL and F together and type the threat’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

How can come to your PC without you noticing anything?

Most browser hijackers find their way to the computers when the users download some free software installers and install bundles or automatic setups from the web or open spam messages and follow advertising links. Similarly, may also be found inside such transmitters but the information about it may be found only in the Advanced/Manual/Custom installation options or inside the EULA. If the users fail to acquaint themselves with the details of a given installer, ignore the presence of the bundled components and do not manually customize the setup configuration, the hijacker will most probably become part of their system by default.

Why is it a good idea to uninstall from your system?

In most of the cases, the unwanted homepage or search engine changes in a combination with the unstoppable flow of ads and page-redirects is enough to drive the users crazy and make them wish to uninstall the Browser hijacker once and for all. They usually create browsing disturbances and prevent them from surfing the web normally which explains why a lot of the people deem this software as potentially unwanted.

However, there are a few more things which may add up to the disturbance. For instance, some of the users report that tends to redirect them to pages and links that they have never intended to visit. Others complain that their search results are not relevant to their search queries and instead of the information they are looking for, the hijacker is presenting them with some sponsored ads, new tabs and pop-ups with commercial content. Generally, this is nothing more than an aggressive online advertising activity but the risk of bumping into unsafe or misleading links and virus transmitters should not be overlooked. That’s why, people who want to stay on the safer side and avoid a possible encounter with threats such as Trojans, Ransomware or other infections are generally advised to not click on the content that the Browser hijacker generates.

Still, we need to make an important clarification here. Getting infected with malware is not the primary goal of most ad-generating applications. Their main goal is to advertise and to promote Pay-Per-Click ads and sponsored websites. Therefore, you should not consider it equal to a virus. Even if it may disturb your web surfing with nagging and hard-to-remove pop-ups or unwanted browser changes, cannot corrupt your PC and hack your system like a Trojan or encrypt your files like Ransomware. In fact, if you decide to uninstall it, you can do so without any major risk for your computer. If removed correctly, will hardly leave any negative consequences. For best results, however, we suggest you carefully follow the instructions in the Removal Guide or use the professional removal tool and get rid of the ad-generating and page-redirecting software once and for all.


Type Browser Hijacker
Danger Level Medium (nowhere near threats like Ransomware, but still a security risk)
Symptoms  Intrusive page-redirects, ads and hard to remove pop-ups may disturb your normal web activity. 
Distribution Method Ads, spam messages, ad-supported sites, program bundles, automatic installation managers, torrents, shareware sites. 
Detection Tool

If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!

Leave a Comment