Site icon MySpyBot

Remove pop-up virus in Chrome, Firefox, IE, Safari

Remove pop-up virus
Find out what dubious scheme the operators of the website have up their sleeve and how to stop its browser redirect and pop-up chicanery.
  1. What is
  2. Automated removal of virus
  3. redirect removal for Android
  4. Restore web browser settings to their original defaults

What is

As manifold as it is, today’s cybercrime is largely a mix of several impactful exploitation vectors. Ransomware, info-stealing Trojans, and social engineering frauds, such as classic phishing and business email compromise (BEC), account for the bulk of the global attack pressure in financial terms. But there is one more tactic that doesn’t get as much attention from the mass media and security researchers but makes an incredibly large number of users frown. It circles around adware, a type of pesky code that focuses on disrupting the web browsing side of its victims’ computing experience. Redirect activity is an extremely widespread spin-off of this dirty play. The unwanted program that forces hits to page typifies its very peculiar variant due to the abuse of a legitimate service called web push notifications. mimics human verification to gain excess permissions

When hit by this baddie, a computer or mobile device undergoes a series of adverse tweaks at the level of web browsers installed on it. This unwelcome influence manifests itself through re-occurring redirects to, followed by a long alphanumeric string. In some cases, the URL is prepended with a random letter and a period, for instance, The concatenated part is an identifier of a sketchy advertising campaign, while the goal of the variable prefixes is to keep the spammy business up and running if antiviruses and web browsers blacklist some of those domain versions. For example, a once very active offshoot of this particular lineage called has recently become inaccessible. Another clone,, is still on track but is being detected by several security apps. Several similar sites that are currently giving users a hard time are,, and As a rule, these are all short-lived domains that are superseded by analogues at a quick rate.

Threat details:
Name pop-up / redirect virus
Threat Category Pop-up ads, web push notifications, browser hijacker
Domains involved,,,,,, etc.
Symptoms Unwanted pop-up ads, browser redirects, fraudulent permission requests, browser slowdown
Distribution techniques Ads on social networks, malicious app bundles, search engine poisoning, hacked websites
Severity Medium
Damage Intrusive ads, unauthorized changes of browsing preferences, Internet activity tracking
Removal Scan your PC with Combo Cleaner for Windows to detect all files related to pop-up virus. Free scan determines if your system is infected. To get rid of the threat, you need to purchase the full version of the anti-malware tool.

Nearly every element of the landing page pushes the victim to opt for receiving tons of follow-up ads. First off, it’s titled “Click Allow”. This phrase is referring to a button on a pop-up dialog that appears at the top left of the browser window and says, “ wants to show notifications”. A big giveaway is that the central section of the site associates the “Allow” button with human verification, emphasizing that it’s a way to “confirm that you are not a robot”. Despite the subtle inconsistency, the whole idea is straightforward. It boils down to fooling the user into permitting this dubious service to display notifications. What are those notifications? The short answer is, ads.

If the user gets on the hook and expresses their consent to the offering, push notifications will be literally invading the computer’s desktop or the smartphone’s home screen. In addition to serving garden-variety commercial content, they may include links that lead to online scams or malware downloads. It doesn’t even matter if the web browser is running or not – the adverts will keep appearing in either scenario.

Interstitial page involved in the content delivery scheme

There is a reverse side of this matter: some users are vigilant enough to avoid the trap at the early stage of this manipulation and never actually click that “Allow” button. This approach keeps those push ads from appearing, but with the caveat that will trigger an automatic rerouting process after a predefined period of inactivity. As a result, the victim will be visiting garbage sites like (see screenshot above) that, in turn, resolve advertising pages aligned with the person’s geographic location.

An important thing many users don’t realize is that this is an adware problem. The whirl of rerouting starts with an installation of a booby-trapped app. This is usually a bundle of several programs in which some harmless freeware serves as a red herring that hides the presence of an aggressive browser hijacker in plain sight. As soon as the pest is in, it skews the default web surfing settings so that takes over the victim’s online routine. That being said, simply ignoring the permission requests to show notifications is half the battle. The fix is only effective as long as the underlying malicious app is removed from the host system. This is what the remaining part of this article is about.

Use Combo Cleaner for Windows to remove pop-up virus

When faced with malware like, one of the best shortcuts in terms of removal is to use Combo Cleaner, a lightweight and incredibly effective application with PC security and optimization features under the hood. It detects and thoroughly deletes threats while giving you insights into the overall health of your computer.

This program’s protection power spans modules that forestall all known types of malware, including ransomware and browser hijackers, and take your online security to the next level by blocking phishing sites and other suspicious web pages. Follow these simple steps to eliminate the infection for good:

1. Download Combo Cleaner installer.

Download pop-up virus remover

Combo Cleaner scans your PC with no strings attached, but you’ll have to buy its fully functional version to remove the threats it detects. The disk optimization tools that find large files and duplicates are free to use.

2. Open the CCSetup.exe file to get started. Several subsequent screens will allow you to make initial customizations so that the program works exactly as you need from the get-go.

3. The installation will be followed by an update of malware signatures. Once this process is through, click the Start Scan button in the left-hand sidebar.

4. Combo Cleaner will then check system locations that are most often polluted by Windows malware. The first scan can take a while to finish.

5. Combo Cleaner will display a system tray notification as soon as the scan is over. Click the Resolve found threats button to view the results.

6. The scan summary shows the names and types of the detected threats as well as their statuses and locations. Click the Remove all threats button and follow further on-screen prompts to get rid of these items.

Use Control Panel to get rid of virus

• Open up the Control Panel from your Start menu in Windows. Depending on the OS build, select Uninstall a program (Windows 10, 7 and Vista) or Add or Remove Programs (Windows 8).

• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find an unfamiliar, suspicious entry under the Name column, click Uninstall and follow further directions to get the removal done. redirect removal for Android

Here’s a walkthrough to sort out the pop-up virus issue on an Android device, which might also be a target in this malvertising campaign. Keep in mind, though, that uninstall attempts in regular mode may be futile due to the mechanics of this persistent infection. Therefore, you need to perform the procedure in safe mode. Go ahead and do the following:

• Press and hold the Power button. Then, tap and hold the Power off option on the screen. Doing so will boot your device into safe mode.

• Android will ask you to confirm that you’d like to enter safe mode. Tap OK on the dialog.

• You will now see the Safe mode inscription at the bottom left of your screen. Go to Settings and choose Apps.

• Scroll down the list of applications, focusing on the ones that were installed recently. Find or another sketchy entry with a different name that could as well be the culprit.

• Select the misbehaving app and tap Uninstall.

• Confirm removal on the relevant dialog box and reboot your device. By default, Android will get you back into regular mode. You should now be good to go – the pop-up virus won’t be triggering any redirects or irritating popups anymore.

Restore web browser settings to their original defaults

In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by the pop-up virus.

Reset Google Chrome

• Open Chrome, expand the Customize and control Google Chrome menu and choose Settings.

• Click Advanced in the sidebar, scroll down to Reset and clean up, and select this option.

• Click Restore settings to their original defaults.

• Finally, confirm the restoration by clicking Reset settings on the warning message.

• Restart Chrome.

Reset Mozilla Firefox

• Open Firefox, type about:support in the URL area and press Enter. Alternatively, you can click on the Open menu icon in the top right-hand part of the browser window, then select the Help option and proceed to Troubleshooting Information.

• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it.

• Follow subsequent directions to reset Firefox to its original settings.

• Restart the browser.

Reset Internet Explorer

• Select Internet options under IE’s Tools (Alt+X).

• Proceed by clicking on Advanced tab, then select Reset.

• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled.

• Reboot the machine to fully implement the fix.

Reset Safari

• Go to the Safari menu and select Preferences.

• When on the Preferences screen, select the Privacy tab and hit the Manage Website Data button.

• Click the Remove All button to purge all website data. Be advised this will log you out of online services and undo personalized web browser settings such as saved passwords, etc. If you aren’t okay with this, proceed to the next step.

• Safari also allows deleting data for specific sites rather than all sites in general. To use this option, select the unwanted site in the ‘Manage Website Data’ list and click Remove. Then, click Done.

• Click the Develop menu in the Finder bar and select Empty Caches.

• Finally, expand the History menu from the Finder bar and click Clear History.

• Make sure all history is selected on the dialog that will appear and click Clear History to get rid of cookies and other potentially unwanted data.

• Restart Safari.

Revise your security status

Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.

Download pop-up virus removal tool

Rate article

No rating result yet
Exit mobile version