Your computer is infected with malicious software? Do you have pop-ups on your PC?
If so, search this blog for removal instructions or browse computer threats by category.

Sunday, November 23, 2014

Remove pop-up on startup and redirect to (Virus Removal Guide)

Tell your friends: pop-ups are not only intrusive and annoying but also indicate that your computer is infected by malware. Of course, it's not the most sophisticated malware out there and won't steal your passwords, encrypt or delete files. I've got it from Far Cry download. Yours might be different but despite the source the infection is actually the same. It modifies Windows registry so that once your computer boots a CMD window shows up for a second and opens your web browser. The first think you will see is but it works like a redirect website to for instance. Or you may be redirected to other websites.

The whole Windows registry modification looks like this:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run then it should be "CMD" running cmd.exe /c start & & exit.

The good news is that it's not so difficult to remove and pop-ups. You just need to download and use this very useful tool called Autoruns from Microsoft website. Please follow the steps in the removal guide below.

But there's one thing you should know about this infection: it comes bundled with adware and potentially unwanted programs (PUPs). In other words, if you're getting and pop-ups on startup then your computer is probably infected by other malware as well, most likely PUPs. Let's get the first thing straight, we're not talking about man's best friend here – in fact we're talking about something that is closely related to one of man's worst enemies! The PUPs we're going to take a look at today are not our furry four legged friends, they are Potentially Unwanted Programs: a different beast entirely.

Potentially Unwanted Programs install themselves on your computer without clearly telling you that this is their intention. PUPs can be tool bars, home pages, web browsers and search engines and although that doesn't sound dangerous – in fact it sounds quite the opposite – in actual fact PUPs are incredibly annoying thanks to their nasty little habit of redirecting all of your web searches to completely different websites instead of the one you were attempting to visit. is a good example, isn't it? Not only that but they can also make your computer more vulnerable to online attacks from malicious software.

More often than not a PUP will be bundled or packaged with another item of software. And it doesn't matter whether this is a well known program or not, as Potentially Unwanted Programs attach themselves to software and applications of varying degrees of legitimacy. That means you could fall victim to a PUP because you downloaded a hit movie, some adult X rated content, new desktop wallpaper or even the widely used, and very reputable, program Skype. Some companies or people who offer downloads are completely aware that a PUP is packaged with their product; however others are none the wiser. As I said before I got this pop-up after downloading Far Cry.

But it's not all doom and gloom for it is often possible to spot a Potentially Unwanted Program before it gets installed on your computer. The trick is to properly read the End User License Agreement when you're downloading something. Oftentimes PUPs that display and pop-ups are mentioned in these (one reason that the developers of PUPs can claim they are not true malware). Malware and PUP creators know that most of us skim through License Agreements and they play on this. You need to watch out though because even when an 'added extra' is referenced the wording can be rather ambiguous or deliberately confusing. You may also come across sneaky little tricks such as awkward wording and check boxes that have already been checked in advance.

The other annoying thing is that if you do end up with a Potentially Unwanted Program on your machine, either through lack of your own diligence or due to a developer's tricky wording, the software developer will know that you've assumed your anti-virus wasn't doing its job properly. However, ask them about this and they'll just tell you that you should have read the License Agreement properly – and really, it's hard to argue with that logic!

Therefore to summarize, when you're downloading something - anything - from the Internet it really is worth your while to take just a moment or two longer and read the small print. That extra minute could save you a whole world of irritation and pain!

To stop and from popping up on your computer, you can use Autoruns for Windows or open up Windows registry editor, search for and delete all entries you find. You can also remove this error message by removing the start-up entry in the Windows Task Scheduler. I recommend using Autoruns. Once the problem is fixed, scan your computer with anti-malware software. Why? Because very often this adware comes bundled with PUPs and even spyware. There might be malware on your computer that you didn't notice yet. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, pop-up removal guide:

1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.

2. Download Autoruns for Windows and save it to your Desktop.

3. Launch autoruns.exe program (Vista/Windows 7/8 users right-click and select Run As Administrator).

4. In the top menu, click Options > Filter Options.

5. Uncheck Hide Microsft entries and click Rescan.

6. Open Longon tab. Find HKCU\Software\Microsoft\Windows\CurrentVersion\Run in the list. Then right-click CMD and select Delete.

7. Close Autoruns and reboot your computer when done.

8. Scan your computer with anti-malware software.


Anonymous said...

Thanks it helped me

Anonymous said...

thanks it helped me to remove this malware

Anonymous said...

Thank you very much, and helped me

Anonymous said...

Thanks, very useful guide :)

Anonymous said...

Thanks a million time ! After suffering for 7 days straight I was finally about to give up all hope until I found this. Thanks agin !

Anonymous said...

You are my hero.

Anonymous said...

Thanks thanks thanks thanks.......

Anonymous said...

It did not work.
CMD popped up after reboot also, and cmd came back again in Autoruns.

Anonymous said...

I love you man :D

Anonymous said...

Thanks. It worked just fine. followed the instructions to the letter and autoruns works well and is easy to use.

Syn said...

I've been looking all over the web and this is the first site that actually made the CMD/autostart of that damn website disappear. Thanks a lot!

Anonymous said...

Thank you so much, this helped me with multiple problems!