Pop-ups about "JS:Redirector-BXI [Trj]"on opening a new page in Firefox / Chrome

[essexboy]

You can reset the router easily enough..  On the back of the router will be a small hole marked reset.. Using a biro push in the small switch, you should hear a click.  The router is now reset.

There is nothing showing on your system

What is MS lynx ? as it is something I have not come across before

[REDACTED]

Sorry..I was referring to Microsoft Edge....I think it got installed by default when I upgraded Windows...

[essexboy]

Ah OK edge, a nightmare of a browser

Did the router reset work ?

Re-install Firefox and see if the redicts/alerts are still there

[REDACTED]

I reset the router ..Took me some time to understand how to do it because on resetting , the SSID and other properties went to default and had to set up the network all over again  . I am using an old TPLINK Router.
Not sure if the problem has gone away . I will try for a day and will update you tomorrow.
Is there any script etc you would like me to run. Any advice on how to protect the router maybe

Regards
N

[essexboy]

The main protection is to give the router a strong password as it was probably set to default

[REDACTED]

Hello
 I reset the router - also changed the password as recommended earlier . I dont remember if the password was the default one on the old setup. However the problem still exists .

 I ran
a) SuperAntiSpyware
b) Zoek
c) FRST64
d) AdwCleaner   ( dont remember the order I ran it though )

Then I installed Chrome coz I am not too familiar with Edge.

See FRST.log attached . I get the redirects on Chrome also ..Guessing the problem exists on my computer and not the router . Also running out of ideas .

EDIT : See Zoek Results attached. One possible issue I see is that it still detects Firefo plugins where by I have uninstalled Firefox . Could this be a potential issue .

[essexboy]

Firefox remains in the registry even after it is uninstalled

I cannot see where this is originating and it occurs every time you open Chrome

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKU\S-1-5-21-2946733716-4213665846-2416547646-1001\...\MountPoints2: F - "F:\AutoRun.exe"
HKU\S-1-5-21-2946733716-4213665846-2416547646-1001\...\MountPoints2: {08bbecdf-0964-11e5-8266-d07e3593bb96} - "F:\setup_vmb_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-2946733716-4213665846-2416547646-1001\...\MountPoints2: {290a5e41-04dd-11e5-8265-d07e3593bb96} - "F:\AutoRun.exe"
HKU\S-1-5-21-2946733716-4213665846-2416547646-1001\...\MountPoints2: {cff3687f-1541-11e5-826a-d07e3593bb96} - "F:\AutoRun.exe"
AppInit_DLLs: C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC64~1.DLL => No File
AppInit_DLLs:  C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-27] (Amazon Inc.)
2015-09-28 17:16 - 2015-08-03 10:37 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
Reg: reg delete "HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-3016000360-1041427054-1883944200-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" /f
Reg: reg add "HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" /f
Reg: reg add "HKEY_USERS\S-1-5-21-3016000360-1041427054-1883944200-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" /f
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

[REDACTED]

Thanks for all the help. Plz see log file. Issue remains unfortunately ....
Its a tradeadexchange redirect ....Just noticed that I may have not mentioned the popup that is opening ..

[essexboy]

Hmm where is this hiding .. Lets check the registry first

Start FRST and in the search box copy/type the following

tradeadexchange

Then press search registry

Attach the search log generated

[REDACTED]

I had run SystemLook a few times earlier . It could not find anything in the files or registry for tradeadexchange.

I ran FRST based on your advice - It  did not find anything. See log attached.