# How to remove adwares, pop-ups or ads from browsers?



## dashing.sujay (Jul 26, 2015)

*Adwares / Malwares / Browser Hijackers/ PUPs Removal guide​*
These days, adwares are everywhere. Right from softwares you install, to links you click, to pages you visit and what not.

Apart from nasty adwares, which will irritate you to the core, PUPs (Potentially Unwanted Programs) and Browser Hijackers are also very common these days. The very basic reason behind all this is pure marketing.

So first of all, how to identify if you're infected with any of these ?


Unwanted browser add ons which might even not go away
Clicking on a link leads to elsewhere or maybe clicking just on an empty space in a browser leads you to a predefined target

Adwares might show up like these:





Spoiler



*i.imgur.com/PaOPWFp.jpg






Spoiler



*i.imgur.com/nCfshqe.jpg





They can be hugely annoying and irritating, so let's get started with how can you get your calm back:

*Solution:*



Check your computer for any unwanted program installed

You can check this list for reference: 



Spoiler



Bad programs to remove from Add/Remove Programs:

180searchAssistant
2020Search
360Share (P2P program; all kinds of junk comes in on these)
404Search
411Ferret Toolbar
7FaSSt Search
ABCSearch
Active Alert
ActualNames
Advanced Search
AdvSearch
Alexa
AllAdvantage Viewbar
AltPayments
AM Server
Appswebservice.com search assistant
AUREAL
autoSearch
AXDownload
B3d Projector
BackWeb
Bargain Buddy
BearShare (P2P program)
BetterInternet
Big Fish Games toolbar (causes TrueFindPage hijack)
Bonzi Buddy
Brows er Enhancer, Browser Enhance r, and other variations.
BrowserAid
BrowserPal
BullsEye Network
CashToolbar
CashBack by BargainBuddy
Chinese keywords
Click2FindNow
ClickTheButton
ClientMan
ClockSync
CnsMin
Comet Cursor
Command (this one you'll probably have to download their removal tool)
CommonName
Cpr
CtxPls
CuteFTP
Cydoor
DailyToolbar
Dashbar
Date Manager
Delfin
Download Receiver
DownloadWare
E2Give Browser Add On
E2give Plug-in
eAcceleration
eAnthology
EasySearchBar
ErrorGuard
eWallet
eXact Search Bar
ezcybersearch
ezSearchBar
Ezula
F1
FirstLook
FlashTrack Uninstall
flt
Free Scratch Cards
FreeScratchAndWin
Friend Greetings
FT remove
FTApp
Fun Web Products Easy Installer
GAIN
Gator or Gator eWallet
Go
GO Network Express Search
GogoTools version (some number)
Grokster
Home Search Assistant (For instructions to remove click here)
HotBar
Httper
HuntBar
Hyperlinker
IconForge
IE Search Toolbar Plugin
IE Toolbar
IEDriver
iLookup
iMesh (P2P program; all kinds of junk comes in on these)
InetDoor
Insterstitial ad delivery by n-Case
Internet 404
Internet Optimizer
Internet Tools
Internet Washer Pro
IPInsight (not same as IP Insight which is valid)
Ipinsigt
ISTbar
ISTsvc or ISTBar
iWon EZ Setup
iWon Plus
Kazaa
KeenValue
KeywordPlugin
L O.P. Un instal1, L.O P. Un insta1, and other variations.
Live 0n line Portal, Live.0nli ne Porta1, and other variations.
Lycos Sidesearch
Main class
MarketScore
masterbarHallmedia.net
mc
Media Gateway
Media Motor
Medialoads
MediaLoads Enhanced
Media Pipe
MegaSearch toolbar
MemoryMeter
Midaddle
Mirar, Mirar Toolbar, etc.
MoreResults
MS AUpdate
MS AUpdate
MS T-Media Display
MS Updates
MS Updates
mscman
MSIETS
My Search Bar
My Web Search
My Web Search Bar
MyFunCards
MySearch
MyWay
MyWeb
MyWebSearch
MyDailyHoroscope
MyWay Speed Bar
Napster
NavHelper
NaviSearch
Neo Technology Search Engine
Network Monitor
NetworkEssentials
New.net Domains (some number)
New.net.
NewtonKnows
NoAdware
NowBox
OnFlow
Onflow
OpenSite
Orbit
Outlook Tools by Hotbar
P2Pnetworks
PAD lookups by n-Case
POP
PowerStrip
Precision Time
Premium Search Start Page
Preview AdService
Pure Networks Port Magic
qidion - toolbar
qsuvzeonfw
Quicklinks
QuickSearch Toolbar
RapidBlaster
rb32 lptt01
Recommended Hotfix - 421701D
Related Page
RVP
RX Bar
Save
SaveNow
SBFullInst Control
Search 2020
Search Assistant Utility
Search Assistant Uninstall
Search Extender (For instructions to remove click here)
Search Toolbar
SearchBus
Searchit - toolbar
SearchSquire
Seekmo Search Assistant
Select Cashback
ShopAtHomeSelect Agent
Shopper Reports
Shopping Community
Sibelius Scorch
Sidefind
Shopping Wizard (For instructions to remove click here)
SmileyCentral
SnackMan
SongSpy
SpecialOffers!
Spedia
SpeedBlaster
StatBlaster
Static Wallpaper
Stop-Sign
supaseek
supaseek - Toolbar
SuperBar IE Plugin
Surf Accuracy
Surf+
Surfairy
SysAI
The ABI Network - A Division of Direct Revenue
The Best Offers
The BullsEye Network
TinyBar
Toolbar - My toolbar
Tools for Internet Explorer
TopText
TopText iLookup
Trellix Web Express, Trellix Web
TrueFindPage
TSA
TurboDownload
TV Media
TV Media Display
UCmore - The Search Accelerator
Ultimate Browse r Enhancer, Ultimate Browser En hancer, and other variations.
Uninstall 180Search Assistant
Uninstall Seekmo
Viewpoint Media Manager, Viewpoint Media Player, Viewpoint Manager, Viewpoint, etc.
WAST
Weatherbug (see article here)
Web Search Toolbar
Web Search Tools
Web Tools by Hotbar
Web Toolbar
WebEnh
WebHancer
Webhancer Customer Companion
WebInstall
WebOffer
WebRebates (by TopRebates.com)
WebUpdate
WebSearch Toolbar
whazit tools
WhenU Search
WildMedia
Win-Tools Easy Installer
WinAntivirus
Winfixer, WinFixer 2005, etc. (This is a really bad one.)
win32
Window Active
WinSrv Reg
Win-Tools Easy Installer
wintrim
XDiver
XXXToolbar
Your Sidebar
Your Sitebar
YuupSearch Toolbar
Zango
Zipclix
zSearch
ZZ

Taken from - List of Unwanted Programs in Add / Remove Programs



This is not complete list so you might have a PUP out of this list, and chances are very high of that case. If you are unsure about any listing, Google it or post here.

*IMPORTANT:* Please use third party uninstallers to remove any such unwanted program.

You may use any of the following:

Revo Portable - Best of the lot but slowest. Good to remove minutest trace present.
IOBit Uninstaller - Batch uninstallation in free version is the only plus if compared to others, otherwise good enough.
Geek Uninstaller - Fastest of the lot, and very handy keyboard shortcuts but sometimes, it misses out on some traces, but only sometimes.


Reset your browsers and check for any unwanted or unknown addons. Make sure your remove all the suspicious addons; some of them might not get removed, but don't worry about that, we'll deal with them later.

IE - *Run* -> *inetcpl.cpl* -> *Restore advanced settings* -> *Reset*
Chrome - *Settings* -> *Show advanced settings* -> *Reset*
Firefox - *Help* -> *Troubleshooting Information* -> *Refresh Firefox*. Alternatively, hold down *shift* key, and double click FF shortcut icon, that'll give you option to refresh FF.


Fire up CCleaner, yes, you heard it right.

Clean up the junk and reg entries using it. *Note:* It's never recommended to blindly delete the _%temp%_ folder directly as they might contain some useful files used in background by some program.
Go to *Tools*, now remove all the suspicious entries in *Windows*, _Browsers_ (it basically shows add ons from the browsers, and some of the addons which do not show up in respective browsers, are shown here) and *Scheduled Tasks*. Scheduled tasks are most used by PUPs to keep running in background as one never checks them apart from normal windows start up. 95% of the items in scheduled tasks are usually not required.
Check start up services in _msconfig_. Make sure you hide all Microsoft services, then do any experiment.
Check Task Manager for any suspicious process running. Make sure you check file location of the process to be double sure about the authenticity of the process, and the effects of ending it.


Basic problems are fixed till this step, but 95% problems are not basic, because the way PUPs/adwares are deployed, they always leave a trace, thus the requirement of running some advanced tools. One important thing to note is that you must run tools in the order I'm mentioning because of the multiple reasons, viz, effectiveness and risk/side-effects.

*AdwCleaner* - The most powerful tool in the sense being so small in size but being most effective, relatively. Running this tools should clean most if not all the items. A reboot is mandatory by default.

*JRT* - A CLI tool which is quite effective. However, in most cases, it fails to remove what AdwCleaner can't remove, but in some cases, it does.

*Malwarebytes* - Needs no introduction. It's like _de facto_ tool for malware/adware/PUP removal. Make sure you update it before running. Malwarebytes has a modified version called *Malwarebytes Chameleon*, which basically comes handy when the infection doesn't allow it to run. Chameleon can run faking mbam.exe as _firefox.exe_, _svchost.exe_, _winlogon.exe_, etc. Apart from the primary benefit, Chameleon is a tad better in catching the infections which normal mbam can't, such cases are rare though.

*Hitman Pro* - Using Kaspersky scan engine, it really shines out in what others (the above list) struggle to do till now. Be extra cautious in using Hitman Pro, as sometimes it wipes out the MBR (rare though), thus creating a no boot scenario. So make sure you manually scroll down the scan results.


Your computer should now be free of any kind of adwares if you followed all the above steps barring exceptions, which I'll discuss in the later part of this tutorial.


Some other tools which you may try if everything above fails:


*Rogue Killer* - A very powerful tool. It even removes critical infections (virus/worm/trojan), fixes proxy issue and resets host file.
*YAC* - Nothing over the board, but sometimes, it just works.
*TDSSKiller* - Worth a try, a powerful tool in it's arena.
*Autoruns* - A Microsoft tool, very very powerful. So be very careful while using it. DO NOT mess with any entry you're unsure of. You just have to uncheck all the highlighted items, which actually are missing from the system.
*HijackThis* - Developed by Trend Micro, deploying old school methodology but giving you flexibility to choose your own consequences. It scans through the computer and then it depends upon your retina scanner to filter the suspicious items and remove them. So, careful !


*Important Note:* All the advanced tools are _suggested_ to run in safe mode as sometimes infections escape somehow, which doesn't happen in safe mode.

Some cases and pointers:


In some cases, addon from IE is not removable. All the enable/disable buttons are grayed out and there is nothing you could do. In this case, follow this method - *superuser.com/a/268408
In following locations - Program Files(x86), ProgramData, AppData, look for any gibberish files or folders, and delete them. They'll be most probably malwares/adwares.
In Chrome, I've seen couple of occasions, where a specific add on is not removed and the ad doesn't go away, that's very very rare though. In this case, back up your user data of Chrome, which is anyway synced if you're signed in to your Chrome Google account, and delete AppData folder of Chrome as last resort.
Never ever directly run the tools. First remove the unwanted programs, if any, then only run these tools. I faced a scenario, where I had to apply reverse engineering to remove a single trace left somewhere deep inside the system. I had to install the PUP (and believe me, finding the setup for that PUP was such a pain in the back), then remove it through Revo, and problem was solved.
Sometimes, after removing a unwanted programs, you might face proxy issue. In that case, _Hitman Pro_, _Rogue Killer_ are your best friends. However, there are some other manual methods used for advanced troubleshooting. Also, the proxy issue sometimes doesn't allow you to even download these softwares. So, Firefox is comes to rescue as it's network settings do not follow global settings as governed by _inetcpl_. Still, you if you face any proxy issue which is not resolved, do post here for advanced resolutions.


All of the above step _should_ solve your problem. If not, feel free to share it here.

Now, some pointers as in how can you prevent these nasty pieces of codes to come in to your beloved machine:


Make sure you have a security software (anti-virus) which supports PUP detection. Most anti-viruses do support, so make sure it's enabled. I for one, use ESET; been using for 5 years, and it is pretty good. There's one harsh reality though: no anti-virus program could match the level of those anti-malwares/adwares which are specifically built to remove them. So, having them is good, but not full-proof.
Always keep Malwarebytes as your On Demand Scanner. Scan regularly whenever you feel the need to.
Use good ad blocking extensions in browsers. In Chrome, use uBlock (by gorhill). It is by far the best ad blocker available across all browsers. It also blocks many suspicious redirections, harmful sites, and has quite low memory footprint. The Firefox version is no where near, and provides ad blocking even worse than AdBlock Plus. Still, having one reduces the risk.
Genuine bloats such as flash and all other programs which offer PUPs, toolbars, and other stuff to install, even though can be evaded manually. A program called *Unchecky* claims to do that for you. It automatically unchecks the required check boxes when such a program installation is underway. Power users won't require it, but it's good for people who tend to miss such things.
Last but not least, keep your eyes, open. Your instinct is the best protection mechanism/software you have.

Good Luck !

Regards.


----------



## SaiyanGoku (Jul 27, 2015)

Nice guide 

Gonna try that ublock extension.


----------



## topgear (Jul 27, 2015)

Some tools I can suggest Spybot Search and Destroy and spyware terminator. Also use browser addons like pop up blocker, Adblock, flash blocker [ if you must ], WoT and incognito mode mostly.

BTW, thanks for such an nice guide and need to try out uBlock.


----------



## dashing.sujay (Jul 27, 2015)

Thanks.

uBlock will take care of pop ups and ads, so there should not be any need to install a separate extension.
As for Spybot S&D, I used it way back in 2005-06. It has lost its way in time. I don't think it's as competent as mbam.


----------



## GhorMaanas (Jul 27, 2015)

nice write-up!

i have recently started using ublock origin on firefox (laptop), and using adblock (not 'plus') on opera. shall install ublock for chrome on desktop too. 

agree with Sujay on mbam. more than what he wrote, its regular pop-ups that made me uninstall spybot. 

best way though to avoid getting adwares-malwares is, to remain ever-vigilant and meticulous in what you are downloading and installing, and go through the installation-process slowly, checking each step properly, without rushing into it (stands applicable even for download-manager enabled software-downloads which you get from software-download portals these days).


----------



## isaac12345 (Jul 27, 2015)

Nice list. Would be better if you could add some results too. 

By the way, for anyone who is interested here's a free 6 month Bit-Defender license for 3 PCs - WCCFtech Deals: 6 Months of Bitdefender Total Security 2015 Free


----------



## ariftwister (Jul 27, 2015)

Great Article... Really informative.. TIL about browsers Hijackers. 

PS: You spelled hijack wrong everywhere..


----------



## dashing.sujay (Jul 27, 2015)

isaac12345 said:


> Nice list. Would be better if you could add some results too.



What kind of results do you want ?



ariftwister said:


> Great Article... Really informative.. TIL about browsers Hijackers.
> 
> PS: You spelled hijack wrong everywhere..



I had noticed the second spelling but missed out on title. I read the entire writeup 2 times before posting but still missed out on those 

Thanks for notifying !

PS: Thanks to all !


----------



## isaac12345 (Jul 28, 2015)

The equivalent of what you get for hardware like benchmarks.


----------



## kkn13 (Aug 6, 2015)

very neat guide for a very alarmingly increasing trend in the tech world


----------



## Zangetsu (Aug 6, 2015)

Excellent Guide to remove nasty pop-ups


----------



## Mike aPerez (Aug 29, 2017)

As mentioned earlier, there are a lot of adblockers available. But, you should know which one might be the best for you. I came across these links:

Extension Wars: Adblock Plus vs. NoScript
Adblock vs Adblock Plus. Which is better? - TechWhoop
Slant - Ghostery vs AdBlock detailed comparison as of 2017

They have all the updated comparison as per 2017.


----------



## sohan_92 (Aug 29, 2017)

Mike aPerez said:


> As mentioned earlier, there are a lot of adblockers available. But, you should know which one might be the best for you. I came across these links:
> 
> Extension Wars: Adblock Plus vs. NoScript
> Adblock vs Adblock Plus. Which is better? - TechWhoop
> ...



These are only for Web browsers.


----------



## E|e<tr0|!0n (Sep 13, 2017)

Once you've installed ublock origin, switch on additional web filters that block trackers in its settings, and get yourself the ublock protector extension as well. It will prevent websites from detecting the adblocker on your browser.


----------



## quicky008 (Oct 12, 2017)

can ublock be used in conjunction with adblock plus?


----------



## whitestar_999 (Oct 12, 2017)

It is not recommended to run 2 similar addons like ublock & adblock plus simultaneously though you can try to see if you face any serious issues.


----------



## quicky008 (Oct 13, 2017)

Yes i did notice some slowdowns in my browser's operational speed(firefox)while trying to use both the addons together-however when i disabled ABP and used only ublock things went back to normal.It seems ublock is more effective at blocking annoying adverts and popups than abp-i observed that many popups that are displayed by certain websites (even when abp is running)no longer appeared when ublock was functioning.

And can anyone recommend a reliable second opinion malware scanner (like hitman pro,malwarebytes etc)that is free and can be used with ones primary a/v software?


----------



## whitestar_999 (Oct 13, 2017)

MBAM free should be good enough.It is better though to use a good free regularly updated AV in the first place.There is also virustotal for getting 2nd opinion about a suspicious file.


----------



## billubakra (Oct 22, 2017)

quicky008 said:


> Yes i did notice some slowdowns in my browser's operational speed(firefox)while trying to use both the addons together-however when i disabled ABP and used only ublock things went back to normal.It seems ublock is more effective at blocking annoying adverts and popups than abp-i observed that many popups that are displayed by certain websites (even when abp is running)no longer appeared when ublock was functioning.
> 
> And can anyone recommend a reliable second opinion malware scanner (like hitman pro,malwarebytes etc)that is free and can be used with ones primary a/v software?



In my pc IDK why ABP was not blocking ads anymore. It works fine in my laptop with the same OS, same FF version. I googled and installed ublock and the ads were stopped. I was running them both and didn't really feel that FF is slow. Anyways after reading your post, I have disabled ABP.

@whitestar_999 
Make this thread sticky.


----------



## Desmond (Oct 24, 2017)

billubakra said:


> In my pc IDK why ABP was not blocking ads anymore. It works fine in my laptop with the same OS, same FF version. I googled and installed ublock and the ads were stopped. I was running them both and didn't really feel that FF is slow. Anyways after reading your post, I have disabled ABP.
> 
> @whitestar_999
> Make this thread sticky.


Because ABP is a permissive blocker and it blocks ads from all sites except some. Use Ublock Origin if you want a completely block all ads.


----------



## billubakra (Oct 24, 2017)

Desmond David said:


> Because ABP is a permissive blocker and it blocks ads from all sites except some. Use Ublock Origin if you want a completely block all ads.


So how was the same blocking annoying yt ads in my laptop but not in the PC? No settings were ever changed.


----------



## Ta_234 (Apr 27, 2018)

Now Google Chrome has inbuilt RESET option that can reset your browser to default one. It will revert changes made by adware like homepage, new tab page, settings .


----------



## Zangetsu (Oct 28, 2018)

I am using windows 10 and the AV definitions are updated.
The browser automatically opens the following URL: _
"www.lktoday.ru" ---> redirected to "Earn money on short links. Make short links and earn the biggest money - shorte.st" ---> redirected to "Top 10 New Windows 10 Features"
_
I don't see any malware trace on system scan.


----------



## SaiyanGoku (Oct 28, 2018)

Zangetsu said:


> I am using windows 10 and the AV definitions are updated.
> The browser automatically opens the following URL:
> _"www.lktoday.ru" ---> redirected to "Earn money on short links. Make short links and earn the biggest money - shorte.st" ---> redirected to "Top 10 New Windows 10 Features"
> _
> I don't see any malware trace on system scan.


Open chrome://settings/appearance and check for homepage address. Also uninstall any unknown extension. Check search engines as well.

Edit: Right click on the shortcut of the browser and check properties. The target should be "C:\Program Files\Google\Chrome\Application\chrome.exe" and nothing else.


----------



## Zangetsu (Oct 29, 2018)

SaiyanGoku said:


> Open chrome://settings/appearance and check for homepage address. Also uninstall any unknown extension. Check search engines as well.
> 
> Edit: Right click on the shortcut of the browser and check properties. The target should be "C:\Program Files\Google\Chrome\Application\chrome.exe" and nothing else.


checked that too..nothing is there


----------



## whitestar_999 (Oct 29, 2018)

It is adware which likely got installed with some free software bundled with ads that you either tried or updated unintentionally(that's why I always turn auto update off even for free softwares). Most AVs don't consider adware the same as virus with their default setting(especially avast).Use MBAM free to scan & remove it.


----------



## vidhubhushan (Mar 26, 2021)

hazelmadison said:


> If you're seeing some of these problems with Chrome, you might have unwanted software or malware installed on your computer:
> 
> 
> Pop-up ads and new tabs that won't go away
> ...



please always check the last post date before posting. no point in bumping a 2 1/2 years old thread.


----------

