How to remove adwares, pop-ups or ads from browsers?

Discussion in 'Software Q&A' started by dashing.sujay, Jul 26, 2015.

  1. dashing.sujay

    dashing.sujay Moving Staff Member

    Joined:
    Nov 12, 2009
    Messages:
    5,497
    Likes Received:
    30
    Trophy Points:
    48
    Location:
    Gaya
    Adwares / Malwares / Browser Hijackers/ PUPs Removal guide​
    [hr][/hr]

    These days, adwares are everywhere. Right from softwares you install, to links you click, to pages you visit and what not.

    Apart from nasty adwares, which will irritate you to the core, PUPs (Potentially Unwanted Programs) and Browser Hijackers are also very common these days. The very basic reason behind all this is pure marketing.

    So first of all, how to identify if you're infected with any of these ?

    • Unwanted browser add ons which might even not go away
    • Clicking on a link leads to elsewhere or maybe clicking just on an empty space in a browser leads you to a predefined target

    Adwares might show up like these:

    • [​IMG]
    • [​IMG]


    They can be hugely annoying and irritating, so let's get started with how can you get your calm back:

    Solution:


    1. Check your computer for any unwanted program installed

      You can check this list for reference:
      Bad programs to remove from Add/Remove Programs:

      180searchAssistant
      2020Search
      360Share (P2P program; all kinds of junk comes in on these)
      404Search
      411Ferret Toolbar
      7FaSSt Search
      ABCSearch
      Active Alert
      ActualNames
      Advanced Search
      AdvSearch
      Alexa
      AllAdvantage Viewbar
      AltPayments
      AM Server
      Appswebservice.com search assistant
      AUREAL
      autoSearch
      AXDownload
      B3d Projector
      BackWeb
      Bargain Buddy
      BearShare (P2P program)
      BetterInternet
      Big Fish Games toolbar (causes TrueFindPage hijack)
      Bonzi Buddy
      Brows er Enhancer, Browser Enhance r, and other variations.
      BrowserAid
      BrowserPal
      BullsEye Network
      CashToolbar
      CashBack by BargainBuddy
      Chinese keywords
      Click2FindNow
      ClickTheButton
      ClientMan
      ClockSync
      CnsMin
      Comet Cursor
      Command (this one you'll probably have to download their removal tool)
      CommonName
      Cpr
      CtxPls
      CuteFTP
      Cydoor
      DailyToolbar
      Dashbar
      Date Manager
      Delfin
      Download Receiver
      DownloadWare
      E2Give Browser Add On
      E2give Plug-in
      eAcceleration
      eAnthology
      EasySearchBar
      ErrorGuard
      eWallet
      eXact Search Bar
      ezcybersearch
      ezSearchBar
      Ezula
      F1
      FirstLook
      FlashTrack Uninstall
      flt
      Free Scratch Cards
      FreeScratchAndWin
      Friend Greetings
      FT remove
      FTApp
      Fun Web Products Easy Installer
      GAIN
      Gator or Gator eWallet
      Go
      GO Network Express Search
      GogoTools version (some number)
      Grokster
      Home Search Assistant (For instructions to remove click here)
      HotBar
      Httper
      HuntBar
      Hyperlinker
      IconForge
      IE Search Toolbar Plugin
      IE Toolbar
      IEDriver
      iLookup
      iMesh (P2P program; all kinds of junk comes in on these)
      InetDoor
      Insterstitial ad delivery by n-Case
      Internet 404
      Internet Optimizer
      Internet Tools
      Internet Washer Pro
      IPInsight (not same as IP Insight which is valid)
      Ipinsigt
      ISTbar
      ISTsvc or ISTBar
      iWon EZ Setup
      iWon Plus
      Kazaa
      KeenValue
      KeywordPlugin
      L O.P. Un instal1, L.O P. Un insta1, and other variations.
      Live 0n line Portal, Live.0nli ne Porta1, and other variations.
      Lycos Sidesearch
      Main class
      MarketScore
      masterbarHallmedia.net
      mc
      Media Gateway
      Media Motor
      Medialoads
      MediaLoads Enhanced
      Media Pipe
      MegaSearch toolbar
      MemoryMeter
      Midaddle
      Mirar, Mirar Toolbar, etc.
      MoreResults
      MS AUpdate
      MS AUpdate
      MS T-Media Display
      MS Updates
      MS Updates
      mscman
      MSIETS
      My Search Bar
      My Web Search
      My Web Search Bar
      MyFunCards
      MySearch
      MyWay
      MyWeb
      MyWebSearch
      MyDailyHoroscope
      MyWay Speed Bar
      Napster
      NavHelper
      NaviSearch
      Neo Technology Search Engine
      Network Monitor
      NetworkEssentials
      New.net Domains (some number)
      New.net.
      NewtonKnows
      NoAdware
      NowBox
      OnFlow
      Onflow
      OpenSite
      Orbit
      Outlook Tools by Hotbar
      P2Pnetworks
      PAD lookups by n-Case
      POP
      PowerStrip
      Precision Time
      Premium Search Start Page
      Preview AdService
      Pure Networks Port Magic
      qidion - toolbar
      qsuvzeonfw
      Quicklinks
      QuickSearch Toolbar
      RapidBlaster
      rb32 lptt01
      Recommended Hotfix - 421701D
      Related Page
      RVP
      RX Bar
      Save
      SaveNow
      SBFullInst Control
      Search 2020
      Search Assistant Utility
      Search Assistant Uninstall
      Search Extender (For instructions to remove click here)
      Search Toolbar
      SearchBus
      Searchit - toolbar
      SearchSquire
      Seekmo Search Assistant
      Select Cashback
      ShopAtHomeSelect Agent
      Shopper Reports
      Shopping Community
      Sibelius Scorch
      Sidefind
      Shopping Wizard (For instructions to remove click here)
      SmileyCentral
      SnackMan
      SongSpy
      SpecialOffers!
      Spedia
      SpeedBlaster
      StatBlaster
      Static Wallpaper
      Stop-Sign
      supaseek
      supaseek - Toolbar
      SuperBar IE Plugin
      Surf Accuracy
      Surf+
      Surfairy
      SysAI
      The ABI Network - A Division of Direct Revenue
      The Best Offers
      The BullsEye Network
      TinyBar
      Toolbar - My toolbar
      Tools for Internet Explorer
      TopText
      TopText iLookup
      Trellix Web Express, Trellix Web
      TrueFindPage
      TSA
      TurboDownload
      TV Media
      TV Media Display
      UCmore - The Search Accelerator
      Ultimate Browse r Enhancer, Ultimate Browser En hancer, and other variations.
      Uninstall 180Search Assistant
      Uninstall Seekmo
      Viewpoint Media Manager, Viewpoint Media Player, Viewpoint Manager, Viewpoint, etc.
      WAST
      Weatherbug (see article here)
      Web Search Toolbar
      Web Search Tools
      Web Tools by Hotbar
      Web Toolbar
      WebEnh
      WebHancer
      Webhancer Customer Companion
      WebInstall
      WebOffer
      WebRebates (by TopRebates.com)
      WebUpdate
      WebSearch Toolbar
      whazit tools
      WhenU Search
      WildMedia
      Win-Tools Easy Installer
      WinAntivirus
      Winfixer, WinFixer 2005, etc. (This is a really bad one.)
      win32
      Window Active
      WinSrv Reg
      Win-Tools Easy Installer
      wintrim
      XDiver
      XXXToolbar
      Your Sidebar
      Your Sitebar
      YuupSearch Toolbar
      Zango
      Zipclix
      zSearch
      ZZ

      Taken from - List of Unwanted Programs in Add / Remove Programs

      This is not complete list so you might have a PUP out of this list, and chances are very high of that case. If you are unsure about any listing, Google it or post here.

      IMPORTANT: Please use third party uninstallers to remove any such unwanted program.

      You may use any of the following:
      • Revo Portable - Best of the lot but slowest. Good to remove minutest trace present.
      • IOBit Uninstaller - Batch uninstallation in free version is the only plus if compared to others, otherwise good enough.
      • Geek Uninstaller - Fastest of the lot, and very handy keyboard shortcuts but sometimes, it misses out on some traces, but only sometimes.

    2. Reset your browsers and check for any unwanted or unknown addons. Make sure your remove all the suspicious addons; some of them might not get removed, but don't worry about that, we'll deal with them later.
      • IE - Run -> inetcpl.cpl -> Restore advanced settings -> Reset
      • Chrome - Settings -> Show advanced settings -> Reset
      • Firefox - Help -> Troubleshooting Information -> Refresh Firefox. Alternatively, hold down shift key, and double click FF shortcut icon, that'll give you option to refresh FF.

    3. Fire up CCleaner, yes, you heard it right.
      • Clean up the junk and reg entries using it. Note: It's never recommended to blindly delete the %temp% folder directly as they might contain some useful files used in background by some program.
      • Go to Tools, now remove all the suspicious entries in Windows, Browsers (it basically shows add ons from the browsers, and some of the addons which do not show up in respective browsers, are shown here) and Scheduled Tasks. Scheduled tasks are most used by PUPs to keep running in background as one never checks them apart from normal windows start up. 95% of the items in scheduled tasks are usually not required.
      • Check start up services in msconfig. Make sure you hide all Microsoft services, then do any experiment.
      • Check Task Manager for any suspicious process running. Make sure you check file location of the process to be double sure about the authenticity of the process, and the effects of ending it.

    4. Basic problems are fixed till this step, but 95% problems are not basic, because the way PUPs/adwares are deployed, they always leave a trace, thus the requirement of running some advanced tools. One important thing to note is that you must run tools in the order I'm mentioning because of the multiple reasons, viz, effectiveness and risk/side-effects.
      • AdwCleaner - The most powerful tool in the sense being so small in size but being most effective, relatively. Running this tools should clean most if not all the items. A reboot is mandatory by default.
      • JRT - A CLI tool which is quite effective. However, in most cases, it fails to remove what AdwCleaner can't remove, but in some cases, it does.
      • Malwarebytes - Needs no introduction. It's like de facto tool for malware/adware/PUP removal. Make sure you update it before running. Malwarebytes has a modified version called Malwarebytes Chameleon, which basically comes handy when the infection doesn't allow it to run. Chameleon can run faking mbam.exe as firefox.exe, svchost.exe, winlogon.exe, etc. Apart from the primary benefit, Chameleon is a tad better in catching the infections which normal mbam can't, such cases are rare though.
      • Hitman Pro - Using Kaspersky scan engine, it really shines out in what others (the above list) struggle to do till now. Be extra cautious in using Hitman Pro, as sometimes it wipes out the MBR (rare though), thus creating a no boot scenario. So make sure you manually scroll down the scan results.


        Your computer should now be free of any kind of adwares if you followed all the above steps barring exceptions, which I'll discuss in the later part of this tutorial.


        Some other tools which you may try if everything above fails:

      • Rogue Killer - A very powerful tool. It even removes critical infections (virus/worm/trojan), fixes proxy issue and resets host file.
      • YAC - Nothing over the board, but sometimes, it just works.
      • TDSSKiller - Worth a try, a powerful tool in it's arena.
      • Autoruns - A Microsoft tool, very very powerful. So be very careful while using it. DO NOT mess with any entry you're unsure of. You just have to uncheck all the highlighted items, which actually are missing from the system.
      • HijackThis - Developed by Trend Micro, deploying old school methodology but giving you flexibility to choose your own consequences. It scans through the computer and then it depends upon your retina scanner to filter the suspicious items and remove them. So, careful !

    Important Note: All the advanced tools are suggested to run in safe mode as sometimes infections escape somehow, which doesn't happen in safe mode.

    Some cases and pointers:

    • In some cases, addon from IE is not removable. All the enable/disable buttons are grayed out and there is nothing you could do. In this case, follow this method - http://superuser.com/a/268408
    • In following locations - Program Files(x86), ProgramData, AppData, look for any gibberish files or folders, and delete them. They'll be most probably malwares/adwares.
    • In Chrome, I've seen couple of occasions, where a specific add on is not removed and the ad doesn't go away, that's very very rare though. In this case, back up your user data of Chrome, which is anyway synced if you're signed in to your Chrome Google account, and delete AppData folder of Chrome as last resort.
    • Never ever directly run the tools. First remove the unwanted programs, if any, then only run these tools. I faced a scenario, where I had to apply reverse engineering to remove a single trace left somewhere deep inside the system. I had to install the PUP (and believe me, finding the setup for that PUP was such a pain in the back), then remove it through Revo, and problem was solved.
    • Sometimes, after removing a unwanted programs, you might face proxy issue. In that case, Hitman Pro, Rogue Killer are your best friends. However, there are some other manual methods used for advanced troubleshooting. Also, the proxy issue sometimes doesn't allow you to even download these softwares. So, Firefox is comes to rescue as it's network settings do not follow global settings as governed by inetcpl. Still, you if you face any proxy issue which is not resolved, do post here for advanced resolutions.


    All of the above step should solve your problem. If not, feel free to share it here.

    Now, some pointers as in how can you prevent these nasty pieces of codes to come in to your beloved machine:

    • Make sure you have a security software (anti-virus) which supports PUP detection. Most anti-viruses do support, so make sure it's enabled. I for one, use ESET; been using for 5 years, and it is pretty good. There's one harsh reality though: no anti-virus program could match the level of those anti-malwares/adwares which are specifically built to remove them. So, having them is good, but not full-proof.
    • Always keep Malwarebytes as your On Demand Scanner. Scan regularly whenever you feel the need to.
    • Use good ad blocking extensions in browsers. In Chrome, use uBlock (by gorhill). It is by far the best ad blocker available across all browsers. It also blocks many suspicious redirections, harmful sites, and has quite low memory footprint. The Firefox version is no where near, and provides ad blocking even worse than AdBlock Plus. Still, having one reduces the risk.
    • Genuine bloats such as flash and all other programs which offer PUPs, toolbars, and other stuff to install, even though can be evaded manually. A program called Unchecky claims to do that for you. It automatically unchecks the required check boxes when such a program installation is underway. Power users won't require it, but it's good for people who tend to miss such things.
    Last but not least, keep your eyes, open. Your instinct is the best protection mechanism/software you have.

    Good Luck !

    Regards.
     
    Gollum and RCuber like this.
  2. SaiyanGoku

    SaiyanGoku kamehameha!! Staff Member

    Joined:
    Sep 3, 2012
    Messages:
    7,768
    Likes Received:
    148
    Trophy Points:
    63
    Location:
    Hyderabad/Raipur
    :thumbs:
    Nice guide

    Gonna try that ublock extension.
     
  3. topgear

    topgear Fast 'N' Furious Staff Member

    Joined:
    Jul 14, 2006
    Messages:
    18,613
    Likes Received:
    58
    Trophy Points:
    48
    Location:
    Geek's Heaven
    Some tools I can suggest Spybot Search and Destroy and spyware terminator. Also use browser addons like pop up blocker, Adblock, flash blocker [ if you must ], WoT and incognito mode mostly.

    BTW, thanks for such an nice guide and need to try out uBlock.
     
  4. OP
    OP
    dashing.sujay

    dashing.sujay Moving Staff Member

    Joined:
    Nov 12, 2009
    Messages:
    5,497
    Likes Received:
    30
    Trophy Points:
    48
    Location:
    Gaya
    Thanks.

    uBlock will take care of pop ups and ads, so there should not be any need to install a separate extension.
    As for Spybot S&D, I used it way back in 2005-06. It has lost its way in time. I don't think it's as competent as mbam.
     
  5. GhorMaanas

    GhorMaanas The Vagrant Seeker

    Joined:
    Jul 27, 2011
    Messages:
    1,840
    Likes Received:
    5
    Trophy Points:
    38
    nice write-up!

    i have recently started using ublock origin on firefox (laptop), and using adblock (not 'plus') on opera. shall install ublock for chrome on desktop too.

    agree with Sujay on mbam. more than what he wrote, its regular pop-ups that made me uninstall spybot. :p

    best way though to avoid getting adwares-malwares is, to remain ever-vigilant and meticulous in what you are downloading and installing, and go through the installation-process slowly, checking each step properly, without rushing into it (stands applicable even for download-manager enabled software-downloads which you get from software-download portals these days).
     
  6. isaac12345

    isaac12345 New Member

    Joined:
    Mar 14, 2014
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    0
  7. ariftwister

    ariftwister Truth Seeker

    Joined:
    Apr 6, 2013
    Messages:
    769
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Chennai, India
    Great Article... Really informative.. TIL about browsers Hijackers.

    PS: You spelled hijack wrong everywhere..
     
  8. OP
    OP
    dashing.sujay

    dashing.sujay Moving Staff Member

    Joined:
    Nov 12, 2009
    Messages:
    5,497
    Likes Received:
    30
    Trophy Points:
    48
    Location:
    Gaya
    What kind of results do you want ?

    I had noticed the second spelling but missed out on title. I read the entire writeup 2 times before posting but still missed out on those :p

    Thanks for notifying !

    PS: Thanks to all ! :)
     
  9. isaac12345

    isaac12345 New Member

    Joined:
    Mar 14, 2014
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    0
    The equivalent of what you get for hardware like benchmarks.
     
  10. kkn13

    kkn13 Cyber Genius FTW

    Joined:
    May 21, 2013
    Messages:
    2,857
    Likes Received:
    2
    Trophy Points:
    0
    very neat guide for a very alarmingly increasing trend in the tech world
     
  11. Zangetsu

    Zangetsu El Directo!

    Joined:
    Jan 8, 2008
    Messages:
    9,548
    Likes Received:
    56
    Trophy Points:
    48
    Location:
    Soul Society
    Excellent Guide to remove nasty pop-ups
     
  12. Mike aPerez

    Mike aPerez New Member

    Joined:
    Aug 29, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
  13. sohan_92

    sohan_92 The Timer

    Joined:
    May 11, 2013
    Messages:
    395
    Likes Received:
    49
    Trophy Points:
    28
    Location:
    Bengaluru/ Bhubaneswar
  14. E|e<tr0|!0n

    E|e<tr0|!0n Member

    Joined:
    Jul 6, 2017
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    Once you've installed ublock origin, switch on additional web filters that block trackers in its settings, and get yourself the ublock protector extension as well. It will prevent websites from detecting the adblocker on your browser.
     
  15. quicky008

    quicky008 Active Member

    Joined:
    Nov 27, 2007
    Messages:
    1,207
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Kolkata
    can ublock be used in conjunction with adblock plus?
     
  16. whitestar_999

    whitestar_999 Super Moderator Staff Member

    Joined:
    Nov 7, 2011
    Messages:
    6,349
    Likes Received:
    243
    Trophy Points:
    63
    Location:
    NCR
    It is not recommended to run 2 similar addons like ublock & adblock plus simultaneously though you can try to see if you face any serious issues.
     
    quicky008 likes this.
  17. quicky008

    quicky008 Active Member

    Joined:
    Nov 27, 2007
    Messages:
    1,207
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Kolkata
    Yes i did notice some slowdowns in my browser's operational speed(firefox)while trying to use both the addons together-however when i disabled ABP and used only ublock things went back to normal.It seems ublock is more effective at blocking annoying adverts and popups than abp-i observed that many popups that are displayed by certain websites (even when abp is running)no longer appeared when ublock was functioning.

    And can anyone recommend a reliable second opinion malware scanner (like hitman pro,malwarebytes etc)that is free and can be used with ones primary a/v software?
     
  18. whitestar_999

    whitestar_999 Super Moderator Staff Member

    Joined:
    Nov 7, 2011
    Messages:
    6,349
    Likes Received:
    243
    Trophy Points:
    63
    Location:
    NCR
    MBAM free should be good enough.It is better though to use a good free regularly updated AV in the first place.There is also virustotal for getting 2nd opinion about a suspicious file.
     

Share This Page