How to remove adwares, pop-ups or ads from browsers?

dashing.sujay

Moving
Staff member
Adwares / Malwares / Browser Hijackers/ PUPs Removal guide​


These days, adwares are everywhere. Right from softwares you install, to links you click, to pages you visit and what not.

Apart from nasty adwares, which will irritate you to the core, PUPs (Potentially Unwanted Programs) and Browser Hijackers are also very common these days. The very basic reason behind all this is pure marketing.

So first of all, how to identify if you're infected with any of these ?

  • Unwanted browser add ons which might even not go away
  • Clicking on a link leads to elsewhere or maybe clicking just on an empty space in a browser leads you to a predefined target

Adwares might show up like these:

  • PaOPWFp.jpg
  • nCfshqe.jpg


They can be hugely annoying and irritating, so let's get started with how can you get your calm back:

Solution:


  1. Check your computer for any unwanted program installed

    You can check this list for reference:
    Bad programs to remove from Add/Remove Programs:

    180searchAssistant
    2020Search
    360Share (P2P program; all kinds of junk comes in on these)
    404Search
    411Ferret Toolbar
    7FaSSt Search
    ABCSearch
    Active Alert
    ActualNames
    Advanced Search
    AdvSearch
    Alexa
    AllAdvantage Viewbar
    AltPayments
    AM Server
    Appswebservice.com search assistant
    AUREAL
    autoSearch
    AXDownload
    B3d Projector
    BackWeb
    Bargain Buddy
    BearShare (P2P program)
    BetterInternet
    Big Fish Games toolbar (causes TrueFindPage hijack)
    Bonzi Buddy
    Brows er Enhancer, Browser Enhance r, and other variations.
    BrowserAid
    BrowserPal
    BullsEye Network
    CashToolbar
    CashBack by BargainBuddy
    Chinese keywords
    Click2FindNow
    ClickTheButton
    ClientMan
    ClockSync
    CnsMin
    Comet Cursor
    Command (this one you'll probably have to download their removal tool)
    CommonName
    Cpr
    CtxPls
    CuteFTP
    Cydoor
    DailyToolbar
    Dashbar
    Date Manager
    Delfin
    Download Receiver
    DownloadWare
    E2Give Browser Add On
    E2give Plug-in
    eAcceleration
    eAnthology
    EasySearchBar
    ErrorGuard
    eWallet
    eXact Search Bar
    ezcybersearch
    ezSearchBar
    Ezula
    F1
    FirstLook
    FlashTrack Uninstall
    flt
    Free Scratch Cards
    FreeScratchAndWin
    Friend Greetings
    FT remove
    FTApp
    Fun Web Products Easy Installer
    GAIN
    Gator or Gator eWallet
    Go
    GO Network Express Search
    GogoTools version (some number)
    Grokster
    Home Search Assistant (For instructions to remove click here)
    HotBar
    Httper
    HuntBar
    Hyperlinker
    IconForge
    IE Search Toolbar Plugin
    IE Toolbar
    IEDriver
    iLookup
    iMesh (P2P program; all kinds of junk comes in on these)
    InetDoor
    Insterstitial ad delivery by n-Case
    Internet 404
    Internet Optimizer
    Internet Tools
    Internet Washer Pro
    IPInsight (not same as IP Insight which is valid)
    Ipinsigt
    ISTbar
    ISTsvc or ISTBar
    iWon EZ Setup
    iWon Plus
    Kazaa
    KeenValue
    KeywordPlugin
    L O.P. Un instal1, L.O P. Un insta1, and other variations.
    Live 0n line Portal, Live.0nli ne Porta1, and other variations.
    Lycos Sidesearch
    Main class
    MarketScore
    masterbarHallmedia.net
    mc
    Media Gateway
    Media Motor
    Medialoads
    MediaLoads Enhanced
    Media Pipe
    MegaSearch toolbar
    MemoryMeter
    Midaddle
    Mirar, Mirar Toolbar, etc.
    MoreResults
    MS AUpdate
    MS AUpdate
    MS T-Media Display
    MS Updates
    MS Updates
    mscman
    MSIETS
    My Search Bar
    My Web Search
    My Web Search Bar
    MyFunCards
    MySearch
    MyWay
    MyWeb
    MyWebSearch
    MyDailyHoroscope
    MyWay Speed Bar
    Napster
    NavHelper
    NaviSearch
    Neo Technology Search Engine
    Network Monitor
    NetworkEssentials
    New.net Domains (some number)
    New.net.
    NewtonKnows
    NoAdware
    NowBox
    OnFlow
    Onflow
    OpenSite
    Orbit
    Outlook Tools by Hotbar
    P2Pnetworks
    PAD lookups by n-Case
    POP
    PowerStrip
    Precision Time
    Premium Search Start Page
    Preview AdService
    Pure Networks Port Magic
    qidion - toolbar
    qsuvzeonfw
    Quicklinks
    QuickSearch Toolbar
    RapidBlaster
    rb32 lptt01
    Recommended Hotfix - 421701D
    Related Page
    RVP
    RX Bar
    Save
    SaveNow
    SBFullInst Control
    Search 2020
    Search Assistant Utility
    Search Assistant Uninstall
    Search Extender (For instructions to remove click here)
    Search Toolbar
    SearchBus
    Searchit - toolbar
    SearchSquire
    Seekmo Search Assistant
    Select Cashback
    ShopAtHomeSelect Agent
    Shopper Reports
    Shopping Community
    Sibelius Scorch
    Sidefind
    Shopping Wizard (For instructions to remove click here)
    SmileyCentral
    SnackMan
    SongSpy
    SpecialOffers!
    Spedia
    SpeedBlaster
    StatBlaster
    Static Wallpaper
    Stop-Sign
    supaseek
    supaseek - Toolbar
    SuperBar IE Plugin
    Surf Accuracy
    Surf+
    Surfairy
    SysAI
    The ABI Network - A Division of Direct Revenue
    The Best Offers
    The BullsEye Network
    TinyBar
    Toolbar - My toolbar
    Tools for Internet Explorer
    TopText
    TopText iLookup
    Trellix Web Express, Trellix Web
    TrueFindPage
    TSA
    TurboDownload
    TV Media
    TV Media Display
    UCmore - The Search Accelerator
    Ultimate Browse r Enhancer, Ultimate Browser En hancer, and other variations.
    Uninstall 180Search Assistant
    Uninstall Seekmo
    Viewpoint Media Manager, Viewpoint Media Player, Viewpoint Manager, Viewpoint, etc.
    WAST
    Weatherbug (see article here)
    Web Search Toolbar
    Web Search Tools
    Web Tools by Hotbar
    Web Toolbar
    WebEnh
    WebHancer
    Webhancer Customer Companion
    WebInstall
    WebOffer
    WebRebates (by TopRebates.com)
    WebUpdate
    WebSearch Toolbar
    whazit tools
    WhenU Search
    WildMedia
    Win-Tools Easy Installer
    WinAntivirus
    Winfixer, WinFixer 2005, etc. (This is a really bad one.)
    win32
    Window Active
    WinSrv Reg
    Win-Tools Easy Installer
    wintrim
    XDiver
    XXXToolbar
    Your Sidebar
    Your Sitebar
    YuupSearch Toolbar
    Zango
    Zipclix
    zSearch
    ZZ

    Taken from - List of Unwanted Programs in Add / Remove Programs

    This is not complete list so you might have a PUP out of this list, and chances are very high of that case. If you are unsure about any listing, Google it or post here.

    IMPORTANT: Please use third party uninstallers to remove any such unwanted program.

    You may use any of the following:
    • Revo Portable - Best of the lot but slowest. Good to remove minutest trace present.
    • IOBit Uninstaller - Batch uninstallation in free version is the only plus if compared to others, otherwise good enough.
    • Geek Uninstaller - Fastest of the lot, and very handy keyboard shortcuts but sometimes, it misses out on some traces, but only sometimes.

  2. Reset your browsers and check for any unwanted or unknown addons. Make sure your remove all the suspicious addons; some of them might not get removed, but don't worry about that, we'll deal with them later.
    • IE - Run -> inetcpl.cpl -> Restore advanced settings -> Reset
    • Chrome - Settings -> Show advanced settings -> Reset
    • Firefox - Help -> Troubleshooting Information -> Refresh Firefox. Alternatively, hold down shift key, and double click FF shortcut icon, that'll give you option to refresh FF.

  3. Fire up CCleaner, yes, you heard it right.
    • Clean up the junk and reg entries using it. Note: It's never recommended to blindly delete the %temp% folder directly as they might contain some useful files used in background by some program.
    • Go to Tools, now remove all the suspicious entries in Windows, Browsers (it basically shows add ons from the browsers, and some of the addons which do not show up in respective browsers, are shown here) and Scheduled Tasks. Scheduled tasks are most used by PUPs to keep running in background as one never checks them apart from normal windows start up. 95% of the items in scheduled tasks are usually not required.
    • Check start up services in msconfig. Make sure you hide all Microsoft services, then do any experiment.
    • Check Task Manager for any suspicious process running. Make sure you check file location of the process to be double sure about the authenticity of the process, and the effects of ending it.

  4. Basic problems are fixed till this step, but 95% problems are not basic, because the way PUPs/adwares are deployed, they always leave a trace, thus the requirement of running some advanced tools. One important thing to note is that you must run tools in the order I'm mentioning because of the multiple reasons, viz, effectiveness and risk/side-effects.
    • AdwCleaner - The most powerful tool in the sense being so small in size but being most effective, relatively. Running this tools should clean most if not all the items. A reboot is mandatory by default.
    • JRT - A CLI tool which is quite effective. However, in most cases, it fails to remove what AdwCleaner can't remove, but in some cases, it does.
    • Malwarebytes - Needs no introduction. It's like de facto tool for malware/adware/PUP removal. Make sure you update it before running. Malwarebytes has a modified version called Malwarebytes Chameleon, which basically comes handy when the infection doesn't allow it to run. Chameleon can run faking mbam.exe as firefox.exe, svchost.exe, winlogon.exe, etc. Apart from the primary benefit, Chameleon is a tad better in catching the infections which normal mbam can't, such cases are rare though.
    • Hitman Pro - Using Kaspersky scan engine, it really shines out in what others (the above list) struggle to do till now. Be extra cautious in using Hitman Pro, as sometimes it wipes out the MBR (rare though), thus creating a no boot scenario. So make sure you manually scroll down the scan results.


      Your computer should now be free of any kind of adwares if you followed all the above steps barring exceptions, which I'll discuss in the later part of this tutorial.


      Some other tools which you may try if everything above fails:

    • Rogue Killer - A very powerful tool. It even removes critical infections (virus/worm/trojan), fixes proxy issue and resets host file.
    • YAC - Nothing over the board, but sometimes, it just works.
    • TDSSKiller - Worth a try, a powerful tool in it's arena.
    • Autoruns - A Microsoft tool, very very powerful. So be very careful while using it. DO NOT mess with any entry you're unsure of. You just have to uncheck all the highlighted items, which actually are missing from the system.
    • HijackThis - Developed by Trend Micro, deploying old school methodology but giving you flexibility to choose your own consequences. It scans through the computer and then it depends upon your retina scanner to filter the suspicious items and remove them. So, careful !

Important Note: All the advanced tools are suggested to run in safe mode as sometimes infections escape somehow, which doesn't happen in safe mode.

Some cases and pointers:

  • In some cases, addon from IE is not removable. All the enable/disable buttons are grayed out and there is nothing you could do. In this case, follow this method - http://superuser.com/a/268408
  • In following locations - Program Files(x86), ProgramData, AppData, look for any gibberish files or folders, and delete them. They'll be most probably malwares/adwares.
  • In Chrome, I've seen couple of occasions, where a specific add on is not removed and the ad doesn't go away, that's very very rare though. In this case, back up your user data of Chrome, which is anyway synced if you're signed in to your Chrome Google account, and delete AppData folder of Chrome as last resort.
  • Never ever directly run the tools. First remove the unwanted programs, if any, then only run these tools. I faced a scenario, where I had to apply reverse engineering to remove a single trace left somewhere deep inside the system. I had to install the PUP (and believe me, finding the setup for that PUP was such a pain in the back), then remove it through Revo, and problem was solved.
  • Sometimes, after removing a unwanted programs, you might face proxy issue. In that case, Hitman Pro, Rogue Killer are your best friends. However, there are some other manual methods used for advanced troubleshooting. Also, the proxy issue sometimes doesn't allow you to even download these softwares. So, Firefox is comes to rescue as it's network settings do not follow global settings as governed by inetcpl. Still, you if you face any proxy issue which is not resolved, do post here for advanced resolutions.


All of the above step should solve your problem. If not, feel free to share it here.

Now, some pointers as in how can you prevent these nasty pieces of codes to come in to your beloved machine:

  • Make sure you have a security software (anti-virus) which supports PUP detection. Most anti-viruses do support, so make sure it's enabled. I for one, use ESET; been using for 5 years, and it is pretty good. There's one harsh reality though: no anti-virus program could match the level of those anti-malwares/adwares which are specifically built to remove them. So, having them is good, but not full-proof.
  • Always keep Malwarebytes as your On Demand Scanner. Scan regularly whenever you feel the need to.
  • Use good ad blocking extensions in browsers. In Chrome, use uBlock (by gorhill). It is by far the best ad blocker available across all browsers. It also blocks many suspicious redirections, harmful sites, and has quite low memory footprint. The Firefox version is no where near, and provides ad blocking even worse than AdBlock Plus. Still, having one reduces the risk.
  • Genuine bloats such as flash and all other programs which offer PUPs, toolbars, and other stuff to install, even though can be evaded manually. A program called Unchecky claims to do that for you. It automatically unchecks the required check boxes when such a program installation is underway. Power users won't require it, but it's good for people who tend to miss such things.
Last but not least, keep your eyes, open. Your instinct is the best protection mechanism/software you have.

Good Luck !

Regards.
 

topgear

Super Moderator
Staff member
Some tools I can suggest Spybot Search and Destroy and spyware terminator. Also use browser addons like pop up blocker, Adblock, flash blocker [ if you must ], WoT and incognito mode mostly.

BTW, thanks for such an nice guide and need to try out uBlock.
 
OP
dashing.sujay

dashing.sujay

Moving
Staff member
Thanks.

uBlock will take care of pop ups and ads, so there should not be any need to install a separate extension.
As for Spybot S&D, I used it way back in 2005-06. It has lost its way in time. I don't think it's as competent as mbam.
 

GhorMaanas

The Vagrant Seeker
nice write-up!

i have recently started using ublock origin on firefox (laptop), and using adblock (not 'plus') on opera. shall install ublock for chrome on desktop too.

agree with Sujay on mbam. more than what he wrote, its regular pop-ups that made me uninstall spybot. :p

best way though to avoid getting adwares-malwares is, to remain ever-vigilant and meticulous in what you are downloading and installing, and go through the installation-process slowly, checking each step properly, without rushing into it (stands applicable even for download-manager enabled software-downloads which you get from software-download portals these days).
 

ariftwister

Truth Seeker
Great Article... Really informative.. TIL about browsers Hijackers.

PS: You spelled hijack wrong everywhere..
 
OP
dashing.sujay

dashing.sujay

Moving
Staff member
Nice list. Would be better if you could add some results too.

What kind of results do you want ?

Great Article... Really informative.. TIL about browsers Hijackers.

PS: You spelled hijack wrong everywhere..

I had noticed the second spelling but missed out on title. I read the entire writeup 2 times before posting but still missed out on those :p

Thanks for notifying !

PS: Thanks to all ! :)
 

E|e<tr0|!0n

Broken In
Once you've installed ublock origin, switch on additional web filters that block trackers in its settings, and get yourself the ublock protector extension as well. It will prevent websites from detecting the adblocker on your browser.
 

quicky008

Technomancer
Yes i did notice some slowdowns in my browser's operational speed(firefox)while trying to use both the addons together-however when i disabled ABP and used only ublock things went back to normal.It seems ublock is more effective at blocking annoying adverts and popups than abp-i observed that many popups that are displayed by certain websites (even when abp is running)no longer appeared when ublock was functioning.

And can anyone recommend a reliable second opinion malware scanner (like hitman pro,malwarebytes etc)that is free and can be used with ones primary a/v software?
 

whitestar_999

Super Moderator
Staff member
MBAM free should be good enough.It is better though to use a good free regularly updated AV in the first place.There is also virustotal for getting 2nd opinion about a suspicious file.
 

billubakra

Conversation Architect
Yes i did notice some slowdowns in my browser's operational speed(firefox)while trying to use both the addons together-however when i disabled ABP and used only ublock things went back to normal.It seems ublock is more effective at blocking annoying adverts and popups than abp-i observed that many popups that are displayed by certain websites (even when abp is running)no longer appeared when ublock was functioning.

And can anyone recommend a reliable second opinion malware scanner (like hitman pro,malwarebytes etc)that is free and can be used with ones primary a/v software?

In my pc IDK why ABP was not blocking ads anymore. It works fine in my laptop with the same OS, same FF version. I googled and installed ublock and the ads were stopped. I was running them both and didn't really feel that FF is slow. Anyways after reading your post, I have disabled ABP.

@whitestar_999
Make this thread sticky.
 

Desmond

Destroy Erase Improve
Staff member
Admin
In my pc IDK why ABP was not blocking ads anymore. It works fine in my laptop with the same OS, same FF version. I googled and installed ublock and the ads were stopped. I was running them both and didn't really feel that FF is slow. Anyways after reading your post, I have disabled ABP.

@whitestar_999
Make this thread sticky.
Because ABP is a permissive blocker and it blocks ads from all sites except some. Use Ublock Origin if you want a completely block all ads.
 
Top Bottom