This page aims to show you how to remove pop-up “virus” ads also known as Adware. The removal of Ads from Chrome, Firefox, and Internet Explorer works for all versions and iterations of Windows (including removal of ads from Mac/OS X).
Pop-up Adware is a type of aggressive add-on for browsers that keeps spamming the affected browser with aggressive pop-up messages. If you notice the symptoms of Pop-up Adware inside your browser, you ought to quickly find and remove the source of those symptoms.
In addition to the regular adware, there is what is called pop-under alternate adware. The pop-under adware opens a new window under the currently active browser windows. Unlike pop-ups, the pop-under will not immediately disrupt and alert the user of its existence, but only when the “covering” windows get closed down. This is an especially tricky practice as it makes it that much harder to determine the exact website that caused the pop-under adware to appear.
The whole reasoning behind the development of pop-under adware is that as the pop-ups ads became something more and more common many users developed the useful habit to close down the pop-ups as soon as they begin to appear, thus avoiding even a look at them. The pop-unders are believed to be less intrusive and thus make for better overall advertising results than the pop-ups according to some behavioral studies.
Security experts classify Adware threats as the least dangerous (because they rarely harm your computer directly), but they don’t take into consideration the negative experience for the user. You will get constantly harassed by the Ads and the Ads can also be harmful if clicked on. For these reasons, it’s highly recommended that you find the application responsible remove the pop-up ads immediately from your system. Adware like Weknow.ac is not to be confused for a computer virus, but it is still a type of unwanted software you need to clean from your system – the sooner the better.
Online Advertisements are something we already expect to find on most web pages, yet sometimes their numbers can get excessive. If you constantly have to plow through several different pop-up ads to get to the web page underneath and that happens on almost every page you visit, then it’s likely that your computer has been infected with some kind of Adware or PUP (Potentially Unwanted Program). Regardless of what exactly has infected your computer, you’ll likely also experience general slowdown and/or instability. Your CPU has to effectively download and render the information for the Ads in addition to whatever content needs to be displayed for the page itself. This process can be excruciatingly slow on older computers or if the Ads have any animation or sounds attached to them.
How did you find yourself looking to remove the Ads?
If you are wondering how your PC came in contact with these Ads – there are several ways in which you might have been infected. One of the oldest and still going strong tricks as e-mail attachments. Be careful not to open/download any attachments from e-mails with senders you don’t recognize. Be extra careful for “Phishing Scams” attempts, e-mails that look like the real thing but are in fact malicious. Another form of Ads spread out is through compromised executables downloaded from file-sharing websites or torrents. Be very careful and, if possible, scan the downloaded files first, before commencing any installation process. By far the most likely way though is through an infected executable file location in a “software bundle”. Most commonly these are installers for some kind of program, most often free, that have several other programs bundled inside of them. Most people use the Default installation option, which is a bad idea because it will install all the extra programs bundled in the installer. A much better alternative is to always select Advanced because you’ll get detailed information about what exactly is about to get installed. Remove the ticks from any additional programs and you’ll greatly decrease the chance of obtaining Adware viruses.
How to discern normal Ads from Adware generated pop-up ads
There are a couple of signs to look after. Here is a shortlist of the most easily recognizable ones.
- Adware generated Ads are much more aggressive than normal Ads and will follow you on most pages you visit (forget what I said – they will follow you on ALL pages until you get rid of the pop-up ads.
- pop-up ads often cover the screen and make your browser unusable by simply cluttering your screen. You will have click on them to close them, which can in turn open new pages and tabs.
- Some words are highlighted and transformed into hyperlinks and an Ad is displayed if the word is hovered over. This effect survives between multiple pages.
- New tabs and pages are automatically opened without your permission and link to sites you are unfamiliar with.
- Ads offer free software or crazy discounts, which you can never see in a normal shop.
Why are Ads like these being created?
If you have ever wondered why would anyone bother creating such an annoying software, then you probably already know the answer without realizing it – for profit at the expense of your time and nerves. Many of these pop-up ads generating programs are actually affiliated with the websites they advertise for. Whenever one of the Ads displayed by them is clicked on they get a small sum as royalty. If any purchase is made the amount of money earned is increased. There are two major implications to this
- These pop-up ads will get displayed on your screen regardless of whether you want them or not and the only way to stop the process is to remove the underlying cause.
- Shady and less known companies are much more likely to advertise in such a way compared to well-known reputable software developers.
This bears the question of why is this preferred as a form of advertising in the first place? The truth is for all concerns and purposes this is cheaper than a more traditional and above board form of online advertising like using Google Ads for example. If an owner of such a company or website decides quick traffic is exactly what he needs then it is not that hard to imagine him contacting creators of Adware software and commissioning the creation of Software specifically designed to redirect traffic in the form of unsuspecting users to his website. You might wonder how is the creation of such Software a cheaper form of Advertising? Well for starters by all accounts it’s not very hard for Adware to be created, in fact, only small changes to the program code are required for each new “client”. This allows for quick results, although it is undoubtedly a pretty shady practice.
The sad reality is nothing useful ever comes out of these pop-up ads
Ads created by Adware applications and PUPs are well known to link to other infected software. Useless bloatware applications are also often distributed this way. These programs usually pretend to be error fixing and optimization software, but they don’t actually do anything. They’ll entice you into downloading them for free, but when you try to use them for anything you’ll find you need the full/pro PAID version. In the meantime, you will be bombarded with different kind of error reports about non-existent or over-exaggerated problems prodding you to pay for the useless software. People that actually pay the scammers will get a confirmation message that everything was fixed, but no actual threat is removed or fixed. Instead, the fake error generating code is merely suppressed until the subscription for the program wears off. Another variant of this scam is when an online scan program detected viruses on your computer and you are offered to download it so it can clean them. Please remember that no online program can ever scan your computer unless you give it permission to do so!
There are several other such schemes used to install malicious software via the help of pop-up ads. They include
- Fake prompts to do system or program updates.
- Claims that you need to install a certain video codec, media player or missing plug-in before you can watch videos online.
- Messages about missing .DLL files. (Downloading a .dll file from the Internet is almost always a BAD idea!)
Finally please remember that in order to display these Ads into your browser the Adware/PUP has attached itself to your Chrome, Firefox or IE browser as an add-on. This gives it an almost unlimited ability to display stuff on your screen. Any system message that is closed when you close the browser is likely the product of the Ads and is entirely fake!
|Name||The pop-up ads usually have some sort of name – look for it at the edges of the ads, or within your browser extensions.|
Some threats reinstall themselves if you don't delete their core files. We recommend downloading SpyHunter to remove harmful programs for you. This may save you hours and ensure you don't harm your system by deleting the wrong files.
How to Get Rid of Pop Up Virus
The guidelines offered below will show you a possible way to remove this Adware app from your PC and browser so follow them carefully and if you aren’t sure about something, ask us in the comments and we will explain to you what needs to be done.
Before the actual removal steps, we suggest that you boot the PC into Safe Mode as this could help prevent the Adware from interrupting your uninstallation attempts. If you need guidance on how to access Safe Mode, you can find it right here.
The first step from the removal process is to go to the Processes tab of the Task Manager, to find the process behind the Adware, and to quit it. You can access the Task Manager though the Ctrl + Alt + Del or the Ctrl + Shift + Esc key combinations. Usually, the process of the Adware would have an unfamiliar name that doesn’t seem to be related to programs that are currently open on your computer. Another common red flag is if a given process is constantly using lots of RAM memory and CPU. We suggest that you look up the names of any processes you think are suspicious to find out if they aren’t essential OS processes because those could sometimes look questionable despite being legitimate and even needed for the normal performance of the computer.
If a given process seems like it can be coming from the Adware, right-click on that process, select the Open file location option, and scan each file located in that folder using the following free malware scanner:
If the scanner flags any of the files you scanned as potential threats, go back to the process, right-click on it again, and select End Process Tree. After that, delete the folder where its files are contained.
After this, search for system configuration from the Start Menu, open the System Configuration app, and look for suspicious entries in the Startup section. Disable anything you don’t recognize and/or that has “Unknown” listed as manufacturer by unchecking the checkbox in front of the item and clicking on Ok.
Type Unisntall a Program in the Start Menu, select the first icon from the results, and, in the window that opens, look for any programs that could be carrying the adware. Items that you don’t remember installing or don’t recognize, or ones that have been installed around the time you’ve started noticing the Pop-up Adware apps are most likely to be connected to the Adware problem. Uninstall any app that seems suspicious to you by selecting it and then clicking on the Uninstall option at the top of that window.
There will likely be a uninstallation wizard to guide you through the process so carefully follow its steps, making sure that everything gets uninstalled and nothing (not even personalized settings) are allowed to remain stored on your computer.
Next, you must copy this next line and paste it in the Start Menu and open the file that is found: notepad %windir%/system32/Drivers/etc/hosts. In the notepad file named Hosts that you open, check for any lines entered below Localhost. Different programs, including malicious and unwanted ones add IP addresses and rules to the Hosts file in order to operate so, if there are Adware entries there, you must delete them. We suggest that you copy anything written below Localhost and paste it in the comments below. We will take a look at the entries and if we tell you that the entries are probably from the Adware, delete them and press Ctrl + S in the Hosts file so that the change you’ve made to it is saved.
Type View Network Connections in the Start Menu and right-click on the icon of the network that you are currently using to connect to the Internet. Select the Properties option > Internet Protocol Version 4 (ICP/IP) > Properties and enable Obtain DNS server address automatically if that option isn’t checked. Then go to Advanced > the DNS tab and remove all items from the DNS server addresses list. Remember to click Ok on everything to save the changes while exiting the windows.
Open the system Registry (Start Menu > type regedit > select regedit.exe) and navigate to these three Registry directories:
- HKEY_CURRENT_USER/Software/*Folder with suspicious name*
- HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run/ *Folder with suspicious name*
- HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Main/*Folder with suspicious name*
Here, look for folders with long names comprised of random characters that look out of place among the other folders. If you see anything like this, select the suspicious folder and press the Del key to delete it. If you are unsure whether any given folder must be deleted, ask us in the comments.
You can also press Ctrl + F and type the name of the program you uninstalled in Step 2 and search for it. If any entries with its name are found in the Registry, delete them too.
Finally, go to the browser that has been affected by the adware and open its Extensions manager – for different browsers the Extensions manager can be opened differently but you will almost always have to click on the browser’s menu and select the Extensions option. On Chrome, you must first select More Tools and then click on Extensions.
Now look if you can find any suspicious browser extensions – ones that haven’t been installed by you, ones you don’t recognize, or extensions that have been installed just before the problem with the Pop-up Adware started should be prime suspects. Remove any extension that looks like it could be causing problems in the browser. If you cannot directly uninstall the extension or if it keeps getting reinstalled immediately after you remove it, first disable it and then quickly try to uninstall it again.
Next, from the browser’s main menu, select Settings and type Permissions. Select the Notifications option and see what sites are allowed to show notifications in your browser. Revoke the permissions of those of them that you do not trust or simply don’t want to be allowed to show pop-ups in the browser.
Finally, scroll back up and find the Sites can ask to send notifications setting and disable it if you don’t want sites to be able to send you permission requests to show notifications in your browser.