This page aims to show you how remove pop up “virus” ads also known as Adware. The removal of Ads from Chrome, Firefox and Internet Explorer works for all versions and iterations of Windows (including removal of ads from Mac/OS X).
In addition to the regular adware there is what is called pop-under alternate adware. The pop-under adware opens a new window under the currently active browser windows. Unlike pop-ups, the pop-under will not immediately disrupt and alert the user of its existence, but only when the “covering” windows get closed down. This is an especially tricky practice as it makes it that much harder to determine the exact website that caused the pop-under adware to appear.
The whole reasoning behind the development of pop-under adware is that as the pop-ups ads became something more and more common many users developed the useful habit to close down the pop-ups as soon as they begin to appear, thus avoiding even a look at them. The pop-unders are believed to be less intrusive and thus make for better overall advertising results than the pop-ups according to some behavioral studies.
Security experts classify Adware threats as the least dangerous (because they rarely harm your computer directly), but they don’t take into consideration the negative experience for the user. You will get constantly harassed by the Ads and the Ads can also be harmful if clicked on. For these reasons it’s highly recommended that you find the application responsible remove the pop-up ads immediately from your system. Adware like Weknow.ac is not to be confused for a computer virus, but it is still a type of unwanted software you need to clean from your system – the sooner the better.
Online Advertisements are something we already expect to find on most web pages, yet sometimes their numbers can get excessive. If you constantly have to plow through several different pop-up ads to get to the web page underneath and that happens on almost every page you visit, then it’s likely that your computer has been infected with some kind of Adware or PUP (Potentially Unwanted Program). Regardless of what exactly has infected your computer, you’ll likely also experience general slowdown and/or instability. Your CPU has to effectively download and render the information for the Ads in addition to whatever content needs to be displayed for the page itself. This process can be excruciatingly slow on older computers or if the Ads have any animation or sounds attached to them.
How did you find yourself looking to remove the Ads?
If you are wondering how your PC came in contact with these Ads – there are several ways in which you might have been infected. One of the oldest and still going strong tricks is the e-mail attachments. Be careful not to open/download any attachments from e-mails with senders you don’t recognize. Be extra careful for “Phishing Scams” attempts, e-mails that look like the real thing but are in fact malicious. Another form of Ads spread out is through compromised executables downloaded from file sharing websites or torrents. Be very careful and, if possible, scan the downloaded files first, before commencing any installation process. By far the most likely way though is through an infected executable file location in a “software bundle”. Most commonly these are installers for some kind of program, most often free, that have several other programs bundled inside of them. Most people use the Default installation option, which is a bad idea, because it will install all the extra programs bundled in the installer. A much better alternative is to always select Advanced, because you’ll get detailed information about what exactly is about to get installed. Remove the ticks from any additional programs and you’ll greatly decrease the chance of obtaining Adware viruses.
How to discern normal Ads from Adware generated pop-up ads
There are a couple of signs to look after. Here is a short list of the most easily recognizable ones.
- Adware generated Ads are much more aggressive then normal Ads and will follow you on most pages you visit (forget what I said – they will follow you on ALL pages until you get rid of the pop-up ads .
- pop-up ads often cover the screen and make your browser unusable by simply cluttering your screen. You will have click on them to close them, which can in turn open new pages and tabs.
- Some words are highlighted and transformed into hyperlinks and an Ad is displayed if the word is hovered over. This effect survives between multiple pages.
- New tabs and pages are automatically opened without your permission and link to sites you are unfamiliar with.
- Ads offer free software or crazy discounts, which you can never see in a normal shop.
Why are Ads like these being created?
If you have ever wondered why would anyone bother creating such an annoying software, then you probably already know the answer without realizing it – for profit on the expense of your time and nerves. Many of these pop-up ads generating programs are actually affiliated with the websites they advertise for. Whenever one of the Ads displayed by them is clicked on they get a small sum as a royalty. If any purchase is made the amount of money earned is increased. There are two major implications to this
- These pop-up ads will get displayed on your screen regardless of whether you want them or not and the only way to stop the process is to remove the underlying cause.
- Shady and less known companies are much more likely to advertise in such a way compared to well-known reputable software developers.
This bears the question why is this preferred as a form of advertising in the first place? The truth is for all concerns and purposes this is cheaper than a more traditional and above board form of online advertising like using Google Ads for example. If an owner of such a company or website decides quick traffic is exactly what he needs than it is not that hard to imagine him contacting creators of Adware software and commissioning the creation of Software specifically designed to redirect traffic in the form of unsuspecting users to his website. You might wonder how is the creation of such Software a cheaper form of Advertising? Well for starters by all accounts it’s not very hard for Adware to be created, in fact only small changes to the program code are required for each new “client”. This allows for quick results, although it is undoubtedly a pretty shady practice.
The sad reality is nothing useful ever comes out of these pop-up ads
Ads created by Adware applications and PUPs are well known to link towards other infected software. Useless bloatware applications are also often distributed this way. These programs usually pretend to be error fixing and optimization software, but they don’t actually do anything. They’ll entice you into downloading them for free, but when you try to use them for anything you’ll find you need the full/pro PAID version. In the meantime you will be bombarded with different kind of error reports about non-existent or over-exaggerated problems prodding you to pay for the useless software. People that actually pay the scammers will get a confirmation message that everything was fixed, but no actual threat is removed or fixed. Instead the fake error generating code is merely suppressed until the subscription for the program wears off. Another variant of this scam is when an online scan program detected viruses in your computer and you are offered to download it so it can clean them. Please remember that no online program can ever scan your computer unless you give it permission to do so!
There are several other such schemes used to install malicious software via the help of the pop-up ads . They include
- Fake prompts to do system or program updates.
- Claims that you need to install a certain video codec, media player or missing plug-in before you can watch videos online.
- Messages about missing .DLL files. (Downloading a .dll file from the Internet is almost always a BAD idea!)
Finally please remember that in order to display these Ads into your browser the Adware/PUP has attached itself to your Chrome, Firefox or IE browser as an add-on. This gives it an almost unlimited ability to display stuff on your screen. Any system message that is closed when you close the browser is likely the product of the Ads and is entirely fake!
|Name||The pop up ads usually have some sort of name – look for it at the edges of the ads, or within your browser extensions.|
|Danger Level||Medium (Often the Ads will advertise non-existent or low quality goods, including software without any real functionality)|
|Symptoms||Computer responsiveness is reduced and delay for all actions increased, Ads create unwanted sounds and clutter the screen.|
|Distribution Method||Software bundles, mail bombs, other online Ads, fake programs obtained from torrents or other unsafe locations.|
Some threats reinstall themselves if you don't delete their core files. We recommend downloading SpyHunter to remove harmful programs for you. This may save you hours and ensure you don't harm your system by deleting the wrong files.
How to Remove Pop Up Ads Virus
If you are a Windows user, continue with the guide below.
If you are a Mac user, please use our How to remove Ads on Mac guide.
If you are an Android user, please use our Android Malware Removal guide.
If you have an iPhone virus, please use our iPhone Virus Removal guide.
Some of the steps will likely require you to exit the page. Bookmark it for later reference.
Reboot in Safe Mode (use this guide if you don’t know how to do it).
WARNING! READ CAREFULLY BEFORE PROCEEDING!
Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab (the “Details” Tab on Win 8 and 10). Try to determine which processes are dangerous.
Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:
After you open their folder, end the processes that are infected, then delete their folders.
Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections.
Hold together the Start Key and R. Type appwiz.cpl –> OK.
You are now in the Control Panel. Look for suspicious entries. Uninstall it/them.
Type msconfig in the search field and hit enter. A window will pop-up:
Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.
Hold the Start Key and R – copy + paste the following and click OK:
A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:
If there are suspicious IPs below “Localhost” – write to us in the comments.
Open the start menu and search for Network Connections (On Windows 10 you just write it after clicking the Windows button), press enter.
- Right-click on the Network Adapter you are using —> Properties —> Internet Protocol Version 4 (ICP/IP), click Properties.
- The DNS line should be set to Obtain DNS server automatically. If it is not, set it yourself.
- Click on Advanced —> the DNS tab. Remove everything here (if there is something) —> OK.
- After you complete this step, the threat will be gone from your browsers. Finish the next step as well or it may reappear on a system reboot.
Right click on the browser’s shortcut —> Properties.
NOTE: We are showing Google Chrome, but you can do this for Firefox and IE (or Edge).
Properties —–> Shortcut. In Target, remove everything after .exe.
Remove Pop Up Ads from Internet Explorer:
Open IE, click —–> Manage Add-ons.
Find the threat —> Disable. Go to —–> Internet Options —> change the URL to whatever you use (if hijacked) —> Apply.
Remove Pop Up Ads from Firefox:
Open Firefox, click ——-> Add-ons —-> Extensions.
Remove Pop Up Ads from Chrome:
Close Chrome. Navigate to:
C:/Users/!!!!USER NAME!!!!/AppData/Local/Google/Chrome/User Data. There is a Folder called “Default” inside:
Rename it to Backup Default. Restart Chrome.
Type Regedit in the windows search field and press Enter.
Inside, press CTRL and F together and type the threat’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:
- HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random
If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!