CONTENT
- 1 What you need to check and change manually to remove viral ads in the browser
- 2 Using programs and plugins to remove annoying viral ads
What you need to check and change manually to remove viral ads in the browser
You can control the state of the browser not only from the browser itself. There are a lot of places in Windows from which you have access to the settings and settings of all browsers.
Task Scheduler and Suspicious Programs
Probably, many have faced such a problem: the browser unexpectedly, during operation or by itself, starts immediately with an advertisement page. And Windows has a very useful but vulnerable tool - the task scheduler. Actually, it is used by many programs in the system to launch updates, monitor actions, and more. Virus programs can use the scheduler to launch their own advertising pages on the Internet. We need to go into it and see what's going on there. This can be done from the "Start" menu by typing "Task Scheduler" in the search bar or by calling the "Run" command using the Win + R combination and entering the Taskschd.msc spell. The scheduler window will open. In the main window, you can find out about the current tasks. However, there is little information here, so it's better to go to the library.
In the library, you can already find more information - which file and what should be executed. By clicking on the element, you need to go to the "Actions" tab, in which we can find the path to the file. The first thing that should raise suspicion is the location of the file in an unusual place, for example, a temporary folder or an awkward name.
You have to go through each element and check it out. If you encounter an unfamiliar name that is not related to the system or is located in a place not intended for the system, the dubious object should first be disabled. If the system or other programs continue to work stably, then this scheduled task was not so necessary.
Startup and Registry
When the Windows operating system starts, programs can be automatically loaded from several different locations. Including from the folder "Startup" or from special branches of the registry. You need to look here right after the planner. Launching here is possible only at system startup, that is, if the browser suddenly started loading along with Windows, immediately opening a frankly "left" site, then this launch is registered either in the registry or in startup.
First, about autoloading. The standard Windows utility msconfig can help you find out what is loaded at system startup. You can invoke it using the Run tool by simply typing msconfig.
Now you need to look at all the suspicious items. If the list contains a regular browser download, with a page on the Internet added using the command, then you need to disable this item, since the browser should not be loaded with Windows. An exception may be update services, which are usually marked with the word Update.
With the registry, things are a little more complicated. First, we need to call the registry editor, which contains branches that contain all the system settings, including autoloading. To enter the registry editor, you need to type regedit in the "Run" command line.
A window will open with several key branches and subsections. There are two important sections in the registry from which loading can occur:
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run.
The first section contains programs that start when the current user logs on to the system, and the second - in general, when the system starts. Both branches need to be checked for suspicious launch commands. Since we are interested in advertising in a browser, then, most likely, there will be a launch of one of the system's browsers, indicating the start page.
Registry browser autoloading is unusual anyway, and in most cases this key can be safely removed.
Reset browser settings to default values
The start page with displaying ads can be forced to register in the browser settings. It so happens that it is not possible to return the default page back. You can simply reset all settings to their default settings. This will delete the entire cache, form data, passwords, and many other data, depending on the browser. Let's look at ways to implement this approach in different browsers.
Google Chrome and Yandex Browser
Browsers have one engine, and they are similar in structure. In Chrome, you need to go to the settings, enable the "Advanced" option and scroll to the very bottom. Here the item "Restore default settings" will be waiting for us.
Yandex. In the browser, the path is slightly different: "Settings", then "System", at the very bottom of the page to the item "Reset all settings".
Opera and Mozilla Firefox
In the Opera browser, as such, there is no reset functionality. You can either clear your browsing history or manually delete the program's configuration files. Delete history is located in the "Security" menu in the "Privacy" section of the browser settings. Installed extensions will have to be removed manually. In order to completely delete the cache and profile, you need to find the path to them. This can be found in the "About" item in the main browser menu. There we are interested in the "Profile" and "Cash" paths. We look for them on the hard drive and clear the folders.
In Firefox, the full browser cleanup option is in a rather unusual place, in the Help, which can be accessed from the main menu. In the list, select "Information for solving problems". An information window will open with a Refresh Firefox button on the right side. The procedure itself is simple, but finding this item without knowing where it is is quite difficult.
Microsoft Explorer and Edge
According to statistics, a very large number of users still work with the Internet Explorer browser. It is very easy to reset it. You need to go to the "Service" menu, then, to the "Advanced" tab and press the "Reset" button.
The browser will ask you to confirm the procedure. That's it, the settings have been reset. Interestingly, Edge, which has become the successor to Explorer, lacks this functionality. It has been replaced with a cleanup tool that lets you choose exactly what to remove. In the "Clear browser data" section, in the options menu, you need to click the "Select what you want to clear" button.
Hosts file
The Hosts file is available in any operating system and contains a database of domain names that are used to translate network addresses. Since this file has the highest priority, it can be used to spoof a domain name. For example, a user enters mail.ru in the browser line, and it is transferred to a site with advertising. On Windows, the file is located at Windows \ system32 \ drivers \ etc \ hosts. By default, the file should not contain anything other than comments marked with a "#" symbol. If you need to restore the file, you can edit it manually. The default state can be copied from the official Microsoft support site and simply pasted into the file: https://support.microsoft.com/ru-ru/help/972034/how-to-reset-the-hosts-file-back-to-the-default. Actually, here is also the instruction for different versions of Windows.
Using programs and plugins to remove annoying viral ads
Eliminate the consequences of infection will help software solutions that are released by the developers of popular antivirus software. For example, Dr. Web CureIt. Or use the Malwarebytes program, which removes the consequences of a wide variety of computer infections. In fact, all the methods described in the article are simply automated by similar programs.
If you just need to get rid of the symptoms, that is, hide ads, then you can use browser extensions, of which several dozen have already been written. The most famous are considered AdBlock and AdBlock Plus. Although they do not physically remove the effects of a viral infection, ads will still stop being displayed. The solution is so-so, but in exceptional cases it can help out.