What is Adware?

Gridinsoft Cyber Security

» Adware

Types
Activity
Examples
How Do You Get
Removing
Prevention
Frequently Asked Questions

September 22, 2024

Oh, why does this ad appear again and again? And there are even more of them! Blinking, with the absurd content and 100% fake offers, fill your browser so hard that you see it even on the home page. Which sort of curse does so?

Adware is a type of unwanted software designed to forcefully display advertisements. To achieve this, the program makes various alterations to your system, primarily targeting web browsers and networking settings.

Adware installs itself onto your PC, hoping you’ll – accidentally or not – click on an advert it displays. The main reason why adware exists is to make money (but not for you). Adware creators and distributing vendors make money from third parties via either:

Pay-per-click (PPC)	Adware developers get paid each time you open ads.
Pay-per-view (PPV)	They get paid each time ads are shown to you.
Pay-per-install (PPI)	They get paid each time bundled software is installed on a computer.

Adware can also track your search and browsing history to display ads that are more relevant to you. Once the adware developer has your location and browser history, they can make an additional profit by selling your information to third parties. Still, relevant and safe advertisements are not the main concern of adware masters.

Developers who manage adware make their money like any other advertisers. Two main differences between adware distributors and legit promoters are the people who order these ads and how those banners are paid. Usually, promoters are paid for each click on their advertisement. Meanwhile, fraudsters take contracts for pay-per-view ads. The price for each visitor is minimal, but when you show it forcibly to hundreds or even thousands victims, there is nothing complicated in making a lot of money.

Adware generates revenue for its creators by showing you targeted ads, which can slow down your device and affect your privacy.

The difference in a character is much easier to understand. Will the legit company advertise itself with illegal marketing tricks? Likely no. Hence, all ads adware forces you to see has malicious content to certain extent. Usually, those contents are links that redirect you to unknown and likely unwanted sites. In some cases, the downloading may start after clicking those ads. And only fraudsters know what the program is downloading. You may get a coin miner, another adware, a browser hijacker, the list goes on and on. Regardless of the exact type of malware, it is always an unwanted consequence.

Types of Adware

Adware comes in different forms. Here are some common types:

Ad-supported software. Some free software run ad-supported monetization model, when a totally legit program shows advertisements to sponsor further software development and support. In this case, ads are mostly safe, though may still be annoying.
Potentially Unwanted Programs (PUPs). An edgy example of the previous category, when this ad-supported software installs without user concent. Here, ads may sometimes come more dangerous, as the app itself is less trusted and legit.
Browser Hijackers. A specific type of unwanted apps that changes your web browser settings without you knowing. They might change your homepage or the search engine you use. All these changes are meant for - guess what - show you ads at any possible moment.
Stand-alone Adware. One of the oldest types of this malware, that has no visible windows or an app that contains it. Generates the most severe and outrageous ads, that are almost guaranteed to contain malicious links.

Adware Activity in 2024

Adware.Win32.Shopper.cl	bcc22ff82a7a18af0ff9cdfc97d89b38a51699abb8432d1b28d967ab02ec2301
Adware.Win32.InstallCore.vl!c	61c2c4a5d7c14f77ee88871ded4cc7f1e49dae3e4ef209504c66fedf4d22de42
Adware.Win32.Amonetize.dd!n	aa133af788a57f91449a01402067a28f744172154f3a5d3f8d0d47f350037ec8
Adware.Win64.InstallCore.vl!c	5760e7283ea31834aa16976fe052c156c26cc1c2459a043152c06ce2b8a4fd1e
Adware.Win32.Gen.bot	c771cbca7685a1250bc77e4944d6802f3e2cef5c2fa2845c3af3c5b32730c646
Adware.Win32.Agent.cl	507bb3c962c233257999cb65352cec684b7dd611f689eca43c8db4452c84f596
Adware.Win32.InstallCore.vl!c	0b8be7d62ba830a3a53686afb8af57d1b2301d76c8b06759bf4b148d1e2ab6cc
Adware.U.Downloader.cl	76247bb459807db76f1cdfdf0006387fe5e9d0b629d55d697562b0e274b885e0
Adware.Win32.Downloader.dd!c	75ba740fc658a31ebf081d368e4fade4584e89b9108cbe6cdd6ea2b44ccb0d6a
Adware.Win32.BundleInstaller.cl	564b8e327a13c948cea21587245b7b0005f786ea57f62bd602ef4ecec66171c6

Adware Examples

Gator (Claria Corporation): Software that tracked your online habits to show targeted advertisements.
CoolWebSearch: A browser hijacker that redirected searches and showed unwanted pop-up ads.
Fireball: An adware that took over browsers to generate fake clicks and boost ad revenue.
Eorezo: Displayed intrusive ads and was difficult to remove from infected computers.
DeskAd: Placed advertisements on the desktop and monitored user activity for marketing purposes.
DollarRevenue: Installed unwanted toolbars and generated constant pop-up ads.
WinAd: Slowed down systems by displaying excessive ads and consuming resources.
Conduit: A browser toolbar that changed settings and displayed unwanted ads.

Is Adware Legal?

Some types of adware are illegal in the U.S. Let's look more closely at state and federal laws.

State Laws

Many U.S. states have laws against spyware, which includes certain kinds of adware. For example, California's Consumer Protection Against Computer Spyware Act says that a person or business cannot knowingly install software on someone's computer without permission. That in fact covers all the unwanted programs, with ad-supported ones among them.

Federal Laws

Under federal law, causing damage to 10 or more computers within a year, resulting in losses of $5,000 or more, is a felony. Adware can cause such damage as the result of showing adverts with malicious content, specifically when the user have clicked one and installed malicious or otherwise destructive program.

How Do You Get Adware

Adware is one of the most widespread types of malware. You can get it in about a dozen ways - from installing a free app from the Web to clicking banners on some dodgy sites. You may discover that your system is infected even after using some P2P applications, like uTorrent. Every day, fraudsters discover more unobvious ways to get into your computer. And there is no reason for you to feel guilty - almost everyone sometimes needs to use questionable programs. And adware is not so dangerous if you remove it in time.

How Dangerous Is It?

Adware is not very dangerous itself. It makes only minor changes to the system to facilitate its activity. However, if you remove it inappropriately and will not fix those changes, you will likely spectate various bugs in your web browser. Some problems may also appear in various apps with web-interface because of the modified networking settings.

Among the main changes it does are modifications to HOSTS file. It plays a role in controlling networking in Windows. Situated in the system partition, it contains information about the DNS servers necessary for connecting to the desired server. Typically, pages utilized by adware to showcase ads are internally protected to prevent them from being blocked by web browsers. When adware manipulates your HOSTS, the PC connects to a specific DNS address on the adware server, avoiding any blockages for connections.

Browser settings may undergo changes for various reasons. Viruses can modify your homepage to accommodate multiple advertisements. Another possible alteration is the restriction of your settings window, particularly prevalent when adware is distributed as a browser plugin. This tactic hinders a straightforward browser reset, which is often an effective method for eliminating unwanted behavior.

Many more problems may be addressed by adware advertisements. No legit companies will agree to an advertising contract with adware distributors, as you read. Hence, each ad can contain something malicious, and you never know which one and how dangerous this “something” is. Potentially unwanted programs, together with browser hijackers, will not make your files encrypted, like ransomware, for example. Still, it will bring chaos to your PC. Meanwhile, the Coin Miner Malware activity will make your system impossible to use and may even lead to hardware failures.

Symptoms of Adware

Since the essence of adware is to throw advertisement banners at you, your device's infection with the disputed pest will not pass unnoticed. Such a penetration into your system would be the black advertisers' complete failure if you didn't notice the adware's presence at all. Here we list the recognizable signs of your device having adware and requiring a quick remedy.

Changed homepage. One of the first signs that something is wrong is that your web browser's homepage changes without any notification. Moreover, the page set instead is some suspiciously-looking advertising site you've never seen before. Most likely, your attempts to bring your previous homepage will fail.
Changed search engine. Your browser's settings allow you to choose a default search engine. The browser will use it when you input your query into the address bar. Adware is often responsible for automatic and unauthorized changes to your browser's default search engine and alteration of search results (by advertising insertion, of course).
The unusual look of your web browser. Adware often comes as an add-on for your browser, a browser hijacker, or in the form of a rogue browser - a completely different program automatically assigned as your default browser. So, the emergence of a browser toolbar, let alone another browser you don't remember to install, is the clearest sign of adware infection.
Banners and pop-up windows. Advertisement banners thrown at you from the screen are the most common adware payload. The ads differ in the level of annoyance. Some appear to the left and right on the viewed webpage, which only decreases your device's performance, while others can flagrantly obstruct the visibility of the webpage you are trying to view. Besides, some ads are tied to your browser and only appear within it, while some kinds of adware can generate pop-up windows with links to the advertising pages without the browser even running.
Hypertext links where they're not supposed to be. This adware technique is one of the trickiest and, therefore - the most dangerous. Should it be accompanied by a standard banner shower, the victim will detect the infection before the grave consequences. But if the adware-generated hypertext links appear alone, it is hard to tell them from the links inherent to websites.
Decrease in device performance. It includes a CPU running speed decrease and a slower Internet connection speed. Adware-inflicted deceleration may range from minor freezings to program crashes. The worse the overall performance of your device is, the higher the probability of adware being fitted with or working alongside spyware or other covert malware.

How to Remove Adware

Even if you're careful, you might still download adware by accident. Here's how to remove it from your device.

Safari (iOS and macOS)

Safari is the default browser on iPhones, iPads, and Macs. To get rid of adware in Safari:

1. Update your device to the latest version of macOS.
2. After the update, restart your device. The built-in tool should remove the adware.
3. Check your Applications folder for any apps you don't recognize. If you find any, uninstall them.
4. In Safari, go to the Extensions tab and look for any unfamiliar browser extensions. If you find any, turn them off.
5. Try to contact Apple call 1-800-275-2273.

Chrome (Android)

Chrome is Google's browser and can be used on Android devices. To remove problematic apps from Chrome on your Android:

1. Press and hold the power button to turn off your device. This will start it in safe mode.
2. Open the Google Play Store app.
3. Tap the menu icon.
4. Select "My Apps & Games".
5. Find any recently downloaded apps and tap "Uninstall".
6. Restart your Android device.
7. Check if the adware is gone.
8. Repeat these steps if needed.

To protect your Android from bad apps:

1. Open the Google Play Store.
2. Tap the menu icon.
3. Select "Play Protect".
4. Turn on "Scan device for security threats".
5. Consider downloading an anti-malware app from a trusted provider.

To stop notifications from certain websites:

1. Open Chrome.
2. Go to a web page.
3. Tap the three dots (More) in the upper right corner.
4. Select "Site Settings".
5. Tap "Permissions".
6. Tap "Notifications".
7. Turn notifications off.

Chrome (Windows)

To remove adware from Chrome on your Windows computer:

1. Open Chrome.
2. Click the three dots (More) and select "Settings".
3. Scroll down and click "Advanced".
4. Under "Reset and clean up", click "Clean up computer".
5. Click "Find".
6. If prompted to remove unwanted software, click "Remove".
7. Restart your computer.
8. Go back to "Settings", then "Advanced", then "Reset and clean up".
9. Click "Reset settings".

Chrome (macOS, Chromebook, Linux)

To clean up Chrome adware on your Mac, Chromebook, or Linux device:

1. Open a Finder window.
2. Go to the Applications folder.
3. Look for any programs you don't recognize.
4. If you find any, right-click and move them to the Trash.
5. Empty your Trash.
6. Open Chrome.
7. Click the three dots (More) and select "Settings".
8. Scroll down and click "Advanced".
9. Under "Reset and clean up", click "Restore settings to their original defaults".
10. Click "Reset settings".

Chrome (iOS)

On iPhones and iPads, you might not need antivirus software, but if pop-ups are bothering you, here's how to block them:

1. Open Chrome.
2. Tap the three dots (More).
3. Select "Settings".
4. Tap "Content Settings".
5. Tap "Block Pop-ups".
6. Turn on "Block Pop-ups".

Mozilla Firefox (All Devices)

To remove adware from Firefox, you can reset it or remove the malicious toolbar.

To reset Firefox to factory defaults:

1. Click the menu button (three lines) in Firefox.
2. Click the question mark icon at the bottom.
3. Select "Troubleshooting Information".
4. Click "Refresh Firefox".

To remove the malicious toolbar:

1. Click the menu button.
2. Select "Add-ons".
3. Click "Extensions".
4. Find the toolbar you want to remove and click "Remove".
5. Click "Restart now" if prompted.

How to Avoid Adware

Not all adware is malware. Some of it is packaged with legitimate software, and many new computers come with various adware installed. If you get a new PC, you can check the list of installed programs in the settings to see if any unwanted software accompanies the computer.

If your PC is new, another strategy is to reset it to a fresh installation of Windows. By resetting the computer to factory conditions, it can remove all third-party apps, including any installed adware.

If you acquire adware on an existing computer, you can manually uninstall it using "Add or Remove Programs" in "Settings", but only if you can definitively identify which program on your PC is the cause of the spyware. If you can't, then you might want to install our anti-malware. This antivirus tool is adept at identifying and removing adware & spyware.

The best approach, of course, is prevention — avoiding getting infected with spyware, to begin with. So here are some easy steps you can take to avoid getting spyware on your PC:

Keep your computer updated with the latest Windows updates.
Use anti-malware software. You should be sure your computer is protected by anti-malware or antivirus software, even if that's just the security tool built into Windows 10 or 11. Our anti-malware software will be more effective at ferreting out adware, though.
Never click anything you don't fully trust. That includes both links and file attachments in the email. That's also true about links and file downloads on websites of questionable quality.
Avoid installing free software from questionable sources. You can find many free utilities online that generate revenue using telemetrics, which is sometimes disclosed on the web page or in the license agreement when you install it.

Read also:

Protect yourself against adware with Gridinsoft, the best Adware Remover available. Regain control of your privacy with a adware scanner, detector, and remover that's ultra-fast and refreshingly lightweight — and 100% effective.

Download Adware Remover

References

Frequently Asked Questions

Is adware always tied to your web browser?

Actually, no! Modern adware most often is, but there is a type of malware, initially called 'adware,' that has no binding to browsers or any other visible applications. It shows as a process in Task Manager, initiated by some hard-to-detect executable, but you will not see it in the list of running apps. The effects of such a program, running in the background, are common for adware: pop-up windows, panels, banners, etc. Moreover, other programs, besides browsers, can be classified as adware regardless of whether they are malicious.

Is adware strictly speaking malware?

Definitely, there are programs called adware, but they have nothing to do with malware. These are countless benign applications that are adware in terms of their payback method: these programs are free, but they render ads for developers to profit. That is legit. As for the overtly unwanted adware, experts disagree regarding its classification. Some specialists call such adware PUA, Potentially Unwanted Applications, explaining that if a program does not do open harm (financial, informational, reputational, etc.), it cannot be called malware. Their opponents note adware behaves malevolently, neglecting users' convenience and wishes. 'Harm' is a term with a broad concept scope.

How to remove adware without an antivirus? Is it safe?

You can remove the adware yourself in many cases. To do it, go to Windows' Programs and Features (you can type this section name right into the search bar,) choose the adware program from the list, and press Uninstall. If you are dealing with a browser plug-in, you can remove it from your browser's settings. The path varies throughout browsers, but it is roughly such: Main Menu -Settings - Extensions. Select the troublesome extension and press Remove. However, the pest often takes self-preservation measures. It can freeze the browser as you open its settings so that you don't delete an annoying extension easily. Moreover, if adware comes as a stand-alone program, it may not always be clear about its title. So you have to be sure which program exactly you wish to delete. Finally, you might run onto sneaky adware. In such a case, you will need to detect a foreign process, remove an executable file responsible for it, and you will also have to check for an automatic downloader that might still be present on your machine. The latter will download the adware again, no matter how many times you wipe it out. For such cases, an antivirus program is the best solution. As for the safety of such procedures, the only harm you can do is accidentally remove a benign program. Also, some downloaded applications may cease working after you delete their adware component.

Can there be adware undetectable to antiviruses?

Theoretically, it is possible. No antivirus can recognize every single malicious program. Security software only detects objects included in its algorithms - and nothing more. Solutions featuring neural networks and heuristic engines are not an exclusion, for they also work following certain settings. And if hackers detour those settings, they can potentially create undetectable malware. It can be adware, ransomware, or whatever. The good news is that it is unlikely that someone would get busy creating such an elusive example of adware. The existing adware is constantly installed and removed by thousands of users, and the agencies that spread it still get their reward.

My browser is infected with adware, but I cannot access its settings! What should I do?

GridinSoft Anti-Malware has a Reset Browser Settings function for such cases. To perform it, click the Tools menu tab and select the Reset Browser Settings option. Choose browsers you want to reset and items that need to be back to default mode. Click Reset. That's all! You might want to reinstall the good browser extensions, but at least you won't suffer from an unwanted program.

Adware: Definition & Examples in 2024