Answer Description
The two most common ways to inject pop-up windows into a web browsing session is by using a malicious application which will most likely be found by the anti-virus software, or by installing a plugin or extension to the browser that creates the pop-ups. Some free applications downloadable from the internet will install these plugins as a way to create ad revenue.
Wikipedia
A browser extension is a small software module for customizing a web browser Browsers typically allow a variety of extensions, including user interface modifications, ad blocking, and cookie managementBrowser plug-ins are a separate type of module The main difference is that extensions are usually just source code, but plug-ins are always executables (ie object code) As of 2020, plug-ins have been deprecated by most browsers, while extensions are widely used The most popular browser, Google Chrome, has thousands of extensions available but only one plug-in, the Adobe Flash Player, that is disabled by default
Browser_extension - Wikipedia, the free encyclopedia