Any suggestions, recommendations or ideas found on this site are applied at your own risk.  This page contains our opinions based on years of cleaning up computers and assisting customers with various problems... 

If you are getting redirected, i.e., want to go to one website but end up at another site, or you suddenly have all kinds of ads popping up, or get a lot of page not found (404) errors, or have any other strange/unexpected issues with the Internet, get your computer checked!

Junkware?  Hijacked?  Getting Calls?  "Support" number on the screen?

First things first - some quick reminders: 

• Sorry, but you are not important enough to get a phone call from Microsoft, Symantec (Norton), McAfee, Adobe or any legitimate company.

  The scam:  A "support" person will walk you through various commands and "shows you" problems like Event log errors, odd file names, "foreign IP connections" .  Don't fall for it and don't allow control - just hang up!   

  • See our How did you get there article for more information on these scams.

  • Also see: 'Your PC may be infected!' Inside the shady world of antivirus telemarketing.  PC World article.

• While browsing the Internet, if you see any warnings that your computer is infected, your hard drive is about to fail, someone has taken control, Java, Adobe, Google or most anything else needs updating, it is a scam.  Examples!  See also this PC World article

• While browsing the Internet, suddenly a dire warning appears, taking over the entire screen.  It's a scam.  Shut off the computer, restart and do a full scan with your antivirus. 

  • Note: To shut off, you must hold the power button for about 10 seconds.  Simply touching the power button puts the computer in hibernation and it awakes in the same state and condition.

• Never download an app that promises better security or improved performance.

• You never need to install or use a third-party driver update application.  And if one is already installed, uninstall it.  See our March '18 newsletter

When cleaning up machines, you may find the Internet browser home page and/or search results are changed (hijacked), often without permission and sometimes via deceptive means.  Typically occurring when you install a toolbar or other Internet junkware.  My Web Search, Conduit, Babylon and Start Now are just a few of the more popular home page hijackers we have seen. 

Some of the scams offering to "clean your PC", also install a variety of junk including online "vaults", tab hijackers, hot spot advertising and a whole host of undesirable applications.  The end result is the computer runs worse, you have unexplainable pop-ups, your home page and/or default search method changed, and sometimes much, much worse...

• First thing you must do is scan the computer for a root kit virus - see our Infected article.
• Next, be sure your antivirus has not expired, it is up to date and operating correctly?  Do a full scan with it.
• After you think you have uninstalled all the junk (below), check near the bottom for additional cleanup ideas including inspecting your scheduled tasks!

If issues remain after cleaning up, these articles may help: DNS settings in our November 16 newsletter, DNS Issues, Internet searches, Internet Explorer processes, downloading stuff.

An important note about antivirus applications:  Running more than one can cause problems.  It certainly causes a slow computer, but also, when installing an AV application with one already installed (expired or not), the new AV may not become fully functional, e.g., may not turn on a firewall because the other AV application's firewall is on.  So with all that out of the way...

What is junk?

A LOT! It is worthwhile looking at things installed on your computer via Apps and Features (Programs and Features) as some crapware installs without you knowledge! 

• Almost any application claiming to speed up the computer, performance booster, etc...
• Coupon finders or printers
• Any File Type, File Open, File Association programs
• Many PDF "readers" other than the actual Adobe Reader (unless you know for sure they are ok)
• Any "registry repair" applications
• ALL toolbars, yes even Yahoo, Google and Bing

Here's a list of known junkware/crapware.

Also check

• Services:

  • There may be "services" running that are not uninstallable.  Some simply reinstall what you just removed.  Some make it impossible to uninstall.

• Scheduled Tasks  Very important to look here for more cleanup items.

  • Some of the above junk probably has installed tasks that run on a regular basis and may not have been removed during uninstall.  See also Microsoft's Autoruns!

  • Task Scheduler corrupt?  See this article.

• Microsoft Security Scanner

  • Run directly.   Full scan takes two + hours, but highly recommended!

Other things you can do

• Variety of tools found here

• BleepingComputer

  • A great site with a lot of tools for cleaning up and tweaking your computer

• Emsisoft tool

• Malwarebytes.org (note that's .ORG and not .com)

  • If you think there may be unwanted/unneeded software slowing things down. 

• See also MSConfig  and  more in PCMag's article on removing bloatware

Registry settings (popup "ads by ...")

We've repaired computers with problems also having an ad similar to this ---> But unlike those of the past, this one was not uninstallable, i.e., there was no application listed in Programs and Features.  None of the scanners would find a problem, so it was very frustrating to figure out how it even existed.  This crapware used a combination of registry hijacks mostly through proxy server settings but there were other issues.  Probably a good candidate to format and reinstall Windows fresh but we were on a mission and finally able to resolve it.  Briefly, here's how...

First: If you do not know what you're doing in the registry, DON'T GO THERE!

In regedit, find (F3) all occurrences of proxyenable - change the value from 1 to 0.  Just below those you will also find proxyserver with a value of 127.0.0.1:5050 or something along those lines, simply delete the entire key (on the right side).

Look in services, stop and disable "Proxy" service.

Delete any host files with a recent date from the c:\windows\system32\drivers\etc folder.

Use Autoruns and look for (and delete) new drivers, unknown startup items, etc. but be careful in there!

So with all that, we thought everything was ok, but that was not the case.  When we switched from network via local network connection to WIFI, a new problem occurred where the Internet would open to a page indicating "the server is under OpenX control" (something along those lines), even thought the address bar was google.com. 

So a little more digging we found the Wireless adapter drivers had very recent dates.  Connecting back to the local connection instead of wireless, we updated the wireless driver (from the device manager) which seemed to resolve that problem.

Remove or disable Add-ins/Extensions

See Browser add-ins

Hijacked Search engine? (Ask and others)

See our Address vs. Search article.