Bergesch Computer Services, Inc.
320-274-6100
Ad free site!
See About Us.

Junkware?  Hijacked?

Any suggestions, recommendations or ideas found on this site are applied at your own risk.  This page contains our opinions based on years of cleaning up computers and assisting customers with various problems... 

If you are getting redirected, i.e., want to go to one website but end up at another site, or you suddenly have all kinds of ads popping up, or get a lot of page not found (404) errors or have any other strange issues with the Internet, get your computer checked!

Sections below:

First some quick reminders: 

When cleaning up machines, you may find the Internet browser home page and/or search results are changed (hijacked), often without permission and sometimes via deceptive means.  Typically occurring when you install a toolbar or other Internet junkware.  My Web Search, Conduit, Babylon and Start Now are just a few of the more popular home page hijackers we see. 

Some of the scams offering to "clean your PC", also install a variety of junk including online "vaults", tab hijackers, hot spot advertising and a whole host of undesirable applications.  The end result is the computer runs worse, you have unexplainable pop-ups, your home page and/or default search method changed, and sometimes much, much worse...

If issues remain after cleaning up, these articles may help: DNS settings in our November 16 newsletter, DNS Issues, Internet searches, Internet Explorer processes, downloading stuff.

An important note about antivirus applications:  Running more than one can cause problems.  It certainly causes a slow computer, but also, when installing an AV application with one already installed (expired or not), the new AV may not become fully functional, e.g., may not turn on a firewall because the other AV application's firewall is on.  So with all that out of the way...

Uninstall junk

Go into the Control Panels' Programs and Features (Add/Remove Programs older Windows) and uninstall all the known junk listed below...

If you are running Windows 7 or later, you can sort the list of installed applications by date installed.  That makes it very easy to pick out the recent junk...

Click the view button (red arrow) and change the view to Details

Then click the Installed on heading to sort the list.

Look through everything installed on the computer, regardless of the install date.  If you are unsure, search the Internet for the item of interest - if it seems unnecessary, unneeded or undesirable, uninstall it! 

Also important:  Home page, search providers, scheduled tasks, add-ons and others discussed near the bottom of this article.

What is junk?

In our opinion remove all of items listed below.  Watch for variations in the names, e.g., the "Advanced" junkware has at least three names we know of...

See also

Other things you can do

Registry settings (popup "ads by ...")

We repaired a computer with problems also having an ad similar to this --->
But unlike those of the past, this one was not uninstallable, i.e., there was no application listed in Programs and Features.  None of the scanners would find a problem, so it was very frustrating to figure out how it even existed. 

This crapware used a combination of registry hijacks mostly through proxy server settings but there were other issues. 

Probably a good candidate to format and reinstall Windows fresh but we were on a mission and finally able to resolve it.  Briefly, here's how...

First: If you do not know what you're doing in the registry, DON'T GO THERE!

In regedit, find (F3) all occurrences of proxyenable - change the value from 1 to 0.  Just below those you will also find proxyserver with a value of 127.0.0.1:5050 or something along those lines, simply delete the entire key (on the right side).

Look in services, stop and disable "Proxy" service.

Delete any host files with a recent date from the c:\windows\system32\drivers\etc folder.

Use Autoruns and look for (and delete) new drivers, unknown startup items, etc. but be careful in there!

So with all that, we thought everything was ok, but that was not the case.  When we switched from network via local network connection to WIFI, a new problem occurred where the Internet would open to a page indicating "the server is under OpenX control" (something along those lines), even thought the address bar was google.com. 

So a little more digging we found the Wireless adapter drivers had very recent dates.  Connecting back to the local connection instead of wireless, we updated the wireless driver (from the device manager) which seemed to resolve that problem.

Reset your home page

Go to whatever site/page you want as your home page then...

Edge

See our March 17 newsletter

Internet Explorer

  Tools menu is the little gear up right corner or press the Alt key once to make the menu appear.

Tools menu > Internet Options and right there you will see a "use current" button.  Click it.  If there are multiple lines (multiple home pages), you can delete the others if desired...

Chrome

  Customize and Control is the three horizontal line icon upper right.

Customize and Control > Settings  - there you will see an On Startup group.  Select Open a specific page then click the Set Pages link.  That opens a small window where you can click Use current to assign the page you are on.  If there are multiple home pages and you want to remove one or more, click that listing and on the right you will see a small "x" to delete it from the list.

Firefox

Top left you will see a small down arrow next to Firefox .  
Click that then Options.  Right there you will see a use current button.

Remove or disable Add-ons

See Browser add-ons

Change the Search providers

Internet Explorer

Internet Explorer:  Tools menu > Internet Options > Programs Tab > Manage Add-ons button.  Select Search providers.

In the list (we have only Google), select the undesirable search engines then lower right (not shown) click the remove button...

 

still in process