Bergesch Computer Services, Inc.
Ad free site!
See About Us.

Junkware?  Hijacked?

Any suggestions, recommendations or ideas found on this site are applied at your own risk.  This page contains our opinions based on years of cleaning up computers and assisting customers with various problems... 

If you are getting redirected, i.e., want to go to one website but end up at another site, or you suddenly have all kinds of ads popping up, or get a lot of page not found (404) errors or have any other strange issues with the Internet, get your computer checked!

Sections below:

First some quick reminders: 

When cleaning up machines, you may find the Internet browser home page and/or search results are changed (hijacked), often without permission and sometimes via deceptive means.  Typically occurring when you install a toolbar or other Internet junkware.  My Web Search, Conduit, Babylon and Start Now are just a few of the more popular home page hijackers we have seen. 

Some of the scams offering to "clean your PC", also install a variety of junk including online "vaults", tab hijackers, hot spot advertising and a whole host of undesirable applications.  The end result is the computer runs worse, you have unexplainable pop-ups, your home page and/or default search method changed, and sometimes much, much worse...

If issues remain after cleaning up, these articles may help: DNS settings in our November 16 newsletter, DNS Issues, Internet searches, Internet Explorer processes, downloading stuff.

An important note about antivirus applications:  Running more than one can cause problems.  It certainly causes a slow computer, but also, when installing an AV application with one already installed (expired or not), the new AV may not become fully functional, e.g., may not turn on a firewall because the other AV application's firewall is on.  So with all that out of the way...

Uninstall junk

Go into the Control Panels' Programs and Features (Add/Remove Programs older Windows) and uninstall all the known junk listed below...

If you are running Windows 7 or later, you can sort the list of installed applications by date installed.  That makes it very easy to pick out the recent junk...

Click the view button (red arrow) and change the view to Details

Then click the Installed on heading to sort the list.

Look through everything installed on the computer, regardless of the install date.  If you are unsure, search the Internet for the item of interest - if it seems unnecessary, unneeded or undesirable, uninstall it! 

Also important:  Home page, search providers, scheduled tasks, add-ons and others discussed near the bottom of this article.

What is junk?

In our opinion remove all of items listed below.  Watch for variations in the names, e.g., the "Advanced" junkware has at least three names we know of...

Again, sort the Programs and Features list by date installed!

See also

Other things you can do

Registry settings (popup "ads by ...")

We repaired a computer with problems also having an ad similar to this --->
But unlike those of the past, this one was not uninstallable, i.e., there was no application listed in Programs and Features.  None of the scanners would find a problem, so it was very frustrating to figure out how it even existed. 

This crapware used a combination of registry hijacks mostly through proxy server settings but there were other issues. 

Probably a good candidate to format and reinstall Windows fresh but we were on a mission and finally able to resolve it.  Briefly, here's how...

First: If you do not know what you're doing in the registry, DON'T GO THERE!

In regedit, find (F3) all occurrences of proxyenable - change the value from 1 to 0.  Just below those you will also find proxyserver with a value of or something along those lines, simply delete the entire key (on the right side).

Look in services, stop and disable "Proxy" service.

Delete any host files with a recent date from the c:\windows\system32\drivers\etc folder.

Use Autoruns and look for (and delete) new drivers, unknown startup items, etc. but be careful in there!

So with all that, we thought everything was ok, but that was not the case.  When we switched from network via local network connection to WIFI, a new problem occurred where the Internet would open to a page indicating "the server is under OpenX control" (something along those lines), even thought the address bar was 

So a little more digging we found the Wireless adapter drivers had very recent dates.  Connecting back to the local connection instead of wireless, we updated the wireless driver (from the device manager) which seemed to resolve that problem.

Remove or disable Add-ons

See Browser add-ons

Change the Search providers

Internet Explorer

Internet Explorer:  Tools menu > Internet Options > Programs Tab > Manage Add-ons button.  Select Search providers.

In the list (we have only Google), select the undesirable search engines then lower right (not shown) click the remove button...


still in process