Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine

Has your default homepage been changed to Do you experience constant redirections to unfamiliar websites? Perhaps you do not know why you see specific ads on your screen? If you are experiencing these annoying symptoms, it is very likely that you have been infected with a browser hijacker. A browser hijacker is a type of undesirable software that modifies your browser settings without your permission and then indulges in constant surveillance, monitoring your online activities. You should remove from your computer immediately because this situation could easily lead to even more serious security issues. For more information, check out our article.

The main problem with such infections it that we cannot point out one single website or one single third-party installer and say: “This is the main distribution source, stay away from it.” might use several distribution methods to spread around, and depending on the method it uses, the browser hijacker may arrive at your system with an array of different applications. So you can be sure that if your default homepage changes to, you have more than just one unfamiliar application on-board. You simply are not aware of it yet because other potentially unwanted apps are not that conspicuous.

Rather than focusing on particular websites, we should pay attention to your web browsing habits. Do you read carefully before you click something? Do you give it a second thought before you download software from third-party websites? Do you bother to check each step on an installation wizard? More often than not, it is possible to avoid installing on your computer, but users tend to ignore various security risks. For instance, the hijacker might come bundled in a software package that you downloaded from some file-sharing site. It is quite obvious that in this case, users were aiming to install some other application and simply tagged along. But there are MANY programs that can enter your computer at the same time, and we doubt you want them all.

The country that is affected the most by this intruder is Germany. Perhaps it might seem that the Russian Federation should be at the top of the victim list because the hijacker’s address ends in .ru. However, that is not the case. It is true that users have to access Russian-language websites to get infected with this program, but it is very likely that the people behind this program mostly target expats in Germany.

We know for sure that this program is not the only browser hijacker in the market from the same family. There are multiple other “search engines” that are hosted on the same server, and the list includes,,,, and others. Most of these websites are probably there to participate in some online marketing scheme, generating traffic for affiliated websites. The same applies to, as well. The website will use a customized Google search engine to make it look like it can provide you with reliable search results.

However, the search results that come through could be embedded with commercial advertisements. Users sometimes do not even realize they see commercial offers because they are often related to their most recent searches. This proves that the browser hijacker employs tracking cookies to find out more about your browsing habits. Once they know what content you usually prefer to see, they can generate that content in the form of commercial advertisements. This may increase the possibility of your clicking those ads. As a result, by clicking, you would help the people behind this browser hijacker make easy money, and you would get nothing in return.

Our main security concern associated with this browser hijacker is that the program does not review what kind of content is promotes. Thus, in the worst-case scenario, it could be exploited by cyber criminals to promote and distribute malware, too. That is why we say that the hijacker may not be extremely dangerous by itself, but you can never know who could make use of for their own malevolent aims.

To remove from your computer, you should restore your browser settings. That will automatically delete all the unfamiliar extensions and search engines. After that, make sure you get rid of other unwanted programs, too. For that, do not hesitate to use a licensed antispyware tool.

How to Delete

Internet Explorer

  1. Press Alt+T and go to Internet options.
  2. Click the Advanced tab and press Reset.
  3. Mark Delete personal settings and click Reset.
  4. Click Close.


  1. Press Alt+H and go to Troubleshooting information.
  2. On the top right of the new tab, click Refresh Firefox.
  3. Click Refresh Firefox and press Finish.


  1. Press Alt+F and go to Settings.
  2. At the bottom of the page, press Show advanced settings.
  3. Scroll down and press Reset Settings.
  4. Click Reset.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.