Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine

Our specialists suspect that could be one of the ELEX family browser hijackers. It seems the application might be able to change user’s homepage or even other preferred settings like default search engine or new tab page. Nonetheless, this annoying program might be potentially dangerous too as it could show you suspicious advertising content through the displayed search results. Apparently, the tool uses a modified Yahoo search engine; meaning, the application might be able to inject the advertisements gathered by with additional content from the third party. As you probably realize, interacting with such ads could lead you to potentially dangerous web pages that could endanger the system. If you would rather avoid such risks, we advise you to remove the browser hijacker without any hesitation. The instructions placed below will show you how to erase manually, but if you read the text first, you would learn more about this threat too.

How can such applications enter the system? Our researchers say it is quite easy to allow threats like settle in without realizing it since browser hijackers are often distributed with bundled software installers. Thus, it is quite simple to overlook it on the setup wizard, especially if you try to speed up the process by agreeing to all conditions without reading about them. The only way to avoid such mistakes is to pay more attention to the installation process. Users should always review provided information; if there are any unwanted program suggestions, they should be deselected so they would not be installed automatically. We also advise staying away from doubtful file-sharing sites that may distribute bundled installers and acquire a reliable antimalware tool, which could help you keep the system clean. is not that type of an application, which settles in by creating new folders and files. Instead, the browser hijacker modifies particular data belonging to the browser it hijacks. For example, if you are using Internet Explorer, the tool might go to the HKCU\Software\Microsoft\Internet Explorer\Main directory, locate a value name titled as Start Page and replace its value data with link. Consequently, your browser should start loading the search engine each time it is launched. Besides Internet Explorer, the program may also modify settings to Google Chrome and Mozilla Firefox. If you want to see which are the files, the application might modify for these two browsers, you should take a look at the deletion instructions as they list such data.

However, as we mentioned earlier, the biggest problem with the browser hijacker is not the changes it makes to your preferred settings. The worst part is that it encourages you to use After entering a search keyword, this search engine might redirect the user to a modified version. It means the gathered results could be different from the ones you would get while using not modified version. For instance, the results might include links, pop-ups, and other advertising content from the third party. Since the tool’s creators do not take any responsibility for such content and cannot guarantee it will be reliable, there is a possibility the ads could be potentially dangerous, e.g. they may redirect you to sites proposing similar threats, malicious software, designed to steal your personal data, and so on.

Clearly, there could be many different situations as the advertisements might come from anywhere. Therefore, it might be best to stay away from such content or better yet get rid of it before anything goes wrong. If you do not wish to encounter advertisements that could be displayed by, you may want to remove the browser hijacker as soon as possible. Users who follow the instructions placed below the text should be able to eliminate it manually. Another option to delete the threat is to run a system scan with a reliable antimalware tool. Try not to forget to update it from time to time, and the tool should be able to help you protect the computer from future threats.

Remove from browsers

Internet Explorer

  1. Press Win+R.
  2. Type regedit and click OK.
  3. Search for this path HKCU\Software\Microsoft\Internet Explorer\Main.
  4. Locate a value name titled as Start Page.
  5. Right-click the Start Page and click Modify.
  6. Change provided value data ( with e.g.,
  7. Press OK to restore your homepage.
  8. Go to the given directory: HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  9. Search for these files: FaviconURL, FaviconURLFallback, TopResultURL, and URL.
  10. Right-click them separately and select Modify.
  11. Replace their current value data ( and press OK.
  12. Leave the Registry Editor.

Mozilla Firefox

  1. Press Win+E.
  2. Locate this particular directory:
    %APPDATA%\Mozilla\Firefox\Profiles\{Unique Mozilla User ID}.
  3. Right-click a file titled as Prefs.js.
  4. Then open it with Notepad.
  5. Look for the specific code line: user_pref(“browser.startup.homepage”, “”).
  6. Erase the browser hijacker’s link and replace it with a web page you prefer.
  7. Press Ctrl+S and close the file.
  8. Exit the Explorer.

Google Chrome

  1. Tap Win+E.
  2. Search for the listed path: %LOCALAPPDATA%\Google\Chrome\User Data\Default
  3. Locate files titled as Preferences, Secure Preferences and Web Data.
  4. Right-click them separately and select Delete.
  5. Close the Explorer.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.