Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine

If you cannot understand why your browser is redirecting you to or other doubtful web pages, we recommend reading our full report to learn more about this threat. Provided, you want these redirections to stop, you should also check the deletion instructions placed below. That is if you feel like eliminating the application manually. It has a few rather irritating qualities, so could be categorized as a potentially unwanted program too. However, our researchers believe it would be wisest to categorize it as a browser hijacker. Probably, the most annoying thing about this search engine is the fact it can automatically redirect you to unfamiliar web pages no matter you want it or not. If you keep reading our report, you will learn why such redirection could be harmful to your computer and what can be done to stay away from similar threats the next time.

To begin with, we should discuss the search engine’s distribution. Our specialists say it is quite similar to other similar browser hijackers (e.g.,, and other), so it might be spread through similar channels. What we have in mind is bundled installers that users may find on unreliable file-sharing websites, for example, torrent sites. If the installer appears to be malicious, it may not even notify you about installation. Thus, to keep your system clean we advise you to download setup files from more reliable web pages. Another smart idea is to keep a legitimate antimalware tool; with it, you could scan downloaded installers or identify threats later while performing a system scan. Plus, the security tool may notify you about malicious web pages or software too.

This particular browser hijacker might create a .bat file in the hijacked browsers folder. The research shows such data may have hidden commands forcing the browser to open each time it is launched. For example, the file could contain a similar command: “start ""/I /B/D"C:\PROGRA~2\Google\Chrome\APPLIC~1\""C:\PROGRA~2\Google\Chrome\APPLIC~1\chrome.exe"".” Our researchers say the application hijacks the browser by replacing the shortcut’s Target line with a path pointing to this specific .bat file. At the moment we believe the threat might be able to affect the Google Chrome, Internet Explorer, and Mozilla Firefox browsers.

Unfortunately, is not the only website the user may get redirected to. Apparently, the browser hijacker could also lead you to its third-party partner’s web pages. The bad news is no one can guarantee such sites would be reliable. Our researchers warn us that some part of the websites could be created for malicious reasons, for example, to steal the user’s sensitive or personal data, infect the PC with malware, suggest installing adware, potentially unwanted programs, or other browser hijackers, and so on. These are only a few example of what could happen if you encounter and interact with any content on possibly malicious web pages. If you do not want to take any chances, we advise you to eliminate as soon as possible.

One of the ways to erase the browser hijacker is to find its modified shortcuts and delete them manually one by one. To remove it completely you should not forget to get rid of the applications created .bat files. Users who do not know how to complete these task can follow the steps placed at the end of the text as they will explain the whole process in more detail. Moreover, if you are looking for a less complicated option, you could employ a trustworthy antimalware tool and allow it to deal with the threat; all you have to do is start a system scan and press the deletion button once it appears. Lastly, we would like to remind you that if you want to know anything else about this application you can always leave a comment below the article or reach us via social media.


  1. Press Win+E.
  2. Select the directories based on your browser:
    C:\Program Files (x86)\Mozilla Firefox
    C:\Program Files\Mozilla Firefox
    C:\Program Files (x86)\Google\Chrome
    C:\Program Files\Google\Chrome
    C:\Program Files (x86)\Internet Explorer
    C:\Program Files\Internet Explorer
  3. Find .bat files related to the browser hijacker, e.g., firefox.bat.
  4. Select such .bat files separately and press Shift+Delete.
  5. Copy and paste these listed paths into the Explorer separately:
    %ALLUSERSPROFILE%\Start Menu\Programs
    %APPDATA%\Microsoft\Windows\Start Menu\Programs
    %USERPROFILE%\Microsoft\Windows\Start Menu\Programs
    %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs
    %ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Start Menu\Programs
  6. Select hijacked shortcuts and remove them from all listed directories one by one by pressing Shift+Delete.
  7. Place new shortcuts in directories you choose, e.g. %USERPROFILE%\Desktop.
  8. Click the right mouse button and select New.
  9. Press Shortcut and click browse.
  10. Locate the directory containing your browser’s launcher.
  11. Then select Next and click Finish.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.