Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine

Although promotes Amazon, Google, Yahoo, YouTube, Twitter, and Instagram services, it is not a tool you should trust and use. If you were forced or tricked into letting this hijacker in, you probably want to get rid of it as soon as possible. If you let it in willingly, you might still believe that this hijacker is harmless. Well, it is not, and the longer it stays active on your browser, the more dangerous the situation might get. Your personal information could be leaked, and you could be introduced to potentially unreliable advertisements in a very clandestine manner. Due to these reasons, it is very important that you remove as soon as possible. Of course, since this hijacker usually travels bundled with an extension – it should be called “Starttab” – you might have to eliminate more pieces of software. If you are ready to jump to the elimination, scan your PC first to check if other infections are active.

How did enter your operating system? If it came bundled with an extension, where did you find it? Was it introduced to you via an aggressive pop-up advertisement, or maybe an unfamiliar installer? According to our research, such suspicious sites as or could host the installer of this hijacker. Unfortunately, it could be introduced via software bundles full of unreliable and undesirable programs. As you might know, belongs to a huge family of hijackers (along with,, and, and, in most cases, they are seen traveling in malicious bundles. Although these hijackers might represent different links, essentially, they are identical. They even follow the same privacy policies, one of which informs that personal data can be recorded and leaked to undisclosed parties. As you can guess, this is one of the main reasons we recommend deleting or any other hijacker from the same family. Another thing you learn by reviewing the Privacy Policy that supports these hijackers is that you can be exposed to third-party content while using it.

If you have interacted with, you might already know that it redirects to Needless to say, this action is illegal because you are not informed about it, and that is something you should focus on before you decide that Yahoo Search is a legitimate and trustworthy search engine. Although it is, the devious can exploit it to expose you to third-party content in a very inconspicuous manner. Would you click on random ads when interacting with an unfamiliar search engine? It is unlikely that you would. But would you click on ads represented via a search engine you know and trust? You might, and that is exactly why is redirecting to Tracking cookies – and some of them might include third-party cookies – could be used to record your browsing history and learn about your preferences. Using this data, the unknown advertisers could easily introduce you to ads that look interesting and intriguing. Of course, this could be used to deceive you into interacting with potentially malicious ads.

It is strongly recommended that you delete from your browser immediately. According to our research, this infection should only affect Internet Explorer, Chrome, and Firefox browsers, but, of course, if you find it on a different browser, you have to eliminate it as well. If you do not know how to so that, post a comment below, and we will upgrade the guide below. This guide shows how to remove from your homepage; however, you must keep in mind that other pieces of software might be involved. For example, if the hijacker came packaged with an extension, you must delete it as well. In fact, you might not be permitted to change homepage settings until you delete this extension. Also, unrelated third-party software could have come bundled as well if, for example, you used an unreliable software installer. In this case, you have to evaluate the situation and check if you can erase all threats yourself. If you cannot, immediately install an anti-malware tool that can eliminate them automatically, as well as keep your system protected. Removal

Internet Explorer:

  1. Launch RUN by tapping Win+R keys.
  2. Type regedit.exe into the dialog box and click OK to launch Registry Editor.
  3. In the pane on the left navigate to HKCU\Software\Microsoft\Internet Explorer\Main.
  4. Double-click the value named Start Page.
  5. Overwrite the hijacker’s URL in the value data and click OK.
  6. Navigate to HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.
  7. Repeat step 5 with these values: FaviconURL, FaviconURLFallback, TopResultURL, URL.

Google Chrome:

  1. Launch Explorer by tapping Win+E keys.
  2. Type %LocalAppData%\Google\Chrome\User Data\ into the bar at the top and tap Enter. Windows XP users enter %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\.
  3. Open the Default folder, and if multiple profiles exist, open your {unique name} Chrome profile folder.
  4. Open these files using a text reader and overwrite the hijacker’s URL represented via them:
    • Preferences
    • Secure Preferences
    • Web Data

Mozilla Firefox:

  1. Launch Explorer by tapping Win+E keys.
  2. Type %AppData%\Mozilla\Firefox\Profiles\ into the bar at the top and tap Enter.
  3. Open the {unique name} Firefox profile and then open the prefs.js file using a text reader.
  4. Overwrite the hijacker’s URL represented in this file.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.