Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine

The goal of this text is to analyze a browser hijacker called, so if you keep reading the article you will learn about its working manner, the possible distribution methods, and most importantly available removal options. We do not say the application is malicious, but it could display unreliable advertisements on your search results. Unfortunately, according to our team of researchers, the search engine’s developers make no promises such third-party content would be safe. It means some of the ads could advertise harmful web pages or products and if something goes wrong, it will be your responsibility alone as the threat’s creators do not give any warranties regarding the third-party content or itself. Therefore, to avoid any risks, it would be advisable to eliminate the browser hijacker. Consequently, our specialists have prepared step by step deletion instructions to make this task easier for you; they are placed below the text.

Our team of researchers did not notice creating any new data on the system. However, during the tests, it was confirmed that the application might alter data belonging to the hijacked browser. If it is Internet Explorer, the threat should target a particular value name called Start Page from the Windows Registry. As for Mozilla Firefox, the search engine may alter a file called prefs.js; it is located in one of the browse’s folders. In case the user has Google Chrome for his default browser the hijacker might modify three files: Preferences, Secure Preferences, and Web Data.

The changes we just described are made to simply place as your homepage, default search tool, or new tab page. By acting this way, the application is probably trying to increase the search engine's popularity and generate advertising revenue from the user’s clicks. Our researchers suspect it could be the main motive to create such an application because it cannot even offer a unique search engine or any advanced features. Apparently, the browser hijacker users Yahoo to gather all results matching the provided keyword, but before the results reach you, the threat might modify them by injecting advertisements from its third-party associates. Moreover, it was confirmed that the search engine is just another clone of other similar browser hijackers (e.g.,,, etc.). Thus, we do not see any other reason why would anyone create such a useless tool if not to distribute advertising content and get paid for it.

Furthermore, from looking at the software’s End User License Agreement and Privacy Policy documents our specialists have learned that the company behind disclaims not just any warranty related “to your Use of the Software,” but also to the use of any third-party content you might come across by browsing with the search engine. In other words, the advertisements you could find in the search results may not necessarily originate from reliable sources, e.g. some part of the ads might come from malicious web pages offering other browser hijackers, adware, potentially unwanted applications, or distributing installers with Trojans, ransomware, and so on. Not to mention there might be a danger to the user’s privacy too if the third-party ads redirect to sites showing fake lottery winnings or asking to participate in fictitious surveys as the user could be asked to submit sensitive information.

All in all, it does not seem like could somehow enhance your browsing. Far from it, as we explained in the article, the research shows it might disturb it by showing advertising content in the results. Under such circumstances, any user who does not want to see suspicious pop-ups or other types of ads while browsing would be advisable to pick a legitimate search engine that cares more about your system’s and privacy’s safety. The browser hijacker can be erased manually as you can see from the deletion instructions added below this text. You can remove it with an antimalware tool too, just make sure you pick a trustworthy one.


Internet Explorer

  1. Press Windows key+R.
  2. Type Regedit and click Enter.
  3. Find the specific location: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
  4. Choose a value name called Start Page.
  5. Right-click it and select Modify.
  6. Replace and press OK.
  7. Exit the Registry Editor.

Mozilla Firefox

  1. Click Windows key+E.
  2. Find the particular location: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\[Unique User ID]
  3. Select a file named prefs.js and open it with Notepad.
  4. Look for the specific code line: user_pref(“browser.startup.homepage”, “”).
  5. Replace and press Ctrl+S.
  6. Exit Notepad.

Google Chrome

  1. Click Windows key+E.
  2. Find the listed directory: C:\Users\[username]\AppData\Local\Google\Chrome\User Data\Default
  3. Choose the following files:
    Secure Preferences
    Web Data
  4. Right-click this data separately and click Delete.
  5. Leave the Explorer.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.