Click on screenshot to zoom
Danger level 6
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine is a page that looks like a regular search engine. It is very likely that this search engine is spread along with a browser extension, but, at this moment, there is not enough information about this. Some suggest that that the search tool is linked to an extension called “Package Search Toolbar,” but our research team could not confirm this because no traces of it could be found. It’s as if this extension does not exist at all. Needless to say, if you have this suspicious search engine introduced to you along with an add-on or an application, you need to be extremely cautious about it. In fact, we recommend deleting it. Our research team classifies the search tool as a browser hijacker, and if it were linked to any piece of software, it is unlikely that it would be trustworthy. Of course, at this point, we cannot confirm this. The best thing you could do if you found the hijacker is examine your operating system with a legitimate malware scanner. If malware is found, you should get rid of it immediately. You definitely should remove

The distribution of is extremely suspicious, and it is unlikely that this browser hijacker has ever had an official installer. Of course, the extension or an application this threat might be bundled with could have an official installer, but, even if it did, it is most likely that an unreliable installer would be involved. Software bundling is a very popular technique that malware distributors frequently use to expose unsuspecting victims to multiple threats or potentially unwanted programs at once. That is why it is crucial that you scan your operating system immediately. One more thing we have to mention regarding the distribution of is that you are most likely to encounter this hijacker if you live in the United States. That being said, users in other regions could face it as well. Moreover, there are hundreds and thousands of other hijackers that could invade your operating system and take over the browsers even if you live outside of the US. Some of them include,, and

Although it might not look malicious, is a threat. If you look at the interface of this hijacker, it looks like a normal search engine with an additional browser bar at the top. This bar includes a search field and links to various “Top Carriers,” “Regional Shippers,” and “Package Delivery.” A few services that the hijacker promotes include UPS, FedEx, Royal Mail, Japan Post, Aramex, and Parcelforce. In the middle of the page, you can find another search field along with easy-access links to Gmail, Facebook, YouTube, LinkedIn, Pinterest, and various other popular sites. Below that, you are also introduced to the “Enter Tracking Number” field that should allow you to track your correspondence and packages. While it might be okay to interact with the links shown, as well as the tracker tool, we do not recommend interacting with the search tool. Why? Because it redirects to a third-party search engine and shows sponsored content. To distract you and make you trust the links shown, uses Yahoo Search. Unfortunately, by interacting with this content, you could be exposing yourself to virtual security threats.

If is not linked to malware, you should be able to remove this hijacker using the guide below. If additional software is involved, you might have to get rid of it to eliminate the hijacker as well. A legitimate malware scanner will help you learn if you need to eliminate any threats. Do not worry if you cannot eliminate them manually because a legitimate anti-malware tool can help everyone. Install it now, and all threats will be eliminated automatically. Furthermore, you will not need to deal with any other threats in the future because the tool will keep them away. Without a doubt, we recommend installing a trusted anti-malware tool even if you manage to delete and all other threats manually. Hopefully, you know what to do, and you can successfully get rid of the unwanted software. If you have questions about the removal process, do not hesitate to add them to the comments section. Removal

Mozilla Firefox:

  1. Simultaneously tap Win+E to launch Windows Explorer.
  2. Enter %AppData%\Mozilla\Firefox\Profiles\ into the bar at the top.
  3. Open the {Firefox profile name} folder.
  4. Open the file named prefs.js using any text reader.
  5. Overwrite the hijacker’s URL and then save the file before closing it.

Internet Explorer:

  1. Simultaneously tap Win+R to launch RUN.
  2. Type regedit.exe into the field and click OK to launch Registry Editor.
  3. Move to HKCU\Software\Microsoft\Internet Explorer\Main.
  4. Double-click the value called Start Page to open.
  5. Overwrite the hijacker’s URL and then click OK.

Google Chrome:

  1. Simultaneously tap Win+E to launch Windows Explorer.
  2. Enter %LocalAppData%\Google\Chrome\User Data\ into the bar at the top.
  3. Open the {Chrome profile name} folder, or the Default folder if profiles do not exist.
  4. Either Delete the files called Preferences, Secure Preferences, and Web Data or open them using a text reader and then overwrite the hijacker’s URL embedded in them.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.