Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine

Do you believe to be a regular search provider? According to our research, this “regular provider” is actually a browser hijacker that must be removed from your browsers as soon as possible. Some browsers block direct access to this search provider; however, it would not corrupt your browsers if you visited it. In order to take over your browsers, this hijacker has to be installed first. We have found several different ways for this program to enter your operating system. It can be downloaded along with the Online TV Access by SaferBrowser extension available at The installer of this infection can also be attached to software bundles. If the hijacker has followed the extension, it is unlikely that you will need to eliminate many other threats besides the extension. However, if it was installed by a third-party software distributor, it is likely that you will have to worry about other malicious infections after you remove

Online TV Access by SaferBrowser is an extension that promotes easy-access links to TVNews, Local Weather, AMC, Netflix, ESPN GO, and Hulu. This extension is very similar to Your Interests Now, My Radio XP, Easy Sports Access, and other extensions that travel bundled with such malicious browser hijackers as,, and As you can guess, these hijackers are identical to the malicious The only difference is that this hijacker does not reveal the name of the extension it is associated with. Due to this, there is a possibility that this hijacker could be linked to a different add-on in the future. For now, it is Online TV Access. According to our research, users can acquire this suspicious extension from as well. Note that the random collection of letters in this URL, acmbkdcplacpdifblbmlghndlegnbiha, reveals the Chrome ID. This is also the name of the folder that holds the components of the Chrome extension. The files representing Internet Explorer and Mozilla Firefox extensions are Online TV Access_settings.json and tv@jetpack.xpi, respectively.

While the suspicious extension offers links to seemingly legitimate sites, is completely useless. This hijacker is even incapable of providing regular search results. Instead, it will redirect you to and show sponsored links. Unfortunately, because the name of Yahoo is well-known and respected, many users will trust the results shown without any hesitation. As you might know, modified search results could be used to introduce you to links created by cyber criminals and malicious advertisers. That is not all that this unreliable hijacker is capable of. The Privacy Policy statement at clearly states that personally identifiable information can be collected. That is something to be concerned about because this hijacker is unpredictable, and it is likely to share information with untrustworthy parties. If you do not take care of your private information, soon enough you could suffer identity theft, and your own name could be used to spread malware to other systems, primarily to those of your friends.

You must delete from your browsers and your PC, and the only question left is in regards of how you should do it. In some cases, the hijacker is disabled with the elimination of the extension. Even in this case, it is likely that you will find leftovers that also require removal. We have created a straightforward removal guide that will show you how to eliminate all components and change the homepage that this infection is capable of modifying. If you are confused about any of the steps, you can contact us by leaving a comment below. Our objective is to help you, and we cannot do that if you do not specify your problems. Hopefully, our tips will help you eliminate this hijacker successfully. Unfortunately, we know for a fact that this guide will be useless if you are trying to delete other malicious programs. And these programs might have invaded your PC along with the hijacker. Needless to say, automated malware removal software is most efficient when it comes to the removal of these additional threats, or even itself. Removal

Internet Explorer:

  1. Tap Win+R to launch RUN, enter regedit.exe, and click OK.
  2. Right-click the tool and select Run as administrator.
  3. Move to HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\.
  4. Right-click and Delete a CLSID called “{c2784b5b-10c4-44ea-a903-f5335430b228}” (might be different).
  5. Navigate to HKCU\Software\Microsoft\Internet Explorer\Main.
  6. Right-click the Start Page entry and replace the URL in the Value Data with the preferred homepage option.

Mozilla Firefox:

  1. Launch Explorer by tapping Win+E keys.
  2. Enter %AppData% into the address bar and move to Mozilla\Firefox\Profiles\.*\extensions\.
  3. Right-click and Delete the file called “tv@jetpack.xpi”.
  4. Enter %AppData% again and move to Mozilla\Firefox\Profiles\.*\.
  5. Open the prefs.js file using Notepad and delete the string associated with the hijacker (e.g., user_pref("browser.startup.homepage", "");.

Google Chrome:

  1. Tap Win+E keys on your keyboard to launch the Explorer windows.
  2. Move to %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ or %LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\.
  3. Right-click and Delete the folder named “acmbkdcplacpdifblbmlghndlegnbiha”.
  4. Enter %LocalAppData%\Google\Chrome\User Data\Default into the address bar.
  5. Right-click and Delete these files: Preferences, Secure Preferences, and Web Data.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.