Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine

We have recently analyzed a reportedly questionable search engine called Our analysis concluded that it is a browser hijacker that you ought to remove because it enters computers in a clandestine manner and modifies certain browser settings such as homepage and search provider. We find this search engine untrustworthy not only because it modifies browser settings without your consent, but because it can inject links to third-party websites in its search results. As well as collect information about you to tailor the promoted links that correspond to your browsing preferences and make more money as a result. We stress that this malicious search engine is of no use to you and can only cause major problems.

Most browser hijackers belong to some kind of family of hijackers because their developers produce many clones. We have found that belongs to the Elex family of browser hijackers that also includes hijackers such as,, and several others. Elex is not a major browser hijacker distributer, but occasionally it releases new hijackers that come bundled with malicious software installers.

While doing our research, we found that this particular hijacker is distributed using malicious software bundles that inject it automatically to Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer. We have yet to find a sample of this hijacker being injected along with a browser extension, but given that it is supported by the three most popular web browsers assume that it would be uneconomical for the developers to release a dedicated extension for each browser. Thus, we conclude that a malicious software installer is utilized to inject this hijacker to all three browsers without providing you with the means to deselect its installation. The installers are configured not allow you to opt out from setting as the homepage and search provider.

It may not be apparent, but’s purpose is to redirect web traffic and subject you to search results that feature promotional links to third-party websites. In full disclosure, all legitimate search engines feature promotional links as well, but they can filter out malicious websites, and they are in complete control of the promotional campaigns.’s promotions, however, can be unreliable, and this becomes evident by looking at the license agreement, which states the following:

A central part of the Site Services includes links to other World Wide Web ("Web") sites or resources. Because APN has no control over such sites and resources, you acknowledge and agree that APN is not responsible for the availability of such external sites or resources, and does not endorse and is not responsible or liable for any content, advertising, products, or other materials on or available from such sites or resources

The soft language used to say that the content can be unreliable and that they do not care as long as they get paid to promote it proves how dishonest’s owners are. Based on our experience with similar browser hijackers we want to stress that it can promote malicious software and potentially unwanted programs as well as phishing and scam websites, so none of its promoted contend should be taken at face value.

Another issue we want to shed more light on is the fact that this browser hijacker can collect information about you to advance the agenda of its owners and their adverting partners. The privacy policy makes it abundantly clear the tipe of information that can obtain, and it includes Internet Protocol (IP) address, the address of the last URL visited, browser and platform type, browser language, data in any undeleted cookies, and browsing and search history. This information is used to present more relevant content, and the promotional links generate advertising revenue when clicked, so this hijacker’s have a monetary interest. All things considered, this alleged search engine is unreliable and you ought to get rid of it.

We advise that you delete to avoid jeopardizing your computer with shady promotional links that might redirect to malicious websites. Furthermore, the basic fact that it can modify your browser’s settings without your authorization is just unacceptable. To get rid of this infection you can try changing the homepage and search provider addresses via browser settings, but if that does not work, then use the manual removal instructions we have included below.

Manual Removal Guide

Mozilla Firefox

  1. Press Windows+E keys.
  2. Enter C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\{Unique Mozilla user ID} in the address bar.
  3. Locate a file named prefs.js and open it with Notepad.
  4. Locate the string user_pref("browser.startup.homepage", "");
  5. Replace with your desired address.
  6. Save and Close.

Google Chrome

  1. Press Windows+E keys.
  2. In the resulting Explorer window’s address bar, enter C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default
  3. Locate Preferences, Secure Preferences and Web Data files.
  4. Delete them or open with Notepad and replace with your preferred homepage address.
  5. Save and Close.

Microsoft Internet Explorer

  1. Press Windows+R keys.
  2. Type regedit in the box and click OK.
  3. Go to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
  4. Locate the Start Page string, right-click on it and click Modify.
  5. Replace with your preferred address.
  6. Click OK.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.