Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine might not look like a browser hijacker, but it is one of the most annoying hijackers out there. This infection corrupts the browser’s Target to ensure that you are routed to its page every time you launch the corrupted browser. According to our analysis, Google Chrome, Mozilla Firefox, and IE browsers are all susceptible to this threat. Although it does not corrupt the homepage, default search provider, or new tab tools like most hijackers do, this infection can ensure that you are exposed to what appears to be an interactive search engine. Just the fact that you are introduced to this search engine against your will should be enough for you to want to remove, which is a clone of another dangerous hijacker, If you have hesitations about deleting this malware, please continue reading.

According to our research, can be downloaded by Trojans that are present on your computer. Trojans are silent infections, and you are unlikely to know if they exist on your operating system. The hijacker could also be spread via malicious software bundles. In either case, the hijacker can install itself without your permission or notice, and it is likely that other threats are active on your PC at the same time. Of course, you cannot ignore additional threats, especially because they could be much more dangerous than the hijacker itself. Although we strongly advise deleting the hijacker as soon as you possibly can, you should spare a few moments to scan your PC and check if you do not need to handle more dangerous infections first. This is particularly important if malware-downloading Trojans are active as they could continue infecting your operating system without your notice.

Not many users are aware of their browsers’ Targets. A Target points to the original launcher of the browser, and if it is modified, you might be exposed to a designated website. It is fairly easy to fix the Target; however, not many users know how to do that. Unfortunately, in the case of, fixing the Target is useless, unless you change the Windows management instrumentation settings first. The hijacker deliberately changes settings to ensure that it prevails even if you figure out how to fix the Target. Of course, this is not a situation without a solution, and you can adjust the Windows management instrumentation settings. We show you how to do this via the guide below. Once you change the settings, you will also need to fix the Target. Although the process might seem complicated and lengthy, you will have to go through it if you want to delete from your browsers manually.

Do you want to remove from your browsers? Some users continue using this search tool even when they realize that it has invaded their browsers illegally. First of all, it represents the Google Custom Search, which, as users assume, is a trusted search provider. The bad news is that this search provider is controlled by the hijacker, and it can include unreliable links routing to malicious sites, which is why you should not trust it. Are you interested in the links provided to you via the home page of Although you might enjoy quick-access links to,,,,, and various online games, note that you will be routed to them via the server, which is a red flag. Another red flag is the lack of legal information. For example, you are not provided with links to a privacy policy, term of use agreement, or other statements that are available on reliable websites. The lack of this information makes the hijacker unpredictable and dangerous. For all you know, this threat can collect personal data and share it with cyber criminals, and there is no way to deny this.

As mentioned previously, you will need to adjust Windows management instrumentation settings to initiate the elimination of Once you adjust these settings, change the target of all infected browsers’ shortcuts and restart your operating system. Afterward, scan your operating system again to see if all elements of this threat have been cleaned. Of course, the best test would be launching the affected browser to see if it remains hijacked, which we hope it will no longer be after you follow the steps in the removal guide. A scanner is also likely to detect other threats that might have been installed along with the hijacker or that might have downloaded itself onto your PC. Can you eliminate them manually? Trojans, for example, are very difficult to erase manually, and so we suggest using an anti-malware tool to have them erased automatically. The best part is that this tool will keep protecting you for as long as it is active and updated, and so we strongly recommend installing it ASAP. Removal

  1. Launch Explorer (simultaneously tap keys Win+E).
  2. Enter C:\Windows\System32\wbem into the address bar at the top.
  3. Right-click the file called wbemtest.exe.
  4. Select Run as administrator and the Windows Management Instrumentation Tester will pop up.
  5. Click the Connect… button on the right.
  6. Enter root\subscription into the Namespace bar.
  7. Click the Connect button again.
  8. Select Enable All Privileges and click Enum Instances...
  9. Enter ActiveScriptEventConsumer and click OK.
  10. In the Query Result menu select the instance with the name ASEC and click Delete.
  11. Click Close and Exit the utility.
  12. Right-click the infected browser’s shortcut and choose Properties.
  13. Click the Shortcut tab and move to the Target line.
  14. Erase the URL of the hijacker after iexplore.exe”/chrome.exe”/firefox.exe” and click OK.
  15. Restart the browser.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.