Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine is the newest browser hijacker to be added to the SaferBrowser family. This hijacker, according to the latest information, attacks Internet Explorer, Mozilla Firefox, and Google Chrome browsers, and, in some cases, users accept the homepage modifications willingly. The interface of the website representing the hijacker is identical to,, and many others that we have reviewed on this website. If you are curious about the clones, you can read the reports, but, in general, all of SaferBrowser hijackers are identical, and they can be deleted using the same methods. In this report, we discuss the removal of The chances are that you already know that this search tool is unreliable and deserves elimination, but you should read this report because it might help you evade threats similar to it in the future.

Was the homepage on your browser replaced with illegally? That might happen if you interact with malicious installers that hide malware. Of course, many victims of this hijacker are likely to install it themselves. Does that mean that the threat is not all that bad? Even if it asks for your permission to replace your regular homepage URL, you cannot identify it as reliable. Overall, it is most likely that the hijacker will come packaged with third-party software, and it is important to pay some attention to it as well. Sure, the extensions and the applications carried in the same bundle might seem harmless, but you should never judge a book by its cover, or should we say, a program by its interface and promises. Since figuring out which programs are legitimate and which ones are malicious and require removal might be difficult, we advise using a malware scanner.

Even if has taken over your browser illegally, you might choose to trust it. That is because the interface of this search tool is not that suspicious, and the search dialog box redirects your search queries to This might be all a little confusing if Yahoo Search was already set as the homepage of the infected browser. Needless to say, you should not trust software that is capable of redirecting you to third-party sites, even if they are legitimate. One of the risks you face, in this situation, is modified search results. could exploit the well-known search engine to slip in ads and links to potentially unreliable websites, and you might click those without even realizing! Another thing that might make you trust the hijacker is the easy-access links to legitimate gaming websites that it adds to the bar at the top. Interact with these links cautiously.

Another thing you have to consider is the activity that you do not see or notice. The Privacy Policy that represents is quite extensive, and that is because the suspicious search tool is used for more than just presenting search results. In order to provide you with attractive advertisements that it can include in the search results, it installs data-tracking cookies. In most cases, tracking cookies are harmless because they record non-personally identifiable information and data about your hardware or browsers. Unfortunately, the cookies used by can accidentally record personal data as well. Because we do not know who can access the data recorded by these cookies, we have to consider the risk of personal data being leaked to unreliable parties, even if that happens by accident. If you do not want to take any risks, this is not the search tool you should use.

If was installed along with an extension, you should try removing it first. You might discover that the homepage is restored automatically. If that does not work, you can follow the guide below that explains how to modify the homepage URL within the files of the infected browser. If you are struggling, post a comment below, and we will try to help you out. Obviously, we cannot help you erase other threats if we do not know what they are, and we cannot really help you with further system’s protection. That is a job for a legitimate anti-malware tool, which you should invest in without further hesitation. Note that a reliable anti-malware tool should be able to delete as well. Removal

Mozilla Firefox:

  1. Tap Win+E keys simultaneously to launch Explorer.
  2. Enter %AppData%\Mozilla\Firefox\Profiles\ into the bar at the top.
  3. In the Profiles folder open the subfolder that represents your Firefox Profile.
  4. Now, open the prefs.js file (you can do that using Notepad).
  5. Erase the URL of the hijacker, enter the preferred URL, and save the file.

Google Chrome:

  1. Tap Win+E keys simultaneously to launch Explorer.
  2. Enter %LocalAppData%\Google\Chrome\User Data\ (Windows XP users enter %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\ into the bar at the top.
  3. Open the folder that represents your Chrome Profile, and if profiles do not exist, open Default.
  4. Open the file named Preferences (you can use Notepad to do this).
  5. Erase the URL of the hijacker, enter the preferred URL, and save the file.
  6. Repeat step 5 with Secure Preferences and Web Data files.

Internet Explorer:

  1. Tap Win+R keys simultaneously to launch RUN.
  2. Type regedit.exe and click OK to launch Registry Editor.
  3. Navigate to HKCU\Software\Microsoft\Internet Explorer\Main.
  4. Double-click the value called Start Page.
  5. Erase the URL of the hijacker, enter the preferred URL, and click OK.
  6. Navigate to HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.
  7. Erase the URL of the hijacker, enter the preferred URL, and click OK in these values:
    • FaviconURL
    • FaviconURLFallback
    • TopResultURL
    • URL
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.