Click on screenshot to zoom
Danger level 6
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine

If you are not careful when installing software, you might invite all kinds of random, useless, and malicious programs in. is a browser hijacker that we recognize as a potential threat to your virtual security. This suspicious hijacker was developed by Polarity Technologies Ltd., but its interface is identical to those of,,, and other hijackers created by SaferBrowser. Notably, most of these suspicious search tools are linked to unique extensions that modify homepage and search provider settings. In our case, an extension does not exist, and that is quite strange. All in all, the suspicious search tool must have been introduced to you in some way, and it is likely that it was introduced to you along with other programs. Should they be deleted? That is something you can learn by analyzing these programs individually. In this report, we discuss the removal of Keep in mind that although this search tool looks kind of harmless, your virtual security could be on the line if you interact with it.

The first thing we need to talk about is the distribution of Since it is unlikely that this hijacker is offered along with a browser extension that might have an official download page, it is likely that this hijacker is mainly spread by third parties. In fact, you might have been offered this allegedly useful search tool when installing some other seemingly attractive programs. Software bundles are not always unreliable, but many of them are filled with unnecessary, useless, and, worst of all, malicious programs. If you encounter a malicious installer, the threats carried by it could be installed silently as well. Were your homepage and default search provider modified without your permission? If they were, you have an advantage because you must realize that is unreliable. On the other hand, users who install this search tool themselves might believe it to be harmless and even useful. Would we discuss this hijacker and its removal if it were harmless? Of course not. If you do not know if malware exists, immediately install a trusted malware scanner.

The “Loveroms” logo on the top-right corner of is a mystery. Maybe an extension with this name is being created, but we cannot confirm that. Maybe this name has no meaning at all. All in all, in case you encounter a program called “Loveroms,” you should delete it from your PC. The software linked to the hijacker is simply untrustworthy, and you could get yourself in trouble if you choose to interact with it. As the Privacy Policy reveals, even your personal information could be in danger, as it could be collected and shared with unfamiliar parties. Another thing regarding third parties is that the links promoting their services could be included in the search results pages. Although the suspicious redirects to the Yahoo search engine, sponsored links can be included. Do not ignore this because that is a potential threat. Since we do not know the parties that the hijacker serves, there is always a possibility that the links represented by them are unreliable and misguiding.

If you modify the homepage of the infected browser, you should get rid of in no time. In case this hijacker is represented by an extension, you need to erase it as well. Obviously, you must not forget to eliminate malicious threats that might have been introduced to you along with this hijacker. The guide below explains how to delete from your browsers in an unconventional way. This method might appear to be more complicated, but it teaches how to modify your browsers via browser files, and that can help you with different kinds of malware that you might face in the future. Of course, if you employ authentic security software now, you will not need to worry about the attacks of other infections. In fact, if you employ anti-malware software, you will not even need to worry yourself about the elimination of already existing threats. Overall, the elimination of the hijacker is pretty simple, and if you have questions, you can post them in the comments section below. Removal

Internet Explorer:

  1. Launch RUN by tapping Win+R keys and enter regedit.exe.
  2. Navigate to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main.
  3. Double-click the value called Start Page.
  4. Replace the hijacker’s URL with the preferred one and click OK.
  5. Navigate to HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.
  6. Open these values and replace the hijacker’s URLs in them:
    • FaviconURL
    • FaviconURLFallback
    • TopResultURL
    • URL

Google Chrome:

  1. Launch Windows Explorer by tapping Win+E keys.
  2. Enter %LocalAppData%\Google\Chrome\User Data\ (if you use Windows XP, you need to enter %USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\) into the box at the top.
  3. Open the Default folder or a unique profile folder (if multiple Chrome profiles exist).
  4. Open the file called Preferences using a text reader (e.g., Notepad).
  5. Replace the hijacker’s URL with the preferred one and save the file.
  6. Open the file called Secure Preferences and repeat step 5.
  7. Open the file called Web Data and repeat step 5.

Mozilla Firefox:

  1. Launch Windows Explorer by tapping Win+E keys.
  2. Enter %AppData%\Mozilla\Firefox\Profiles\ into the dialog box at the top and tap Enter.
  3. Now, open the Firefox profile folder with random characters in the name.
  4. Open the prefs.js file using a text reader (e.g., Notepad).
  5. In the user_pref("browser.startup.homepage", ""); string replace the hijacker’s URL with the preferred one and save the file.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.