Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine is currently most popular in Qatar, Italy, and Saudi Arabia, although it could be distributed in other countries as well. Our researchers believe the search engine might be spread with Russian software. Thus, probably any user who speaks the Russian language could encounter this threat while browsing the Internet. If appears on your system, we advise you to be extra cautious. This search engine was classified as a browser hijacker, and besides its rather annoying ability to change user’s browser settings, it might also show you potentially dangerous this-party advertisements. Therefore, it might be safer to replace it with a more reliable search tool, for example, Yahoo, Bing, and so on. To learn how to erase the threat, you could slide below the text and follow the added instructions.

As we said, earlier could be distributed with bundled installers of Russian browser extensions, other hijackers, adware, potentially unwanted programs, and other unreliable software. The question is how can users come across such programs? In most cases, they are distributed either through malicious file-sharing web pages or suspicious pop-up advertisements. It means you should be able to stay away from threats alike if you download applications only from legitimate web pages and watch out for malicious pop-up ads.

It is also important to take your time and make sure the chosen program is trustworthy. You can determine it by reading its reviews, seeing if its developers are reputable, etc. Another way to guard the computer against potentially dangerous or malicious software is to keep a reliable security tool. Then you could do regular system scans or check specific data raising suspicion when you feel such need. The antimalware tool can warn the user too if it detects he launched a malicious application or file.

Hopefully, the mentioned tips will help you avoid browser hijackers the next time, but if you already installed, there are some important details you should know about it. First of all, the search engine might be compatible with major browsers, such as Google Chrome, Internet Explorer, and Mozilla Firefox. It should hijack these browsers by changing your preferred homepage site, new tab page, or default search provider. By programming the application to act this way, the threat’s creators most likely seek to encourage you to use the unreliable search engine. Unfortunately, since it might be gathering results with modified Google search engine, could inject them with potentially dangerous content.

Our researchers who tested the application say that it might show users various third-party advertisements, for example, pop-ups with download buttons, coupons, surveys, sponsored links, fake lottery winnings, and so on. These ads could come from lots of different third parties, and the hijacker’s creators may show them not to assist the user, but merely increase particular web pages’ traffic and generate advertising revenue. However, as for you, the interaction with the search engine’s displayed ads might bring only trouble. For instance, some of the advertising content could lead you to web pages that may try to gather personal or sensitive data. Others could redirect to web pages providing installers of adware, potentially unwanted programs, other browser hijackers, or even malicious software, for example, viruses, Trojans, etc.

These risks are not certain as we cannot be one hundred percent sure, but they are possible and users who encounter this suspicious search engine should be aware of them. To avoid any risks, you should get rid of and put a reliable search tool in its place, for example,,, or other. Eliminating the threat manually might take some time since you would have to reset the hijacked browser, delete suspicious extensions, and check the browser’s Target line as it is explained in the instructions located below. Probably, the easier option would be to install a legitimate antimalware tool and let it restore the threat's affected data. We advise this option especially for those users who do not have a reliable security tool yet so that their systems would be protected in the future.

Remove from browsers

Internet Explorer

  1. Press Alt+X.
  2. Pick Internet Options and mark the Advanced tab.
  3. Press Reset and select Delete personal settings.
  4. Choose Reset again and click Close.

Mozilla Firefox

  1. Click the Help icon.
  2. Choose Troubleshooting information and select Refresh Firefox.
  3. Click Refresh Firefox again and press Finish.

Google Chrome

  1. Tap Alt+F and click Settings.
  2. Slide down and press Show advanced settings.
  3. Scroll down again to select Reset Settings and press Reset.
  4. Click Reset.

Erase suspicious extensions

Internet Explorer

  1. Press ALT+X.
  2. Click on Manage add-ons.
  3. Press Toolbars and extensions.
  4. Find suspicious extensions and erase them.

Mozilla Firefox

  1. Tap CTRL+SHIFT+A.
  2. Choose Extensions.
  3. Select questionable extensions and press Remove.

Google Chrome

  1. Press ALT+F to open Settings.
  2. Select More tools and pick Extensions.
  3. Find unwanted extensions.
  4. Click the trash bin button near them and press Remove.

Restore browser‘s Target line

  1. Right-click the affected browser’s icon.
  2. Select Properties and click the Shortcut tab.
  3. Locate the Target line (e.g. “C:\Program Files (x86)\Mozilla Firefox\firefox.exe”).
  4. Check if the hijacker added any additional links to it (e.g. “C:\Program Files (x86)\Mozilla Firefox\firefox.exe”
  5. Remove possible additional links (e.g. and press OK.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.