Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine is a hijacker that was created by Polarity Technologies Ltd. We have already talked about this company many times before because it stands behind,, and tens of other browser hijackers that all work in the same way. Even the Privacy Policy is the same for all of these infections, and so it is most likely that one single developer is responsible for all of them. The hijackers from this family are usually linked to extensions that are unique in every single case. In most cases, they have official download sources, and that makes them appear more legitimate and reliable. Unfortunately, we could not find an official source for the add-on that is linked to the hijacker we are discussing in this report, and that means that it might be spread in an illegal manner. This add-on is called “Descargar,” and we will discuss it further in this report. As you might have connected the dots already, we advise removing If you do not understand the reasoning behind this, please keep reading.

Although most Polarity Technologies Ltd hijackers are associated with extensions that have official download pages, Descargar is not represented in the same manner. If your homepage and/or New Tab were replaced with, the extension must have found its way in somehow. Of course, there is a possibility that the hijacker will be introduced to you on its own, but it is not very likely. So how does the hijacker spread? Our guess is that third-party installers are involved. Have you downloaded bundled with third-party software? Scan this software using a legitimate malware scanner immediately because it could be malware in disguise. Hopefully, you do not find out that dangerous infections have invaded your operating system because that might take your focus off the hijacker itself. The first reason we recommend deleting this infection is that it is known as a personal data tracker. One particular statement in the Privacy Policy reveals that this information could be recorded when the infection records your interaction with the related services.

Another reason to delete from your browser is that it works as a redirector. As you enter a search keyword into the provided dialog box, you are immediately rerouted to Yahoo Search at What is wrong with that? Unfortunately, the hijacker might force this search engine to showcase sponsored links, and you are more likely to interact with them because of the good reputation that Yahoo has. In fact, it is very easy to identify this browser hijacker as a harmless tool because it also promotes easy-access links to all kinds of sites. The tabs at the top automatically route to,,,,, and Additionally, you have links routing to,, and (all of these are tax-related sites) at the bottom. If you only look at these, you might think that the hijacker is harmless. If you think about the fact that it can record private information and even expose you to annoying or unreliable links via the search tool it promotes, you should consider removing

The removal of is straightforward. If this hijacker is linked to an extension, delete it, and your regular homepage settings will be restored. If the hijacker was installed on its own, follow the instructions below to learn how to eliminate it from any of the targeted browsers. What should you do if a scanner has detected other threats? First of all, research them to see if they are dangerous. According to the information you find, you might choose to attack the threats yourself or you might choose to install software that can eliminate them automatically. If you decide that you need the assistance of an anti-malware tool, make sure you do your research and pick one that can help you eliminate malware and keep it away in the future. It is natural if you have questions regarding this threat. If you do, do not hesitate to contact us, which you can do by posting your questions in the comments box below. Removal

Google Chrome:

  1. Launch Explorer by tapping Win+E keys.
  2. Enter %LocalAppData%\Google\Chrome\User Data\ in the bar at the top.
  3. Open the Default folder (or the folder that represents your Chrome profile).
  4. Delete these files: Preferences, Secure Preferences, and Web Data.

Mozilla Firefox:

  1. Launch Explorer by tapping Win+E keys.
  2. Enter %AppData%\Mozilla\Firefox\Profiles\ into the bar at the top.
  3. Open the folder with a random name that represents your Firefox profile.
  4. Open the file called prefs.js and overwrite the URL of the hijacker.

Internet Explorer:

  1. Launch RUN by tapping Win+R keys.
  2. Type regedit.exe into the Open box and click OK.
  3. In Registry Editor move to HKCU\Software\Microsoft\Internet Explorer\Main.
  4. Open the value called Start Page and overwrite the URL of the hijacker.
  5. Navigate to HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}:
  6. Overwrite the URL of the hijacker in these values: FaviconURL, FaviconURLFallback, TopResultURL, and URL.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.