Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine is a dubious domain linked to the presence of the adware helper. Users who really have this undesirable piece of software inside their computers see their Google Chrome browser open with it every 33 minutes. Users might also be redirected to from time to time when they surf other websites. The web page opened does not look harmful at first glance. Actually, we cannot call it malicious either, but, undoubtedly, it is not trustworthy and should be closed as soon as possible. According to specialists working at, this domain is a medium for displaying ads and driving traffic to certain pages. The developer of, most probably, gets money for displaying the commercial content for users and increasing the web traffic to third-party pages. Needless to say, ordinary users do not get anything. Our security specialists say that they might only get untrustworthy software if they click on various links located on the main page of, use its search box to find the information on the web, and trust search results opened for them fully. cannot be called an ordinary browser hijacker because it does not change browsers’ settings, e.g. homepage and default search provider. It creates the so-called scheduled task in %WINDIR%\System32\Tasks instead of altering the settings of web browsers. This new task it creates in the Task Scheduler allows it to appear to users every 33 minutes. As has already been mentioned at the beginning, you might notice your web browser open with in the URL bar automatically, or you will be taken to this page when surfing other normal websites which are not associated with by any means. If you already see it opened for you, close this page as soon as possible and do not click on links you can find on this website because they might open untrustworthy pages. Find a better search provider to use instead of the search box of as well. Search results displayed by this page might contain promotional links too. There is a risk that some of them are related to bad third-party pages and might redirect users there if they perform web searches using this Russian domain.

Moreover, third-party pages users might be taken to after clicking on links/ads displayed on might also be dangerous in a sense that they might try to extort personal information from people. Also, such websites often record non-personally identifiable information associated with users’ activities and habits. Trustworthy pages might record information about users too, but they never gather any personal details, so you should always check the Privacy Policy of pages before starting to surf them fearlessly. Keep in mind that pages you are taken to after clicking on sponsored links/ads start gathering data immediately after you are redirected to them.

Research has shown that is not the only browser hijacker belonging to this family. It is almost identical to and Gdslkeee1ru. All of them travel bundled in malicious installers. Suspicious Russian applications might travel with these browser hijackers too, so if you already see every half an hour, be aware of the fact that other untrustworthy applications might be installed on your computer too. It is not easy to find them because they are well-hidden, so leave the detection job for a reputable scanner. It would be smart to keep a security application enabled 24/7 because much more serious infections if compared to a browser hijacker can enter the unprotected computer. Make sure that the tool you leave activated on your system is fully reliable.

You need to perform two removal steps to delete the browser hijacker fully from the computer. First, you need to go to reset web browsers to their default settings (it should affect only Google Chrome but check other web browsers too). Second, a scheduled task created by this browser hijacker needs to be eliminated as soon as possible. As has already been mentioned in this article, this infection could have entered the system together with other dubious applications, so it is a must to scan the computer with an automatic malware remover, such as SpyHunter, after you finish deleting the browser hijacker associated with the domain.

Remove manually from browsers

Reset browsers to their default settings

Internet Explorer

  1. Open Internet Explorer.
  2. Open the Tools menu and click Internet Options.
  3. Click on the Advanced tab to open it.
  4. Click Reset.
  5. Put a tick in the Delete personal settings box to enable it.
  6. Click Reset in the dialog box one more time.

Mozilla Firefox

  1. Start Mozilla Firefox.
  2. Press Alt+H.
  3. Select Troubleshooting information from the menu opened for you.
  4. Click Refresh Firefox.
  5. Click on the same button one more time in the dialog box.

Google Chrome

  1. Launch your web browser and press Alt+F simultaneously.
  2. Select Settings from the menu and click Show advanced settings.
  3. Click on the Reset Settings button.
  4. Locate the Reset button in the window that shows up and click on it.

Delete the scheduled task

  1. Open the Windows Explorer.
  2. Go to %WINDIR%\System32\Tasks.
  3. Delete the file having or a similar name.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.