Click on screenshot to zoom
Danger level 7
Type: Browser Hijackers
Common infection symptoms:
  • Hijacks homepage
  • Changes default search engine

A browser hijacker called might slither in and take over your web browser quite seamlessly. Although it is unlikely to corrupt the homepage on your Firefox, Chrome, or Internet Explorer browser illegally, it might hide in bundled installers. Also, it could be attached to extensions and applications, and you might have no way of separating them from the hijacker. Whether you are tricked or pushed into accepting the homepage changes, or you do not notice this search tool at all, we strongly advise deleting it from your browser. Although it might look completely harmless at first sight, there is more than meets the eye. According to our research, this hijacker can redirect you, expose you to advertisements, and even record personally identifiable information. All things considered, this search tool is not a beneficial or reliable search assistant, and so you should get rid of it. This report discusses the activity, as well as the removal of If you want to learn about this, keep reading.

According to our research, comes from the ELEX family that is well known because of,,,, and many other browser hijackers. Although they might be controlled by different parties, all of them have the same interface, all redirect to the same search engine, and all follow the same privacy policy. You can find this statement at, and it reveals that the creator of the hijacker has the power to request and collect personal information, which might include your name, location, and even the date of birth. Though it does not look like the hijacker can record personal information using clandestine techniques, you definitely need to be very cautious about the information you share while it is active. Tracking cookies employed by could also record non-personally identifiable information, and you should be cautious about that as well. Since the hijacker can introduce you to ads, it is possible that information regarding your activity will be shared with advertisers who could use it just to increase the click-through rate, not to assist you. redirects all search queries. The problem is that it redirects to, and most users are likely to trust this search engine. Well, there is no reason not to trust it; however, keep in mind that when a hijacker redirects you to it, the results shown to you can be modified, and sponsored links can be included. Are you sure that interacting with third-party advertisements is safe? Of course, it is not always safe, and so you have to be careful. The fact that you are redirected alone is a good enough reason to delete, and when you consider it showing potentially unreliable sponsored links, you should have no further hesitation regarding its removal. After all, it does not really offer any services. If you are happy using Google Search, you can set it as your homepage, but you should be careful about trusting the results shown via it when a hijacker is involved. Other than questionable search services, the hijacker is completely useless, and so you should not keep it around.

If your homepage was taken over by, it is possible that more serious threats are active on your operating system. In case you have already made up your mind about the elimination process, and you want to get rid of all active threats manually, you probably need to eliminate other threats first. Though we advise deleting, it is not the kind of threat that can cause many problems when you stop using it. Of course, you cannot just ignore it. Instead, use the instructions below to modify your homepage URL. If you do that successfully, you should have the threat eliminated in no time. If for whatever reason you are not succeeding, you should employ anti-malware software because it is set up to eliminate every single malicious component. This is particularly helpful if your operating system is full of infections that you cannot eliminate manually. If you have concerns about the removal process or other infections, you can start a conversation using the comments section. Removal

Internet Explorer:

  1. Tap keys Win+R to launch RUN.
  2. Type regedit.exe into the dialog box and click OK.
  3. Navigate to HKCU\Software\Microsoft\Internet Explorer\Main.
  4. Open the value named Start Page by double-clicking it.
  5. Erase the hijacker’s URL, enter the preferred one, and click OK.
  6. Navigate to HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.
  7. Open the values FaviconURL, FaviconURLFallback, TopResultUR, and URL (one at a time) and modify them as shown in step 5.

Google Chrome:

  1. Tap keys Win+E to launch Explorer.
  2. Enter %LocalAppData%\Google\Chrome\User Data\ into the bar at the top. Windows XP users need to enter %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\.
  3. Open the folder called Default. If more than one profile exists, open your {chrome profile name} folder.
  4. Delete the files called Preferences, Secure Preferences, and Web Data.

Mozilla Firefox:

  1. Tap keys Win+E to launch Explorer.
  2. Enter %AppData%\Mozilla\Firefox\Profiles\ into the bar at the top to open the folder.
  3. Find the file named prefs.js and open it using a text reader, such as, Notepad.
  4. Find the hijacker’s URL, overwrite it with the preferred URL, and then save the file.
Download Spyware Removal Tool to Remove*
  • Quick & tested solution for removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.