Removal Guide

Do you know what is? has recently changed its interface after being down for a few days, and so we cannot guarantee that the screenshots you can see below are representative of the browser hijacker that has corrupted your web browser. In any case, regardless of its skin, this infection acts the same, and we suggest deleting it for the same reasons. Our research team has thoroughly analyzed this threat in our internal lab, and the first thing found was that it belongs to the infamous ELEX family. A few other infections that belong to it include,, and, and, of course, they are all reviewed in separate reports. This one discusses the removal of because this seemingly harmless search tool is classified as a potential threat. If you want to learn more about it, continue reading.

The interface of is unique, but it is not unordinary, and most users facing it are likely to identify it as a normal search engine. At the top of its home page, you see the current time and date, as well as quick-access links to Linkedin, Youtube, Facebook, G+ (Google+), Twitter, and Instagram. All of these links lead to authentic websites, and so it is safe to interact with them. Is the developer of the hijacker earning money for promoting these links? We do not know that, but it is possible. In the center, a search dialog box is displayed, and if you enter keywords into it, you are automatically routed to the search engine. Does this mean that is represented by or associated with Google? It does not, and, in fact, it is possible that the creator of the hijacker is exploiting this popular engine to showcase unreliable third-party links that you might not even notice. At the bottom of the hijacker’s home page, you can click “Show Games” to open a menu offering various online games represented via different websites. Overall, the hijacker does not seem to be very useful or very reliable, and that is why we suggest removing it from your Removal screenshot
Scroll down for full removal instructions

How did slither into your operating system? This hijacker does not have an official installer, and different installers could offer it to you. Unfortunately, malicious installers are most likely to represent this hijacker, and so there is a possibility that your operating system is infected with other malicious threats that also require removal. In fact, some of these threats might be more dangerous, and you might have to eliminate them first. Whether you do not know if malware exists or you cannot identify it yourself, we suggest installing a trusted malware scanner to quickly inspect your operating system. In the best case scenario, the tool will find no infections. In the worst case scenario, you will find dangerous threats.

What if your operating system and browsers are beleaguered with malware? If that is the unfortunate case, installing anti-malware software is our recommendation. A legitimate and up-to-date anti-malware tool will immediately identify and remove all malicious components. It will delete as well. Of course, it is possible to eliminate this hijacker from your browsers manually as well. The guide below shows how to do that. If other threats exist, and you want to eliminate them yourself too, look up removal guides on our website. If you cannot find the guides you need, let us know via the comments section.


Mozilla Firefox

  1. Simultaneously tap Win+E to launch Windows Explorer.
  2. Enter %APPDATA%\Mozilla\Firefox\Profiles\ into the bar at the top.
  3. Open the folder that represents your Firefox profile.
  4. Right-click the file called prefs.js and select to open it using any text reader.
  5. Find the hijacker’s URL in this file, overwrite it, and then save the file.

Internet Explorer

  1. Simultaneously tap Win+R to launch RUN.
  2. Enter regedit.exe into the dialog box to launch Task Manager.
  3. Navigate to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main.
  4. Double-click the value named Start Page.
  5. Overwrite the hijacker’s URL and then click OK.

Google Chrome

  1. Simultaneously tap Win+E to launch Windows Explorer.
  2. Enter %LOCALAPPDATA%\Google\Chrome\User Data\ into the bar at the top (for Windows XP users, it is %USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\).
  3. Open the Default folder or, if multiple profiles exist, open the folder representing your Chrome profile.
  4. Open the files named Preferences, Secure Preferences, and Web Data using any text reader.
  5. Overwrite the hijacker’s URL file within the files and then save them.

In non-techie terms: is a browser hijacker that is likely to exploit Google Search to expose users to unreliable and potentially malicious third-party content. The hijacker does not have an official source, and so it is believed that it is spread by third-party software distributors. Unfortunately, it is likely to be spread along with infections, some of which might be much more dangerous than the hijacker itself. Needless to say, whether you have installed it yourself, or it corrupted your browsers illegally, it is strongly recommended that you delete from your browser, and you have to decide whether you will do this manually or using a legitimate anti-malware tool. While you should be able to erase the hijacker yourself using the instructions above, we advise utilizing anti-malware software because if other threats are active, they will be eliminated as well. Also, your operating system and browsers will gain full protection.