What is could change the user’s start page, default search provider, or his new tab page. As a consequence, the application falls under the classification of browser hijackers. However, the search engine provides a toolbar with possibly a couple of useful links to the user, so instead of looking suspicious it might seem helpful at first. Still, if you get to know it better, you may start thinking differently. Thus, if settled in, and you do not know much about it or browser hijackers in general, it would be advisable to have a closer look at our report. Moreover, if you wish to pick a more reliable search engine, we will add manual deletion instructions at the end of it to help you get rid of the untrustworthy application faster.testtest

Where does come from?

From the information we found on the software’s Privacy Policy and End User License Agreement papers, it seems was created by a developer called Polarity Technologies Ltd. There is not much information about this company, but what we do know about it is that this is not its first ever created search engine. In fact, there are a lot of similar versions of and most of them are also classified as browser hijackers. Another thing our researchers at noticed while testing such threats is that they tend to be distributed through suspicious pop-up advertisements, bundled software installers, etc. Consequently, to avoid untrustworthy applications alike, it might be a good idea to stay away from doubtful advertising content and pick more reliable sources to download setup files.

How does work?

The application may hijack separate browsers differently. To give you an example, if the user’s default browser is Internet Explorer, should create a folder called {28e56cfb-e30e-4f66-85d8-339885b726b8} in the %APPDATA% folder, modify a value name called Start Page, and create a couple of new Registry entries in the HKCU\Software\Microsoft\Internet Explorer\SearchScopes and HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall directories. In comparison, the threat hijacks Mozilla Firefox by changing a link found on file called prefs.js (the data is usually placed in the %APPDATA%\Mozilla\Firefox\Profiles\{unique user profile} directory). As we mentioned in the beginning of the text the described modifications might be made to change your start page, new tab page, or default search provider.

Our guess is that the browser hijacker’s wants the search engine to be used by as many users as possible so they could generate more money from advertising, which they could show via The advertisements could be placed on top of the page, or they might appear next to the displayed search results. The reason we would not recommend clicking such content is that while the threat’s creators might get paid for each click, doing it could cause you trouble. To be more precise, there is not knowing if the hijacker’s displayed ads will not promote malicious software, fake surveys or lotteries, etc. Therefore, we advise against this search engine’s usage.

How to erase

Users who prefer eliminating the browser hijacker manually could try to locate its modified data and restore or erase it. Obviously, to do this, you have to know where might place its files or what data it could alter; we will list these files in the instructions located below this text, so all you need to do is pick the steps fit for your browser. The second option might be a bit easier, given it requires users only to install a legitimate antimalware tool, do a full system check-up, and press the removal button. No matter what you choose, we can further assist you or answer questions related to the threat if you write a comment at the end of this page.


Internet Explorer

  1. Tap Win+R.
  2. Type Regedit and click OK.
  3. Search for this particular path: HKCU\Software\Microsoft\Internet Explorer\Main
  4. Find a value name titled Start Page.
  5. Right-click the value name and select Modify.
  6. Replace its value data (, for example, with
  7. Click OK.
  8. Look for the given location: HKCU\Software\Microsoft\Internet Explorer\SearchScopes
  9. Right-click a key called {67064262-187A-4836-B1E1-4B5D18CD84CF} and press Delete.
  10. Find the same path: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall
  11. Right-click a key titled {28e56cfb-e30e-4f66-85d8-339885b726b8} and press Delete.
  12. Leave Registry Editor.
  13. Press Win+E.
  14. Access this folder: %APPDATA%
  15. Right-click a folder called {28e56cfb-e30e-4f66-85d8-339885b726b8} and select Delete.
  16. Exit File Explorer.
  17. Empty your Recycle bin.

Mozilla Firefox

  1. Press Win+E.
  2. Find the path: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\{UniqueMozillaID}
  3. Locate file Prefs.js and open it with Notepad.
  4. Search for the given line: user_pref("browser.startup.homepage", " ").
  5. Replace with a website you like.
  6. Tap Ctrl+S.
  7. Close the file.

Google Chrome

  1. Launch File Explorer (Win+E).
  2. Search for the particular path: C:\Users\{Username}\AppData\Local\Google\Chrome\User Data\Default
  3. Find data named as Preferences, Secure Preferences, and Web Data.
  4. Right-click these files separately and select Delete.
  5. Close the Explorer. 100% FREE spyware scan and
    tested removal of*

Leave a Comment

Enter the numbers in the box to the right *