Search.heasyconverter.co

What is Search.heasyconverter.co?

Search.heasyconverter.co could change the user’s start page, default search provider, or his new tab page. As a consequence, the application falls under the classification of browser hijackers. However, the search engine provides a toolbar with possibly a couple of useful links to the user, so instead of looking suspicious it might seem helpful at first. Still, if you get to know it better, you may start thinking differently. Thus, if Search.heasyconverter.co settled in, and you do not know much about it or browser hijackers in general, it would be advisable to have a closer look at our report. Moreover, if you wish to pick a more reliable search engine, we will add manual deletion instructions at the end of it to help you get rid of the untrustworthy application faster.

Where does Search.heasyconverter.co come from?

From the information we found on the software’s Privacy Policy and End User License Agreement papers, it seems Search.heasyconverter.co was created by a developer called Polarity Technologies Ltd. There is not much information about this company, but what we do know about it is that this is not its first ever created search engine. In fact, there are a lot of similar versions of Search.heasyconverter.co and most of them are also classified as browser hijackers. Another thing our researchers at Anti-spyware-101.com noticed while testing such threats is that they tend to be distributed through suspicious pop-up advertisements, bundled software installers, etc. Consequently, to avoid untrustworthy applications alike, it might be a good idea to stay away from doubtful advertising content and pick more reliable sources to download setup files.

How does Search.heasyconverter.co work?

The application may hijack separate browsers differently. To give you an example, if the user’s default browser is Internet Explorer, Search.heasyconverter.co should create a folder called {28e56cfb-e30e-4f66-85d8-339885b726b8} in the %APPDATA% folder, modify a value name called Start Page, and create a couple of new Registry entries in the HKCU\Software\Microsoft\Internet Explorer\SearchScopes and HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall directories. In comparison, the threat hijacks Mozilla Firefox by changing a link found on file called prefs.js (the data is usually placed in the %APPDATA%\Mozilla\Firefox\Profiles\{unique user profile} directory). As we mentioned in the beginning of the text the described modifications might be made to change your start page, new tab page, or default search provider.

Our guess is that the browser hijacker’s wants the search engine to be used by as many users as possible so they could generate more money from advertising, which they could show via Search.heasyconverter.co. The advertisements could be placed on top of the page, or they might appear next to the displayed search results. The reason we would not recommend clicking such content is that while the threat’s creators might get paid for each click, doing it could cause you trouble. To be more precise, there is not knowing if the hijacker’s displayed ads will not promote malicious software, fake surveys or lotteries, etc. Therefore, we advise against this search engine’s usage.

How to erase Search.heasyconverter.co?

Users who prefer eliminating the browser hijacker manually could try to locate its modified data and restore or erase it. Obviously, to do this, you have to know where Search.heasyconverter.co might place its files or what data it could alter; we will list these files in the instructions located below this text, so all you need to do is pick the steps fit for your browser. The second option might be a bit easier, given it requires users only to install a legitimate antimalware tool, do a full system check-up, and press the removal button. No matter what you choose, we can further assist you or answer questions related to the threat if you write a comment at the end of this page.

Eliminate Search.heasyconverter.co

Internet Explorer

1. Tap Win+R.
2. Type Regedit and click OK.
3. Search for this particular path: HKCU\Software\Microsoft\Internet Explorer\Main
4. Find a value name titled Start Page.
5. Right-click the value name and select Modify.
6. Replace its value data (http://Search.heasyconverter.co), for example, with google.com.
7. Click OK.
8. Look for the given location: HKCU\Software\Microsoft\Internet Explorer\SearchScopes
9. Right-click a key called {67064262-187A-4836-B1E1-4B5D18CD84CF} and press Delete.
10. Find the same path: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall
11. Right-click a key titled {28e56cfb-e30e-4f66-85d8-339885b726b8} and press Delete.
12. Leave Registry Editor.
13. Press Win+E.
14. Access this folder: %APPDATA%
15. Right-click a folder called {28e56cfb-e30e-4f66-85d8-339885b726b8} and select Delete.
16. Exit File Explorer.
17. Empty your Recycle bin.

Mozilla Firefox

1. Press Win+E.
2. Find the path: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\{UniqueMozillaID}
3. Locate file Prefs.js and open it with Notepad.
4. Search for the given line: user_pref("browser.startup.homepage", "http://Search.heasyconverter.co ").
5. Replace http://Search.heasyconverter.co with a website you like.
6. Tap Ctrl+S.
7. Close the file.

Google Chrome

1. Launch File Explorer (Win+E).
2. Search for the particular path: C:\Users\{Username}\AppData\Local\Google\Chrome\User Data\Default
3. Find data named as Preferences, Secure Preferences, and Web Data.
4. Right-click these files separately and select Delete.
5. Close the Explorer. Download Removal Tool100% FREE spyware scan and
   tested removal of Search.heasyconverter.co*