What is is a threat that falls under the classification of browser hijackers. Our researchers at came across a version compatible with Internet Explorer, but they say it is most likely the application works on browsers like Google Chrome or Mozilla Firefox too. While testing this search engine, it was noticed it can replace user’s default search engine and homepage. As a result, the hijacked browser should start loading after launching it or initiating a new search. The problem with it that it may display modified Yahoo search results. Modified results mean there could be additional advertisements from various third parties among them. However, the worst part is there is not knowing where this material might come from. In other words, we would not be surprised if some ads would appear to be dangerous. Because of this, we advise against the browser hijacker’s usage. Thus, at the end of this report, we will place instructions explaining how to eliminate it manually.testtest

Where does come from? might be installed accidentally as our researchers say it could be bundled with other applications or threats alike. What we are trying to explain is if you do not recall agreeing to install this browser hijacker the chances are it came as an additional offer on another program's installer. It could have been easily overlooked if you did not review all terms and did not bother to pick advanced installation settings. The next time, you should look through all available information carefully. Some bundled installers allow to deselect unwanted suggestions and other only mention you will receive more tools than expected, but will not let you uncheck them. If it is the latter case, the smartest thing to do would be to cancel the process as you do not know what possible threats could be installed automatically. Especially, if the setup file comes from torrent or other P2P file-sharing networks (e.g.,,, since they cannot be trusted.

How does work?

The application should hijack the browser by replacing your usual homepage or default search engine with It may look like any other search engine at first, but with time you could start seeing suspicious advertisements from various third parties. Our researchers believe there is such a chance because the threat displays modified Yahoo search results and so it could be able to inject them with third-party advertising. We have seen such behavior in other similar applications as this is not the first browser hijacker we are seeing. In fact, it is not even the first unreliable search engine we have tested from Polarity Technologies Ltd. This name may not tell you anything, but to our researchers, the company is known for distributing browser hijackers and potentially unwanted programs.

Furthermore, as usual, in the End User License Agreement the developers claim they take no responsibility for third-party content; and in the Privacy Policy paper, you can find statements claiming the tool can gather information about you to “present you with offers for other products, offerings, programs, features,” and so on. Without knowing where such material could come from or what it could promote there is a risk some of the ads might lead to sites containing malware, offering to participate in fake surveys, etc. Knowing there is a chance to come across such material we believe it would be best to replace with a safer alternative (e.g.,

How to erase

If you want to get rid of the browser hijacker you have two options. The first one is to delete or alter the threat’s modified files. To make it easier for you, we are adding instructions showing where to find such data and how to restore it at the end of this text. The second option is to install a legitimate antimalware tool, perform a system scan, and then press the given removal button.


Internet Explorer

  1. Tap Win+R.
  2. Type Regedit and click OK.
  3. Search for this given path: HKCU\Software\Microsoft\Internet Explorer\Main
  4. Find a value name titled Start Page.
  5. Right-click the value name and select Modify.
  6. Replace its value data (http:/, for example, with
  7. Then go to HKCU\Software\Microsoft\Internet Explorer\SearchScopes
  8. Find a key named {9A92EDF7-C77D-4030-8284-696E227A56B9}, right-click it and select Delete.
  9. Navigate to HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall
  10. Locate a key titled {28e56cfb-e30e-4f66-85d8-339885b726b8}, right-click it and Delete it too.
  11. Click OK.

Mozilla Firefox

  1. Press Win+E.
  2. Find the path:
  3. Locate file Prefs.js and open it with Notepad.
  4. Search for the given line: user_pref("browser.startup.homepage", "").
  5. Replace with a website you like.
  6. Tap Ctrl+S.
  7. Close the file.

Google Chrome

  1. Launch File Explorer (Win+E).
  2. Search for the following path: C:\Users\{Username}\AppData\Local\Google\Chrome\User Data\Default
  3. Find data named as Preferences, Secure Preferences, and Web Data.
  4. Right-click these files separately and select Delete.
  5. Close the Explorer. 100% FREE spyware scan and
    tested removal of*

Leave a Comment

Enter the numbers in the box to the right *