Removal Guide

Threat Level:
Rate this Article:
Comments (0)
Article Views: 733
Category: Browser Hijackers is not a legitimate search engine. Rather, it is a browser hijacker whose sole purpose is to modify your browser’s settings and change its homepage address to redirect web traffic. This is how a browser hijacker works and for this reason alone you should remove it. Another characteristic of a browser hijacker is that it is imposed on your browser secretly using malicious software installers. Even though this particular hijacker does not show shady promotional links to make money, it does, however, collect information about you that can be shared with third parties.

Apparently, belongs to the Elex browser hijacker family, and, aside from this hijacker, this hijacker family also includes hijackers such as,, and, among other hijackers. In the past, we have established that Elex’s browser hijackers are part of an online advertising campaign that generates a healthy profit. However, does not feature promotional links in its search results. The reason for this is unknown, but this does not make it any more legitimate due to the same methods used to distribute it.

While conducting our research we found that relies on bundled third-party installers to disseminate it on the web. These installers are hosted on freeware distributing websites and should contain several applications. We believe that this browser hijacker is injected into your web browser by the installer because it does not come with a browser add-on that could manage the hijacking process. According to our findings, in most cases, this malicious search engine is imposed on a browser without the user’s authorization or consent. So if you have it on your computer, then you most likely got it accidentally by installing a seemingly legitimate application that was bundled with additional content.

It is important to note that the approach used to hijack your browser differs significantly from that used by other browser hijackers. Testing has shown that during the infection, the malicious installer will create batch files for your installed browsers in the %APPDATA% folder. It will create files named Google Chrome.lnk and Mozilla Firefox.lnk if you have both of these browsers on your computer. Note that Microsoft Internet Explorer is unsupported. In addition, the installer will create files in C:\ProgramData named Google Chrome.lnk.bat and Mozilla Firefox.lnk.bat. Furthermore, it will replace the desktop shortcuts of the browsers with modified ones that load when you open the web browser. All of this effort goes into ensuring that you do not change the homepage address and if you do, then the hijacker will override your settings. Nevertheless, you can delete those files and set a new homepage address, but we will discuss this at the end.

Before we wrap up this description, we want to point your attention to this hijacker’s privacy policy. According to our research is set to collect all kinds of information about you. It may request or collect personal information in a variety of ways and obtain information such as your name, gender, date of birth and country of origin. However, the collected information is not limited to this information only. The privacy policy also states that this browser hijacker can obtain information such as the Internet Protocol (IP) address, browser type, Internet Service Provider (ISP,) referring/exit pages, platform type, date/time stamp, and the number of clicks to analyze trends, and so on. Usually, this information is used to customize the advertising campaign and personalize the ads. However, our research has shown that this particular browser hijacker does not generate modified search results that include shady promotional links, so there is no telling why this information is collected. redirects all of the search queries to, so when you use this hijacker, you are using Google, so there is no point in keeping it because it does not improve your browsing experience.

We advocate for removing this malicious search engine because it is disseminated in a dishonest manner and is set to modify your browser’s settings without your knowledge or consent. Even though it does not feature shady promotional links, it does collect information about you that you should keep private, so do not hesitate and make use of the removal guide below.

How to remove

  1. Press Windows+E keys.
  2. Type C:\ProgramData in the address box.
  3. Find Google Chrome.lnk.bat and Mozilla Firefox.lnk.bat
  4. Right-click them and click Delete.
  5. Then, type %APPDATA% in the address box.
  6. Find Google Chrome.lnk and Mozilla Firefox.lnk
  7. Right-click them and click Delete.
  8. Delete modified shortcuts from the desktop.
  9. Empty the Recycle Bin.
Download Remover for *
*SpyHunter scanner, published on this site, is intended to be used only as a detection tool. To use the removal functionality, you will need to purchase the full version of SpyHunter. Screenshots:


Your email address will not be published.


Enter the numbers in the box to the right *