Removal Guide

Threat Level:
Rate this Article:
Comments (0)
Article Views: 225
Category: Browser Hijackers is a newly discovered browser hijacker from the Polarity Technologies Ltd. family. Other threats that belong to this family include,, and While these browser hijackers can promote links to different websites – at least, the portion of them – they are practically identical. Malware experts even believe that the only reason these hijackers were created was to trick users into interacting with unreliable search results. If that was the case, the easy-access links represented via them are just a distraction. According to the experts in our malware research team, the hijackers from this group are not useful or reliable, and it is best to remove them immediately. If you are not sure you want to delete from your web browser – most likely, from Mozilla Firefox, Google Chrome, or Internet Explorer – we suggest reading this report to learn all about it. If you do not want to wait another moment to get rid of this hijacker, please check out the guide provided to you below.

Do you enjoy the services provided to you by iHeartRadio, YouTube, SoundCloud, Spotify, Pandora, or ESPN? If you do, you might think that is a great tool because it displays easy-access links to these pages. According to our research, the hijacker might take over the homepage, the default search provider, and even the New Tab page once it slithers in. If the homepage and the New Tab are taken over, you will face every time you launch the browser and open a new tab. The interface of this hijacker is not very alarming. It does not showcase random ads, and it does not open random installers when you visit it. Nevertheless, you have to be cautious. While you can open the easy-access links represented via it without facing any risks, you need to be more cautious when interacting with the search tool. If you enter keywords into the search field on the home page, you need to be careful about the links that are shown to you. They could be malicious or misleading because it is hard to say what kinds of parties the hijacker is working with.

There is no doubt that promotes third-party links via the search tool because it showcases modified Yahoo Search results. The infection redirects to this search engine illegally, which is the first sign that you need to be cautious. Of course, because the infection redirects to a well-known and popular search engine, you might think that you can trust it. In fact, if you use Yahoo as your default search provider, you might not even realize that something illegal is happening. As the Privacy Policy representing all Polarity Technologies Ltd. applications and search tools declares, all kinds of information can be shared with undisclosed third parties. Even personally identifiable information could be recorded and leaked! Since you do not know much about the parties associated with the creator of the suspicious, you probably understand that interacting with the search tool is risky.

Is active because you downloaded an add-on/application called “Play Free Music?” This extension is created by the developer of the hijacker to promote it. It is unlikely that the hijacker is standing on its own, but if it does, you can follow the instructions below to delete it. If the add-on/application is involved, you need to get rid of it, and the hijacker should be erased automatically. Since this software does not have official installers, it is probable that you have let it in via third-party installers, which might have been promoting other unreliable pieces of software as well. If you find out that the suspicious hijacker and the extension representing it are not the only threats you must delete, you should consider employing anti-malware software. If you pick the right one, you will have removed automatically along with all other pieces of malware.

How to delete

Internet Explorer:

  1. Simultaneously tap Win+R to launch RUN.
  2. Type regedit.exe into the dialog box and click OK to access Registry Editor.
  3. Navigate to HKCU\Software\Microsoft\Internet  Explorer\Main.
  4. Right-click the value named Start Page and then select Modify.
  5. Overwrite the hijacker’s URL with the desired option and then click OK.
  6. Navigate to HKCU\Software\Microsoft\Internet  Explorer\SearchScopes\.
  7. Delete the key named {839D0EA0-A297-4770-9051-1E5C38AE47CC}.
  8. Navigate to HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\.
  9. Delete the key named {28e56cfb-e30e-4f66-85d8-339885b726b8}.
  10. Simultaneously tap Win+E to launch Explorer.
  11. Enter %APPDATA% into the bar at the top.
  12. Delete the item named {28e56cfb-e30e-4f66-85d8-339885b726b8}.

Mozilla Firefox:

  1. Simultaneously tap Win+E to launch Explorer.
  2. Enter %AppData%\Mozilla\Firefox\Profiles\ into the bar at the top.
  3. Open your Firefox  profile folder with the random name.
  4. Open the file named prefs.js and then overwrite the hijacker’s URL represented via it.
  5. Move to the extensions folder and Delete the {random name} file representing the unwanted extension.

Google Chrome:

  1. Simultaneously tap Win+E to launch Explorer.
  2. Enter %LocalAppData%\Google\Chrome\User Data\ into the bar at the top.
  3. Open the Default folder if profiles do not exist. If profiles exist, open the one representing your Profile.
  4. Delete the files called Preferences, Secure Preferences, and Web Data.
  5. Next, open the Extensions folder.
  6. Delete the {random name} folder representing the unwanted extension.
Download Remover for *
*SpyHunter scanner, published on this site, is intended to be used only as a detection tool. To use the removal functionality, you will need to purchase the full version of SpyHunter. Screenshots:

Comments are closed.