INTERNET screenshot screenshot CREDIT: Jonas Banabaka replaces browser defaults for revenue

Saturday 2 November 2013, 9:51AM
By Jonas Banabaka
293 views, or hijacker, first emerged several months ago but it’s only within the last few weeks that it got a substantial growth in traffic. An increasing number of users have been reporting browser homepage and default search provider being changed to, which is the landing page for this hijacker.

Considering the peculiarities of this infection, it’s obviously aiming at gaining visitors to pages containing online ads, which implies that the people behind the hijacker get paid for bringing potential customers to interested parties. It has been determined that this hijacker typically gets onto a computer as part of certain software downloads, for instance the following apps: Wsys Control, Extended Protection, New Tabs Uninstall, Desk 365 and a number of others which are already being flagged as PUPs (Potentially Unwanted Programs) by some security software.

As a website, does not have signals of malignancy, but one’s browser preferences being forcibly modified means there is a piece of malicious code inside the system, hence immediate measures should be taken for removing it.

Getting rid of nuisance presupposes performing a number of actions for restoring normal browser settings and, more importantly, locating and eradicating the adware which will otherwise keep changing the configuration to the wrong values over and over. Whereas the former activity is rather routine and can be done manually, getting the latter part done is not likely feasible without the use of an automatic antimalware solution that will spot, isolate and eventually clean up the core infection and all of its components scattered throughout the affected system. To effectively and quickly address this problem, it’s recommended to resort to online guides that provide clear and maximally detailed step-by-step removal instructions to follow.