Severity scale:  

Remove (Removal Guide) - Chrome, Firefox, IE, Edge

removal by Olivia Morelli - - | Type: Browser Hijackers is a browser hijacker that uses legitimate search tools like Yahoo or Bing but also infuses searchers with affiliated links is a potentially unwanted program that users typically install unintentionally with freeware or shareware is a URL that users might find their address bars after they install a potentially unwanted application from Search Dimension developer based in the United Arab Emirates. However, the infiltration of a third-party app usually remains unnoticed because it is bundled in a single software package as an optional component, and is often concealed within the installation settings or pre-ticked boxes. The change of the homepage to usually means that the system got infected with the Power App virus.

Once installed, the hijack affects all browsers, including Google Chrome, Safari, Mozilla Firefox, Internet Explorer, and others. The PUP will set the default search engine, homepage, and new tab address to hxxp://, which cannot be changed unless the Power App application is terminated. In most of the cases, however, users will get warned that their browser settings changed (most of the modern search tools do that), so there is an option not to accept the modification in the first place.

Type Browser hijacker – these type of applications are usually installed without direct permission from a computer owner
Developer Search Dimension
Homepage set to hxxp://
Symptoms Browser hijackers usually completely take over the installed web browsers, altering the new tab functionality, the search engine, and the homepage. They also infuse search results with sponsored links, and may redirect to affiliated websites while users are browsing the web
Associated risks Users should be aware that the minor computer infection can turn into something more sinister if the advertised content is clicked and unknown programs downloaded (might even result in malware infections)
Termination To get rid of the PUP, you should scan your device anti-malware software or check our manual removal guide below
Recovery We highly recommend installing Reimage Reimage Cleaner Intego to keep your computer in best shape

After the changes made to the browsers, will start showing sponsored search results at the top, although it uses reputable providers such as Yahoo, Google, and Bing for that purpose. Despite that, the top results shown will not be organic, but rather those that third-parties paid for. In such a way, the websites that users visit drastically changes, and it also artificially inflates the rankings of those sites.

You should immediately think of removal if you found it on your browser and do not remember installing it in the first place. You can get rid of the PUP relatively easily by checking our detailed instructions below or by employing anti-malware software that specializes in potentially unwanted applications. We also suggest you scan your computer with Reimage Reimage Cleaner Intego for the best results. developers claim that applications they provide will effectively increase the speed of browsing, provide enhanced search results, and benefit users in many other ways. However, this is a typical marketing trick used by developers, as they are only interested in ad revenue. browser is a browser hijacker that collects information about users and displays alternative search results

By providing alternative search results and links to sponsored sites, Power App developers earn money for each click made by users. The behavioral advertisement[1] helps the authors to accomplish the goal, as users are more interested in buying products that offered to them. For that, a variety of information is collected about their browsing habits, including:

  • Websites visited;
  • IP address;
  • Keywords;
  • Search queries;
  • Links clicked;
  • Search history;
  • Cookie[2] data;
  • Installed programs, etc.

However, does not stop there when it comes to the collection of data. It may also collect personal information, including name, address, email, phone number, etc. if you agree to provide this information. In some cases, data from social platforms like Facebook can be collected as well. Additionally, we advise not registering any email accounts, as the contents of the messages can be spied on:[3]

When we provide you with an email inbox as part of an Search Dimension Product, we may monitor and collect the contents of such emails in the course of normal maintenance of the relevant Search Dimension Product and its systems.

Essentially, there is no point in using the service, as searchers are powered by Bing, Google, and Yahoo, although ads are inserted as well – you might as well use these providers directly. While browser hijackers are nor a major security threat, experts[4] advise you to remove and all the other potentially unwanted programs from your device as soon as possible.

Power App changes to browsers

Direct Search and Search Power extensions promoting this hijacker

The redirect virus or a browser hijacker can be related to many other browser-based programs like adware-type programs, browser extensions, tools, toolbars, add-ons. Direct Search is a search hijacker that manipulates the browser and changes settings to interfere with the traffic significantly. 

Another tool that promotes and pushes is Search Power. These browser extensions trigger changes to the default search engine and set the startup page, new tab setting son each web browsing tool to the needed engine. In most cases, you notice the add-on installed behind your back when it starts triggering issues with searches and delivers unwanted content directly on the screen all the time.

Direct Search hijackerDirect Search is one of the browser extensions that trigger redirects to

Some warnings that show up during the installation of the application or after the download should be red flags. But when Direct Search PUP states about changes triggered in browsers and tracking issues, you might overlook those pop-ups and allow all the content, unwanted changes, and leave the machine infected.

Direct Search is the hijacker that uses different distribution methods, so you may even found the program promoted and provided on the online shop, Google store, for example. Alternate sites, web stores, spruces associated with questionable companies, and third-parties should be considered malicious.

All third-party sites bundle software, be careful not to install apps you did not intend

Ad-monetization is a lucrative business for many many companies, including such industry giants like Google and Facebook. However, in recent years, users became much warier about what data is collected about them and how it is used due to various data breaches, whistleblowers,[5] and new regulations like GDPR. All the concerns are reasonable, as a lot of information can be collected behind users' backs, without them knowing about it in the first place.

Unfortunately, many potentially unwanted programs still hide the information about data gathering in pages-long policies that nobody reads. Therefore, it is up to users to ensure that applications they install on their computers do not collect more data than they are willing to provide. For that, it is best to avoid third-party apps in the first place and use official sources for app downloads.

If however, you cannot find what you are looking for and opt to choose third-parties, you should be aware that installers often include optional components, and some of them might even be dangerous. Thus, never rush the installation process, decline all the deals/offers, check if Privacy Policy is provided and always select Advanced/Custom installation settings.

Get rid of hijack in two different ways removal should not be that complicated for most of the users. However, the process can differ depending on the application that is tied to the changes that were initiated on your browser. For example, a browser extension can be eliminated via the browser itself, while an installed app needs to be removed via the Control Panel (Windows) or Applications (Mac) folder. sponsored displays non-organic search results at the top, making users visit pre-determined websites

You can also remove with the help of anti-virus software which specializes in potentially unwanted programs. Be aware that not all security applications will be able to detect the PUP, as it is not considered ma major security threat and is usually installed by the user.

Once you get rid of the so-called virus, you should also reset each of the installed browsers to make sure the hijacker does not return.

You may remove virus damage with a help of Reimage Reimage Cleaner Intego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

To remove, follow these steps:

Remove from Windows systems

To get rid of Power App and other unwanted programs from Windows operating systems, please follow these steps:

  1. Click Start Control Panel Programs and Features (if you are Windows XP user, click on Add/Remove Programs). Click 'Start -> Control Panel -> Programs and Features' (if you are 'Windows XP' user, click on 'Add/Remove Programs').
  2. If you are Windows 10 / Windows 8 user, then right-click in the lower left corner of the screen. Once Quick Access Menu shows up, select Control Panel and Uninstall a Program. If you are 'Windows 10 / Windows 8' user, then right-click in the lower left corner of the screen. Once 'Quick Access Menu' shows up, select 'Control Panel' and 'Uninstall a Program'.
  3. Uninstall and related programs
    Here, look for or any other recently installed suspicious programs.
  4. Uninstall them and click OK to save these changes. Right click on each of suspicious entries and select 'Uninstall'
  5. Remove from Windows shortcuts
    Right click on the shortcut of Mozilla Firefox and select Properties. Right click on browsers' icon and select 'Properties'
  6. Go to Shortcut tab and look at the Target field. Delete malicious URL that is related to your virus. Select 'Shortcut' tab and delete '' or other suspicious URL

Repeat steps that are given above with all browsers' shortcuts, including Internet Explorer and Google Chrome. Make sure you check all locations of these shortcuts, including Desktop, Start Menu and taskbar.

Uninstall from Mac OS X system

macOS or Mac OS X users should perform the following actions in order to eliminate the PUP:

  1. If you are using OS X, click Go button at the top left of the screen and select Applications. Cick 'Go' and select 'Applications'
  2. Wait until you see Applications folder and look for or any other suspicious programs on it. Now right click on every of such entries and select Move to Trash. Click on every malicious entry and select 'Move to Trash'

Erase from Internet Explorer (IE)

Remove dangerous add-ons:

  1. Open Internet Explorer, click on the Gear icon (IE menu) on the top-right corner of the browser
  2. Pick Manage Add-ons.
  3. You will see a Manage Add-ons window. Here, look for and other suspicious plugins. Click on these entries and select Disable.Remove add-ons from Internet Explorer

Change your homepage if it was altered:

  1. Open IE and click on the Gear icon.
  2. Select Internet Options.
  3. In the General tab, delete the Home page address and replace it by your preferred one (for example,
  4. Click Apply and then select OK.Reset IE homepage

Delete temporary files:

  1. Press on the Gear icon and select Internet Options.
  2. Under Browsing history, click Delete…
  3. Select relevant fields and press Delete.Clear temporary files from Internet Explorer

Reset Internet Explorer:

  1. Click on Gear icon > Internet options and select Advanced tab.
  2. Select Reset.
  3. In the new window, check Delete personal settings and select Reset again to complete removal.Reset Internet Explorer

Get rid of from Microsoft Edge

Delete unwanted extensions from MS Edge:

  1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
  2. From the list, pick the extension and click on the Gear icon.
  3. Click on Uninstall at the bottom.Remove extensions from Edge

Clear cookies and other browser data:

  1. Click on the Menu (three horizontal dots at the top-right of the browser window) and select Privacy & security.
  2. Under Clear browsing data, pick Choose what to clear.
  3. Select everything (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear.Clear Edge browsing data

Reset MS Edge if that above steps did not work:

  1. Press on Ctrl + Shift + Esc to open Task Manager.
  2. Click on More details arrow at the bottom of the window.
  3. Select Details tab.
  4. Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running.Reset MS Edge

If this solution failed to help you, you need to use an advanced Edge reset method. Note that you need to backup your data before proceeding.

  1. Find the following folder on your computer: C:\\Users\\%username%\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  2. Press Ctrl + A on your keyboard to select all folders.
  3. Right-click on them and pick DeleteAdvanced MS Edge reset 1
  4. Now right-click on the Start button and pick Windows PowerShell (Admin).
  5. When the new window opens, copy and paste the following command, and then press Enter:

    Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\\AppXManifest.xml” -VerboseAdvanced MS Edge reset 2

Instructions for Chromium-based Edge

Delete extensions from MS Edge (Chromium):

  1. Open Edge and click select Settings > Extensions.
  2. Delete unwanted extensions by clicking Remove.Remove extensions from Chromium Edge

Clear cache and site data:

  1. Click on Menu and go to Settings.
  2. Select Privacy and services.
  3. Under Clear browsing data, pick Choose what to clear.
  4. Under Time range, pick All time.
  5. Select Clear now.Clear browser data from Chroum Edge

Reset Chromium-based MS Edge:

  1. Click on Menu and select Settings.
  2. On the left side, pick Reset settings.
  3. Select Restore settings to their default values.
  4. Confirm with Reset.Reset Chromium Edge

Delete from Mozilla Firefox (FF)

  1. Remove dangerous extensions
    Open Mozilla Firefox, click on the menu icon (top right corner) and select Add-ons Extensions. Click on menu icon and select 'Add-ons'
  2. Here, select and other questionable plugins. Click Remove to delete these entries. Select 'Extensions' and look for malicious entries. Click 'Remove' to get rid of each of them
  3. Change your homepage if it was altered by virus:
    Click on the menu (top right corner), choose Options General.
  4. Here, delete malicious URL and enter preferable website or click Restore to default.
  5. Click OK to save these changes. When in 'General' tab, delete malicious URL from 'Home Page' section or click on 'Restore to Default' button. Click 'OK' to save changes
  6. Reset Mozilla Firefox
    Click on the Firefox menu on the top left and click on the question mark. Here, choose Troubleshooting Information. Click on menu icon and then on '?'. Select 'Troubleshooting Information'
  7. Now you will see Reset Firefox to its default state message with Reset Firefox button. Click this button for several times and complete removal. Click on 'Reset Firefox' button for a couple of times

Eliminate from Google Chrome

Make sure you reset Google Chrome after the infection, as traces like cookies might still be left:

  1. Delete malicious plugins
    Open Google Chrome, click on the menu icon (top right corner) and select Tools Extensions. Click on menu icon. Select 'Tools' and 'Extensions'
  2. Here, select and other malicious plugins and select trash icon to delete these entries. Look for malicious entries and delete each of them by clicking on the Trash bin icon
  3. Change your homepage and default search engine if it was altered by your virus
    Click on menu icon and choose Settings.
  4. Here, look for the Open a specific page or set of pages under On startup option and click on Set pages. After clicking on menu and 'Settings', select 'Set pages'
  5. Now you should see another window. Here, delete malicious search sites and enter the one that you want to use as your homepage. Click 'X' to remove malicious URLs
  6. Click on menu icon again and choose Settings Manage Search engines under the Search section. When in 'Settings', select 'Manage search engines...'
  7. When in Search Engines..., remove malicious search sites. You should leave only Google or your preferred domain name. Click 'X' to remove malicious URLs
  8. Reset Google Chrome
    Click on menu icon on the top right of your Google Chrome and select Settings.
  9. Scroll down to the end of the page and click on Reset browser settings. When in 'Settings', scroll down to 'Reset browser settings' button and click on it
  10. Click Reset to confirm this action and complete removal. Click on 'Reset' button to complete your removal

Remove from Safari

  1. Remove dangerous extensions
    Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences. Click on 'Safari' and select 'Preferences'
  2. Here, select Extensions and look for or other suspicious entries. Click on the Uninstall button to get rid each of them. Go to 'Extensions' and uninstall malicious add-ons
  3. Change your homepage if it was altered by virus:
    Open your Safari web browser and click on Safari in menu section. Here, select Preferences as it was displayed previously and select General.
  4. Here, look at the Homepage field. If it was altered by, remove unwanted link and enter the one that you want to use for your searches. Remember to include the "http://" before typing in the address of the page. When in 'General', delete malicious URL and enter your desired domain name
  5. Reset Safari
    Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari.... Click on 'Safari' and select 'Reset Safari...'
  6. Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete removal process. Select all options and click on 'Reset' button

Access your website securely from any location

When you work on the domain, site, blog, or different project that requires constant management, content creation, or coding, you may need to connect to the server and content management service more often. It is a hassle when your website is protected from suspicious connections and unauthorized IP addresses.

The best solution for creating a tighter network could be a dedicated/fixed IP address. If you make your IP address static and set to your device, you can connect to the CMS from any location and do not create any additional issues for server or network manager that need to monitor connections and activities. This is how you bypass some of the authentications factors and can remotely use your banking accounts without triggering suspicious with each login. 

VPN software providers like Private Internet Access can help you with such settings and offer the option to control the online reputation and manage projects easily from any part of the world. It is better to clock the access to your website from different IP addresses. So you can keep the project safe and secure when you have the dedicated IP address VPN and protected access to the content management system.

Backup files for the later use, in case of the malware attack

Computer users can suffer from data losses due to cyber infections or their own faulty doings. Ransomware can encrypt and hold files hostage, while unforeseen power cuts might cause a loss of important documents. If you have proper up-to-date backups, you can easily recover after such an incident and get back to work. It is also equally important to update backups on a regular basis so that the newest information remains intact – you can set this process to be performed automatically.

When you have the previous version of every important document or project you can avoid frustration and breakdowns. It comes in handy when malware strikes out of nowhere. Use Data Recovery Pro for the data restoration process.

About the author
Olivia Morelli
Olivia Morelli - Ransomware analyst

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Olivia Morelli
About the company Esolutions


Your opinion regarding