Severity scale:  
  (10/100) How to remove? (Uninstall guide)

removal by Ugnius Kiguolis - - | Type: Browser Hijackers — a browser hijacker which promotes MacKeeper and other questionable Mac software hijack - a browser hijacker which modifies the default search engine, new tab URL, and the homepage of affected browsers

Questions about is a fake web search engine created by weknow – an Israeli-based developer who has been using numerous techniques to push its product. Similarly to, this application is considered to be a browser hijacker[1] as it spreads via the fake Adobe Flash Player and changes the homepage, the default search engine and new tab address on Google Chrome web browser. In Safari, the virus changes its bookmarks and doesn't touch the default search engine. However, it also sets to launch bookmarks when Safari is started. Additionally, the dubious app starts showing sponsored links promoting MacKeeper and other Mac cleaning tools and redirects all search queries to WebCrawler. We do NOT recommend trusting Weknow AC or using it as your default search provider as you can end up infecting your device with malware. Keep in mind that the search results are altered, so they can be filled with unsafe links or misleading information.

Type Browser hijacker
Danger level High. Actively affects computer systems
OS affected  
Browsers affected Chrome, Firefox, Safari
Details gathered
  • Technical information;
  • Usage information;
  • Social networks;
  • Registration related information;
  • Support related information.
To avoid Stay away from dubious sites, do not use secondary installers, download and install an antivirus.
Spreads by Software bundles, malicious ads promoting fake Adobe Flash player, etc.
Deletion process Use Reimage to get rid of the PUP completely

Unlike most other browser hijackers, this one only affects Mac OS users, although it does not mean that developers will not create a version compatible with Windows-based systems. Browser-hijacking applications such as come with thru fake ads or bundled software. Here is one of the examples[2]:

While browsing with Chrome two days ago, I made the idiotic mistake of clicking on a Flash download popup and immediately noticed signs of infection by this malware. 

However, software bundling is the most prominent PUP[3] distribution method. To create revenue, developers of virus employ various tracking technologies, such as beacons, tracking cookies, JavaScript, and similar. With the help of these tools, various non-personal details are transferred to the app's authors. The information contains:

  • Information regarding the victim's device;
  • Apps used;
  • Bookmarks;
  • Search queries;
  • Websites viewed and the length of the visit;
  • User's interaction on social networks;
  • Links clicked;
  • IP address;
  • Internet service provider (ISP), etc.

While the most of such data is personally non-identifiable, personal information is also collected:

While it is not our intention to collect any personally identifiable information (“PII”) (except for registration and user support purposes as set forth in this Privacy Policy), the data collected may include PII.

This data includes:

  • Email address;
  • Social security numbers;
  • Credit card numbers;
  • Login information, etc.

It is essential to keep your personal information safe and not to disclose it inside third-party websites could redirect you to. from questionable websites. is a program that discloses various suspicious features about it on the official website.

To avoid such data leakage, perform removal by manually eliminating the threat or using professional security software. We suggest using Reimage, although you can use any other anti-malware software of your liking. 

Additionally, hijack can result in numerous redirects to suspicious websites. This kind of pages may even contain harmful components (such as keyloggers, ransomware, crypto-miner or trojan horses). In some cases, you might end up infecting your machine with these malicious programs and harming system files, which can result in personal data loss. 

All in all, we recommend you remove fro your computer as soon as possible. The annoying ads, system slowdowns, and even potential information leakage is something you could experience on a daily basis. Thus, you are better off without the unwanted application on your PC.

However, in some situations, you might face issues related to fixing your system as We Know malware tends to modify Chrome policies or Safari bookmarks to make them launched once the browser is started. In this case, reinstalling the web browser works the best.

Browser hijacker infiltration techniques and ways to avoid it

According to tech professionals[4], PUPs spread bundled in freeware or shareware packages.[5] These free applications obtain online can contain optional components that could be removed before the installation is complete. Unfortunately, developers often fail to disclose the information how to do so, and deceptively ask users to use Recommended or Quick installation modes. distribution is a potentially unwanted program that comes via bundled freeware or even installs additional content to the device.

In order to avoid browser hijacker infections, follow these guidelines:

  • When installing free software, always opt for Advanced or Custom installation settings. Then, remove all the optional components before the installation of the desired application is finalized;
  • Avoid browsing questionable websites, as well as file-sharing domains;
  • Download and install an antivirus program on your computer. If kept up-to-date it can detect even the most recent threats;
  • Finally, be attentive and do not trust everything that is suggested to you on the internet.

Eliminate the fake search engine quickly

To remove manually, you should eliminate all browser extensions and questionable applications that you do not recognize. For that, follow our step-by-step guide below this article. Make sure that execute each step with great caution. If you make mistakes, virus might return.

If you want a fast virus removal, consider downloading and installing an anti-malware program. Pick one of the programs mentioned below, download it and bring it up to date. These tools will get rid of the cyber threat within a couple of minutes. If you have been struggling with the whole procedure, use the video guide presented below.

You can remove virus damage automatically with a help of one of these programs: Reimage, Malwarebytes MalwarebytesCombo Cleaner, Plumbytes Anti-MalwareMalwarebytes Malwarebytes. We recommend these applications because they detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Malwarebytes.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Combo Cleaner.

To remove, follow these steps:

WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Erase from Windows systems

  1. Click Start Control Panel Programs and Features (if you are Windows XP user, click on Add/Remove Programs).Click 'Start -> Control Panel -> Programs and Features' (if you are 'Windows XP' user, click on 'Add/Remove Programs').
  2. If you are Windows 10 / Windows 8 user, then right-click in the lower left corner of the screen. Once Quick Access Menu shows up, select Control Panel and Uninstall a Program. If you are 'Windows 10 / Windows 8' user, then right-click in the lower left corner of the screen. Once 'Quick Access Menu' shows up, select 'Control Panel' and 'Uninstall a Program'.
  3. Uninstall and related programs
    Here, look for or any other recently installed suspicious programs.
  4. Uninstall them and click OK to save these changes. Right click on each of suspicious entries and select 'Uninstall'
  5. Remove from Windows shortcuts
    Right click on the shortcut of Mozilla Firefox and select Properties. Right click on browsers' icon and select 'Properties'
  6. Go to Shortcut tab and look at the Target field. Delete malicious URL that is related to your virus. Select 'Shortcut' tab and delete '' or other suspicious URL

Repeat steps that are given above with all browsers' shortcuts, including Internet Explorer and Google Chrome. Make sure you check all locations of these shortcuts, including Desktop, Start Menu and taskbar.

WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Delete from Mac OS X system

If you got a browser hijacker infection on your Mac operating system, follow these guidelines in order to get rid of it:

  1. If you are using OS X, click Go button at the top left of the screen and select Applications. Cick 'Go' and select 'Applications'
  2. Wait until you see Applications folder and look for or any other suspicious programs on it. Now right click on every of such entries and select Move to Trash. Click on every malicious entry and select 'Move to Trash'
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Remove from Internet Explorer (IE)

  1. Remove dangerous add-ons
    Open Internet Explorer, click on the Gear icon (IE menu) on the top right corner of the browser and choose Manage Add-ons. Click on menu icon and select 'Manage add-ons'
  2. You will see a Manage Add-ons window. Here, look for and other suspicious plugins. Disable these entries by clicking Disable: Right click on each of malicious entries and select 'Disable'
  3. Change your homepage if it was altered by virus:
    Click on the gear icon (menu) on the top right corner of the browser and select Internet Options. Stay in General tab.
  4. Here, remove malicious URL and enter preferable domain name. Click Apply to save changes. Delete malicious URL, enter your desired domain name and click 'Apply' to save changes
  5. Reset Internet Explorer
    Click on the gear icon (menu) again and select Internet options. Go to Advanced tab.
  6. Here, select Reset.
  7. When in the new window, check Delete personal settings and select Reset again to complete removal. Go to 'Advanced' tab and click on 'Reset' button. Now select 'Delete personal settings' and click on 'Reset' button again
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Eliminate from Microsoft Edge

Reset Microsoft Edge settings (Method 1):

  1. Launch Microsoft Edge app and click More (three dots at the top right corner of the screen).
  2. Click Settings to open more options.
  3. Once Settings window shows up, click Choose what to clear button under Clear browsing data option. Go to Settings and select 'Choose what to clear'
  4. Here, select all what you want to remove and click Clear. Select 'Clear' button
  5. Now you should right-click on the Start button (Windows logo). Here, select Task Manager. Open the start menu and select 'Task Manager'
  6. When in Processes tab, search for Microsoft Edge.
  7. Right-click on it and choose Go to details option. If can’t see Go to details option, click More details and repeat previous steps. Right-click 'Microsoft Edge' and select 'Go to details' Select 'More details' if 'Go to details' option fails to show up
  8. When Details tab shows up, find every entry with Microsoft Edge name in it. Right click on each of them and select End Task to end these entries. Find Microsoft Edge entries and select 'End Task'

Resetting Microsoft Edge browser (Method 2):

If Method 1 failed to help you, you need to use an advanced Edge reset method.

  1. Note: you need to backup your data before using this method.
  2. Find this folder on your computer: C:\Users\%username%\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  3. Select every entry which is saved on it and right click with your mouse. Then Delete option. Go to Microsoft Edge folder on your computer, right-click every entry and click 'Delete'
  4. Click the Start button (Windows logo) and type in window power in Search my stuff line.
  5. Right-click the Windows PowerShell entry and choose Run as administrator. Find Windows PowerShell, right-click it and select 'Run as administrator'
  6. Once Administrator: Windows PowerShell window shows up, paste this command line after PS C:\WINDOWS\system32> and press Enter:
    Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register $($_.InstallLocation)\AppXManifest.xml -Verbose}
    Copy and paste a required command and press 'Enter'

Once these steps are finished, should be removed from your Microsoft Edge browser.

WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Get rid of from Mozilla Firefox (FF)

If is performing the malicious activity on your Mozilla Firefox browser, consider removing it by following this guidance:

  1. Remove dangerous extensions
    Open Mozilla Firefox, click on the menu icon (top right corner) and select Add-ons Extensions. Click on menu icon and select 'Add-ons'
  2. Here, select and other questionable plugins. Click Remove to delete these entries. Select 'Extensions' and look for malicious entries. Click 'Remove' to get rid of each of them
  3. Change your homepage if it was altered by virus:
    Click on the menu (top right corner), choose Options General.
  4. Here, delete malicious URL and enter preferable website or click Restore to default.
  5. Click OK to save these changes. When in 'General' tab, delete malicious URL from 'Home Page' section or click on 'Restore to Default' button. Click 'OK' to save changes
  6. Reset Mozilla Firefox
    Click on the Firefox menu on the top left and click on the question mark. Here, choose Troubleshooting Information. Click on menu icon and then on '?'. Select 'Troubleshooting Information'
  7. Now you will see Reset Firefox to its default state message with Reset Firefox button. Click this button for several times and complete removal. Click on 'Reset Firefox' button for a couple of times
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Uninstall from Google Chrome

Remove the PUP from Google Chrome by looking through these instructions:

  1. Delete malicious plugins
    Open Google Chrome, click on the menu icon (top right corner) and select Tools Extensions. Click on menu icon. Select 'Tools' and 'Extensions'
  2. Here, select and other malicious plugins and select trash icon to delete these entries. Look for malicious entries and delete each of them by clicking on the Trash bin icon
  3. Change your homepage and default search engine if it was altered by your virus
    Click on menu icon and choose Settings.
  4. Here, look for the Open a specific page or set of pages under On startup option and click on Set pages. After clicking on menu and 'Settings', select 'Set pages'
  5. Now you should see another window. Here, delete malicious search sites and enter the one that you want to use as your homepage. Click 'X' to remove malicious URLs
  6. Click on menu icon again and choose Settings Manage Search engines under the Search section. When in 'Settings', select 'Manage search engines...'
  7. When in Search Engines..., remove malicious search sites. You should leave only Google or your preferred domain name. Click 'X' to remove malicious URLs
  8. Reset Google Chrome
    Click on menu icon on the top right of your Google Chrome and select Settings.
  9. Scroll down to the end of the page and click on Reset browser settings. When in 'Settings', scroll down to 'Reset browser settings' button and click on it
  10. Click Reset to confirm this action and complete removal. Click on 'Reset' button to complete your removal
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Erase from Safari

  1. Remove dangerous extensions
    Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences. Click on 'Safari' and select 'Preferences'
  2. Here, select Extensions and look for or other suspicious entries. Click on the Uninstall button to get rid each of them. Go to 'Extensions' and uninstall malicious add-ons
  3. Change your homepage if it was altered by virus:
    Open your Safari web browser and click on Safari in menu section. Here, select Preferences as it was displayed previously and select General.
  4. Here, look at the Homepage field. If it was altered by, remove unwanted link and enter the one that you want to use for your searches. Remember to include the "http://" before typing in the address of the page. When in 'General', delete malicious URL and enter your desired domain name
  5. Reset Safari
    Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari.... Click on 'Safari' and select 'Reset Safari...'
  6. Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete removal process. Select all options and click on 'Reset' button

About the author

Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Ugnius Kiguolis
About the company Esolutions


Removal guides in other languages

Your opinion regarding