What is is a browser hijacker that was developed by Polarity Technologies Ltd. This company has been mentioned in hundreds of our reports because it is linked to hundreds of hijackers and extensions that accompany them. This company is well-known for its questionable activity (e.g., it can force users to change browser settings) and its ability to track information that is considered to be personally identifiable. Since the company works with parties who are not identified or disclosed, having personal information tracked and shared could be dangerous. That is one of the reasons you should not trust the software created by the company. If it is already installed on your PC and browsers, we recommend deleting it. The good news is that you should be able to remove manually. If you are not sure of that, please continue reading, and if you choose to follow the guides below, make sure you are meticulous and cautious.test

How does work?

As mentioned already, Polarity Technologies Ltd. has created tons of hijackers, and it appears that all of them are similar. is similar to,,, and various other hijackers. While they are created according to different themes, they all have identical interfaces, and they all use the same unreliable search tool. Speaking of the interface, we have to mention that provides easy-access links to,,, and other IRS forms, which suggests that the hijacker is targeted at Chrome, Firefox, and Internet Explorer users who live in the United States. In most cases, users are introduced to the hijacker via an extension called “Free Forms.” It is promoted at, but it also has an installer on the Chrome web store at This extension promises to find free printable forms, and there is no denying that it keeps its promise to some extent. That, however, does not make the tool trustworthy or worth keeping around. If you want IRS forms, you can visit, and you do not need to install any questionable, removal-deserving software for that.

A search tool linked to might seem like an additional tool, just like the easy-access links to,, and other popular sites. In reality, it might be the star of the show. This search tool is offered by all hijackers created by the suspicious company, and it always redirects searches to Yahoo Search at This engine, at first sight, is reliable, but the results can be modified by to include sponsored content. This content belongs to parties we know nothing about, which is why we cannot guarantee that the content itself is trustworthy. On top of that, advertisers working with the hijacker can spy on you to analyze your activity and then target you with more personalized content. might be set as the homepage on Firefox and IE browsers, and it could take over the default search provider on Mozilla Firefox. It is represented via the New Tab on all browsers. Needless to say, we do not trust the hijacker, and so we strongly recommend deleting it as soon as possible. Of course, first, you might have to remove the “Free Forms” extension.

How to remove

As we discussed, is usually represented via an extension that has an official installer. Unfortunately, it could also be spread via malicious websites, and it is even possible that your browsers were corrupted without your permission at all. If malware has invaded your PC silently, or if you have used an unfamiliar installer, it is crucial that you install a trustworthy malware scanner. Hopefully, other threats do not exist, but if they do, you must remove them immediately. What about the hijacker? We suggest deleting as well, and you should be able to eliminate it successfully using the guides below. Just remember that you might have to delete the “Free Forms” add-on first (or uninstall an application, if you are using Internet Explorer). If you fail to eliminate the hijacker, do not hesitate to start a conversation in the comments section. Also, remember that a trusted anti-malware tool is good not only at protecting you but also at automatically erasing existing threats.

Removal Instructions

N.B. You might need to remove the “Free Forms” extension before you get on with these instructions.

Internet Explorer:

  1. Launch RUN (tap Win+R keys) and enter regedit.exe.
  2. In the pane on the left of Registry Editor move to HKCU\Software\Microsoft\Internet Explorer\Main.
  3. Double-click the Start Page value to open it.
  4. Overwrite the hijacker’s URL and then click OK.

Mozilla Firefox:

  1. Launch Explorer (tap Win+E keys) and then enter %AppData%\Mozilla\Firefox\Profiles\ into the bar at the top.
  2. Open the folder representing your Firefox profile.
  3. Right-click the file named prefs.js and choose to open it using any text reader.
  4. Overwrite the hijacker’s URL represented within the file and then save the file.

Google Chrome:

  1. Launch Explorer (tap Win+E keys) and then enter %LOCALAPPDATA%\Google\Chrome\User Data\ into the bar at the top (%USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\ for Windows XP users).
  2. Open the folder representing your Chrome profile (if profiles do not exist, open the Default folder).
  3. Delete the files named Preferences, Secure Preferences, and Web Data (alternatively, open them using a text reader, overwrite the hijacker’s URL, and then save the file). 100% FREE spyware scan and
    tested removal of*

Leave a Comment

Enter the numbers in the box to the right *