Search Incognito Redirect Removal - How to, Technology and PC Security Forum |

Search Incognito Redirect Removal


Search Incognito is the name of a search engine that supposedly will not track your searches, nor invade your privacy. That is not true as the engine has browser hijacking capabilities and will put its main page as your default start page. On top of that, your new tab window and current search engine will also redirect you to the hijacker’s page. Doing a search will land you on the hijacker’s search results and your search will be filtered by unknown servers. To remove the browser hijacker and its related files, you should read the full article.

Threat Summary

NameSearch Incognito
TypeBrowser Hijacker, PUP
Short DescriptionBrowser applications on your computer can be affected. The hijacker can redirect you and will show you ads.
SymptomsThe homepage, search engine and new tab of your browsers will be replaced. You will be redirected from the search results, from search bars or from the new tab.
Distribution MethodFreeware Installations, Bundled Packages
Detection Tool See If Your System Has Been Affected by Search Incognito


Malware Removal Tool

User ExperienceJoin Our Forum to Discuss Search Incognito. – Spread

The redirect could be spreading itself in many ways. One of them is through third-party installations of freeware and bundled applications. Normally, applications such as these are some download clients, media players and converting software. The installation setups could add additive features on your computer system, by default. With you not knowing that, nothing will stop the program to install a feature like that, which will lead to the hijacker altering your browsers’ settings. Avoiding undesirable components from being installed on your computer device is manageable if you find a Custom or an Advanced options menu.

Various other ways for spreading the redirect. Some of them might involve a browser add-on, extension or even a plug-in, placed in your browser software. Banners, pop-ups, as well as pop-unders and other ad types, hosted on sites can be used as another spread method. This hijacker might use redirect links for distributing itself and could be putting them around similar websites. These websites might be partnered or affiliated with the hijacker in question. The following browsers could be affected: Google Chrome, Internet Explorer, Safari and Mozilla Firefox. – Analysis

Search Incognito is a fake search engine which has an official website that bears the same name – The platform has browser hijacking capabilities and it uses them to push it website and replace your browser settings with it. Those settings are the default search engine, start page, and new tab window. On top of that, it will redirect you to other sites as well and might replace more settings in your browser programs.

You can see the official page described above, right here on the snapshot:


The page is simply made and does not offer much. The page is made of a blank, white background, a logo of a ninja, a search bar a few links in the footer of the page. The links redirect to the Privacy Policy, Terms and Conditions and related contact information. Beneath the search bar, there is a button that leads to the setup of a browser extension for the current browser you are viewing the page with, although it’s only for the most popular browsers.

In the image shown under this paragraph, you can see two examples of pages showing search results of The hijacker platform promotes itself as being a viable and better substitution for the most famous search engines. The reason that is given to support this claim is that the hijacker does not track you, does not gather information about you and does not push targeted content in the form of advertisements. The facts speak the contrary, and this platform can collect everything you input into its search bar.

When the hijacker’s search engine does not work, you will see a similar result as the one depicted below:


That happens often and probably more than half of the times a person tries to search something. The most contradictory thing here is that even though the hijacker goes out of its way to make you believe that it does not track you and is different than the most popular search engines, it provides links to them on the right of the page when it fails to do a simple search.

And this is the outcome if the search is repeated:


You will witness so many advertisements that they will cover almost the entire page. You could even get redirected to other browser hijackers. Each search query you make will get filtered by the redirect. That means that some information is going to be collected and stored on its servers, including other queries made from the search bar, clicks on links and advertisements, etc. Be careful if you used that fake search engine before and think about removing it.

The duplicity seen above proves that this hijacker is absolutely dishonest. Refrain from giving it any information like account credentials or banking details. The redirect links, which are in the form of in-text ads could be displayed all over search pages. Browser cookies and other tracking technologies are used for the gathering of information. Read further to see everything related to the intrusion of your Privacy regarding the website. – Privacy Policy

The Privacy Policy of the website can be found at the address: The policy is rather short but both ambiguous and suspicious. You can have a look at the Policy from here:


The policy makes statements which are contradictory by themselves from seeing what this browser hijacker does. For instance, take a look at this excerpt from the policy:

The most popular search engines create search profiles of specific users in order to retarget ads based on those search queries…

The above statement is only provided to boost the reputation of of being different than other search engines. The funny thing is that in actuality, the browser hijacker is different, but not in a good way. Despite the fact that your browsers will be hijacked, there is a multitude of advertisements being pushed by To make it worse, the ads come in bulk and can fill up the whole page with search results, when it works. The ads are both targeted and irrelevant, as some may even lead you to the result pages of other browser hijackers.

Many more inconsistencies exist, and the most obvious one is that the hijacker says that it does not use tracking tools, but is evident it uses cookies. Browser cookies are one of the most common tracking tools used by websites, and they can provide their owners with both personal and technical information. In this case, it is only assumed that personally identifying information is collected by the cookies. The basis of this assumption is presented in the following screenshot:


Notice how the expiration date of one of the cookies is set for a whole year. Even if you stop using their service, that cookie will stay on your computer if you do not delete it. That is highly suspicious, and the only logical explanation is that the hijacker has sent its cookies to spy on you and your interactions with its site as well as others online.

Note that this is a platform that lies to you, gathers information from you and it definitely can have access to your IP address and geographical location, which is considered as personally identifiable information. Thus, do not trust it in any way and be careful with what you input on the site if you decide to keep using it, despite the revelations which are described above.

Remove Fully

To remove manually from your computer, follow the step-by-step removal instructions provided below. In case the manual removal does not get rid of the hijacker redirect and its files completely, you should search for and remove any leftovers with an advanced anti-malware tool. Such a program can keep your computer safe in the future.


Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share