Severity scale:  

Remove redirect (Virus Removal Guide) - Oct 2020 update

removal by Alice Woods - -   Also known as Cassiopessa | Type: Browser Hijackers

Cassiopesa is a Chromium-based browser categorized as a potentially unwanted program that makes unwanted changes on the computer is a domain name that users will see on their Google Chrome, Safari, Internet Explorer, Mozilla Firefox, or another browser after they get hijacked by a potentially unwanted application. The program comes in the form of a Chromium-based browser and initiates all the other changes at once.

Potentially unwanted programs[1] (or PUPs for short) usually come bundled inside a software package downloaded from third-party hosting sites. Unfortunately, users might not be presented with the full list of the apps that are about to be installed unless the Advanced/Custom settings are picked. Soon after that, they will notice the hijack and that their default web browser that opens .html, .php and other webpage-associated extensions changed to a customized version of Chromium.

Beware that Cassiopesa may cause various unwanted issues during your browsing. For example, it may initiate continuous redirects to unknown and suspicious websites, diminish web browser performance, or may even track your online activities. Therefore, if you noticed that your default web browser changed without your permission, you should immediately proceed with removal from your system.

Name Cassiopesa
Type Potentially unwanted program, browser hijacker
Category Browser based on Chromium project
Search engine set to
Symptoms Hijacked web browsers, sponsored links, intrusive ads, redirects, etc.
Potential risks Installation of bogus software, malware infection, information disclosure to unknown parties, etc.
Termination To delete the browser automatically, scan your system with ReimageIntego or make use of our manual removal guide below

It is worth mentioning that Chromium is a legitimate web browser and an open-source project by Google. Unfortunately, many businesses that specialize is online advertising adopted it and turned it into potentially unwanted programs. Here are a few examples of potentially malicious browsers that work similarly to Cassiopesa:

  • Citrio
  • Chroomium
  • Qword
  • WebDiscover
  • Yandex
  • Fusion, etc.

The primary feature of is to display the promoted sites in all possible ways. For that, the developers employ software bundling[2] in order to distribute the app to as many people as possible, which consequently performs changes to other web browsers and installs itself as a default one.

Users then can see a variety of sponsored links at the top of the search results that lead to affiliated sites. Besides, users might encounter pop-ups, deals, offers, in-text links, and other ads from that might cover the underlying content of all visited sites, diminishing the web browser experience.

In some cases, the ads that offer bogus system scanners and fake driver updates might be inserted directly into the startup page. In such a way, the developers guarantee that the sponsored content will be viewed by millions, consequently guaranteeing revenue for themselves. Unfortunately, Cassiopesa virus victims will struggle with never-ending ads and unwanted browser changes, and might as well have troubles while trying to get rid of the PUP.

Cassiopesa hijackCassiopesa is a potentially unwanted application that travels inside software bundles, so users rarely notice the point of entry

Besides,  is spread along with tracking cookies,[3] which may collect and store various information about the users, such as IP address, email address, PC location, search terms, websites visited, data entered in them, clicks, browser type, language and so on.

Therefore, by keeping Cassiopesa browser hijacker on your computer you risk losing personally and non-personally identifiable information, landing on suspicious websites, infecting your machine with other suspicious programs like scareware and even injecting malware without noticing it.

To conclude, our team, along with experts from[4] recommend users to remove from their systems as soon as possible. The elimination can be performed by using automated security tools like ReimageIntego or by employing manual removal instructions at the bottom of this article.

Browser hijackers are distributed by using deceptive methods

Potentially unwanted programs are called in this way mainly because of the way they are distributed – users often find such apps installed without their permission. PUPs are inserted into a single software package, and optional components are often hidden from users' eyes purposely. This method, also often called as software bundling, is deceptive and unfair, although users are often accused of negligence and that they themselves failed to read the installation instruction properly.

Such software packages are usually promoted via popular and reputable download websites, including,,,, etc. By promoting optional applications within the freeware installers, these sites monetize effectively, and also offer freeware developers some share. Therefore, all parties are interested in as many users to install the optional components as possible.

No matter how attractively the optional components may be introduced, don't forget that the majority of them are adware, browser hijackers or other PUPs. To protect your computer from unwanted ads and redirects, you should opt-out of all attachments that are traveling with your selected freeware. Therefore, you should always opt for Advanced/Custom settings, decline all the deals or offers, and watch out for fine print along with pre-selected boxes to avoid PUP installation.

Cassiopesa search engineCassiopesa uses a customized search engine to to present users with suspicious ads directly on the startup page

You can terminate Cassiopesa either manually or automatically

If virus has already been downloaded to your computer as a reliable search engine, you should stay away from it. Otherwise, you may notice such unwanted activities as redirects to unknown websites, tons of annoying pop-up ads, and even browser crashes.

The easiest way to remove from your system is by using reputable anti-malware software that can detect and terminate potentially unwanted programs (some AV vendors include the scan as an optional feature, as PUPs are not usually treated as malware). Alternatively, you can also employ our manual Cassiopesa removal instructions below and find all the unwanted programs yourself. Be warned that it might not be an easy task, especially if your computer is flooded with multiple unwanted applications.

Because Cassiopesa is a browser hijacker, it modified the settings of Mozilla Firefox, Safari, Google Chrome, and other installed browsers. Therefore, you should also reset the settings to make sure that unwanted activity does not come back.

You may remove virus damage with a help of ReimageIntego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

To remove redirect, follow these steps:

Eliminate from Windows systems

To remove from Windows, you need to access Programs and Features section in order to get rid of all the suspicious programs manually:

  1. Click Start Control Panel Programs and Features (if you are Windows XP user, click on Add/Remove Programs). Click 'Start -> Control Panel -> Programs and Features' (if you are 'Windows XP' user, click on 'Add/Remove Programs').
  2. If you are Windows 10 / Windows 8 user, then right-click in the lower left corner of the screen. Once Quick Access Menu shows up, select Control Panel and Uninstall a Program. If you are 'Windows 10 / Windows 8' user, then right-click in the lower left corner of the screen. Once 'Quick Access Menu' shows up, select 'Control Panel' and 'Uninstall a Program'.
  3. Uninstall and related programs
    Here, look for or any other recently installed suspicious programs.
  4. Uninstall them and click OK to save these changes. Right click on each of suspicious entries and select 'Uninstall'
  5. Remove from Windows shortcuts
    Right click on the shortcut of Mozilla Firefox and select Properties. Right click on browsers' icon and select 'Properties'
  6. Go to Shortcut tab and look at the Target field. Delete malicious URL that is related to your virus. Select 'Shortcut' tab and delete '' or other suspicious URL

Repeat steps that are given above with all browsers' shortcuts, including Internet Explorer and Google Chrome. Make sure you check all locations of these shortcuts, including Desktop, Start Menu and taskbar.

Uninstall from Mac OS X system

Macs can also be infected with a browser hijacker, so you should proceed with the following instructions to get rid of the unwanted ads and redirects:

If your macOS is displaying some infection symptoms, proceed with the following guide:

Remove redirect from Applications folder:

  1. From the menu bar, select Go > Applications.
  2. In the Applications folder, look for redirect-related entries.
  3. Click on the app and drag it to Trash (or right-click and pick Move to Trash)Uninstall from Mac 1

To fully remove redirect, you need to access Application Support, LaunchAgents, and LaunchDaemons folders and delete relevant files:

  1. Select Go > Go to Folder.
  2. Enter /Library/Application Support and click Go or press Enter.
  3. In the Application Support folder, look for any dubious entries related to redirect and then delete them.
  4. Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and terminate all the redirect-related entries.Uninstall from Mac 2

Remove from Internet Explorer (IE)

Remove dangerous add-ons:

  1. Open Internet Explorer, click on the Gear icon (IE menu) on the top-right corner of the browser
  2. Pick Manage Add-ons.
  3. You will see a Manage Add-ons window. Here, look for redirect and other suspicious plugins. Click on these entries and select Disable.Remove add-ons from Internet Explorer

Change your homepage if it was altered:

  1. Open IE and click on the Gear icon.
  2. Select Internet Options.
  3. In the General tab, delete the Home page address and replace it by your preferred one (for example,
  4. Click Apply and then select OK.Reset IE homepage

Delete temporary files:

  1. Press on the Gear icon and select Internet Options.
  2. Under Browsing history, click Delete…
  3. Select relevant fields and press Delete.Clear temporary files from Internet Explorer

Reset Internet Explorer:

  1. Click on Gear icon > Internet options and select Advanced tab.
  2. Select Reset.
  3. In the new window, check Delete personal settings and select Reset again to complete redirect removal.Reset Internet Explorer

Erase redirect from Microsoft Edge

Delete unwanted extensions from MS Edge:

  1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
  2. From the list, pick the redirect-related extension and click on the Gear icon.
  3. Click on Uninstall at the bottom.Remove extensions from Edge

Clear cookies and other browser data:

  1. Click on the Menu (three horizontal dots at the top-right of the browser window) and select Privacy & security.
  2. Under Clear browsing data, pick Choose what to clear.
  3. Select everything (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear.Clear Edge browsing data

Reset MS Edge if that above steps did not work:

  1. Press on Ctrl + Shift + Esc to open Task Manager.
  2. Click on More details arrow at the bottom of the window.
  3. Select Details tab.
  4. Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running.Reset MS Edge

If this solution failed to help you, you need to use an advanced Edge reset method. Note that you need to backup your data before proceeding.

  1. Find the following folder on your computer: C:\\Users\\%username%\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  2. Press Ctrl + A on your keyboard to select all folders.
  3. Right-click on them and pick DeleteAdvanced MS Edge reset 1
  4. Now right-click on the Start button and pick Windows PowerShell (Admin).
  5. When the new window opens, copy and paste the following command, and then press Enter:

    Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\\AppXManifest.xml” -VerboseAdvanced MS Edge reset 2

Instructions for Chromium-based Edge

Delete extensions from MS Edge (Chromium):

  1. Open Edge and click select Settings > Extensions.
  2. Delete unwanted extensions by clicking Remove.Remove extensions from Chromium Edge

Clear cache and site data:

  1. Click on Menu and go to Settings.
  2. Select Privacy and services.
  3. Under Clear browsing data, pick Choose what to clear.
  4. Under Time range, pick All time.
  5. Select Clear now.Clear browser data from Chroum Edge

Reset Chromium-based MS Edge:

  1. Click on Menu and select Settings.
  2. On the left side, pick Reset settings.
  3. Select Restore settings to their default values.
  4. Confirm with Reset.Reset Chromium Edge

Delete from Mozilla Firefox (FF)

  1. Remove dangerous extensions
    Open Mozilla Firefox, click on the menu icon (top right corner) and select Add-ons Extensions. Click on menu icon and select 'Add-ons'
  2. Here, select and other questionable plugins. Click Remove to delete these entries. Select 'Extensions' and look for malicious entries. Click 'Remove' to get rid of each of them
  3. Change your homepage if it was altered by virus:
    Click on the menu (top right corner), choose Options General.
  4. Here, delete malicious URL and enter preferable website or click Restore to default.
  5. Click OK to save these changes. When in 'General' tab, delete malicious URL from 'Home Page' section or click on 'Restore to Default' button. Click 'OK' to save changes
  6. Reset Mozilla Firefox
    Click on the Firefox menu on the top left and click on the question mark. Here, choose Troubleshooting Information. Click on menu icon and then on '?'. Select 'Troubleshooting Information'
  7. Now you will see Reset Firefox to its default state message with Reset Firefox button. Click this button for several times and complete removal. Click on 'Reset Firefox' button for a couple of times

Get rid of from Google Chrome

As soon as you delete the PUP, make sure you reset Google Chrome, as the altered settings might still bring you to the affiliated sites and show intrusive ads:

  1. Delete malicious plugins
    Open Google Chrome, click on the menu icon (top right corner) and select Tools Extensions. Click on menu icon. Select 'Tools' and 'Extensions'
  2. Here, select and other malicious plugins and select trash icon to delete these entries. Look for malicious entries and delete each of them by clicking on the Trash bin icon
  3. Change your homepage and default search engine if it was altered by your virus
    Click on menu icon and choose Settings.
  4. Here, look for the Open a specific page or set of pages under On startup option and click on Set pages. After clicking on menu and 'Settings', select 'Set pages'
  5. Now you should see another window. Here, delete malicious search sites and enter the one that you want to use as your homepage. Click 'X' to remove malicious URLs
  6. Click on menu icon again and choose Settings Manage Search engines under the Search section. When in 'Settings', select 'Manage search engines...'
  7. When in Search Engines..., remove malicious search sites. You should leave only Google or your preferred domain name. Click 'X' to remove malicious URLs
  8. Reset Google Chrome
    Click on menu icon on the top right of your Google Chrome and select Settings.
  9. Scroll down to the end of the page and click on Reset browser settings. When in 'Settings', scroll down to 'Reset browser settings' button and click on it
  10. Click Reset to confirm this action and complete removal. Click on 'Reset' button to complete your removal

Eliminate from Safari

  1. Remove dangerous extensions
    Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences. Click on 'Safari' and select 'Preferences'
  2. Here, select Extensions and look for or other suspicious entries. Click on the Uninstall button to get rid each of them. Go to 'Extensions' and uninstall malicious add-ons
  3. Change your homepage if it was altered by virus:
    Open your Safari web browser and click on Safari in menu section. Here, select Preferences as it was displayed previously and select General.
  4. Here, look at the Homepage field. If it was altered by, remove unwanted link and enter the one that you want to use for your searches. Remember to include the "http://" before typing in the address of the page. When in 'General', delete malicious URL and enter your desired domain name
  5. Reset Safari
    Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari.... Click on 'Safari' and select 'Reset Safari...'
  6. Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete removal process. Select all options and click on 'Reset' button

Protect your privacy – employ a VPN

There are several ways how to make your online time more private – you can access an incognito tab. However, there is no secret that even in this mode, you are tracked for advertising purposes. There is a way to add an extra layer of protection and create a completely anonymous web browsing practice with the help of Private Internet Access VPN. This software reroutes traffic through different servers, thus leaving your IP address and geolocation in disguise. Besides, it is based on a strict no-log policy, meaning that no data will be recorded, leaked, and available for both first and third parties. The combination of a secure web browser and Private Internet Access VPN will let you browse the Internet without a feeling of being spied or targeted by criminals. 

No backups? No problem. Use a data recovery tool

If you wonder how data loss can occur, you should not look any further for answers – human errors, malware attacks, hardware failures, power cuts, natural disasters, or even simple negligence. In some cases, lost files are extremely important, and many straight out panic when such an unfortunate course of events happen. Due to this, you should always ensure that you prepare proper data backups on a regular basis.

If you were caught by surprise and did not have any backups to restore your files from, not everything is lost. Data Recovery Pro is one of the leading file recovery solutions you can find on the market – it is likely to restore even lost emails or data located on an external device.

About the author
Alice Woods
Alice Woods - Likes to teach users about virus prevention

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Alice Woods
About the company Esolutions

Removal guides in other languages

Your opinion regarding redirect