Removal Guide

Threat Level:
Rate this Article:
Comments (0)
Article Views: 664
Category: Browser Hijackers

If comes up as your home page when you launch your browser, it is quite likely that your computer has been infected with a browser hijacker. What is worse, this hijacker comes bundled with a number of other malware infections, which means that your Windows operating system is under attack by multiple threats. Although this is a Brazilian hijacker, it does not mean that you cannot be infected with it anywhere in the world. There are no boundaries when it comes to malware infections since these are mostly spread in bundles that are promoted on shady shareware and other file-sharing websites. We recommend that you refrain from using this search site at all since you might be exposed to unsafe content. All in all, you should remove as soon as possible because this hijacker only means problem for you and your computer.

We have found that this browser hijacker is a clone of another hijacker called You cannot see any difference between the two search engines; only their page titles and the URLs are different. As a matter of fact, does not even use its own search engine, so your search queries get redirected to the Yahoo! Brazil website. However, your searches might be monitored and used by this hijacker to modify the search results and show you targeted links. Since this hijacker does not take any responsibility for any third-party content you may be exposed to while using its service, this can be exploited by cyber criminals who might inject their own links and redirect you to their malicious websites. We strongly recommend that you do not ever click on any results or ads displayed by this browser hijacker. What’s more, we have no doubt that you should delete from your PC if you want to keep it secure.

This browser hijacker has been found to be distributed in a package with other malware infections, including ActSys, CashReminder, GOSafer, and WNet. That simply means that if your browsers have been hijacked by, there is a good chance that your computer is infected with all these malware programs. In that case, your computer requires your immediate attention and action. Such a package can be downloaded from freeware or torrent websites that are suspicious or at least questionable. That is why we cannot emphasize enough that you should never visit unfamiliar websites or use them as a source for download. However, if it is too late for that, you need to remove and all the above mentioned infections as well.

If you are ready to free your system up from this bundle of malware infections, first, you have to remove ActSys, CashReminder, GOSafer, and WNet via Control Panel. Please follow our instructions below, if you are not familiar with this process. However, it is possible that not all of the components get uninstalled. If that happens, you have to locate the Windows\system32\drivers folder and delete crfilterdrv.sys, gosaferdrv.sys, asfilterdrv.sys, and ssfilterdrv.sys. If you want to prevent similar malicious attacks, we recommend that you keep all your software updated, including your browsers and drivers as well. Also, remember to always double-check on the software you are about to download. A simple Google search can save you a lot of future headaches.

Remove from Windows

Windows 8, Windows 8.1, and Windows 10

  1. Press Win+Q and type in control panel. Press OK.
  2. Open Uninstall a program.
  3. Select the unwanted applications and click Uninstall.

Windows Vista and Windows 7

  1. Press Win+R and enter control panel. Press OK.
  2. Access Uninstall a program.
  3. Select the unwanted applications and click Uninstall.

Windows XP

  1. Click Start and open Control Panel.
  2. Select Add or Remove Programs.
  3. Click on the unwanted applications and click Remove.
Download Remover for *
*SpyHunter scanner, published on this site, is intended to be used only as a detection tool. To use the removal functionality, you will need to purchase the full version of SpyHunter. Screenshots:


Your email address will not be published.


Enter the numbers in the box to the right *