*7-day Free Trial w/Credit card, no charge upfront or if you cancel up to 2 days before expiration; Subscription price varies per region w/ auto renewal unless you timely cancel; notification before you are billed; 30-day money-back guarantee; Read full terms and more information about free remover. is an annoying program that can place changes in your main web browser without your approval. The main activity of is to redirect users’ searches to sponsored websites full of pay-per-click ads.

You’ve most probably found that has recently integrated with your web browser because you’ve detected a changed homepage, a different default search engine, or perhaps because you’ve started to get spammed with ads, pop-ups, and banners while browsing. If this is the case, you’re probably struggling to remove those changes and need instructions on how to uninstall them from your Chrome, Firefox, Safari, or Edge browser. That’s precisely why we’ve created a detailed removal guide below – to help users like you eliminate the annoying application and make sure there are no unwanted components left behind.

The Virus

The virus is a form of Browser Hijacker. The virus is software designed to display all kinds of ads.

Based on the famous online money-making method known as Pay-Per-Click, the developers of this software can make a profit every time someone clicks on any of the displayed ads. This is a quite effective and rewarding online advertising method that can redirect web users to specific sites and prompt them to purchase specific advertised goods. But there are some questionable aspects of this way of doing business and we believe you should know about them.

For instance, in their strive for more clicks and profits, the developers of Browser Hijackers like and Total ReCaptcha may often resort to methods that can manipulate your web browsing. They may set the hijacker to install a pre-defined search engine inside your web browser, the purpose of which is to constantly redirect you to pages with pay-per-click ads. However, you can’t expect that all the adverts that get shown on your screen are reliable. Some of them, once clicked upon, may land you on completely different web locations than the ones they seem to promote. And if this happens, you may end up on a malicious website, ridden with the most dangerous types of viruses, such as Trojans and Ransomware. Of course, this may not always be the case but, trust us, Ransomware or a Trojan is nothing you’d ever want to get close to.

The Link 2captcha Top Virus

After facing the activity described above, many web users may conclude that the Link 2captcha Top virus looks much like a redirect virus. But actual computer viruses are not identical to the Link 2captcha Top virus.

They can replicate and cause system damage while the most disturbing aspects of a browser hijacker are essentially related to the terribly irritating nature of its adverts. Potentially, a hijacker may redirect you to questionable web locations if you click on its pop-up messages but, on its own, such software is generally not malicious.

However, its browser modifications and the never-ending ad disturbance during your web browsing sessions are still good reasons to uninstall this software. Moreover, if not removed, the Browser Hijacker could potentially affect the overall performance of your computer. For instance, you may start noticing system sluggishness and general browser unresponsiveness. Some apps may take a lot longer to load, and web surfing may not go as smoothly as you wish it would. You might even experience browser crashes, which is certainly not what online experience should be like.

TypeBrowser Hijacker
Detection Tool

Remove Virus

If you have a Mac virus, please use our How to remove Ads on Mac guide.

To remove from your system, one quick method you could try is to clean your browser from unwanted extensions.

  1. Start your main browser and select its menu from either the left or the right top corner of the screen.
  2. Open the Extensions or Add-ons settings and look for questionable entries and/or ones not installed by you.
  3. Disable the suspicious extensions/add-ons that you find and then uninstall them to remove
  4. If there are other browsing programs in the system, do the same with them.

If this rids you of the hijacker, and you stop seeing its symptoms, then there’s no need to do anything else. However, if the unwanted app still seems to be in the system, you will need to complete the more advanced steps from below to fully delete it.

Step 1: Save this page

You will have to exit the browser and restart your computer while completing the next steps so, to not waste time, it might be a good idea to bookmark this page to be able to find it easier later. Alternatively, you could open this page on your phone or another device and look at the instructions from there.

Step 2: Uninstall the unwanted software

Press the Winkey and R key from your keyboard and type appwiz.cpl in the text box. Click on OK and when the Uninstall or Change a Program list appears, try to find in it any suspicious programs installed a bit before you got the hijacker added to the system. If you find a program you think might be related to, click on it from the list and select Uninstall from the top. Follow whatever uninstallation prompts appear on your screen but always make sure that you set the uninstaller to delete everything related to the program, including any custom settings and temporary data related to it. After you are done with the uninstallation, restart the system.

Step 3: Find the hijacker process


Press CtrlShift, and Esc to go to the Task Manager, select Processes, and carefully look through the listed items. You are supposed to find the process but since it will probably have a totally different name, the goal is to look for entries that consume lots of resources and have a suspicious name. It can be difficult to determine which process is the one so try to use your personal judgment and discretion and when a certain process grabs your attention, and you think that it might be the hijacker one, go to the browser and search for the process’ name. In most cases, this will give you enough information to draw your conclusion about the process.

Another thing that can help you find out if a given process is not supposed to be running in your system is to scan the files in their File Location. Right-click on the process, select the Open File Location option and scan all files that are located there with a reliable anti-malware scanner. Below is one such scanner that you can use directly from the browser for free:

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.


    Once you’ve tested the files with our scanner, you will know if any of them are malicious. If even a single of the scanned files turns out to be a potential threat, you must quit the process brought you to this folder by selecting it in the Task Manager and clicking on the End Process option from the bottom-right. After you do this, you must make sure to delete the File Location Folder itself so go ahead and do that.

    • If something prevents you from deleting the Location Folder for the hijacker process, then go inside it, delete the files that you are permitted to delete, and then proceed with the guide. However, remember to go back to that folder and try to remove it one more time once you’ve completed all other instructions.

    Step 4 Safe Mode

    Launch your PC in Safe Mode  to keep any rogue processes that you may have not found while completing the previous step from running. If you need any help with enabling Safe Mode, follow the linked page and complete the instructions that you get taken to.

    Step 5: Clean the Hosts file

    Copy this: notepad %windir%/system32/Drivers/etc/hostsand place it in the search field below the Start Menu. Click on the first file that gets found and look at the text in it. If there are suspicious-looking IP addresses towards the end of the text, it is very likely that has hijacked your Hosts file. However, we must look at those IPs before we can tell you for certain if that’s the case. Cope everything written after “Localhost” in the file and place it in the comments section below. We will reply to your comment, telling you if the IPs that you have sent must be deleted from the Hosts file.

    hosts_opt (1)

    Step 6: Restore DNS settings

    You must check the DNS settings of the network that you are currently using. To do that, first, open the Start Menu and once there type network connections. Click on the first shown icon and then right-click the network you are using at the moment. Go to its Properties and from the list of items click on the one labeled Internet Protocol Version (TCP/IPv4). Click on Properties again and in the next window enable the Obtain DNS server setting if it isn’t checked. Then select the Advanced settings, go to the DNS section, and remove any IPs that may be listed there. Once you are done with everything, click OK on all open windows.


    Step 7: Delete unwanted startup items

    It’s possible that has introduced added its own startup items to the system that get launched when Windows boots up, causing the hijacker to become active automatically. You must disable any such items from the System Configuration app. You can access it by typing system configuration or msconfig in the Start Menu and selecting the first listed result. Then you must select the Startup section where you will see all items set to be launched automatically. If any of the listed entries are unknown or seem unwanted, you must uncheck them and then save the changes by clicking on OK. It is also suggested that you disable items with unknown creators unless you know for a fact that they are safe and are not linked to the hijacker.


    Step 8: Clean the Registry Editor

    Important!: Before you proceed, be warned that deleting items from the Registry can have unwanted consequences for your system if you end up deleting the wrong thing. Therefore, in case of doubt, while completing this step, we suggest consulting us through the comments before you delete a Registry item or items you are not certain should be deleted.

    You can search for the Registry Editor utility by typing regedit in the Start Menu. An item named regedit.exe should show up, and you must select it. Windows will request Admin permission so click on Yes to continue.

    In the Registry Editor, click on Edit and then on Find. Type the hijacker’s name in the search field and click on Find Next. Anything that gets found must be deleted. Once you delete the first found item search for the next one and do this until you’ve deleted everything related to

    After that, go to the following three Registry Editor directories by expanding the folders in the left panel:

    • HKEY_CURRENT_USER/Software/Random Directory. 
    • HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run
    • HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Main

    Those locations oftentimes contain rogue items from unwanted software and those items usually have very long names that stand out because they consist of random characters. Such items must be deleted but if you are not sure about a particular one, it’s still best to first ask us by writing us a comment and telling us about your situation.

    Step 9: Clean the browsers

    At the start of the guide, we gave you a quick removal method that could help delete the hijacker from the browser. However, if you’d like more detailed instructions on how to clean your browser, you can find them here. Also, even if you did manage to get rid of any unwanted extensions earlier, we still highly recommend that you check your browsers again just in case. Again, be sure to do this for all browsers that are on your computer and not only the ones that you use the most often.

    Start by going to the icon of any of your browsers, right-clicking on it, and selecting Properties. From the Properties window, click on Shortcut and then check the Target field – if there’s any text in it after “.exe”, you must delete that text.

    Next, enter the browser itself and open its menu. In most browsers, the menu icon is either in the upper-left or upper-right corner of the screen. From the menu, click on Extensions/Add-ons. If you are on Chrome, you must first go to More Tools and you will find the button for the Extension settings in that sub-menu.

    On the page with browser extensions, disable everything that you do not trust or need as well as everything that wasn’t installed by you or other people that may be using the computer. Next, Remove all the disabled suspicious extensions by selecting their respective Remove/Uninstall buttons.

    Next, open the menu again, go to Settings (in Firefox go to Options) and then select the Privacy and Security settings. There, you must find an option labeled Delete Browsing Data or something similar. If you are on Microsoft Edge, you must select the Choose what to clear option under Privacy and Security. Next, pick what you want to delete and select Clear now to initiate the deletion – we suggest ticking all boxes except the one for your Passwords. It is possible that the deletion may take several minutes so be patient – don’t quit the browser until the data has been deleted.

    If is still in the PC

    If even after you’ve done everything correctly you still don’t seem to be able to eliminate this hijacker, the best thing we can recommend is to use the advanced anti-malware program linked on this page. It is very good at dealing with such unwanted software, and it also offers solid protection against more hazardous threats like Spyware, Trojans, Rootkits, etc.


    About the author


    Lidia Howler

    Lidia is a web content creator with years of experience in the cyber-security sector. She helps readers with articles on malware removal and online security. Her strive for simplicity and well-researched information provides users with easy-to-follow It-related tips and step-by-step tutorials.

    Leave a Comment

    We are here to help! Use SpyHunter to remove malware in under 15 minutes.

    Not Your OS? Download for Windows® and Mac®.

    * See Free Trial offer details and alternative Free offer here.

    ** SpyHunter Pro receives additional removal definitions and manual fixes through its HelpDesk in cases where they are needed.

    Spyware Helpdesk 1