Home Guides Reverse Captcha pop-up virus removal

Reverse Captcha pop-up virus removal

4 min read
Reverse Captcha pop-up virus
Computers and mobile devices are on the receiving end of a new malvertising campaign that drives traffic to reversecaptcha.com and dubious replica sites.
  1. What is the Reverse Captcha virus?
  2. Automated removal of Reverse Captcha popup virus
  3. Reverse Captcha pop-up removal for Android
  4. Restore web browser settings to their original defaults

What is the Reverse Captcha virus?

Push notifications are a mixed blessing. On the one hand, they bridge the gap between websites and their audiences by bringing content updates to users’ fingertips. On the other hand, they are the central element of numerous cybercrime plots whose goal is to disseminate malware, conduct phishing attacks, and promote garbage online marketplaces. The Reverse Captcha pop-up virus is the prime example of such a spammy tactic. The idea is to force hits to reversecaptcha.com site or its clones captchareverse.com, reverscaptcha.com, revercecaptcha.com and highercaptcha-settle.com. All of these pages are disguised as garden-variety human verification pages that try to manipulate the visitor into making a blunder.

Captchareverse.com notification request camouflaged as human verification
Captchareverse.com notification request camouflaged as human verification

Here is how the Reverse Captcha (a.k.a. ReversCaptcha) scam tries to bait unsuspecting users. The landing page pretends to be an intermediate link between a legit-looking ad and some supposedly interesting materials such as a sensational video or breaking news. To prove that the person is not a robot, they are prompted to click the “Allow” button on a pop-up alert that appears right below the URL area. Even at this early stage of the hoax, it’s clear that something isn’t right. The dialog box doesn’t mention anything along the lines of confirming that the user is real. Instead, it says reversecaptcha.com or its spin-off wants to show notifications.

Threat details:
Name Reverse Captcha / Captcha Reverse / ReversCaptcha / Highercaptcha Settle pop-up virus
Threat Category Pop-up ads, adware, browser hijacker
Domains involved reversecaptcha.com, reverscaptcha.com, revercecaptcha.com, captchareverse.com, highercaptcha-settle.com
Symptoms Unwanted popup ads, browser redirects, fraudulent permission requests, browser slowdown
Distribution techniques Ads on social networks, malicious app bundles, search engine poisoning, hacked websites
Severity Medium
Damage Intrusive ads, unauthorized changes of browsing preferences, Internet activity tracking
Removal Scan your PC with WiperSoft to detect all files related to Reverse Captcha pop-up virus. Free scan determines if your system is infected. To get rid of the threat, you need to purchase the full version of the anti-malware tool.

In plain words, the whole human verification narrative is nothing but a decoy that obfuscates a permission that should never be granted. If the page gets the green light to do what it wants, the victim’s routine will be flooded with web push notifications showing up all over the screen. Contrary to the ethical use of this technology, in this scenario the ads will contain hyperlinks that lead to untrustworthy places on the web. They run the gamut from fishy advertising networks and e-commerce resources to phishing sites and direct malware downloads. On PCs running Windows 10, these pop-ups may emerge in the system tray area, where the recently added “News and Interests” information resides.

The same foul play from highercaptcha-settle.com
The same foul play from highercaptcha-settle.com

One of the most serious implications of the Reverse Captcha issue is that the irksome advertisements may be triggered from malware that’s already inside the device. The infection causes a reorganization of the system preferences at the level of the Registry and web browsers. Google Chrome, Mozilla Firefox, and other popular web surfing tools become riddled with harmful plugins that can replace the default search engine with a knock-off service created solely for harvesting unique hits. Therefore, the starting point in addressing the Reverse Captcha issue is to find the unwanted program and eliminate all files associated with it. This is precisely what the tutorial below will explain in detail.

Use WiperSoft to remove Reverse Captcha pop-up virus

The battle-tested security tool called WiperSoft can shore up the protection of your PC by identifying and removing all files associated with Reverse Captcha threat automatically. It gets regular updates of its malware database to ensure a high detection rate, even if you’ve been hit by the newest strain of ransomware, adware, spyware, or a stubborn browser hijacker.

The following point-by-point instructions will help you get your computer back on track using this incredibly effective application.

1. Download the latest version of WiperSoft.

WiperSoft scans your PC with no strings attached, but you’ll have to register its commercial version to immediately remove the threats it detects. Alternatively, you can use a one-time free cleaning service that will activate in 48 hours after you opt for it.

Download Reverse Captcha pop-up remover

2. Run the installer. As part of the setup, you’ll be asked to specify your preferred language and accept the End User License Agreement.WiperSoft installation progress

3. Once the installation is through, you’ll see the app’s Home screen that says, “Computer state is unknown”. Click Scan Now to check your system for threats.Start a scan

4. The first scan might take a while to be completed. This is normal, given that the app has to check hundreds of thousands of files along the way. It will reflect the current progress and other details at the bottom part of the GUI.WiperSoft scan progress

5. If WiperSoft finds malicious files, it will let you know via an updated computer security status as illustrated below. Go ahead and click the Review & Clean button.‘Malicious items were found’ alert

6. Go over the detailed scan report that’s split into three categories: malware, potentially unwanted programs (PUPs), and privacy issues. Make sure all unwanted items are selected and click Remove Threats to disinfect your PC.Remove detected threats

Use Control Panel to get rid of Reverse Captcha virus

• Open up the Control Panel from your Start menu in Windows. Depending on the OS build, select Uninstall a program (Windows 10, 7 and Vista) or Add or Remove Programs (Windows 8).Access program uninstall screen on Windows

• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find an unfamiliar, suspicious entry under the Name column, click Uninstall and follow further directions to get the removal done.Uninstall unwanted program

Reverse Captcha pop-up removal for Android

Here’s a walkthrough to sort out the Reverse Captcha pop-up issue on an Android device, which might also be a target in this malvertising campaign. Keep in mind, though, that uninstall attempts in regular mode may be futile due to the mechanics of this persistent infection. Therefore, you need to perform the procedure in safe mode. Go ahead and do the following:

• Press and hold the Power button. Then, tap and hold the Power off option on the screen. Doing so will boot your device into safe mode.Android power off

• Android will ask you to confirm that you’d like to enter safe mode. Tap OK on the dialog.Safe mode reboot confirmation

• You will now see the Safe mode inscription at the bottom left of your screen. Go to Settings and choose Apps.Go to Settings - Apps

• Scroll down the list of applications, focusing on the ones that were installed recently. Find Reverse Captcha or another sketchy entry with a different name that could as well be the culprit.Spot the unwanted app

• Select the misbehaving app and tap Uninstall.Uninstall the PUA

• Confirm removal on the relevant dialog box and reboot your device. By default, Android will get you back into regular mode. You should now be good to go – the Reverse Captcha pop-up won’t be triggering any redirects or irritating popups anymore.

Restore web browser settings to their original defaults

In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by the Reverse Captcha pop-up.

Reset Google Chrome

• Open Chrome, expand the Customize and control Google Chrome menu and choose Settings.Go to Settings in Chrome

• Click Advanced in the sidebar, scroll down to Reset and clean up, and select this option.Click Reset and clean up in the sidebar

• Click Restore settings to their original defaults.Restore Chrome settings to their original defaults

• Finally, confirm the restoration by clicking Reset settings on the warning message.Reset Chrome settings

• Restart Chrome.

Reset Mozilla Firefox

• Open Firefox, type about:support in the URL area and press Enter. Alternatively, you can click on the Open menu icon in the top right-hand part of the browser window, then select the Help option and proceed to Troubleshooting Information.Access Troubleshooting Information page in Firefox

• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it.Refresh Firefox button

• Follow subsequent directions to reset Firefox to its original settings.Complete refreshing Firefox

• Restart the browser.

Reset Internet Explorer

• Select Internet options under IE’s Tools (Alt+X).Open up Internet options in Internet Explorer

• Proceed by clicking on Advanced tab, then select Reset.Locate and click the Reset button in IE

• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled.IE reset confirmation

• Reboot the machine to fully implement the fix.

Reset Safari

• Go to the Safari menu and select Preferences.Go to Safari Preferences

• When on the Preferences screen, select the Privacy tab and hit the Manage Website Data button.Hit the Manage Website Data button

• Click the Remove All button to purge all website data. Be advised this will log you out of online services and undo personalized web browser settings such as saved passwords, etc. If you aren’t okay with this, proceed to the next step.Remove all website data in Safari

• Safari also allows deleting data for specific sites rather than all sites in general. To use this option, select the unwanted site in the ‘Manage Website Data’ list and click Remove. Then, click Done.Erase website data in Safari

• Click the Develop menu in the Finder bar and select Empty Caches.Safari: Empty Caches

• Finally, expand the History menu from the Finder bar and click Clear History.Safari: Clear History

• Make sure all history is selected on the dialog that will appear and click Clear History to get rid of cookies and other potentially unwanted data.Click the Clear History

• Restart Safari.

Revise your security status

Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.

Download Reverse Captcha pop-up removal tool

Rate article

No rating result yet

Leave a Reply

Your email address will not be published. Required fields are marked *