popup warning on a laptop

That alarming pop-up warning you that your computer is infected with 47 viruses is almost certainly not real. It is scareware — a browser-level trick designed to make you panic and click something you shouldn’t. The good news is that in most cases, your computer is completely fine. You just need to close it the right way and clean up whatever caused it to appear.

Here is how to do that in three steps.

Step 1: Force-close your browser using Task Manager

Do not click anything inside the pop-up. Not the X, not the “Scan Now” button, not the “Close” option they put inside the alert. Clicking anything in a fake virus pop-up can trigger a download or redirect you to a phishing site.

Instead, shut the browser down from the outside:

  1. Press Ctrl + Shift + Esc to open Task Manager.
  2. Find your browser in the list (Chrome, Edge, Firefox — whichever you were using).
  3. Click it once to select it, then click End Task.

When you reopen the browser, do not click “Restore previous session” if it asks. That will just bring the same tab back.

Step 2: Clear your browser cache

Fake virus alerts often come from malicious ads or compromised pages that stay cached in your browser. Clearing the cache for the last 24 hours removes whatever was loaded from that session.

Microsoft Edge

  1. Click the three dots at the top right, then go to Settings > Privacy, search, and services.
  2. Under Clear browsing data, click Choose what to clear.
  3. Check Cached images and files, set the time range to Last 24 hours, and click Clear now.

Google Chrome

  1. Click the three dots at the top right, then go to Settings > Privacy and security > Clear browsing data.
  2. Check Cached images and files, set the time range to Last 24 hours, and click Clear data.

Firefox

  1. Click the three lines at the top right and go to Settings > Privacy & Security.
  2. Under Cookies and Site Data, click Clear Data.
  3. Make sure Cached Web Content is checked, set the time range to Last 24 hours, and click Clear.

Step 3: Run a full system scan

In most cases the pop-up was just a browser trick and there is nothing actually on your computer. But if the alerts kept coming back, or if you clicked something before you could stop yourself, it is worth running a scan to be sure.

  1. Open your antivirus software. If you don’t have one installed, Windows Defender is built into Windows and works fine for this.
  2. Look for a Full Scan or Advanced Scan option.
  3. Run it and follow any prompts to remove anything it finds.

If the scan comes back clean and the pop-ups stop after clearing your cache, you’re done.

What these pop-ups actually are

Fake virus alerts are a type of scareware. They are not coming from your antivirus software or from Windows. They are coming from a website, a malicious ad, or a browser notification you accidentally allowed at some point.

A few ways they show up:

  • A shady site asked to send you notifications, you clicked Allow without thinking, and now it is sending fake security alerts directly to your screen.
  • A legitimate website was serving a malicious ad that redirected your tab.
  • A browser extension you installed at some point is generating them.

Real antivirus software does not communicate through your web browser. If you see a virus warning inside a browser tab or as a browser notification, it is not real. It does not matter if it has Microsoft’s logo on it or lists a phone number to call — that number goes to a scammer.

How to stop it from happening again

After you’ve cleaned up the current situation, two things will cut the chances of it happening again significantly:

Check your browser notification permissions. In Chrome, go to Settings > Privacy and security > Site Settings > Notifications. Look under “Allowed to send notifications” and remove anything you don’t recognize. Edge and Firefox have the same setting in roughly the same place.

Install an ad blocker. uBlock Origin is free, open source, and blocks the category of malicious ads that generate most of these pop-ups. It is the single highest-value thing most users can add to their browser.

Beyond that: keep your browser updated, be cautious about clicking Allow on notification requests from sites you don’t know, and if you ever see a pop-up with a phone number telling you to call Microsoft or Apple, close it. They don’t work that way.

If your team keeps running into these or you’re not sure whether something got through, safemode IT can take a look. Free assessment, no pressure.

Get a free IT assessment

Frequently asked questions

Is my computer actually infected when I see a fake virus pop-up?

Almost certainly not. In most cases the pop-up is coming from a website or browser notification, not from anything installed on your machine. Force-closing the browser and clearing the cache is usually enough to get rid of it. Run a scan if you want to be certain, especially if you clicked anything inside the alert.

What happens if I accidentally click on a fake virus pop-up?

It depends on what you clicked. If you hit a button inside the alert, you may have triggered a download or landed on a phishing page. Close everything immediately, run a full antivirus scan, and check your downloads folder for anything you don’t recognize. If you entered any personal information or payment details, treat those accounts as compromised and change your passwords.

Why does the pop-up know my city or computer name?

Websites can read your approximate location from your IP address and your device name from the browser. Scareware uses these details to make the alert look more legitimate and personal. It does not mean anything was installed on your computer. It is just data the site already had access to.

The pop-up has a phone number to call. Should I call it?

No. Microsoft, Apple, and real antivirus companies do not display phone numbers in browser pop-ups. That number connects to a scammer who will try to get remote access to your computer or charge you for fake repairs. Close the browser and ignore it entirely.

My employees keep getting these at work. What should we do?

For businesses, the fix is a combination of managed endpoint protection, ad blocking at the network level, and basic security awareness training so staff know not to call the number or click the button. If this is coming up regularly, it’s worth having someone look at your security stack. safemode IT’s cybersecurity services cover all of this for businesses across Kyle and Central Texas.

← Back to Blog
Share: