How to Remove the Virus Alert From Microsoft Scam Pop-Up (2026)

A full-screen warning suddenly takes over your browser, blares an alarm, and insists your computer is infected with a virus that only Microsoft can fix if you call the number on the screen. The page will not close, your cursor feels trapped, and the message looks official enough to make your stomach drop. Take a breath, because this is not Microsoft and your PC is not actually locked. What you are looking at is a tech support scam, and you can shut it down and clean up after it without calling anyone or paying a cent.

Why the "Microsoft" Virus Alert Is a Scam, Not a Real Warning

The single most useful fact here is also the easiest to check: real Microsoft messages never tell you to call a phone number. Microsoft states plainly that "Microsoft error and warning messages never include phone numbers," and its advice is just as direct: "Don't call the number in the pop-ups."

So if a window fills your screen, claims to be a "virus alert" from Microsoft, and pressures you to dial a support line, that combination alone identifies it as a tech support scam. A genuine Windows security notice will never beg you to call someone.

It also helps to know how Microsoft actually operates. In its own words, "Microsoft doesn't send unsolicited email messages or make unsolicited phone calls to request personal or financial information, or to fix your computer," and "Any communication with Microsoft has to be initiated by you." Nobody from Microsoft is reaching out to you through a pop-up.

The Screen Is Not Locked: Your Browser Is Playing a Trick

The reason the alert feels so convincing is that it appears to lock your entire machine. It does not. Microsoft explains the technique directly: scammers "can also put your browser on full screen and display pop-up messages that won't go away, essentially locking your browser."

That distinction is your way out. Windows is fine; only the browser window has been forced into a sticky full-screen state. Once you understand that closing the browser ends the threat, the pop-up loses all of its power over you.

Close the Hijacked Browser Window

Your first move is to shut the browser, and you do not need your mouse to do it. Microsoft's instruction is exact: "If your screen suddenly fills with scary pop-ups you should immediately close your browser (try pressing ALT+F4 if you can't do it with your mouse). If you can't close your browser try restarting your computer."

1. 1.Press Alt + F4 to close the active window. This shuts the browser even when the page has hijacked your cursor.
2. 2.If Alt + F4 does not work, restart your computer as Microsoft advises. A restart clears the trapped browser session entirely.

When the browser reopens, decline any prompt that offers to restore the previous tabs, since that would simply reload the scam page.

Force the Browser to Quit With Task Manager

If the window refuses to close and a restart is not convenient, end the browser process directly. Task Manager has a keyboard shortcut for exactly this kind of stuck-window situation, listed in Microsoft's Windows shortcuts as "Ctrl + Shift + Esc: Open Task Manager."

1. 1.Press Ctrl + Shift + Esc to open Task Manager.
2. 2.Find your browser in the list of running apps and select it.
3. 3.Choose End task to force the browser shut.
4. 4.If that still does not work, restart the PC as Microsoft recommends.

End task closes the browser instantly without saving anything, which is exactly what you want when a page is holding it hostage.

What Never to Do While the Scam Is Active

Closing the window solves the immediate problem, but the people behind these pop-ups count on panic. Hold the line on a few non-negotiable rules.

Do not call the number shown. Do not let anyone connect to your PC. Scammers ask you to install apps that hand them remote access, then demand a one-time fee or a subscription. Do not pay them, and be especially wary of any request for payment by cryptocurrency or gift cards, because Microsoft will never ask for either.

Remember the underlying truth from Microsoft: it does not make unsolicited contact, and any real interaction has to start with you. A surprise pop-up demanding money or remote access is the opposite of how legitimate support works.

Undo Anything the Scammer Talked You Into Installing

If you already followed some of the scammer's instructions before realizing what was happening, you need to reverse them. Microsoft's guidance is to "Uninstall applications that scammers asked to be install," and it adds that you should "Consider resetting the device to a factory state" in more serious cases.

Go through your installed programs and remove any remote-access or "support" software the caller directed you to add. A factory reset is a heavier step that wipes everything on the device, so treat it as a last resort and only after you have backed up anything important.

Scan With Microsoft Defender Antivirus

Once the browser is closed and any rogue apps are gone, scan for malware. Microsoft's recovery guidance is to "Run a full scan with Microsoft Defender Antivirus to remove any malware. Apply all security updates as soon as they're available." The Windows Security app is built into Windows 10 and Windows 11, so there is nothing to download.

1. 1.Open the Windows Security app.
2. 2.Select Virus & threat protection.
3. 3.Choose Scan options.
4. 4.Pick Full scan and start it.

A full scan checks every file on the drive, so it takes longer than a quick scan but does a more thorough job of catching support-scam malware.

Run a Microsoft Defender Offline Scan for Stubborn Malware

Some malware hides while Windows is running. For a deeper sweep, run a Microsoft Defender Offline scan, which boots outside Windows to remove threats a normal scan can miss. Microsoft's steps are precise: "On your Windows device, open the Windows Security app. Select Virus & threat protection, and then choose Scan options," then "Select the radio button Microsoft Defender Offline scan and select Scan now."

1. 1.Save any open work first, because this scan restarts your PC.
2. 2.Open the Windows Security app and select Virus & threat protection.
3. 3.Choose Scan options.
4. 4.Select the radio button for Microsoft Defender Offline scan, then select Scan now.

The offline scan takes about 15 minutes and reboots the machine while it runs. Two requirements apply: you must be signed in with local administrator privileges, and Windows Recovery Environment (WinRE) must be enabled. You can confirm WinRE status with reagentc /info and turn it on if needed with reagentc /enable.

If you prefer the command line, the PowerShell cmdlet Start-MpWDOScan launches the same offline scan and triggers the restart. Whichever method you use, you can review what it found afterward at Windows Security > Virus & threat protection > Scan options > Protection history. On Windows 10 you may reach the same area through Settings > Update & Security > Windows Security > Virus & threat protection > Scan options > Protection history.

Secure Your Accounts and Watch for Suspicious Activity

If you gave the scammers any access, treat your passwords as exposed. Microsoft's recovery checklist includes "Change passwords" and "Monitor anomalous sign in activity."

Change your important passwords, starting with your Microsoft account, and do it from a device you trust to be clean rather than the PC that may still be compromised. After that, keep an eye on your accounts for unfamiliar sign-ins or activity you do not recognize, and act quickly if anything looks off.

If You Paid, Call Your Bank and Then Report the Scam

Money sent to these operators can sometimes be recovered if you move fast. Microsoft's instruction is straightforward: "Contact your bank or other financial institutions if you paid them." Reach out as soon as possible so they can flag or reverse the charge.

After you have protected your money and your accounts, report the scam so Microsoft can act on it. You can report tech support scams at www.microsoft.com/reportascam. Reporting helps Microsoft shut down the operations behind these pop-ups.

Frequently Asked Questions

Is the Microsoft virus alert pop-up real?

No. It is a tech support scam. Microsoft states that its error and warning messages never include phone numbers, so any pop-up claiming to be a Microsoft virus alert that tells you to call a number is fake.

The pop-up locked my whole computer. Is my PC infected?

Your PC is almost certainly not locked. Microsoft explains that scammers put the browser into full screen and display pop-ups that will not go away, which only locks the browser. Closing the browser with Alt + F4, or ending it through Task Manager with Ctrl + Shift + Esc, ends the threat.

Do I need to download special software to remove it?

No. The Windows Security app is built into Windows 10 and Windows 11. Run a Full scan, and if you want a deeper check, run a Microsoft Defender Offline scan through Virus & threat protection > Scan options. No separate download is required.

I already called the number and let them connect. What now?

Uninstall any apps the scammers had you install, run a full Microsoft Defender Antivirus scan and an offline scan, then change your passwords from a clean device and monitor your accounts for unusual sign-ins. If you paid them, contact your bank or financial institution right away.

How do I report the scam to Microsoft?

Report tech support scams at www.microsoft.com/reportascam so Microsoft can take action against the pages spreading the pop-up.