How to Get Rid of Red Screen Virus

Several users have been reaching us with questions after getting a ‘red screen virus’ popup while surfing the Internet. The popup is confirmed to occur with multiple browsers including Google Chrome, Mozilla Firefox, and Opera. The issue doesn’t seem to be specific to a certain Windows version since it’s reported to appear on Windows 7, Windows 8.1 and Windows 10.

How to Get Rid of Red Screen Virus

Is the Red Screen Virus a real security threat real?

To ease your mind, let me start by saying that this security alert message is fake. In fact, all web browsers are crawling with these Tech Support Scam pages.

Keep in mind that no operating system (Windows, OsX or any other) will issue a warning in your web browser when a security threat is detected. Having this information, it’s easy to identify a fake warning on you’re browser – They’re all fake!

Almost all variations of this particular scam are using JavaScript tricks to lock up your browser. The important thing to remember here is that none of these pop-ups will actually install any malware on your computer – This is the reason why they don’t get detected as malware by the built-in AV function or any other 3rd party security scanners.

How does the Red screen Virus scam work?

This type of scam has been around for years now, but it turns out that the’s no shortage of unsuspecting victims that will end up getting tricked.

There are two common scenarios in which you’ll see a fake security pop-up like the red screen virus:

  • The scammers are using a domain that was not yet flagged by the common databases used by SmartScreen and other equivalent anti-malvertising shields.
  • A high-profile website has been hacked and is exposing a lot of people to malware of this kind. It has happened before with MSN News, Yahoo Mail and a couple of other high profile websites.

All of these Tech Support Scam pages are managing to block the browsers by looping a JavaScript modal alert (also referred to as a dialog loop).

If a high-profile website gets hijacked and starts spreading this scam to its visitors, it will do a ‘malware-site redirect’ – meaning that it will redirect users to a malware domain that gets piped through a compromised channel (the high-profile website)

The scamming messages are automatically generated, based on the browser that you’re visiting from. After determining which browser you’re using, you’ll be redirected to the page specific to your browser.

The primary focus of this scam is to pretend to be the good guys. But in fact, the scammers behind will use social engineering techniques in order to obtain information from you while pretending to fix your computer.

How to Remove the ‘Red Screen Virus’?

Since the security threat is not actually real, there’s no actual virus to remove. All these pop-ups can do is temporarily lock up your computer.

Fortunately, you can escape the block quite easily by following the steps below:

  1. Make sure that the checkbox associated with “Don’t let this page create more messages” or ‘Prevent this page from creating additional dialogues’ is checked. Then, click Ok (or Back to Safety) from the Pop-up dialog to get rid of the annoying message.
    Preventing the page from creating additional dialogues
  2. Press Ctrl + Alt+ Delete and click on Task Manager to open up the utility. Then, inside the Task Manager utility, go to the Processes tab, right-click on the browser that you’re encountering the issue on and choose End Task.
    Ending the browser task
  3. If you’re encountering the issue with Edge browser,  you’ll need to re-open the browser indirectly by searching for something using the Cortana search bar. This ensures that your browser will not reopen to the same scam page all over again.

How to protect yourself against the ‘Red Screen Virus’ scam

The most effective method of minimizing the chances of encountering these type of Tech Support Scams is to avoid stepping outside the safe zones deployed by the most popular browsers – Windows Defender SmartScreen fort Microsoft browsers and other proprietary shields that Chrome, Firefox, and other browsers are currently using.

Unfortunately, filters such as SmartScreen and other 3rd party equivalents can only do so much since scammers are able to register new domains at a lightning pace. But if you do land on a fake security alert pop up like this one, it’s important to stick with the steps of closing it efficiently (instructions above).

Since this is a social engineering type of hack, they can’t really touch any of your data or bank accounts unless you hand them over by yourself. As a rule of thumb, Microsoft, Apple or any other OS maker will never urge you to call their support desk (regardless of the issue).

Another security layer that you can add to your Internet surfing sessions is to start using a pop-up blocker. This will ensure that you’re computer won’t display any fake security warning message, even when visiting an infected website. You can use Pop up blocker for Chrome or Popup Blocker Ultimate for Mozilla. If you’re using a different browser, search online for your browser equivalent.

Update: uBlock is an easy-to-install extension that is confirmed to block pop-ups of this kind and will most will all the popular browser versions.

ABOUT THE AUTHOR

Kevin Arrows


Kevin Arrows is a highly experienced and knowledgeable technology specialist with over a decade of industry experience. He holds a Microsoft Certified Technology Specialist (MCTS) certification and has a deep passion for staying up-to-date on the latest tech developments. Kevin has written extensively on a wide range of tech-related topics, showcasing his expertise and knowledge in areas such as software development, cybersecurity, and cloud computing. His contributions to the tech field have been widely recognized and respected by his peers, and he is highly regarded for his ability to explain complex technical concepts in a clear and concise manner.