Virus vs Malware vs Fake Pop-Up Alerts
You are browsing the web and suddenly a full-screen warning appears: "Your computer is infected! Call this number immediately!" Your heart rate spikes. You reach for the phone. Stop right there. That warning is almost certainly fake, and calling the number is exactly what the scammers want you to do.
At PC Genie, we see customers every week who have either been tricked by a fake pop-up or who are dealing with a genuine infection but cannot tell the difference. Understanding what viruses, malware, and scareware actually are will help you respond correctly and avoid making the problem worse.
What Is Malware? The Umbrella Term
Malware is short for "malicious software." It is the catch-all term for any software designed to harm, exploit, or compromise your computer without your consent. When people say "my computer has a virus," they usually mean it has malware of some kind. Here are the main categories:
Viruses
A virus is a specific type of malware that attaches itself to legitimate files or programs and replicates when those files are opened or executed. True viruses spread from file to file and sometimes from computer to computer. They were the dominant threat in the 1990s and 2000s, and while they still exist, they are less common today than other malware types.
Spyware
Spyware runs silently in the background, collecting data about your browsing habits, keystrokes, login credentials, and personal information. It sends this data to a third party without your knowledge. Keyloggers are a particularly dangerous form of spyware that record every keystroke you type, including passwords and credit card numbers.
Adware
Adware bombards you with unwanted advertisements, often in the form of browser pop-ups, redirected search results, or injected ads on web pages that would not normally have them. Some adware is merely annoying; other variants track your behavior and cross into spyware territory. Many free software downloads bundle adware into the installation process.
Ransomware
Ransomware encrypts your files and demands payment (usually in cryptocurrency) to unlock them. This is among the most destructive types of malware because your documents, photos, and data become completely inaccessible. Paying the ransom does not guarantee recovery, and in many cases the attackers simply take the money and disappear.
Trojans
Named after the Trojan horse, these programs disguise themselves as legitimate software. You think you are installing a free game, a PDF reader, or a driver update, but the program installs malware alongside or instead of what you expected. Trojans are one of the most common infection vectors we see at the shop.
Rootkits
Rootkits are designed to hide deep within your operating system, often at the kernel level. They can conceal other malware from antivirus software and are extremely difficult to detect and remove without specialized tools. A rootkit infection often requires a complete operating system reinstall.
Fake Pop-Up Alerts: The Scareware Problem
Scareware, also called tech support scams, has become one of the most common threats we deal with. These are not actual infections on your computer. They are web pages designed to look like legitimate security warnings.
Here is how they typically work:
- You visit a compromised website or click a misleading ad.
- A full-screen pop-up appears with alarming messages like "Windows has detected a critical threat" or "Your computer has been locked."
- The pop-up includes a phone number for "Microsoft Support" or "Apple Support."
- If you call, a scammer walks you through granting them remote access to your computer.
- They show you normal system logs and claim they are evidence of infection, then charge you hundreds of dollars for fake "repairs."
How to Spot a Fake Warning
- It appears in your web browser. Real antivirus alerts come from your installed security software (like Windows Defender) as system notifications, not as browser tabs or pop-ups.
- It includes a phone number. Microsoft, Apple, and legitimate antivirus companies do not display phone numbers in security alerts.
- It uses urgent, panicked language. Phrases like "call immediately," "your data will be deleted," or "your identity has been stolen" are designed to override your critical thinking.
- It plays audio warnings. Some scareware pop-ups include a robotic voice repeating warnings to increase panic.
- You cannot close the tab normally. Many of these pop-ups use JavaScript tricks to prevent you from closing the browser tab, making it feel like your computer is locked.
- It displays countdown timers. Artificial urgency is a hallmark of scams.
What to Do If You See a Fake Pop-Up
- Do not call the number. This is the most important step. The number connects to a scammer, not to Microsoft or any legitimate company.
- Do not click anything in the pop-up. Even "Close" or "Cancel" buttons within the pop-up may trigger downloads.
- Force-close your browser. On Windows, press Ctrl+Shift+Esc to open Task Manager, select your browser, and click End Task. On Mac, press Cmd+Option+Esc and force quit the browser.
- Clear your browser cache. This prevents the pop-up from reappearing when you reopen the browser.
- Run a scan with Windows Defender or your installed antivirus. Just to be safe, verify nothing was downloaded.
Signs of an Actual Malware Infection
While fake pop-ups are just web pages, real malware infections produce tangible symptoms on your computer. Here is what genuine infections actually look like:
- Noticeably slower performance that started suddenly, especially if your CPU or disk usage stays high even when you are not running programs.
- Programs opening or closing on their own. If your mouse cursor moves without your input or programs launch unexpectedly, something may be controlling your system remotely.
- Your default search engine or homepage changed without your permission, or you are being redirected to unfamiliar websites.
- New toolbars, browser extensions, or programs appeared that you did not install.
- Windows Defender or your antivirus has been disabled and you cannot turn it back on. Some malware specifically targets security software.
- Frequent crashes or blue screens that started recently and cannot be explained by hardware issues.
- Unusual network activity. Your internet connection is slow because malware is sending data in the background.
- Friends or contacts report receiving strange messages from you via email or social media that you did not send.
- Files are missing, corrupted, or encrypted. If you see files with strange extensions or ransom notes on your desktop, you may have ransomware.
When to Use Windows Defender and Built-In Tools
Windows Defender (called Windows Security in Windows 10 and 11) has improved dramatically and now provides solid baseline protection. For many common threats, it is the only tool you need.
If you suspect an infection, start with these steps:
- Open Windows Security and run a Full scan (not Quick scan). This checks every file on your system and takes 30 minutes to several hours depending on your drive size.
- If the full scan finds nothing but you still have symptoms, run a Microsoft Defender Offline scan. This reboots your computer into a recovery environment where malware cannot hide from the scanner.
- Check your installed programs list for anything unfamiliar. Go to Settings > Apps > Installed apps and sort by install date to spot recently added software you do not recognize.
- Check your browser extensions. Malicious extensions are a common infection vector that antivirus software sometimes misses.
When Professional Removal Is Needed
Some infections go beyond what built-in tools can handle. Bring your computer in for professional malware removal if:
- Your antivirus detects threats but cannot remove them, or they keep coming back after removal.
- You cannot open Windows Security, Task Manager, or the Control Panel. Malware that blocks system tools requires specialized removal techniques.
- Your computer is part of a botnet or has a rootkit. These infections require tools and expertise beyond standard antivirus software.
- You gave remote access to a tech support scammer. Even if they did not install anything obvious, they may have planted backdoor access or stolen credentials.
- You suspect ransomware. Professional evaluation can determine whether file recovery is possible before you consider paying a ransom (which we generally advise against).
- The infection is on a business computer with sensitive data. The stakes are higher, and you need to ensure complete removal and assess what data may have been compromised.
At PC Genie, our diagnostic process includes a thorough malware assessment. We identify exactly what is running on your system, remove it completely, and verify that your computer is clean before returning it to you.
Prevention: How to Avoid Infections
- Keep Windows and your browser updated. Most malware exploits known vulnerabilities that patches have already fixed.
- Do not download software from unfamiliar sources. Stick to official websites and verified app stores. Be especially cautious with "free" versions of paid software.
- Pay attention during software installations. Read each step and uncheck boxes for bundled software, browser toolbars, or homepage changes.
- Use an ad blocker. Many malware infections start with malicious advertisements (malvertising) on otherwise legitimate websites.
- Do not open email attachments from unknown senders. Even familiar-looking emails can be spoofed. If an attachment seems unexpected, verify with the sender through a different channel.
- Enable two-factor authentication on your important accounts. Even if credentials are stolen, 2FA adds a second barrier.
- Back up your data regularly. If ransomware strikes, backups are your best recovery option. Keep at least one backup disconnected from your computer so ransomware cannot encrypt it too.
If you are unsure whether your computer has a real infection or you just encountered a scareware pop-up, do not hesitate to bring it in for a professional evaluation. A quick diagnostic can give you peace of mind and catch problems before they get worse.
Frequently Asked Questions
Real antivirus warnings come from software you installed, like Windows Defender, and appear as system notifications rather than browser tabs. Fake warnings appear as web pages with urgent language, countdown timers, flashing colors, and phone numbers to call. If it opened in your browser and asks you to call someone, it is fake.
Malware is the umbrella term for all malicious software, including viruses, spyware, ransomware, adware, and trojans. A virus is one specific type of malware that replicates by attaching to other files. In everyday conversation people use the terms interchangeably, but technically every virus is malware while not every piece of malware is a virus.
Windows Defender handles most common threats effectively and is sufficient for everyday protection. However, deeply embedded malware such as rootkits, browser hijackers that modify system settings, or infections that disable Defender itself may require specialized removal tools or professional intervention.
If you gave remote access to scammers, disconnect from the internet immediately. Change your passwords on a different device. Run a full antivirus scan, and check for unfamiliar remote access software like AnyDesk or TeamViewer that they may have installed. If you shared financial information, contact your bank right away. Bring the computer to a professional for a thorough inspection.
Don't wait for the article — call us.
If your computer needs repair now, bring it in or give us a call. We're happy to diagnose the problem and walk you through your options.