Viruses detected (5) pop-up. How do I get rid of virus notifications?

Viruses detected (5) pop-up. How do I get rid of virus notifications?
Viruses detected (5) pop-up notifications
Written by Brendan Smith

Viruses detected (5) looks like another pop-up virus, however, after a short review, you will see the difference. It shows you the disruptive popups in Windows Notification Centre, and also in the web browser. These banners state that your PC is infected with 5 viruses, and you need to remove them as soon as possible. Of course, all these statements are 100% false, and targeted to force you to follow the scums. In this post, you will see why these notifications are malicious, and how to get rid of them.

Why does the “Viruses detected (5)” popup appear on my PC?

These pop-ups are definitely a sign of malware activity. It tries to mimic the notifications from Windows Defender1, however, an attentive user will easily distinguish the counterfeited popup. One that is shown by a virus contains the Windows 8 logo (irrespectively of the fact that you use Windows 7, 8, 8.1 or 10. Another suspicious thing is font, which is used on this banner. It is too striking and contrasts with Windows’ default one. Finally, there is no bug icon on the original message – it contains only text and Defender original logo:

Defender and virus comparison

Difference between original Defender notification (right) and malicious parody (left)

The “Viruses detected (5)” notification may have different forms. In one moment, the banner you see above may be substituted with another one – with the same text, but a logotype of the random well-known antivirus program (Norton, McAfee, etc) on the place of Windows logo described in the previous paragraph. More rare case is when this virus shows you an overlaying notification that mimics the Microsoft Security Essentials – antimalware solution that was used on Windows Vista, 7, and early versions of 8. It states the same, but with more text and with displaying the “detections”. This kind of banner can barely be distinguished from the original MSE notification, but the fact that an obsolete security tool can show you this sort of notifications must raise suspicion.

Viruses detected (5) online banner

Another popular way to force the user to click the banner is web banners. It can be quite effective with low-skilled users, who don’t know that neither Defender nor other antiviruses cannot show you the notifications as a web page. This virus can show you the “offer to update the detection database of your Microsoft Defender”. The websites are poorly-designed and full of the things which show that this is a cheap fake.

Viruses detected (5) fake update page

How dangerous the “Viruses detected (5)” malware?

These pop-up notifications are more distracting than dangerous. But the consequences after getting in this trap may be quite bad. In the majority of cases, malware that is hidden under this pop-up ad is a scareware2 . These programs mimic the antivirus software, but in reality they just force you to pay the sum of money for the full version. The forcing methods may be different – from constantly appearing pop-ups, which state about tens of problems on your PC, to blocking the often-used programs “because they have critical vulnerabilities or malicious functions”3.

Some of such wannabe-antiviruses are distributed in bundles with different other malicious programs. Hence, one click on a scary banner can make your computer full of different viruses. Your browser redirects every search query, all sites are full of ads, and several of the programs you use everyday cannot be runned. Sounds like a curse, isn’t it?

How did I get this virus?

Sometimes, you may see the banners on the Web having no viruses on your PC. That usually shows that the website you opened was hacked, or its maintainers gaining money through the malvertising. But all other cases – pop-ups in notification center, web pages opening after the browser starts – are definitely caused by malware.

Malvertising example

Example of malvertising on the hacked page

The ways of its injection are quite common for this type of virus. Software from dubious sources (so-called “software portals”, peering networks), free programs from untrusted developers, and malvertising. While making use of the programs, regardless of the trustworthiness of its source, may be needed for specific tasks, clicking the different ads in the Web is always a bad idea.

Bundled software installation

The example of bundle software installation

Avoiding the installation of this virus through the free or hacked programs requires the additional attention of the user. In the majority of cases, programs that have some additional software in their installation pack, offer you to choose if you want to install it. This function is hidden under the buttons named “Advanced installation settings” or “Extended installation parameters”. Click it and unmark all additional applications that can possibly be malicious.

How to remove “Viruses detected (5)” malware?

That virus is quite hard to remove manually, because it creates several directories in order to make it harder to delete. Even skilled users may have some problems with it. That’s why it is better to use the anti-malware program. My choice for Viruses detected (5) pop-ups is GridinSoft Anti-Malware.

Removing the viruses with GridinSoft Anti-Malware

  • Download and install the GridinSoft Anti-Malware. After the installation, you will be offered to perform the standard scan. Apply this action.
  • GridinSoft Anti-Malware during the scan process

  • Standard scan lasts up to six minutes and checks the system files together with the files of the programs you have installed on your computer.
  • GridinSoft Anti-Malware scan results

  • When the scan is complete, press “Apply” to wipe out the malicious items that are present on your PC.
  • Malware removing with GridinSoft Anti-Malware

    User Review
    0 (0 votes)
    Comments Rating 0 (0 reviews)


    1. Detailed review and comparison of Windows Defender.
    2. Article about scareware, with explanations and examples.
    3. The example of pseudo-antivirus program that has a scareware behavior – SAproduct.
    Viruses detected (5) pop-up. How do I get rid of virus notifications?
    Viruses detected (5) pop-up. How do I get rid of virus notifications?
    Viruses detected (5) is a kind of malvertising, that tries to scare you and force you to install the "recommended antivirus tool". These pop-ups are definitely created by the virus, and need to be removed as soon as possible.

    About the author

    Brendan Smith

    Journalist, researcher, web content developer, grant proposal editor. Efficient and proficient on multiple platforms and in diverse media. Computer technology and security are my specialties.

    Leave a Reply


    This site uses Akismet to reduce spam. Learn how your comment data is processed.