– a suspicious website that abuses built-in push notification browser function to feed users with ads is a push notification virus that displays intrusive ads directly on users’ desktop is a push notification virus that displays intrusive ads directly on users’ desktop is a dubious domain that uses social engineering[1] to make users subscribe to site notifications on Google Chrome, Mozilla Firefox, Safari, MS Edge, or another web browser. The scheme makes use of a legitimate push notification feature that is embedded in all browsers, although some browsers are already tackling this problem by making the pop-ups less intrusive upon entry. Those who click “Allow” to the notification prompts will be presented with ads directly via their desktops, even if their browsers are not in use.

While occasional redirect might mean that you clicked on a link on another site, persistent appearance or suspicious content might indicate adware infection. These types of potentially unwanted programs typically travel within software bundles or are encountered on scam sites, so users rarely install them intentionally. As a result, redirects to and similar domains become a common occurrence, and users begin to suffer from various browser-related issues.

Type Push notification virus, adware
Infiltration  The intrusive notifications coming from start showing up after clicking “Allow” on the embedded prompt; adware is typically distributed via software bundles, scam sites, fake updates, etc. 
Risks  Installation of other potentially unwanted programs or malware, sensitive information disclosure to cybercriminals, financial losses, etc. 
Symptoms  Persistent pop-ups with dubious content are delivered directly to users’ desktops; adware may also cause changes to the web browser settings (such as homepage, new tab URL, and the search engine altered), redirects to suspicious sites, increased amount of ads, and other issues
Termination  To get rid of notifications, you have to access web browser settings as explained below; to uninstall adware, scan your machine with anti-malware software or follow our manual step-by-step guide 
System fix  Adware or malware can damage system files in some cases – fix the OS with the help of repair software Reimage Reimage Cleaner Intego 

Those who encounter the scam might be presented with a variety of different “scenarios” that are designed to make users click “Allow.” Quite often, the “Confirm you are not a robot” scheme is used – it is a legitimate feature implemented by multiple sites to prevent click fraud and DDoS[2] attacks. However, because users are very familiar with this, they might think that is one of the verification methods.

One of the pop-ups claims the following:

Click “Allow yo close this window.

This window can closed by clicking “Allow”. If you want to continue actions on this site, just click on the detailed information.

detailed information

As evident, this social engineering scheme is designed for users to think that the window will be closed only if “Allow” is clicked, which is a lie. If you encounter such a fake alert, do not proceed with what it is asking you to do. Nevertheless, removal can be performed by accessing web browser settings and stopping notifications from the site – we explain how-to below.

Since notifications are shown directly on users’ desktops, many are unaware that they are coming from the web browser and suffer from persistent ads that interrupt daily computer usage activities. It is also important to note that the ads displayed are not safe at all – they often include scam content, such as asking users to install other PUPs or even malware. Also, “get rich quick” scams are very common too. virus is a social engineering attack designed to trick users into subscribing to unwanted pop-up ads virus is a social engineering attack designed to trick users into subscribing to unwanted pop-up ads

Therefore, never click on pop-ups, as you might get infected with malware/adware/scareware or disclose your sensitive information, such as credit card data, to cybercriminals. Consequently, you can be a target of phishing attacks, suffer financial losses, or even have your identity stolen.

As mentioned below, the virus can be related to adware infection. Here are some symptoms to look out for:

  • Intrusive pop-ups, deals, banners, offers, coupons, and other commercial content encountered on all visited sites;
  • New tab address, the homepage and the search engine altered to something different;
  • A search engine is bringing up results from an unknown or known provider, and they are filled with sponsored links;
  • Web browser struggles to load some pages and operates slower than usual;
  • Unknown browser extensions installed on web browsers, etc.

If you encountered any of the above, you should check your machine for adware. You can remove adware manually or automatically – we provide instructions below. Note that notifications do not necessarily mean you are infected, although you should always check the installed program list to be sure. Additionally, you should also reset the installed browsers and scan the device with Reimage Reimage Cleaner Intego for the best results.

Learn to spot deception when dealing with social engineering attacks

The number of push notification scams has risen over the past few years, mainly because these scams are particularly successful. The push notification feature was released in 2014 and has multiple legitimate uses (users who want to acquire notifications from sites that they are fond of, for example), although even today, not everybody was aware of it. Any type of information can be delivered via such prompts, including commercial and malicious content. Therefore, crooks saw this as an opportunity to feed users with ads, as many would not be aware of how to stop the activity via the web browser.

Luckily, Mozilla Firefox stopped the intrusive prompts in January 2020,[3], and other browsers are about to follow. Until then, you should be aware of these scams so that you would not fall for them. In other words, if you encounter a dubious site that claims it will deliver content only after you press “Allow,” do not press anything (selecting “Block” will simply bring you back to the same page) and close down the page. Nevertheless, you can also get rid of notifications by accessing browser settings. redirect
Users might be redirected to after clicking on a suspicious link, although persistent browser ads and similar activities might indicate adware infection redirect
Users might be redirected to after clicking on a suspicious link, although persistent browser ads and similar activities might indicate adware infection

Additionally, you should also look out for unwanted programs, as these are also delivered with the help of deceptive techniques. For example, software bundling is extremely common – this is where several apps are offered inside on installer, and optional components are deliberately hidden from users’ view. Thus, when downloading software from third-party sites, watch out for pre-ticked boxes, misleading deals, fine print text, and always opt for Advanced/Custom settings when prompted.

Terminate pop-ups and potentially unwanted programs hiding on your computer

There two separate methods for removal – one is related to pop-up notifications while the other one to adware that might be installed on the system. First of all, you should check for potentially unwanted programs by either scanning your machine with anti-malware software or following our step-by-step guide below. If you find anything, you should also reset all the installed browsers just to be sure that altered settings do not remain.

If you found no potentially unwanted programs on your system, you can remove notifications from your desktop by accessing your web browser settings. Below you can find the instructions for the most popular web browsers.

Google Chrome

  • Select Menu Settings
  • Pick Advanced
  • Under Privacy and security, go to Site Settings Notifications
  • Under Allow section, locate
  • Click More Actions and then pick Block

Mozilla Firefox:

  • Pick Menu Options
  • Go to Privacy & Security Notifications
  • Pick Settings – you should see entry
  • Click on the the drop-down menu and select Block
  • Save Changes


  • Go to Safari > Preferences…
  • Under Websites tab, select Notifications
  • Pick and then click Deny

MS Edge:

  • Go to More Settings
  • Select View advanced settings and then click Advanced
  • Pick Manage permissions
  • Find and turn notifications off

You may remove virus damage with a help of Reimage Reimage Cleaner Intego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.