A virus found message . How to react to it?

It is a scam.

Force quit Safari, then restart Safari while holding the Shift key.

It's a scam, probably designed to trick you into entering your login details. There are numerous scams of this nature going round; never respond to any of them. There are no viruses in the wild affecting Macs. Just ignore it.

On top of being nothing but a scam, the scammers borrowed the name of a legitimate site to try and make their page sound more plausible. Note that it doesn't end in .com, but rather .com-apple.club .

Doing a DNS search for the www.macupdate.com site returns all kinds of information on the registrar, the owner, and their contact information. The other returns nothing, no matter how you try to enter it for a search.

This also happened to me this morning. Fortunately, I had the presence of mind to force quit Safari; then opened my Google Chrome to come to this community.

Apparently, this scam has been hitting Apple Mac users since 6/15/2015. It would be nice if Apple responded with warnings to their customers, but then aren't we all supposed to have the presence of mind to force quit?

It's been happening all over the place a since at least four months ago.

What would Apple warn anyone about? As often as I've seen people here post about these popups, I have yet to see one anywhere. Apple isn't a police force, and these types of scams aren't something they can do anything about.

To fully explain how these popups work on the Mac (and Windows):

1) You hit a bad web site and the scary sounding popup appears.

2) You click OK or whatever button is there to try and dismiss it. The popup seems to be unresponsive, or comes back after a very brief time off the screen.

3) This happens because of a JavaScript action they're using. JavaScript (no relation at all to Java) is used extensively on the web. Much of what we take for granted wouldn't work if you turned it off in a web browser's preferences. Like the buttons across the top of this page. Anything on a page that changes when you move your mouse over or across it is JavaScript in action. In this case, the mouseover command.

4) What these scammers use is another JavaScript action to "do on exit". In the case of these popups, you really are closing it when you click the button, but the final HTML command of the popup is a JavaScript "do on exit". And the "what to do" is to display the same popup.

5) Safari, and pretty much all web browsers force you to attend to the button on a popup before it will let you do anything else. Which is why you can't get to the preferences or other tabs. So there you are, stuck in a loop of closing the popup, only to have it immediately display again. The crooks are using a simple built-in function of all web browsers to make your web browser appear to be stuck. No malware of any kind is necessary to accomplish this. Just a browser with JavaScript enabled. And it pretty much has to be on in order to use virtually any web site.

Apple does what they can to prevent Trojans and other known malware from getting past its built-in protection. But there's nothing they can do about standard web browser commands being used to trick people into calling a number. That's up to the user to pay attention. People have been inventing different ways to get something for nothing for centuries. This is just another one.

Unfortunately I clicked start scan and let it scan, am I in trouble now?

Not enough information. Clicked "scan" where? A popup window? An app some scammer convinced you to download after calling some 1-800 number?

The same situation as the first person said, It said

Virus found

The last website you visited has infected your Mac with a virus.

Press OK to begin the repair process

I pressed ok and then scan then just closed it after it finished

So a scare tactic popup said you had a non-existant virus, which included a button that said "Scan"? What happened then? Did it take you to another web page that pretended to be scanning your system?

If it included any type of 1-800 number to call, and you never called them, or gave any peronsal information or credit card info on a resulting web page, then nothing happened.

If that's all you did, then you're safe. There's no way a webpage can actually have access to your computer's files and thus run a scan. Check your downloads folder and delete anything you don't recognize.

Yes, after it scanned I do not know what it said as I quickly closed the window

In that case, nothing happened. You're fine.

I checked my downloads and nothing dodgy is there

No I didn't type anything or give any information or anything like that. Thank you for your help guys.

You're welcome. 🙂

Thank you so much for this simple solution to what for me was a seemingly intractable f-up!