Remove redirects to the "Windows Antivirus - Critical Alert" scam

What kind of scam is "Windows Antivirus - Critical Alert"?

"Windows Antivirus - Critical Alert" is categorized as tech-support scam. Scams of this type attempt to trick people into believing that their computers and personal details are at risk, and they encourage them to call the telephone number provided.

Typically, scammers promote these so-called 'services' through various untrustworthy web pages, which are often opened by potentially unwanted applications (PUAs) installed on the browser or operating system. If this scam is opened through your browser, we recommend that you ignore it and check for PUAs that might be causing the problem.

"Windows Antivirus - Critical Alert" scam overview

The "Windows Antivirus - Critical Alert" scam runs a fake scan and inform users that their data is at high risk. According to this web page, someone is trying to steal banking information, credit card details, and credentials of other accounts.

To avoid problems, visitors are encouraged to call the "+1 (888) 982-8105" telephone number, which will supposedly allow them to contact someone from Microsoft. In fact, calling this number leads to contacting the scammers who designed this tech-support scam.

Additionally, this page displays a pop-up window stating that another page, which was apparently visited earlier, was infected and placed the computer at risk. It also encourages users to call the telephone number. Furthermore, this page starts a countdown timer that, once expired, supposedly starts a "Hard Drive safety delete".

In summary, this scam tricks people into calling scammers immediately and into believing that they will lose their data and have their personal details stolen unless they take action within five minutes of the page being opened. The information on these pages should never be trusted. If a browser opens a page of this type, ignore the information and close it.

Note, however, that some scam sites prevent visitors from closing them. In these cases, they can be closed by ending the browser process via Task Manager. Note also that restoring the previously closed session will return you to the scam page (so do NOT restore the closed browsing session).

If the browser opens the "Windows Antivirus - Critical Alert" scam in a full-screen mode, it can be closed by pressing the "Esc" key. There are many cases whereby web pages of this type are opened by PUAs. If installed, PUAs also collect browsing data and feed users with unwanted ads.

They record details such as users' IP addresses, geolocations, URLs of visited websites, entered search queries, and other similar data. Developers share the data with other parties (potentially, cyber criminals) who misuse it to generate revenue. Having PUAs installed can thus lead to problems with privacy, browsing safety, etc.

Additionally, apps of this type often serve intrusive ads such as coupons, banners, pop-ups, surveys and so on. Typically, people who click the ads are redirected to untrustworthy web pages, or they cause download and installation of other unwanted applications.

Threat Summary:

Name	"Windows Antivirus - Critical Alert" virus
Threat Type	Phishing, Scam, Social Engineering, Fraud
Fake Claim	The tech-support scam claims that the system is infected and that the user's personal data (account credentials, stored photos, etc.) is at risk.
Tech Support Scammer Phone Number	+1-(888) 982-8105, +1-855-666-2014
Related Domain	adultsexvedios[.]site, windows[.]net
Detection Names (adultsexvedios[.]site)	Full List Of Detections (VirusTotal)
Serving IP Address (adultsexvedios[.]site)	167.71.131.37
Symptoms	Fake error messages, fake system warnings, pop-up errors, hoax computer scan.
Distribution methods	Compromised websites, rogue online pop-up ads, potentially unwanted applications.
Damage	Loss of sensitive private information, monetary loss, identity theft, possible malware infections.
Malware Removal (Windows)	To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. ▼ Download Combo Cleaner To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Similar scam examples

There are many pages that are designed by scammers. Some examples include "Hard Drive Safety Delete", "Virus Support Alert", and "Windows Is Not Activated". They commonly display "tech-support" numbers that, if called, connect people with scammers.

Their main goal is to extort money from people by selling unnecessary software or tricking them into paying for online 'technical support'. None of these pages are official or can be trusted.

PUAs that open pages of this type are usually disguised as legitimate, useful tools, however, they simply cause problems by opening dubious web pages, collecting data, and displaying ads.

How did potentially unwanted applications install on my computer?

Unwanted downloads/installations usually occur when people click intrusive ads or when they download and install (usually free) software without paying attention to the setup details. When clicked, many deceptive ads run scripts that download and install PUAs or even malware. In other cases, PUAs are installed when developers use the "bundling" method to trick them.

They bundle (include) PUAs in the set-ups of other software, however, this information is usually hidden in options such as "Custom", "Advanced", and other similar parts. By leaving these settings unchecked and unchanged, many people allow PUAs to be downloaded and installed with other, regular software.

How to avoid installation of potentially unwanted applications?

Download software from official and trustworthy websites. Do not trust other sources such as third party downloaders, torrent clients, eMule (and other Peer-to-Peer networks), unofficial websites, or tools such as third party installers.

All downloads and installations should be performed correctly: check all available "Custom", "Advanced", and other similar parts and deselect any bundled PUAs. Do not trust intrusive ads, especially if they are displayed on dubious websites. These often redirect to potentially malicious pages or cause unwanted downloads or installations.

If a browser causes unwanted redirects or displays intrusive ads regularly, it is possible that this is due to a PUA (extension, plug-in, or add-on) installed on the default browser. All unwanted, unknown browser apps should be uninstalled immediately. You are also advised to remove suspicious, unwanted programs installed on the operating system.

If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.

The appearance of "Windows Antivirus - Critical Alert" pop-up (GIF):

Text presented in "Windows Antivirus - Critical Alert" scam:

Someone Is Trying To Steal Your Banking Details, Credit Card Details & Other Logins. Please Call Microsoft At +1-(888) 982-8105 (Toll Free) Immediately To Prevent Data Loss.
Hard Drive safety delete in starting in 5:00
Your Data is at high risk
To immediately rectify issue and prevent data loss

Call Support +1-(888) 982-8105 (Toll Free)

Windows Antivirus - Critical Alert
Alert: The page you tried to visit turns out to be infected and your computer is at risk.
It is possible that we disable your internet connection to prevent the spread of the virus on our network.

Disinfection of the computer is however possible: Call for Help +1-(888) 982-8105

Example of yet another "Windows Antivirus - Critical Alert" scam variant:

Text presented within:

Someone Is Trying To Steal Your Banking Details, Credit Card Details & Other Logins. Please Call Windows At +1-888-465-2906 (Toll Free) Immediately To Prevent Data Loss.
Hard Drive safety delete in starting in 5:00
Your Data is at high risk
To immediately rectify issue and prevent data loss

Call Support +1-888-465-2906 (Toll Free)

scanning complete
7%
Windows Antivirus - Critical Alert
Alert: The page you tried to visit turns out to be infected and your computer is at risk.

It is possible that we disable your internet connection to prevent the spread of the virus on our network.

Disinfection of the computer is however possible: Call for Help +1-888-465-2906

Ignore Disinfect the computer

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

• What is "Windows Antivirus - Critical Alert" virus?
• How to identify a pop-up scam?
• How do pop-up scams work?
• How to remove fake pop-ups?
• How to prevent fake pop-ups?
• What to do if you fell for a pop-up scam?

How to identify a pop-up scam?

Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.

While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.

Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:

• Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
• Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
• Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
• Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
• Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.

Example of a pop-up scam:

How do pop-up scams work?

Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.

Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.

How to remove fake pop-ups?

In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.

In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.

How to prevent fake pop-ups?

To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.

To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.

What to do if you fell for a pop-up scam?

This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.

• If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
• If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
• If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
• Help other Internet users: report Internet scams to Federal Trade Commission.

Frequently Asked Questions (FAQ)

What is a pop-up scam?

Pop-up scams are messages intended to deceive users into performing specific actions. For example, victims can be enticed/scared into calling fake support lines, permitting scammers to access devices remotely, sending money to scammers, providing sensitive information, buying products, subscribing to services, downloading/installing programs, etc.

What is the purpose of a pop-up scam?

The goal of pop-up scams is to generate revenue at victims' expense. Scammers may profit by obtaining money through deception, promoting content (e.g., websites, products, services, etc.), abusing/selling private data, and distributing malware.

Why do I encounter fake pop-ups?

Pop-up scams are mainly endorsed via sites using rogue advertising networks, intrusive ads, spam (e.g., emails, PMs/DMs, SMSes, browser notifications, social media/ forum posts, etc.), misspelled URLs, and adware.

I cannot exit a scam page, how do I close it?

If you cannot exit a deceptive webpage – end the browser's process using Task Manager. When reaccessing the browser, start a new browsing session to avoid reopening the scam site.

I have allowed cyber criminals to remotely access my computer, what should I do?

If you have allowed cyber criminals to access your device remotely – firstly, disconnect it from the Internet. Secondly, uninstall the remote access program that the criminals used (e.g., UltraViewer, TeamViewer, etc.) since they might not need your permission to reconnect. Lastly, run a complete system scan with an anti-virus and eliminate all detected threats.

I have provided my personal information when tricked by a pop-up scam, what should I do?

If you have provided your log-in credentials – change the passwords of all potentially compromised accounts and inform their official support without delay. And if you've disclosed other private data (e.g., ID card details, passport photos/scans, credit/debit card numbers, etc.) – immediately contact the appropriate authorities.

Will Combo Cleaner protect me from pop-up scams and the malware they proliferate?

Combo Cleaner is designed to eliminate all kinds of threats. It can scan visited websites for rogue, deceptive, and malicious content. It can also block all further access to such sites. Additionally, Combo Cleaner is capable of detecting and removing most of the known malware infections. Keep in mind that running a complete system scan is essential since sophisticated malicious software typically hides deep within systems.

▼ Show Discussion