Avoid getting scammed by sites displaying fake Critical Framework Error alerts

Also Known As: Critical Framework Error tech support scam
Damage level: Medium

What is "Critical Framework Error"?

"Critical Framework Error" is a technical support scam. This scheme claims that Windows has blocked a harmful program from running and urges users to call the provided support helpline. It must be emphasized that all of these claims are false. This scam is in no way associated with the Microsoft Corporation, and its only goal is to generate revenue by abusing users' trust.

Deceptive websites are typically accessed via mistyped URLs or redirects caused by other rogue sites, intrusive ads, or installed PUAs (Potentially Unwanted Applications).

Critical Framework Error scam

"Critical Framework Error" scam overview

The "Critical Framework Error" scam attempts to trick users into calling a fake support line by claiming that their device might be at risk. The supposed threat is a potentially malicious application, which Windows stopped from running. As mentioned in the introduction, none of the information provided by this scheme is true.

Technical support scams operate by pushing their victims into calling fraudulent helplines and allowing the scammers to remotely access their devices.

What the cyber criminals do after they gain access can vary. They can damage the system (while allegedly performing helpful services) by removing genuine protection software, installing fraudulent tools (e.g., fake anti-viruses), or even infiltrating malware (e.g., trojans, ransomware, etc.) into it.

Scammers often seek to obtain sensitive data; they can ask users to reveal it, pretend not to see it while it is being typed, record it via phishing sites/files, or exfiltrate it with the use of malicious software. Targeted data includes (but is not limited to): names, addresses, telephone numbers, email addresses, banking details, credit card numbers, and account log-in credentials (usernames/passwords).

Fake tech support is usually ludicrously expensive. Criminals request to be paid in difficult/impossible to track digital currencies (e.g., cryptocurrencies, gift cards, etc.). Victims can be asked to pay via dubious payment gateways, which can record entered banking data. Alternatively, scammers may request to be shipped the payment in cash that is carefully hidden in packages. Furthermore, successfully scammed victims are often targeted repeatedly.

To summarize, by trusting the "Critical Framework Error" scam, users can experience multiple system infections, severe privacy issues, financial losses, and even identity theft.

In cases when it is impossible to close a deceptive webpage - the browser's process must be terminated using the Windows Task Manager. Upon restarting the browser, the previous browsing session must not be restored since it would reopen the scam page.

Threat Summary:
Name Critical Framework Error tech support scam
Threat Type Phishing, Scam, Social Engineering, Fraud
Fake Claim Scam claims a harmful program was prevented from running.
Disguise Scam is disguised as an alert from Windows.
Tech Support Scammer Phone Number (08) 7089 4146
Related Domains edlcu4[.]gq
Detection Names Avira (Malware), CRDF (Malicious), CyRadar (Malicious), ESET (Malware), Kaspersky (Malware), Full List Of Detections (VirusTotal)
Symptoms Fake error messages, fake system warnings, pop-up errors, hoax computer scan.
Distribution methods Compromised websites, rogue online pop-up ads, potentially unwanted applications.
Damage Loss of sensitive private information, monetary loss, identity theft, possible malware infections.
Malware Removal (Windows)

To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
▼ Download Combo Cleaner
To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Technical support scam examples

"Pornographic Spyware Alert", "Microsoft Windows Virus Alert", "Access to this pc has been blocked for security reasons", and "Pornographics Security Warning" are some examples of tech support scams.

The Internet is full of misleading, deceptive, and even malicious content. There are various scams online; they employ different tactics to gain and subsequently abuse users' trust. Due to how widespread scams are, it is highly recommended to exercise caution when browsing.

How did potentially unwanted applications install on my computer?

Suspicious sites can be force-opened by PUAs. However, unwanted apps can have other/additional harmful abilities (e.g., adware, browser hijackers, etc.).

This software does not require explicit user consent to infiltrate systems. PUAs are commonly proliferated using the "bundling" technique - packing regular programs with unwanted/malicious additions. Rushed downloads/installations increase the risk of allowing bundled content into the system.

Additionally, some intrusive advertisements can execute scripts to stealthily download/install these applications - when clicked. PUAs may also have "official" download webpages.

How to avoid installation of potentially unwanted applications?

It is advised to research software and download it from official/verified channels. Untrustworthy sources, e.g., unofficial and freeware sites, Peer-to-Peer sharing networks, etc. - often offer bundled content.

When downloading/installing, it is recommended to read terms, study possible options, use the "Custom/Advanced" settings, and opt-out of all supplements. Intrusive ads appear legitimate yet redirect to questionable websites (e.g., gambling, adult-dating, pornography, scam, etc.).

If such adverts/redirects are encountered, the system must be checked and all dubious applications and browser extensions/plug-ins detected - immediately removed. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.

Text presented in "Critical Framework Error" scam pop-up:

Critical Framework error. Call immediately: (08) 7089 4146

Windows SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk. For technical support call on (08) 7089 4146

Publisher: Unknown Publisher
App: Explorer (1).exe

[Run anyway] [Don't run]

The appearance of "Critical Framework Error" pop-up scam (GIF):

Appearance of Critical Framework Error scam (GIF)

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

How to identify a pop-up scam?

Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.

While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.

Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:

  • Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
  • Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
  • Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
  • Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
  • Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.

Example of a pop-up scam:

Example of a pop-up scam

How do pop-up scams work?

Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.

Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.

How to remove fake pop-ups?

In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.

In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.

How to prevent fake pop-ups?

To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.

To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.

What to do if you fell for a pop-up scam?

This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.

  • If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
  • If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
  • If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
  • Help other Internet users: report Internet scams to Federal Trade Commission.

Frequently Asked Questions (FAQ)

What is a pop-up scam?

Pop-up scams are deceptive messages intended to trick users into performing various actions. For example, they may be pushed into calling fake support/service lines, allowing third-parties remote access to their devices, downloading files, purchasing (likely untrustworthy or harmful) software, installing malware, revealing private data, paying bogus fees, and so on.

What is the purpose of a pop-up scam?

Most pop-up scams are designed to generate revenue for the cyber criminals. This goal can be achieved by selling or abusing sensitive information, extracting fake payments, promoting dubious applications, or proliferating malware.

Why do I encounter fake pop-ups?

Pop-up scams are run on untrustworthy websites. These pages are seldom accessed intentionally; most enter them via mistyped URLs or redirects caused by rogue sites, browser notifications/ intrusive advertisements, or installed harmful software.

I have allowed cyber criminals to remotely access my computer, what should I do?

If you have allowed scammers to access your device, you must first disconnect it from the Internet. Secondly, uninstall the remote access software (e.g., TeamViewer, AnyDesk, etc.) you've been asked to install - since the cyber criminals might not need your consent to reconnect to your computer. Lastly, you have to scan the system with an anti-virus, and if any threats are detected - remove them without delay.

I have provided my personal information when tricked by a pop-up scam, what should I do?

If you have provided log-in credentials - change the passwords of all potentially compromised accounts and inform their official support. And if you have disclosed other private data (e.g., credit card numbers, ID card details, etc.) - immediately contact the corresponding authorities.

Will Combo Cleaner protect me from pop-up scams and the malware they proliferate?

Combo Cleaner is designed to scan the websites you visit and alert if they are found to be deceptive or malicious. Additionally, it can block further access to such sites. Combo Cleaner is also capable of detecting and eliminating most of the known malware infections. It is noteworthy that running a complete system scan is crucial, as high-end malicious programs tend to hide deep within systems.

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Removal Instructions in other languages
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

QR Code
Critical Framework Error tech support scam QR code
Scan this QR code to have an easy access removal guide of Critical Framework Error tech support scam on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.