What is Possible Suspicious Activity?
Possible Suspicious Activity is yet another browser-based tech support scam. You can find it in any browser like Google Chrome, Mozilla Firefox, Internet Explorer, Microsoft Edge, and other browsers. This new tech support scam seems to be a lot more elaborated compared to other ones which scares users with the Zeus virus and Facebook login, email account login, data theft. This time, the Possible Suspicious Activity scam put in more technical details to make the scam a bit more realistic and believable. When you get redirect to this scam, you will see the following message:
“Customer, your system has detected possible suspicious activity. Please call the toll-free number below for a Microsoft Certified technician to help your resolve the issue:
For your safety, please of not open Internet browser to avoid data corruption to the registry of your operating system.
Please contact support at the toll-free Helpline.
PLEASE DO NOT SHUT DOWN OR RESTART THE COMPUTER, DOING THAT MAY LEAD TO DATA LOSS AND POSSIBLE FAILURE OF THE OPERATING SYSTEM, AND POTENTIAL NON BOOTABLE SITUATION RESULTING IN COMPLETE DATA LOSS. CONTACT MICROSOFT CERTIFIED TECHNICIANS TO RESOLVE THE ISSUE CALLING TOLL FREE 8447756410”
After it displays the fake alert, a series of other fake alerts follow. The next one after it is called the “Warning! Hyper-V Manager” scam. The very program known as Hyper-V Manager is a platform by Microsoft which was introduced in 2008.
Cyber criminals have upped their scamming abilities as they make use of a few definitions and crowd them with a bunch of technical jargon and details to persuade users into believing the scam and installing the advertised software in the alert or call the provided number. No matter how convincing the fake alert may be, keep in mind that a legitimate alert from Microsoft does not appear randomly on browsers. When you see this kind of scam make sure that you close the browser right away. And if you have a hard time closing it, you can do close it using the Task Manager. Bear in mind that if the tech support scam is caused by an adware in your computer, closing the browser would only provide a temporary fix. If you really want to stir clear of these kind of scams, you need to get to the root cause of the problem, which in this case is an adware.
How does the Possible Suspicious Activity scam circulate online?
You can come across Possible Suspicious Activity scam when you click a highly suspicious link or when there is a presence of an adware on your PC. Adware programs often circulate online using a distribution technique called bundling. Software bundles, when installed using only the quick setup, can result to several problems – one of which is the appearance of intrusive tech support scams and the nonstop popping of ads out of nowhere. The next time you install freeware or shareware, make sure you do so using the recommended setup which is through Custom or Advanced. This setup allows you to discard any attached add-ons in the bundle.
Step 1: Tap F11 to exit the full screen mode of the browser if it is forced to go into one.
Step 2: Try to close the browser manually. If you’re unable to do so, close the browser through the Task Manager.
Step 3: Tap the Ctrl + Shift + Esc keys to launch the Task Manager.
Step 4: After opening the Task Manager, go to the Processes tab and look for the affected browser’s process and end its process by clicking End task.
Step 5: Close the Task Manager and tap the Win + R keys to open Run and then type in appwiz.cpl to open Control Panel to uninstall the adware program behind the fake alert.
Step 6: Look for the adware program or any unfamiliar program under the list of installed programs. Once you’ve found it, uninstall it.
Step 7: Close the Control Panel and tap the Win + E keys to open File Explorer.
Step 8: Navigate to the following directories and look for the adware installer like the software bundle it came with as well as other suspicious files and delete them.
- %USERPROFILE%\Downloads
- %USERPROFILE%\Desktop
- %TEMP%
Step 9: Close the File Explorer and empty your Recycle Bin.
Step 10: Reset all your browsers to default.
Google Chrome
- Launch Google Chrome, press Alt + F, move to More tools, and click Extensions.
- Look for suspicious browser extensions or any unwanted add-on, click the Recycle Bin button, and choose Remove.
- Restart Google Chrome, then tap Alt + F, and select Settings.
- Navigate to the On Startup section at the bottom.
- Select “Open a specific page or set of pages”.
- Click the More actions button next to the hijacker and click Remove.
Mozilla Firefox
- Open the browser and tap Ctrl + Shift + A to access the Add-ons Manager.
- In the Extensions menu Remove the unwanted extension.
- Restart the browser and tap keys Alt + T.
- Select Options and then move to the General menu.
- Overwrite the URL in the Home Page section and then restart the browser.
Internet Explorer
- Launch Internet Explorer.
- Tap Alt + T and select Internet options.
- Click the General tab and then overwrite the URL under the homepage section.
- Click OK to save the changes.
To ensure the removal of Possible Suspicious Activity scamand the PUP or adware behind it, follow the advanced steps below:
Perform a full system scan using SpyRemover Pro. To do so, follow these steps:
- Turn on your computer. If it’s already on, you have to reboot
- After that, the BIOSscreen will be displayed, but if Windows pops up instead, reboot your computer and try again. Once you’re on the BIOS screen, repeat pressing F8, by doing so the Advanced Option shows up.
- To navigate the Advanced Optionuse the arrow keys and select Safe Mode with Networking then hit
- Windows will now load the SafeMode with Networking.
- Press and hold both R key and Windows key.
- If done correctly, the Windows Run Boxwill show up.
- Type in explorer http://www.fixmypcfree.com/install/spyremoverpro
A single space must be in between explorer and http. Click OK.
- A dialog box will be displayed by Internet Explorer. Click Run to begin downloading the program. Installation will start automatically once download is done.
- Click OK to launch it.
- Run SpyRemover Pro and perform a full system scan.
- After all the infections are identified, click REMOVE ALL.
- Register the program to protect your computer from future threats.