Oct 20, 2016

How to Get Rid of “Windows has been blocked due to Suspicious Activity” Warning?

Hello. I got stuck on my Microsoft Edge with a warning. It says, “Windows has been blocked due to suspicious activity.” I don’t think I have done anything wrong with the computer. Why does it say about suspicious activities? Does that mean my computer has been hacked? Though it provides a free toll number of a tech support, I hesitated as I don’t know much about computer. I asked my friend for help and he suggested me contact YooCare saying my problem would be fixed immediately with the help of experts. So, I am here. Please help me out. Thank you in advance.

Brief Information of “Windows has been blocked due to Suspicious Activity” Warning

“Windows has been blocked due to Suspicious Activity” warning is caused by a piece of malware. It is created by the hackers to trick people into using unnecessary service or software. Once your computer is infected with this malware, it issues fake alert and hijacks the browser to scare you. Do not trust it. The alert and error it mentions do not exist. The criminals made up bogus windows alert and used it a tool to swindle money out of unexpected users. It is able to infect all kind of browsers, such as Internet Explore, Microsoft Edge, Mozilla Firefox, Safari, Google chrome etc. To help its developer make money, it collects your sensitive information. We strongly suggest you remove the nasty virus behind fake alert. Do not call the given number or purchase their software. If you have installed the software, you should think about uninstalling it.

How Did You Get the Fake Warning?

If you see “Windows has been blocked due to Suspicious Activities” warning on your browser, your computer is infected with a malicious program which can sneaks into your computer in many ways. First of all, it can come along with the third party software, such as free media player, photo/music editor, browser, game and other similar programs. Malicious software is bundled with those programs in one package and will be installed as a plug-in or toolbar. That item may be mentioned in the installation process. Most of the users failed to notice it as they passed the steps very fast and didn’t read the license agreements and installation items carefully. It will be a wise choice if you select Custom or Advanced installation options as that will show you what program will be installed clearly. Of course, it will be better if you don’t download free software from unknown websites or stores. That will keep your computer away from virus. Besides, the fake warning may pop up while you are visiting compromised websites. Virus can catch you very fast on their websites. You must be very carefully.

How the Fake Warning Works?

After the malware sneaks into your system, it installs itself and changes settings on your browser. Many unknown add-ons, extensions, plug-ins would be installed soon to support its malicious activities. In this way, it is able to spy on your online activities. Special browser object also is downloaded and installed to do bogus notifications like the real Windows ones. Then, “Windows has been blocked due to Suspicious Activities” warning will be shown on your browser. Useless ads will pop up on the screen frequently. Your homepage will be replaced by suspicious domain. When the malware starts to work, your browser will be totally hijacked by the fake warning. It says suspicious activities and potential threat have been detected on your computer. Providing a free toll number, it prompts you to call the tech support company to find right solutions or update with latest software. It tells you not to shut down or restart the computer, or it will cause data loss and other problems. To avoid being removed, it disables some functions of your security program. When you try to run security program, it says program is infected. It asks to you call for immediate help. If you called, they would try to persuade you buy their software. In this way, the “Windows has been blocked due to Suspicious Activities” fake warning helps its developer generate revenue.

Processing manual removal is supposed to have a certain level of computer literacy. If you are not sure how to start and are afraid of making any critical mistakes damaging the computer system, please live chat with YooCare Expert now.

Fake Windows Alerts Removal Guide

1. Clean Add-ons and Extensions

* Internet Explorer:

(1). Click Tools in the Menu bar and then click Internet Options

Tools in IE

(2). Click Programs tab, click Manage add-ons and disable the suspicious add-ons


* Firefox:

(1). Click Tools in the Menu bar and then click Add-ons


(2). Click Extensions, select the related browser add-ons and click Disable

* Google Chrome:

(1). Click Customize and control Google Chrome button → Tools → Extensions


(2). Disable the extensions of Redirect Vrius

2. End Relevant Processes

(1). Press Ctrl+Shift+Esc together to pop up Windows Task Manager, click Processes tab


*For Win 8 Users:

Click More details when you see the Task Manager box


And then click Details tab


(2). Find out and end fake Windows alert browser hijacker’s processes

3. Show Hidden Files

(1). Click on Start button and then on Control Panel

(2). Click on Appearance and Personalization


(3). Click on Folder Options


(4). Click on the View tab in the Folder Options window

(5). Choose Show hidden files, folders, and drives under the Hidden files and folders category


(6). Click OK at the bottom of the Folder Options window

*For Win 8 Users:

Press Win+E together to open Computer window, click View and then click Options


Click View tab in the Folder Options window, choose Show hidden files, folders, and drives under the Hidden files and folders category


4. Delete Relevant Registry Entries and Files

(1). Delete the registry entries related to the fake Windows alert browser hijacker through Registry Editor

Press Win+R to bring up the Run window, type “regedit” and click “OK”


While the Registry Editor is open, search and delete its registry entries

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\[RANDOM CHARACTERS].exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ‘Random’

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Random

(2). Find out and remove the associated files




Video Shows You How to Safely Modify Windows Registry Editor:


In a word, please keep in mind that “Windows has been blocked due to Suspicious Activity” warning is made up by the criminals. Apart from the malware behind this warning, your system is fine. None of the issues that it tells you exist on your computer. To get rid of the fraud warning, you are supposed to remove the malware completely. As we mentioned above, this malware has the capability to block your security program. Therefore, we suggest you remove malware manually. Find out all the malicious files and remove them one by one. Take actions before it can damage your system further. Just get rid of “Windows has been blocked due to Suspicious Activities” warning once for all.

Can’t remove the virus and are afraid of making any critical mistakes damaging your computer? please contact YooCare Expert for further removal help.

Published by & last updated on October 20, 2016 1:22 pm

Leave a Reply

Your email address will not be published. Required fields are marked *

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On