'System Firewall Has Blocked Some Features' Pop-Ups
The 'System Firewall Has Blocked Some Features' pop-up messages in your browser are not to be trusted. The 'System Firewall Has Blocked Some Features' pop-up messages may be produced by pages like the one at h[tt]p://www.hhpcerroralert[.]xyz/j0010n001.tk/index.html and are not to be associated with legitimate computer help services. The 'System Firewall Has Blocked Some Features' are designed to offer misleading information and keep users occupied with a phishing page on their desktops. The 'System Firewall Has Blocked Some Features' notifications instruct users to contact the '+855-966-0966' toll-free phone line since their systems have been compromised. However, that is not true, and the 'System Firewall Has Blocked Some Features' pop-up windows include a cleverly made JavaScript that forces your Web browser to load the underlying page on a loop. The 'System Firewall Has Blocked Some Features' pop-up windows are employed by con artists who offer a one-time subscription for computer support services. The 'System Firewall Has Blocked Some Features' scam may cost users from $300 to $600.
- The first pop-up window presented to users shows the following text:
- The second pop-up window presented to users shows the following text:
'System Security Alert
System Firewall has blocked some or all features of this program
System Firewall has blocked some features of the following application from execution on this computer.
Name: Csrss.exe
Publisher: Unknown
Path: %Systemroot%\windows\system32\csrss.exe
Allow this application to access :
Operating System Security Settings
File System (Documents, Pictures etc.)
Network Settings
Remote Protocol
Saved Passwords
Secure Date (Banking or Credit Card Details)
What are the risks of allowing a program through a firewall?'
'Customer, your system has detected possible Suspicious Activity.
Please call the toll-free number below for a Microsoft-Certified technician to help you resolve the issue:
+1 (855) 966 0966
For your safety, please do not open Internet browser to avoid data corruption to the registry of your operating system.
Please contact support at the toll-free Helpline +1 (855) 966 0966
PLEASE DO NOT SHUT DOWN OR RESTART THE COMPUTER, DOING THAT MAY LEAD TO DATA LOSS AND POSSIBLE FAILIURE OF THE OPERATING SYSTEM, AND POTENTIAL NON BOOTABLE SITUATION RESULTING IN COMPLETE DATA LOSS. CONTACT MICROSOFT CERTIFIED TECHNICIANS TO RESOLVE THE ISSUE CALLING TOLL FREE - +1 (855) 966 0966
Tollfree Helpline: +1 (855) 966 0966
Customer, your system has detected possible Suspicious Activity.
Please call the toll-free number below for a Microsoft-Certified technician to help you resolve the issue:
+1 (855) 966 0966
For your safety, please do not open internet browser to avoid data corruption...'
The messages listed above can be found on many domains associated with the 107.180.4.152 IP address. Computer security researchers discovered that the 'System Firewall Has Blocked Some Features' fake security alerts are hosted on the following domains:
sspcerroralert.xy, azpcerroralert.xyz, bzpcerroralert.xyz, czpcerroralert.xyz, dzpcerroralert.xyz, fzpcerroralert.xyz, gzpcerroralert.xyz, iipcerroralert.xyz, llpcerroralert.xyz, nnpcerroralert.xyz, pppcerroralert.xyz, sspcerroralert.xyz, uupcerroralert.xyz, xxpcerroralert.xyz, yypcerroralert.xyz.
We advise against making calls to the '+855-966-0966' toll-free phone line if you wish to void contact with the con artists. Microsoft offers help to its customers via the official support center at Support.microsoft.com. Pages that may include logos from Support.microsoft.com are not to be trusted. Desktop applications and browser extensions that may cause redirects to domains like those listed above should be annihilated with the help of a reliable anti-malware instrument. Detection names for the phishing pages and applications related to the 'System Firewall Has Blocked Some Features' include:
HTML/ExpKit.Gen2
JS.FakejQuery.A
JS.Redirector.314
JS/FakeJquery.G!tr
JS:Agent-EAO [Trj]
JS:Trojan.JS.Downloader.HTH
Script/Trojan.b6a
Troj/JSRedir-RX
Trojan.Script.NonJQuery.embtfc
Trojan:Script/Cloxer.A!cl
Trojan[Downloader]/JS.FakejQuery.b
Win32.Trojan.Expkit.Dzuh
