You Shall Not Pass Virus
Also Known As: You Shall Not Pass Hosts File Hijacker, Type: Other, Distribution: High
Damage level: Moderate
Written by Tomas Meskauskas on
"YOU SHALL NOT PASS" virus removal guide
What is You Shall Not Pass?
The "You shall not pass" message appears when attempting to access Google, Facebook, or other popular websites. It is a host hijacker - a security infection, which modifies the operating system Hosts file. This file is used to resolve canonical names of websites to IP addresses. When this file is modified, users may be redirected to malicious websites whilst still observing valid URLs in address bar. Note that this particular security threat does not appear to be especially malicious - it blocks access to popular websites, however, it does not perform other malicious tasks. Other Hosts file hijackers prevent users' access to the Internet, then coerce them into completing online surveys before returning Internet access.
Whilst this browser hijacker appears ineffectual, computer users should be aware that Hosts file hijackers, ransomware viruses, and fake antivirus programs are often bundled with baking Trojans and other spyware, which collect information used to access certain sites. This information is then collated and sent to a remote machine. Moreover, infiltrated computers can encounter further security-related issues. Trojans, for example, are used to download files from a remote computer and perform other malicious tasks. If you see the "You shall not pass" message when attempting to access popular websites, your PC is infiltrated with a Hosts file-modifying Trojan.
Other Hosts file hijackers used to trick PC users into filling deceptive online surveys include "Your website access has been restricted for downloading pirated software" and "You have been blocked from our website!". The "You shall not pass" Hosts file hijacker is distributed using fake downloads and some Internet users report that their computers are infected with this Trojan when they download Minecraft-related add-ons, account generators, etc. To remove the "You shall not pass" browser hijacker, use the removal guide provided.
"You shall not pass" virus removal:
Internet browser redirects to the "You shall not pass" website are caused by a Trojan, which modifies the operating system Hosts file. To remove this Trojan, download recommended malware removal software and run a full system scan.
After eliminating this Trojan, check your operating system Hosts file. Information stored in this file is responsible for resolving canonical names of websites - if the information within this file is changed by a malicious program, you could encounter redirect problems whilst surfing the Internet.
The Hosts file is used to resolve canonical names of websites to IP addresses. When it is changed, the user may be redirected to malicious sites, despite seeing legitimate URLs in address bar. It is difficult to determine sites are genuine when the Hosts file is modified. To fix this, please download the Microsoft Fix It tool, that restores your Hosts file to the Windows default. Run this tool when downloaded and follow the on-screen instructions. Download link below: