« WiniFighter
Jqs.exe »

Unauthorized remote connection popup

No Comments
JubileeX By JubileeX in Fake Error Messages | 96 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

Unauthorized Remote Connection Popup Description

Unauthorized remote connection pop-up is a fake security threat appearing on counterfeit warning notifications, all designed and launched by the rogue anti-spyware program known as Windows Security Suite. These Unauthorized remote connection pop-up windows read as follows:

“Unauthorized remote connection! Your system is making an unauthorized personal data transfer to remote computer! Remote IP: 128.154.2611; Local IP: 10.0.2.15; Port: 23365… Warning! Unauthorized personal data transfer is detected! It may be your personal credit card details, logins and passwords, browsing habits or information about files you have downloaded. To protect your private data, please click “Prevent Connection” button below.”

This Unauthorized remote connection pop-up is a fake and should not be taken lightly. Following the prompts will only cause the user to purchase and download the fake spyware remover Windows Security Suite. Instead, remove both the rogue spyware remover and Unauthorized remote connection pop-up from the computer as soon as they are detected.

Type: Fake Warning Messages

How Can You Detect Unauthorized Remote Connection Popup ?

 
 

Download SpyHunter’s Detection Scanner
to Detect Unauthorized Remote Connection Popup .

 
 

Unauthorized Remote Connection Popup has typically the following processes in memory:

  • c:\Documents and Settings\All Users\Application Data\345d567\WI345d.exe
  • c:\Documents and Settings\All Users\Application Data\345d567\sqlite3.dll
  • %UserProfile%\Recent\energy.dll
  • %UserProfile%\Recent\PE.dll
  • %UserProfile%\Recent\dudl.sys
  • %UserProfile%\Recent\std.exe
  • c:\Documents and Settings\All Users\Application Data\345d567\mozcrt19.dll
  • %UserProfile%\Recent\tempdoc.dll
  • %UserProfile%\Recent\SM.dll
  • %UserProfile%\Recent\grid.sys
  • %UserProfile%\Recent\snl2w.exe
  • %UserProfile%\Recent\CLSV.exe
  • %UserProfile%\Recent\kernel32.dll
  • %UserProfile%\Recent\runddl.dll
  • %UserProfile%\Recent\grid.dll

Unauthorized Remote Connection Popup creates the following registry entries:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “698909210803″
  • HKEY_CLASSES_ROOT\WI345d.DocHostUIHandler
  • HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Windows Security Suite”

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 07/9/09 and is filed under Fake Error Messages. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs


Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.