Threat Database Adware 'RDN/Trojan/Hacking file Detected' Pop-Up

'RDN/Trojan/Hacking file Detected' Pop-Up

By GoldSparrow in Adware

The 'RDN/Trojan/Hacking file Detected' pop-up windows are classified as fake computer security alerts that aim to convince users to call toll-free phone lines such as 208-133-6658 and 423-218-2922. These phone numbers have been involved in phone harassing cases since the start of 2017 and were mentioned in user reports at community services like and The 'RDN/Trojan/Hacking file Detected' pop-up windows offer misleading information and PC users should avoid contact with the people on the end of the 208-133-6658 and the 423-218-2922 phone lines. The 'RDN/Trojan/Hacking file Detected' warnings do not reflect the state of your system accurately and may suggest the following:

'RDN/Trojan/Hacking file Detected
Call Your Local Windows Support at [RANDOM PHONE NUMBER]
The following data will be compromised if you continue:
1. Passwords
2. Browser History
3. Credit Card Information
4. Online Banking History
This Trojan is well known for complete identity, SSN and credit card theft. Further action through this computer or any computer on the network will reveal private information and involve serious risks.
Call Your Local Windows Support at [RANDOM PHONE NUMBER]'

We are aware that the fake alerts are generated on sites like grandhostnhelp[.]info that are registered to the IP address. Most of the leading cybersecurity vendors are working with teams at Google Inc. and the Mozilla Foundation to block access to sites like grandhostnhelp[.]info. However, the fight is hard because the creators of fake security messages tend to register new domains almost daily and expand their web of deceit. Web filters, firewall solutions, and AV scanners may bring up the following names in notifications when you load content related to the 'RDN/Trojan/Hacking file Detected' pop-ups:

  • HTML.Trojan.FakeAlert.f
  • HTML/FakeAlert.BK
  • HTML/FakeAlert.CL!tr
  • HTML:Redirector-HQ [Trj]
  • JS.LockPage.26
  • JS.Z.Agent.5942.I
  • JS/CrashSafa-A
  • JS:Agent-EAA [Trj]
  • Suspicious_GEN.F47V0912
  • Trojan.FakeAlert!8.56B (TOPIS:sQvLYVcISdH)
  • Trojan.FakeAlert!8.56B-MCXqBDSDA0F (cloud)
  • XPL/Def.DK.1989_48
  • Xpl.Def.Dk!c

Do not trust the 'RDN/Trojan/Hacking file Detected' messages even if they include logos you have seen at that is the legitimate support page for Microsoft products and services. Clever Web developers use visual elements associated with trusted companies and products to make the 'RDN/Trojan/Hacking file Detected' warnings more believable. You being vigilant and careful is the greatest enemy of the con artists who are using the 'RDN/Trojan/Hacking file Detected' notifications to promote fake AV instruments, technical support plans, and adware as safe programs. PC users who want to ensure their online sessions are protected should consider adding a reputable anti-malware shield to their systems and blocking the following domains that are known to generate the 'RDN/Trojan/Hacking file Detected' pop-ups:

  • 365swindowshelp[.]com
  • allwindowshelp[.]com
  • computercrashhelp[.]com/cgi-sys/defaultwebpage.cgi
  • diskwebassist[.]com/help
  • hostplan[.]biz/index2.html
  • techwindowspc[.]com/main
  • trojanassist[.]com/service/index2.html
  • webassistnfix[.]com
  • webvpsassistant[.]site/main
  • webwindows365[.]com
  • windows4help[.]com
  • windows4support[.]com/service
  • windowssassistance[.]com
  • winpcassistant[.]com
  • winukassistant[.]site/main


Most Viewed