Multi-Device Licenses (Volume Discounts)

Change Region

English Português
Threat Database Fake Error Messages Unauthorized remote connection popup

Unauthorized remote connection popup

By JubileeX in Fake Error Messages
Translate To:
English

Unauthorized remote connection pop-up is a fake security threat appearing on counterfeit warning notifications, all designed and launched by the rogue anti-spyware program known as Windows Security Suite. These Unauthorized remote connection pop-up windows read as follows:

"Unauthorized remote connection! Your system is making an unauthorized personal data transfer to remote computer! Remote IP: 128.154.2611; Local IP: 10.0.2.15; Port: 23365… Warning! Unauthorized personal data transfer is detected! It may be your personal credit card details, logins and passwords, browsing habits or information about files you have downloaded. To protect your private data, please click "Prevent Connection" button below."

This Unauthorized remote connection pop-up is a fake and should not be taken lightly. Following the prompts will only cause the user to purchase and download the fake spyware remover Windows Security Suite. Instead, remove both the rogue spyware remover and Unauthorized remote connection pop-up from the computer as soon as they are detected.

File System Details

Unauthorized remote connection popup may create the following file(s):
Expand All | Collapse All
# File Name Detections
1. C:\Documents and Settings\\Application Data\345d567\WI345d.exe
2. C:\Documents and Settings\\Application Data\345d567\sqlite3.dll
3. %UserProfile%\Recent\energy.dll
4. %UserProfile%\Recent\PE.dll
5. %UserProfile%\Recent\dudl.sys
6. %UserProfile%\Recent\std.exe
7. C:\Documents and Settings\\Application Data\345d567\mozcrt19.dll
8. %UserProfile%\Recent\tempdoc.dll
9. %UserProfile%\Recent\SM.dll
10. %UserProfile%\Recent\grid.sys
11. %UserProfile%\Recent\snl2w.exe
12. %UserProfile%\Recent\CLSV.exe
13. %UserProfile%\Recent\kernel32.dll
14. %UserProfile%\Recent\runddl.dll
15. %UserProfile%\Recent\grid.dll
16. C:\Documents and Settings\\Application Data\345d567\WINSSSys
17. C:\Documents and Settings\\Application Data\345d567\WINSSSys\vd952342.bd
18. C:\Documents and Settings\\Application Data\345d567\WINSS.ico
19. %UserProfile%\Application Data\Windows Security Suite\cookies.sqlite
20. %UserProfile%\Start Menu\Programs\Windows Security Suite.lnk
21. %UserProfile%\Desktop\Windows Security Suite.lnk
22. c:\ADWARE_LOG
23. C:\Documents and Settings\\Application Data\345d567
24. C:\Documents and Settings\\Application Data\345d567\26.mof
25. %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Security Suite.lnk
26. %UserProfile%\Start Menu\Windows Security Suite.lnk
27. %UserProfile%\Application Data\Windows Security Suite\Instructions.ini
28. %UserProfile%\Recent\DBOLE.drv
29. %UserProfile%\Application Data\Windows Security Suite
30. C:\Documents and Settings\\Application Data\WINSSSys
31. C:\Documents and Settings\\Application Data\WINSSSys\winss.cfg
32. C:\Documents and Settings\\Application Data\345d567\working.log
33. %UserProfile%\Recent\PE.tmp
34. c:\Program Files\Mozilla Firefox\searchplugins\search.xml
35. %UserProfile%\Recent\ANTIGEN.drv

Registry Details

Unauthorized remote connection popup may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "698909210803"
HKEY_CLASSES_ROOT\WI345d.DocHostUIHandler
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Windows Security Suite"

Trending

Most Viewed

Loading...