Firewall Warning Popup
"Firewall Warning" pop-up is a false security warning generated by rogue anti-spyware WinPC Antivirus. This "Firewall Warning" alert states that WinPC Antivirus has detected a hidden file transfer to remote computer. The "Firewall Warning" Pop up reads:
"FIREWALL WARNING.
Hidden file transfer to remote host was detected. WinPC Antivirus has detected that an outside party is attempting to transfer your private data via Internet. We strongly recommend you to block the attack immediately.
Details of the attack: remote host transfer IP 97.216.34.74; remote user computer name 'FORENSICS'."
First of all, it is very important to completely ignore "Firewall Warning" pop-up alert, as it promotes the rogue anti-spyware WinPC Antivirus. If you click this fake notification, you will automatically download the fake anti-spyware onto your computer. Second of all, "Firewall Warning" pop-up must be removed as soon as possible otherwise your computer will become flooded with even more fake notifications.
File System Modifications
- The following files were created in the system:
# File Name 1 %CurrentFolder%\splug.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{F0993251-2512-4710-AF6E-0A13EA199D02}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0993251-2512-4710-AF6E-0A13EA199D02}HKEY_CURRENT_USER\Software\Protection Tools\"65005" = "1"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F0993251-2512-4710-AF6E-0A13EA199D02}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{F0993251-2512-4710-AF6E-0A13EA199D02}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\"rare" = "%CurrentFolder%\smmain.exe"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.