Srv-scan.us

By JubileeX in Rogue Websites

Translate To:

Srv-scan.us is a browser hijacker sponsoring the rogue anti-spyware program known as System Protector. Due to affiliated trojans infiltrating your system and altering browser settings, you will find your web-surfing activities being diverted to the Srv-scan.us domain, where your computer is subject to a false online scan. This scan reports numerous fictitious infection results in an attempt to scare you into purchasing System Protector.

File System Details

Srv-scan.us may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%UserProfile%\Application Data\shellex.dll
Name: %UserProfile%\Application Data\shellex.dll Type: Dynamic link library
2.	%UserProfile%\Application Data\lsascs.exe
Name: %UserProfile%\Application Data\lsascs.exe Type: Executable File
3.	%UserProfile%\Application Data\install.exe
Name: %UserProfile%\Application Data\install.exe Type: Executable File
4.	%UserProfile%\Application Data\Microsoft\windll32.exe
Name: %UserProfile%\Application Data\Microsoft\windll32.exe Type: Executable File
5.	%UserProfile%\Desktop\System Protector.lnk
Name: %UserProfile%\Desktop\System Protector.lnk Type: Shortcut
6.	%UserProfile%\Start Menu\Programs\System Protector\System Protector.lnk
Name: %UserProfile%\Start Menu\Programs\System Protector\System Protector.lnk Type: Shortcut
7.	%UserProfile%\Application Data\SpyProtectorSC_Config.ini
Name: %UserProfile%\Application Data\SpyProtectorSC_Config.ini
8.	%UserProfile%\Start Menu\Programs\System Protector\Support Page.url
Name: %UserProfile%\Start Menu\Programs\System Protector\Support Page.url
9.	%WINDOWS%\system32\spyprotector.cpl
Name: %WINDOWS%\system32\spyprotector.cpl
10.	%UserProfile%\Application Data\SpyProtectorSC_Base_new.dat
Name: %UserProfile%\Application Data\SpyProtectorSC_Base_new.dat Type: Data file
11.	%UserProfile%\Start Menu\Programs\System Protector\Purchase License.url
Name: %UserProfile%\Start Menu\Programs\System Protector\Purchase License.url
12.	%Program Files%\System Protector
Name: %Program Files%\System Protector

Registry Details

Srv-scan.us may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\System Protector

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "System Protector"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\System Protector

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\System Protector

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\lsascs.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" => 1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{107A1D63-2EAA-4694-8ABA-EC209C630D83}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\System Protector

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Srv-scan.us

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen