Scnadator14.info
Scnadator14.info is a corrupt website which promotes the rogue anti-virus program Eco Antivirus. Scnadator14.info uses scare tactics to make people trust its bogus results. Scnadator14.info mimics a system scan claiming to check your computer's disks and directories for malware. Scnadator14.info will falsely detect malware to convince the computer user that the PC is infected. Then the user will be urged to pay for Eco Antivirus to remove these alleged threats. Do not fall for this blatant scam and have Eco Antivirus, Scnadator14.info and all related threats removed before they cause chaos on your system.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\All Users\Application Data\eca 2 %Documents and Settings%\All Users\Application Data\eca\Base.dat 3 %Documents and Settings%\All Users\Application Data\eca\msdl.exe 4 %Documents and Settings%\All Users\Application Data\eca\msll.exe 5 %Documents and Settings%\All Users\Application Data\eca\vec.exe 6 %Documents and Settings%\All Users\Application Data\Microsoft\Machine 7 %Documents and Settings%\All Users\Application Data\Microsoft\Machine\WStech.dll 8 %Documents and Settings%\All Users\Desktop\ Eco AntiVirus.lnk 9 %Documents and Settings%\All Users\Start Menu\Programs\ Eco AntiVirus
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\ECOHKEY_LOCAL_MACHINE\SOFTWARE\EcoHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\AppID\WStech.DLLHKEY_CLASSES_ROOT\AppID\{29256442-2C14-48CA-B756-3EE0F8BDC774}HKEY_CLASSES_ROOT\CLSID\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB}HKEY_CLASSES_ROOT\Interface\{051C9A06-FB08-486F-B09B-8B33B261637D}HKEY_CLASSES_ROOT\TypeLib\{512E801E-2F02-4ADE-ACAA-58F08A22B2F8}HKEY_CLASSES_ROOT\WStech.WStechBHKEY_CLASSES_ROOT\WStech.WStechB.1HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}\SHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "mxcll"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.