Newfolder Fix (Fake Fix) Sahte Temizleyici (SecurityStronghold)

cenkut 197
sponsorlu reklam

İnternet üzerinde dolaşan ve NewFolder.exe virüsünü sildiğini söyleyen Newfolder fix veya SecurityStronghold adlı programı aslında tam tersi kendisi bir virüs temizlemek için aşağıdaki işlemleri sırayla yapınız;

SİLİNMESİ GEREKEN DOSYALAR ;

%CommonPrograms%\Newfolder Fix Wizard\Newfolder Fix Wizard.lnk

%CommonPrograms%\Newfolder Fix Wizard\Security Stronghold Online.lnk

%CommonPrograms%\Newfolder Fix Wizard\Uninstall Printer Spooler Fix Wizard.lnk

%DesktopDir%\Newfolder Fix Wizard.lnk

%ProgramFiles%\Newfolder Fix Wizard\NewFolderFixWizard.exe

%ProgramFiles%\Newfolder Fix Wizard\unins000.dat

%ProgramFiles%\Newfolder Fix Wizard\unins000.exe

%Windir%\eSellerateControl350.dll

%Windir%\eSellerateEngine.dll

GÖREV YÖNETİCİSİNDEN AŞAĞIDAKİ ÇALIŞANLARI DURDURUN ;

is-RJUQ7.tmp  (%Temp%\is-52H7V.tmp\is-RJUQ7.tmp)

KAYIT DEFTERİNDEN KAYITLARI SİLİNİZ ;

  • The following Registry Keys were created:
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25982EAA-87CC-4747-BE09-9913CF7DD2F1}
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25982EAA-87CC-4747-BE09-9913CF7DD2F1}\InprocServer32
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25982EAA-87CC-4747-BE09-9913CF7DD2F1}\ProgID
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25982EAA-87CC-4747-BE09-9913CF7DD2F1}\Programmable
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25982EAA-87CC-4747-BE09-9913CF7DD2F1}\TypeLib
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25982EAA-87CC-4747-BE09-9913CF7DD2F1}\VersionIndependentProgID
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A3E27DCE-DD77-49F4-B566-03FA894C8308}
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A3E27DCE-DD77-49F4-B566-03FA894C8308}\ProxyStubClsid
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A3E27DCE-DD77-49F4-B566-03FA894C8308}\ProxyStubClsid32
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A3E27DCE-DD77-49F4-B566-03FA894C8308}\TypeLib
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E958A86-A23B-4659-A6AE-BD85FCD1D544}
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E958A86-A23B-4659-A6AE-BD85FCD1D544}\1.0
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E958A86-A23B-4659-A6AE-BD85FCD1D544}\1.0\0
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E958A86-A23B-4659-A6AE-BD85FCD1D544}\1.0\0\win32
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E958A86-A23B-4659-A6AE-BD85FCD1D544}\1.0\FLAGS
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E958A86-A23B-4659-A6AE-BD85FCD1D544}\1.0\HELPDIR
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\eSellerateControl.350
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\eSellerateControl.350\CLSID
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\eSellerateControl.350\CurVer
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\eSellerateControl.350.1
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\eSellerateControl.350.1\CLSID
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Newfolder Fix Wizard_is1
  • The newly created Registry Values are:
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25982EAA-87CC-4747-BE09-9913CF7DD2F1}\VersionIndependentProgID]
      • (Default) = “eSellerateControl.350”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25982EAA-87CC-4747-BE09-9913CF7DD2F1}\TypeLib]
      • (Default) = “{1E958A86-A23B-4659-A6AE-BD85FCD1D544}”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25982EAA-87CC-4747-BE09-9913CF7DD2F1}\ProgID]
      • (Default) = “eSellerateControl.350.1”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25982EAA-87CC-4747-BE09-9913CF7DD2F1}\InprocServer32]
      • (Default) = “%Windir%\ESELLE~1.DLL”
      • ThreadingModel = “Apartment”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25982EAA-87CC-4747-BE09-9913CF7DD2F1}]
      • (Default) = “eSeller Class”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A3E27DCE-DD77-49F4-B566-03FA894C8308}\TypeLib]
      • (Default) = “{1E958A86-A23B-4659-A6AE-BD85FCD1D544}”
      • Version = “1.0”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A3E27DCE-DD77-49F4-B566-03FA894C8308}\ProxyStubClsid32]
      • (Default) = “{00020424-0000-0000-C000-000000000046}”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A3E27DCE-DD77-49F4-B566-03FA894C8308}\ProxyStubClsid]
      • (Default) = “{00020424-0000-0000-C000-000000000046}”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A3E27DCE-DD77-49F4-B566-03FA894C8308}]
      • (Default) = “IeSeller”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E958A86-A23B-4659-A6AE-BD85FCD1D544}\1.0\0\win32]
      • (Default) = “%Windir%\eSellerateControl350.dll”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E958A86-A23B-4659-A6AE-BD85FCD1D544}\1.0\HELPDIR]
      • (Default) = “%Windir%\”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E958A86-A23B-4659-A6AE-BD85FCD1D544}\1.0\FLAGS]
      • (Default) = “0”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E958A86-A23B-4659-A6AE-BD85FCD1D544}\1.0]
      • (Default) = “eSellerateControl 3.5.0 Library”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\eSellerateControl.350\CurVer]
      • (Default) = “eSellerateControl.350.1”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\eSellerateControl.350\CLSID]
      • (Default) = “{25982EAA-87CC-4747-BE09-9913CF7DD2F1}”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\eSellerateControl.350]
      • (Default) = “eSeller Class”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\eSellerateControl.350.1\CLSID]
      • (Default) = “{25982EAA-87CC-4747-BE09-9913CF7DD2F1}”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\eSellerateControl.350.1]
      • (Default) = “eSeller Class”
    • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Newfolder Fix Wizard_is1]
      • Inno Setup: Setup Version = “5.1.5”
      • Inno Setup: App Path = “%ProgramFiles%\Newfolder Fix Wizard”
      • InstallLocation = “%ProgramFiles%\Newfolder Fix Wizard\”
      • Inno Setup: Icon Group = “Newfolder Fix Wizard”
      • Inno Setup: User = “%UserName%”
      • DisplayName = “Newfolder Fix Wizard”
      • DisplayIcon = “%ProgramFiles%\Newfolder Fix Wizard\NewFolderFixWizard.exe”
      • UninstallString = “”%ProgramFiles%\Newfolder Fix Wizard\unins000.exe””
      • QuietUninstallString = “”%ProgramFiles%\Newfolder Fix Wizard\unins000.exe” /SILENT”
      • DisplayVersion = “1.0”
      • Publisher = “Security Stronghold”
      • URLInfoAbout = “http://www.SecurityStronghold.com/”
      • HelpLink = “http://www.SecurityStronghold.com/support.html”
      • URLUpdateInfo = “http://www.SecurityStronghold.com/”
      • NoModify = 0x00000001
      • NoRepair = 0x00000001

Sosyal Ağlarda Paylaş

BENZER KONULARIM

{cenkut}

Bir Cevap Yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir