The Registry Sentinel
The Registry Sentinel, also known as TheRegistrySentinel, is a rogue registry cleaner. TheRegistrySentinel is designed to identify and fix registry errors, but instead it displays false positives to trick the user into believing there's a malware infection. The Registry Sentinel comes bundled with another rogue anti-spyware program called The Web Sentinel, which together they form a group of anti-spyware program that is under the name Your Web Safe.
Once you're infected with either of the rogue anti-spyware programs (TheRegistrySentinel, The Web Sentinel or Your Web Safe), it installs the Locker.exe file on the user's computer which displays a purchase window that will not close until the user purchases the program. The Locker.exe file disables typical keyboard commands like Alt+Tab, Ctrl+Alt+Delete, and others. The only way you can remove TheRegistrySentinel, along with The Web Sentinel and Your Web Safe, is by pressing Ctrl+N to open a new browser window and begin a scan with an antivirus or anti-spyware program to clean the computer. If you download The Registry Sentinel, it will start a scan that displays false positives on your computer. It is strongly recommended to remove The Registry Sentinel from your system without any hesitation.
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%The Registry Sentinel 2 %ProgramFiles%The Registry Sentinel\rnf456 3 %ProgramFiles%The Registry Sentinel\The Registry Sentinel.exe 4 %ProgramFiles%The Registry Sentinel\UninstallCleanReg.exe 5 %ProgramFiles%The Web Sentinel 6 %ProgramFiles%The Web Sentinel\licence.txt 7 %ProgramFiles%The Web Sentinel\The Web Sentinel.exe 8 %ProgramFiles%The Web Sentinel\UninstallSentinel.exe 9 %UserProfile%\Desktop\The Registry Sentinel.lnk 10 %UserProfile%\Desktop\The Web Sentinel.lnk 11 %UserProfile%\Start Menu\Programs\The Registry Sentinel 12 %UserProfile%\Start Menu\Programs\The Registry Sentinel\The Registry Sentinel.lnk 13 %UserProfile%\Start Menu\Programs\The Registry Sentinel\UninstallCleanReg.lnk 14 %UserProfile%\Start Menu\Programs\The Web Sentinel 15 %UserProfile%\Start Menu\Programs\The Web Sentinel\The Web Sentinel.lnk 16 %UserProfile%\Start Menu\Programs\The Web Sentinel\UninstallSentinel.lnk 17 c:\WINDOWS\AttentionEX.html 18 c:\WINDOWS\BadUrl.txt 19 c:\WINDOWS\delete.jpg 20 c:\WINDOWS\delete1.jpg 21 c:\WINDOWS\IEBHO.dll 22 c:\WINDOWS\locked.ico 23 C:\Windows\locker.exe 24 c:\WINDOWS\opened.ico 25 c:\WINDOWS\paths.jpg 26 c:\WINDOWS\prgrsbar.gif 27 c:\WINDOWS\pskill.exe 28 c:\WINDOWS\refs.jpg 29 c:\WINDOWS\Sentinel1.jpg 30 c:\WINDOWS\Sentinel2.jpg 31 c:\WINDOWS\Sentinel3.jpg 32 c:\WINDOWS\Sentinel4.jpg 33 c:\WINDOWS\setts.jpg 34 c:\WINDOWS\setupc.exe 35 c:\WINDOWS\setups.exe 36 c:\WINDOWS\stores.jpg 37 c:\WINDOWS\uid.tmp 38 c:\WINDOWS\vals.jpg 39 c:\WINDOWS\www.jpg 40 TheRegistrySentinel.exe 41 TheRegistrySentinel.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SentinelHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\The Registry Sentinel.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\The Web The Web Sentinel.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D032570A-5F63-4812-A094-87D007C23012}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\clean registryHKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{82297D11-31C1-40B1-960A-BDF40B3B365F}HKEY_CLASSES_ROOT\CLSID\{D032570A-5F63-4812-A094-87D007C23012}HKEY_CLASSES_ROOT\IEBHO.TIEAdvBHOHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "The Registry Sentinel"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "The Web Sentinel"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}The Web The Web SentinelTheRegistrySentinel
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.