Search this blog

Friday, August 19, 2011

Home Safety Essentials virus description and removal

Home Safety Essentials, without any doubts, implies totally useless and even hazardous application which can essentially damage your computer, no matter what operating system you have on it. When it comes to referring it to certain malware category, we can assert that it can be rightfully considered as a bogus and rogue anti-virus tool originating from the malware clan which has been attacking thousands of computers worldwide for quit a continuous time. This application is regarded as a rogue since it shows fictitious and fabricated facts in order to scare you into buying the application. This virus threat is being nowadays promoted using two different ways. The first technique is by means of web sites that claim they are certain online anti-malware scanner called Windows Web Security. Once the user visits these sites he/she will encounter the page that claims to scan the PC for availability of threats and viruses. Once it is accomplished it will assert that the user’s system contains various threats and that you should download some application in order to have your PC scanned and cleaned. However, it is worth mentioning that each time you face the web resource that claims that your PC is infected you should not trust them since the majority of these sites are scams aiming to persuade you to install the real virus threat. Then, the second way that can be applied to bring this virus inside of one’s workstation is by means of hazardous and malicious web pages that install Home Safety Essentials inside of the user’s PC without user’s knowledge or consent by means of available vulnerabilities in the outdated security programs and other leaks in the system anti-virus protection.

As soon as Home Safety Essentials virus is successfully installed inside of the PC it will be tuned up in such a manner that it will be launched automatically. It will also form various harmless files which will then be identified by this rogue tool as malwares when it scans your system. Below please find the files created by it:

  • %AppData%\Microsoft\Windows\Recent\CLSV.tmp
  • %AppData%\Microsoft\Windows\Recent\DBOLE.dll
  • %AppData%\Microsoft\Windows\Recent\PE.sys
  • %AppData%\Microsoft\Windows\Recent\SICKBOY.drv
  • %AppData%\Microsoft\Windows\Recent\SICKBOY.sys
  • %AppData%\Microsoft\Windows\Recent\delfile.dll
  • %AppData%\Microsoft\Windows\Recent\eb.dll
  • %AppData%\Microsoft\Windows\Recent\eb.sys
  • %AppData%\Microsoft\Windows\Recent\energy.dll
  • %AppData%\Microsoft\Windows\Recent\gid.tmp
  • %AppData%\Microsoft\Windows\Recent\pal.sys
  • %AppData%\Microsoft\Windows\Recent\ppal.drv
  • %AppData%\Microsoft\Windows\Recent\runddlkey.exe
  • %AppData%\Microsoft\Windows\Recent\snl2w.drv

While the rogue tool scans your system it will identify all kinds of threats, including the files specified above that it created initially, and then tells you that it is a must-do thing to have them all removed. When you try to get rid of them, however, it will claim you are unable to do this unless you first buy the application. Due to the fact that the scan results for this application are fictitious please do not get tricked or fooled into buying the application.

Home Safety Essentials automatic removal:

  1. Download the latest version of GridinSoft Trojan Killer to clear (not infected) computer and install it.
  2. malware removal tool

  3. Update the virus database.
  4. Copy the entire folder “GridinSoft Trojan Killer” to your jump drive (memory stick). Normally it is located at the following path: (C:\Program Files\GridinSoft Trojan Killer). “C” stands for the system disk of your computer. The name of the system disk, however, can be marked with another letter.
  5. Open your jump drive (memory stick). Find the folder “GridinSoft Trojan Killer” there. Open it , find the file under the name “trojankiller.exe” and rename it to “iexplore.exe”.
  6. Move memory stick to infected PC, open “GridinSoft Trojan Killer” folder and run iexplore.exe. Optional: copy the folder “GridinSoft Trojan Killer” from your jump drive to some other folder created on your PC and run “iexplore.exe”.

Instructions on how to restore your Internet connection:

  • Start Internet Explorer and click on the Tools menu and then select Internet Options as shown in the image below:
  • For Windows XP Operating System:

    For Windows Vista and Windows 7 Operating System:

  • Select Connections tab and now click on the Lan Settings button as shown in the image below:
  • Under the Proxy Server section uncheck the checkbox “Use a proxy server for your LAN” and press the OK button to close this screen:

No comments:

Post a Comment

Search this blog