Monday, December 26, 2011

Remove Home Security SolutionsRemove Home Security Solutions

Home Security Solutions Removal Guide
Home Security Solutions is a fake antivirus program that CANNOT DETECT AND REMOVE any kind of virus, malware and trojan. Home Security Solutions can do nothing but just show pop ups to convince the user that the computer has been infected by malwares and urge the user to purchase the full version of Home Security Solutions. Home Security Solutions infections are known to spread by means of fake online system alerts that warn the user about infections that require the user to download Home Security Solutions to remove them. Home Security Solutions will start automatically when Windows boot. Then Home Security Solutions will do a fake scan on the computer and then it will show the fake report. Do not purchase Home Security Solutions as it can do nothing.The user should switch to Safe Mode to make sure any scans detect Home Security Solutions and remove Home Security Solutions with anti-malware applications that are designed to handle such threats.

Home Security Solutions can be removed by using Emsisoft HiJackFree to stop the processes and kill the files from the hard drive. Then, the user has to restore the registry entries added and modified by Home Security Solutions. Finally, all the file related to Home Security Solutions must be deleted from the hard drive. All of them has been shown in the removal guide below.

The computer users should remember that any time when they encounter a web page that states that the computer is infected, they should not believe them as the majority of these pages are scams trying to get them to install the actual infection. The second method that can be used to install this fake antivirus is through hacked web sites that install Home Security Solutions on to the computer without their knowledge by exploiting vulnerabilities in the outdated programs.

Home Security Solutions should be removed immediately!


Home Security Solutions Removal Guide
Kill Process
(How to kill a process effectively?)
[random].exe

Delete Registry

HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\91\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Vid {137E7700-3573-11CF-AE69-08002B2E1262}
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes\URL http://findgala.com/?&uid=231&q={searchTerms}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download\CheckExeSignatures "no"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PRS http://127.0.0.1:27777/?inj=%ORIGINAL%
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\URL http://findgala.com/?&uid=231&q={searchTerms}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\89770803
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\lib/5.00231
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UID 231
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HS2d7_231.DocHostUIHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin "2"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Enable LUA "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Home Security Solutions"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}


Remove Folders and Files

%AllUsersProfile%\[RANDOM]
%AllUsersProfile%\HSYITSQGE
%AppData%\Home Security Solutions
%AppData%\Microsoft\Windows\Recent\DBOLE.dll
%AppData%\Microsoft\Windows\Recent\CLSV.tmp
%AppData%\Microsoft\Windows\Recent\gid.tmp
%AppData%\Microsoft\Windows\Recent\eb.dll
%AppData%\Microsoft\Windows\Recent\delfile.dll
%AppData%\Microsoft\Windows\Recent\eb.sys
%AppData%\Microsoft\Windows\Recent\energy.dll
%AppData%\Microsoft\Internet Explorer\Quick Launch\Home Security Solutions.lnk


No comments:

Post a Comment