Home Security Essentials

By ESGI Advisor in Rogue Anti-Spyware Program

Threat Scorecard

Threat Level:	80 % (High)
Infected Computers:	75

First Seen:	August 29, 2011
Last Seen:	May 10, 2022
OS(es) Affected:	Windows

Home Security Essentials is a rogue anti-spyware program and a next version of the malicious security tool Home Safety Essentials, which poses a genuine security application. In truth, Home Security Essentials is a scam program, which is designed by cyber-criminals to frighten affected Internet their computer are infected with numerous malware threats and suggests them to purchase its so-called registered version to remove the supposedly identified threats.

After a successful installation into a compromised PC system, Home Security Essentials executes a fraudulent system scan and returns false scan results to scare you your machine is corrupted by various types of computer viruses. Home Security Essentials also displays fake warning messages to cheat you that your computer is at risk. After that, Home Security Essentials will try to convince you into buying its nonexistent licensed version to supposedly repair found infections and other security issues. You should not believe and pay for Home Security Essentials because it is a virus itself. ESG's malware researchers highly recommend you to select a trustworthy security program to remove Home Security Essentials from the infected computer system as soon as possible.

File System Details

Home Security Essentials may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%AppData%\Microsoft\Windows\Recent\DBOLE.dll
Name: %AppData%\Microsoft\Windows\Recent\DBOLE.dll Type: Dynamic link library Group: Malware file
2.	%AppData%\Microsoft\Windows\Recent\delfile.dll
Name: %AppData%\Microsoft\Windows\Recent\delfile.dll Type: Dynamic link library Group: Malware file
3.	%AppData%\Microsoft\Windows\Recent\energy.dll
Name: %AppData%\Microsoft\Windows\Recent\energy.dll Type: Dynamic link library Group: Malware file
4.	%AppData%\Home Safety Essentials\ScanDisk_.exe
Name: %AppData%\Home Safety Essentials\ScanDisk_.exe Type: Executable File Group: Malware file
5.	%AppData%\Microsoft\Windows\Recent\SICKBOY.sys
Name: %AppData%\Microsoft\Windows\Recent\SICKBOY.sys Type: System file Group: Malware file
6.	%AppData%\Microsoft\Windows\Recent\eb.sys
Name: %AppData%\Microsoft\Windows\Recent\eb.sys Type: System file Group: Malware file
7.	%AppData%Microsoft\Windows\Recent\runddlkey.exe
Name: %AppData%Microsoft\Windows\Recent\runddlkey.exe Type: Executable File Group: Malware file
8.	%AllUsersProfile%\HS2d7_231.exe
Name: %AllUsersProfile%\HS2d7_231.exe Type: Executable File Group: Malware file
9.	%AppData%\Microsoft\Windows\Recent\PE.sys
Name: %AppData%\Microsoft\Windows\Recent\PE.sys Type: System file Group: Malware file
10.	%AppData%\Microsoft\Windows\Recent\eb.dll
Name: %AppData%\Microsoft\Windows\Recent\eb.dll Type: Dynamic link library Group: Malware file
11.	%AppData%\Microsoft\Windows\Recent\pal.sys
Name: %AppData%\Microsoft\Windows\Recent\pal.sys Type: System file Group: Malware file
12.	%AppData%\Home Safety Essentials\Instructions.ini
Name: %AppData%\Home Safety Essentials\Instructions.ini Group: Malware file
13.	%AppData%\Microsoft\Windows\Recent\gid.tmp
Name: %AppData%\Microsoft\Windows\Recent\gid.tmp Type: Temporary File Group: Malware file
14.	%AppData%\Microsoft\Windows\Start Menu\Programs\Home Safety Essentials.lnk
Name: %AppData%\Microsoft\Windows\Start Menu\Programs\Home Safety Essentials.lnk Type: Shortcut Group: Malware file
15.	%AllUsersProfile%\6113.mof
Name: %AllUsersProfile%\6113.mof Group: Malware file
16.	%AllUsersProfile%\
Name: %AllUsersProfile%\ Group: Malware file
17.	%AllUsersProfile%\HSYITSQGE
Name: %AllUsersProfile%\HSYITSQGE Group: Malware file
18.	%AppData%\Home Safety Essentials
Name: %AppData%\Home Safety Essentials Group: Malware file
19.	%AppData%\Microsoft\Windows\Recent\SICKBOY.drv
Name: %AppData%\Microsoft\Windows\Recent\SICKBOY.drv Type: Device Driver Group: Malware file
20.	%AppData%\Microsoft\Windows\Recent\snl2w.drv
Name: %AppData%\Microsoft\Windows\Recent\snl2w.drv Type: Device Driver Group: Malware file
21.	%UserProfile%\Desktop\Home Safety Essentials.lnk
Name: %UserProfile%\Desktop\Home Safety Essentials.lnk Type: Shortcut Group: Malware file
22.	%AllUsersProfile%\3178.mof
Name: %AllUsersProfile%\3178.mof Group: Malware file
23.	%AllUsersProfile%\HSYITSQGE\HSLGILTOGE.cfg
Name: %AllUsersProfile%\HSYITSQGE\HSLGILTOGE.cfg Group: Malware file
24.	%AllUsersProfile%\Quarantine Items
Name: %AllUsersProfile%\Quarantine Items Group: Malware file
25.	%AllUsersProfile%\HSE.ico
Name: %AllUsersProfile%\HSE.ico Group: Malware file
26.	%AppData%\Microsoft\Internet Explorer\Quick Launch\Home Safety Essentials.lnk
Name: %AppData%\Microsoft\Internet Explorer\Quick Launch\Home Safety Essentials.lnk Type: Shortcut Group: Malware file
27.	%AppData%\Microsoft\WindowsRecent\ppal.drv
Name: %AppData%\Microsoft\WindowsRecent\ppal.drv Type: Device Driver Group: Malware file
28.	%AppData%\Microsoft\Windows\Start Menu\Home Safety Essentials.lnk
Name: %AppData%\Microsoft\Windows\Start Menu\Home Safety Essentials.lnk Type: Shortcut Group: Malware file
29.	%AllUsersProfile%\46.mof
Name: %AllUsersProfile%\46.mof Group: Malware file
30.	%AllUsersProfile%\14.mof
Name: %AllUsersProfile%\14.mof Group: Malware file
31.	%AllUsersProfile%\HSESys
Name: %AllUsersProfile%\HSESys Group: Malware file

Registry Details

Home Security Essentials may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKCU\Software\Microsoft\Internet Explorer\Download\RunInvalidSignatures "1"

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun12\ avgemc.exe

HKCU\Software\Microsoft\WindowsCurrentVersion\Policies\Explorer\DisallowRun\15 avgwdsvc.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\4 avgnt.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\7 avgfrw.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\ 1

HKLM\SOFTWARE\Classes\HS2d7_231.DocHostUIHandler

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings5.0User AgentPost Platformlib/5.00231

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun msseces.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\11 avgcfgex.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA "1"

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ad-Aware.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AluSchedulerSvc.exe

HKCU\Software\Classes\Software\Microsoft\Internet Explorer\Search\Scopes\URL http://findgala.com/?&uid=231&q={searchTerms}

HKCU\Software\Microsoft\Internet Explorer\SearchScopes\URL http://findgala.com/?&uid=231&q={searchTerms}

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\14 avgcmgr.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\3 egui.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\6 avscan.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\9 avgtray.exe

HKLM\SOFTWARE\Classes\CLSID{3F2BBC05-40DF-11D2-9455-00104BC936FF}

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings5.0User AgentPost Platform89770803

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\10 avgscanx.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorUser "2"

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\About.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options~2.exe

HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\91\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}Vid

HKCU\Software\Microsoft\Internet Explorer\PRS http://127.0.0.1:27777/?inj=%ORIGINAL%

HKCU\Software\MicrosoftWindows\CurrentVersion\Policies\Explorer\DisallowRun\13 avgchsvx.exe

HKCU\Software\MicrosoftWindows\CurrentVersion\Policies\Explorer\DisallowRun\2 ekrn.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\5 avcenter.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\8 avgui.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Home Safety Essentials

HKCU\Software\Microsoft\Internet Explorer\Download\CheckExeSignatures "no"

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsUID 231

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\1 MSASCui.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin "2"

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWEBGRD.EXE

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options~1.exe

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Home Security Essentials

Threat Scorecard

EnigmaSoft Threat Scorecard

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen