Popular Reviews

Adware Removal

» Adware Removal

Rogueware Removal

» Rogueware Removal

Keylogger Removal

Fix PC Errors

Helpful Definitions

Learn More

» Learn More

Antispyware Reviews

Registry Cleaner Reviews

Firewall Reviews

Spam Filter Reviews

Security Sphere 2012


18th November 2011 

Security Sphere 2012

How do you use your computer?  For work?  School?  Personal research?  Banking, shopping, entertainment, communication?  All of the above?  No matter how we use our computers, we need for them to be secure.  As soon as we connect to the internet, we put ourselves at risk; it’s the cost of doing business online. But that cost can be cut dramatically with good security programs.  The need for security has spawned an industry that seeks to exploit computer users.  Rogue antivirus programs pose as legitimate security software, promising great benefits but delivering on none of them.

What is Security Sphere 2012?

Rogue antivirus programs are designed to capitalize on computer users’ need for security.  They launch fake scans and send alerts, warning users that their systems are infected with a variety of threats.  The only way to remove these threats and restore maximum operation is to purchase the “solution” these programs are offering.  It cannot be emphasized strongly enough: these rogues do not provide protection.  They cannot even scan your computer.  The “warnings” you see are nothing more than targeted ads.

Security Sphere 2012 is a new rogue antivirus program, but it behaves much like its older predecessors.  It is related to the Security Shield family of rogues and is a clone of Personal Shield Pro and System Tool.

Signs Security Sphere 2012 is Installed in Your System

Recognizing a rogue antivirus program is essential in maintaining security and keeping your system and data safe.  The silver lining to this particular cloud is that most rogues depend on the same tools and tricks, making them easier to spot if you know what to look for.  One of the most common, and intrusive, is the popup warning message.

These popups are designed to mimic those issued by legitimate security programs.  Rogues count on creating a sense of urgency, hoping that users will not take the time to scrutinize the messages.  Examples include:

Warning!

Application cannot be executed.  The file notepad.exe is infected.

Please activate your antivirus software.

 

Your computer is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid theft of your credit card details.

Click here to active protection.

Security Sphere 2012 Warning

Intercepting programs that may compromise your privacy and harm your system have been detected on your PC.

Click here to remove them immediately with Security Shield 2012.

And:

Warning message from Internet browser.  This page under virus attack.  This may crash your system.  This may be caused by:

·         Virus content founded at this site trying to install its components.

·         Malicious & unknown network processes are determined.

·         Your system is under virus attack.

·         Negative references from other citizens concerning this web page.

·         Your system ports and backdoors have been check by visited page for external access.

Recommendations:

·         Obtain a license of “Security Sphere 2012” to protect your PC for the safest browsing Internet pages (desirable).

·         Launch spyware, virus and malware scanning process.

·         Keep browsing.

In many instances, the Security Sphere 2012 name will appear on the messages.  You may also notice the odd syntax and phrasing.  This is indicative of a rogue.

Another favorite tool of rogues is the false security scan.  Remember, rogues can’t scan your computer, but that does not stop them from displaying false results windows.  This particular rogue uses a pink and blue color scheme and features a shield icon on the top left corner.  The name is clearly printed in at least three different locations, so it pays to read these messages before taking action. 

The window indicates that a scan has been run and several infections were detected.  You have the option to save the report or remove threats.  On the left side of the screen is a menu with the following options:  System Scan, Protection, Privacy, Update, Settings, as well as the “option” to convert to the fully licensed version of the program.  Clicking on any part of this ad will lead you to a rogue website, where you will be urged to enter your credit card information.  Never do this; you will waste your money, and your computer will still be affected by the rogue, as well as any other malware it has brought with it.

Other signs that a rogue antivirus program has become installed in your system include:

·         Slower performance as the program runs continually and diverts your system resources from legitimate programs.

·         Unfamiliar icons on your desktop and/or system tray.

·         Frequent redirects or other difficulty browsing.

Modes of Entry

The question is: how did Security Sphere 2012 get into your system?  Rogues depend on one of two methods:

·         Stealth installation. It is most common for these programs to catch a ride in with a Trojan and download themselves without your knowledge or permission.  Security Sphere 2012 is associated with spam emails, malicious or hacked websites, peer-to-peer networks, and social networking sites.  It is commonly spread through Trojans disguising themselves as video codecs or video update files.

 

Sites with gambling, warez, pirated, adult, file sharing, or trending content are often vulnerable to Trojans, and it is possible that simply visiting a site or clicking on a link can allow access.  This gives the user the “free version” of the rogue.

 

·         User installation.  What is the paid version then?  This is when the user opts to purchase and install the rogue, believing that it will help remove security threats.  Unfortunately, there is no difference between the free and paid versions in terms of protection.  Neither can scan, detect, nor remove threats.

Removing Security Sphere 2012

Whether stealth or user installed, it is essential that computer users remove Security Sphere 2012 as soon as possible in order to prevent data loss or system instability.  How do you do this?  First, let’s look at options that are not effective:

·         Running your antivirus scan.  When it downloads itself, Security Sphere modifies your security settings so it can run undetected. 

·         Deleting or uninstalling the rogue.  Often, these programs do not appear on program lists.  They bury themselves deep within the system registry, and deleting icons or some of the associated files will not eliminate the problem.

There are two options for removal that do work.  One is manual removal, and this is recommended only for those with technical experience and a good deal of patience.  Manually removing the rogue requires that you delve into your system registry, find every associated entry, and delete it.  If you miss one, the program can rebuild itself.  There is also the risk that you will accidently delete a necessary file, impairing performance. If you are up for the challenge, you will find directions below.  If you run into trouble, please do not hesitate to contact us for guidance.

A far easier, quicker, and safer option is to use a program such as Malwarebytes Anti-Malware (Malwarebytes has free malware removal) .  This program is specifically designed to detect and remove rogue antivirus programs from your system.  They are thorough, efficient, and best of all, effective.  For anyone without the time or experience required for manual removal, automatic removal is an excellent option.

Manual Removal:

Notes:  Removal should be done in Safe Mode, and you should always make a backup of files before starting.

Delete Registry Entries:

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION "svchost.exe"
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings "enablehttp1_1" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "<random>"

 

Delete Files:

%AllUsersProfile%\<random>\
%AllUsersProfile%\<random>\<random>
%AllUsersProfile%\<random>\<random>.exe
 %StartMenu%\Programs\Security Sphere 2012.lnk

 



We are affiliated with some of the legitimate programs recommended on this website. Should you choose to use the programs recommended here, we may receive a fee that will help support the site.

NEWS | ARTICLES | REVIEWS | CONTACTS | LINK TO US
All content copyright 2006-2017, RemoveAdware.com.au. Author: Wayne Davis.
All Rights Reserved. All trademarks and company brand names are acknowledged.
Privacy Policy | Terms Of Service