- Blocks internet connection
- Block exe files from running
- Installs itself without permissions
- Connects to the internet without permission
- Normal system programs crash immediatelly
- Slow internet connection
- System crashes
- Cant change my homepage
- Annoying Pop-up's
- Slow Computer
Security Sphere is a new rogue antispyware application right off the pan and it brings nothing but bad news, because it is a new version of the notorious MS Removal Tool. Other rogues in the family include Security Shield, System Tool and the like. So System Sphere comes well prepared keeping in mind that it has quite a few dangerous predecessors behind its back, the creators of these rogues seem to be determined to torture innocent computer users until the very end of 2011.
The most dangerous thing about this rogue is that it looks and acts like a real antivirus program, so if a user cannot differentiate between rogues and genuine security programs, Security Sphere can cause great damage to their systems. One thing you have to keep in mind is that Security Sphere comes forth with intention to steal your money, and it would never be able to protect you from harm.
This rogue is usually delivered to your computer via fake online malware scanners of hacked websites. Sometimes the only thing you need to do is to open an infected website and Security Sphere gets downloaded onto your computer automatically. It does not prompt you about the download. The installation process is also carried out without your permission, and when the rogue is fully installed, it creates randomly named files in the following directory for Windows XP: C:\Documents and Settings\All Users\Application Data. For Windows Vista and Windows 7 Security Sphere nestles in C:\ProgramData directory.
Security Sphere has infection symptoms similar to those of MS Removal Tool. The relationship between the two rogues is more than obvious from their almost identical interfaces. The first thing Security Sphere does when it is up and running is performing a fake system scan. During the scan, it finds a lot of Trojans and other type of malware “infecting” your computer. For example: Win32.Spamta.KG.worm, Trojan.Dropper.MSWord.j, Win32.Clagger.C and so on. These are the names of real existing parasites but that does not mean that they are really there in your computer. The results of the scan are fake, and Security Sphere only wants to convince you that you are seriously infected with malware.
Another thing this rogue does in order to achieve its aim is blocking exe files from running. Whenever you want to run a certain program, it sends the following message, disallowing you to run the program of your choice with a pretense that it is infected and it needs to be closed:
On top of that, Security Sphere also has a whole range of fake security messages that it spams you with, trying to push you into buying the license. Some of the messages include:
Security Sphere Warning
Warning: Your computer is infected
Security Sphere Warning
If you think that was over the top, then Security Sphere also has another annoying feature which is redirecting your internet browser and blocking you from accessing certain websites. It does so in order to remain in your computer for as long as possible, so if you receive the following message when you try to open a certain website and you are blocked, you should know that you are seriously infected with Security Sphere:
Warning message from Internet browser. This page under virus attack. This may crash your system.
This may be caused by:
• Virus content founded at this site trying to install its components.
• Obtain a license of "Security Sphere" to protect your PC for the safest browsing Internet pages (desirable)
All in all, Security Sphere is a dangerous rogue antispyware that you need to get rid of as soon as possible. In order to make the removal of this program smoother, use the following activation code:
When you "register" the rogue it is a lot easier to terminate it. Erase Security Sphere with a reliable antimalware tool if you are not sure of your computing skills and do not know how to get rid of it manually. Whatever you do, make sure that in the end your computer is clean of the rogue and its components, and that it is safeguarded against similar attacks.
How to renew your internet connection:This rogue antispyware blocks your Internet connection to prevent you from removing the rogue application. To enable the Internet connection, please follow these instructions:
How to manually remove Security Sphere
Files associated with Security Sphere infection:
%StartMenu%\Programs\Security Sphere 2012.lnk
Security Sphere processes to kill:
Remove Security Sphere registry entries:
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION "svchost.exe"
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings "enablehttp1_1" = '1'