Sphere Security 2012
Posted: November 10, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 8/10 |
---|---|
Infected PCs: | 21 |
First Seen: | November 10, 2011 |
---|---|
OS(es) Affected: | Windows |
Sphere Security 2012 is a fake anti-malware program that creates inaccurate infection alerts to persuade you into giving away money, in exchange for a worthless product activation key. Even though Sphere Security 2012 has the appearance of a real security program, SpywareRemove.com malware researchers have found that Sphere Security 2012 lacks any ability to detect genuine viruses, worms or other PC threats. Sphere Security 2012 may also make use of other attacks, including web browser redirects or crashing unrelated programs, to make it more difficult for you to remove Sphere Security 2012 from your PC. However, standard anti-malware techniques and a real anti-malware program can delete Sphere Security 2012 without any long-term damage to your computer resulting from the experience.
Sphere Security 2012 and Its Lack of Security for All Years Possible
Even though Sphere Security 2012 looks like an independent product and its marketing promotes Sphere Security 2012 as a seemingly helpful security program, Sphere Security 2012 is, in reality, no more than a copy-and-paste job of other rogue anti-malware scanners from the FakeScanti group. This collection of rogue security applications spans a wide range of PC threats besides Sphere Security 2012, including Security Guard, Sysinternals Antivirus, WireShark Antivirus, Milestone Antivirus, BlueFlare Antivirus, Wolfram Antivirus, OpenCloud Antivirus, OpenCloud Security, Data Restore, OpenCloud AV, Security Guard 2012, AV Guard Online, Cloud Protection, AV Protection Online, System Protection 2012, AV Security 2012, AV Protection 2011 and Super AV 2013. Despite their many names and slightly-different appearances, however, all of these WinAVPro programs use similar attacks and should be considered equivalently malicious.
Sphere Security 2012 and its brethren are well-known for using deceptive means to infect new computers, such as drive-by-download scripts and fake online scanners that install WinAVPro infections and similar types of rogue security programs without your consent. In almost all cases, SpywareRemove.com malware experts have found that the primary symptom of infection by Sphere Security 2012 is the appearance of inaccurate system errors, infection warnings and other types of negative threats. Examples of these fraudulent warnings are shown below:
svchost.exe
svchost.exe was replaced with unauthorized program.
It has encountered a problem and needs to close.
If you were in the middle of something, the information you were working on might be lost.
Please tell Microsoft about this problem.
We have created an error report that you can send to us. We will treat this report as confidential and anonymous.
Warning: Infection is Detected
Windows has found spyware infection on your computer!
Click here to update your Windows antivirus software
Warning! Infection found
Unauthorized sending E-MAIL with subject "RE:" to [FAKE EMAIL HERE] was CANCELLED.
Security Warning
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer.
Click here to clean your PC immediately.
Security Warning
There are critical system files on your computer that were modified by malicious software.
It may cause permanent data loss.
Click here to remove malicious software.
Warning! Infection found
Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer.
Keylogger Zeus was detected and put in quarantine.
Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.
Security Warning
Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.
Windows Security Center
Serious security vulnerabilities were detected on this computer. Your privacy and personal data may be unsafe. Do you want to protect your PC?
Warning: Spyware Detected
Windows has found spy programs running on your computer!
Click here to update your Windows antivirus software
Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Name: Zeus Trojan
Publisher: Unauthorized
Other signs of Sphere Security 2012 attacks can include browser hijacks that redirect you to Sphere Security 2012's website, browser hijacks that block safe websites with inaccurate warnings screens and software malfunctions that prevent you from using real anti-malware products.
Breaking Your PC Out of this Unsafe Sphere
Since Sphere Security 2012 is likely to disable your computer's security features and redirect you to dangerous websites, SpywareRemove.com malware analysts stress the importance of getting rid of Sphere Security 2012 as soon as possible. Although removing Sphere Security 2012 by manual methods is risky for all but seasoned PC security experts, a competent anti-malware application can delete Sphere Security 2012 without harm, and this will also put an end to any Sphere Security 2012 infection-related symptoms, such as threats and browser redirects.
Spending money on registering Sphere Security 2012, even to disable Sphere Security 2012, is strongly discouraged, since this will hand your credit card information over to criminals. Instead, if you feel that you need to disable Sphere Security 2012 via activation before you remove Sphere Security 2012, use the freely-circulated code 'DB038748-B4659586-4A1071AF-32E768CD-36005B1B-F4520642-3000BF2A-04FC910B.' SpywareRemove.com malware experts have also noted that this code will work on other types of Sphere Security 2012 clones from the WinAVPro family.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%AllUsersProfile%\[RANDOM CHARACTERS]
File name: %AllUsersProfile%\[RANDOM CHARACTERS]Group: Malware file
%StartMenu%\Programs\Sphere Security 2012.lnk
File name: %StartMenu%\Programs\Sphere Security 2012.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
Registry Modifications
HKEY..\..\..\..{RegistryKeys}HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION "svchost.exe"HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings "enablehttp1_1" = '1'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "[RANDOM CHARACTERS]"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.