combofix detected the presence of rootkit activity

Had this computer inflicted with Sphere security 2010.
Very much like those hijacked anti-virus system.














Besides this warning, all of search engine resulted  in redirect the ed page.
Combofix's first try. Simply I got a denied access before windows restart.
Malwarebytes stop updating virus info.








combofix: access denied




To preform manual removal steps, you may need to learn,
How to stop a proccess
How to delete registry entries
Stop Security Sphere 2012 processes:
[random].exe
Delete Security Sphere 2012 Registry Entries:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\”Security Sphere 2012?
Delete Security Sphere 2012 files:
%Documents and Settings%\[UserName]\Application Data\[random].exe
%Documents and Settings%\[UserName]\Local Settings\Temp\[random].tmp
%Documents and Settings%\[UserName]\Desktop\Security Sphere 2012.lnk

Auto Removal

To remove this virus Automatically, We suggest following tools:





Automatic Security Sphere 2012 virus Removal:


Step 1: Reboot your PC and keep pressing F8 Key on your keyboard before Windows interface loads. Hit the arrow keys to choose the “Safe Mode with Networking” option, and then hit ENTER Key to enter Safe Mode with Networking.
Tips: In case you can’t install the removal utility, please download this correction script, unzip it and then double click to execute it. It can correct the system settings that the spyware has distorted.
Step 3: Follow the installation wizard and install it on your computer.
Step 4: Update its database in order to make it fully functional.
Step 5: Repeat Step 1 and enter “Safe Mode with Networking”.
Step 6: Perform a Full Scan of your system to detect Security Sphere 2012 virus or other malware.
Step 7: Check the scan results and ensure whether your valuable files are infected.
Step 8: Simply click “Remove” button to remove the malware from your computer.
Step 9: Reboot your computer and let the removal utility remove the rest of components related to the malware.
Step 10: Download and install Multi-Awarding Registry Repair Utility to repair your distorted system registry.

Why Should You Need to Repair System Registry?

According to numerous malware studies, malware will firstly insert registry keys and modify system registry to meet its malicious needs. Even if the malware is removed, your system registry is still modified and your system health is not as good as before. So you should repair your system registry if you want your computer run as fast as before or much faster than before.
Just follow the steps that anyone can accomplish to repair all registry errors:
1. Download the Multi-Winning PC Repair Tool.
2. Click Save File and follow the simple installation process.
3. Run a full scan of your whole registry.
4. Click “Repair Problems” button to repair registry errors.
There was an error in this gadget
There was an error in this gadget
There was an error in this gadget