Security Central
Security Central appears to provide real-time protection once installed on the computer. But in reality, this piece is another creation of rogue developers who also produce XP Police Antivirus. Security Central is a reinvented version. This new variant is presented with a new graphical user interface and much more dangerous than its previous forms. Typically, Security Central virus is obtained when a result from fake online virus scanner site is executed. The action may download and installed the rogue application on visitor’s computer unattended. As soon as it reaches the system, it quickly modify Windows registry to give itself an unmanned start when Windows is begins to initialize.
Common symptoms of Security Central that are very visible may include the following:
- Excessive pop-up alerts and warning messages.
- Automatic virus-scan after Windows operating system is loaded.
- Internet browser redirection where-in search result is pointed to unwanted web sites.
Furthermore, Security Central frequently issue a number of fake security report that aims to trick user and make them believe that system si severely infected. Sample message are:
Security Central Firewall Alert
Your computer is being attacked from a remote machine!
Block Internet access to your computer to prevent system infection.Security Central
Your computer is under the infections threat. Run instant shield protection to safe your data and prevent internet access to your credit card information. Select this to run instant shield.Security Central Firewall Alert
Warning
Keylogger activity detected!
Your account in social network is under attack. Click here to block unauthorized modification by removing threats (Recommended).
It is vital to remove Security Central virus immediately before any further damage can be performed on compromised system. Follow the procedures below to eliminate the malware together with files it has dropped on the computer.
Screen Shot Images:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Security Central Removal Procedures
Security Central REMOVAL TOOL:
In order to completely remove the threat, it is best to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected computer.
MANUAL REMOVAL PROCEDURE:
1. Press Ctrl+Alt+Del on keyboard to stop process associated to “Security Central”. When Windows Task Manager opens, go to Processes Tab and find and end the following process:
(random characters).exe
2. You need to update your installed antivirus application to have the latest database.
3. Thoroughly scan the system and any detected threats must be removed. If removal is prohibited, it is best to quarantine the infected item. Manually locating and deleting of malicious files should also be performed. Please see files below that are related to Security Central Virus.
4. Registry entries created by Security Central must also be remove from the Windows system. Please refer below for entries associated to the rogue program. [how to edit registry]
5. Exit registry editor.
6. Get rid of Security Central start-up entry by going to Start > Run, type msconfig on the “Open” dialog box. A windows containing System Configuration Utility will be launched. Go to Startup tab and uncheck the following Start-up item(s):
(random characters).exe
7. Click Apply and restart Windows.
Technical Details and Additional Information:
Malicious Files Added by Security Central
%UsersProfile%\2ef60fed-027a-457c-9737-17ac37f7b7f7.dat
%AppData%\Microsoft\Internet Explorer\Quick Launch\Security Central.lnk
%UserProfile%\Desktop\Security Central.lnk
%Temp%ins3.tmp
%Temp%mv2.tmp
%Temp%wrk3.tmp
File Location for Windows Versions:
- %UserProfile% for Vista/7 user is C:\Users\<Current User> for Windows Vista/7, for Windows XP/2000 this is C:\Documents and Settings\<Current User>.
- %AppData% for Vista/7 refers to C:\Users\<Current User>\AppData\Roaming, while for Windows XP/2000 user it is C:\Documents and Settings\<Current User>\Application Data.
- %Temp% refers to C:\Windows\Temp\.
Security Central Registry Entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “3dw46ews-261g-711wc-3523-54derr3r3r3″ (or any random characters)
John Hill
Nov 18, 2009 @ 15:30:03
Security Central won’t allow me to install Malwarebytes’ Anti-Malware. It stops/kills the mbam-setup.exe and won’t allow the process. Even in Safe Mode, it locks up the PC when attempting to stop the SC process to run the Anti-Malware. Stops/kills process on every anti-virus program I’ve tried to throw at it.
Help?
Thanks for any responses.
P.S. It won’t allow me to launch Outlook for email at my home email address eithere! Thus, I’ve given you my work email.
v/r
John
mehmethep
Dec 06, 2009 @ 12:30:31
Yes John you’ve faced a disgusting rogue program. Security Central prevents you from even opening notepad sometimes. But a tricky solution is possible. Firstly, Malwarebytes’ Anti-Malware is the right the tool that you’ll use. For people couldn’t find the software here is the link: http://www.precisesecurity.com/tools-resources/adware-tools/malwarebytes-anti-malware
Download it from any other computer and write to a CD. Shut down the computer which is effected. Start it again and when the windows starts immediately open the task mngr. Find the process SecurityCentral and kill it. It works because the Windows uses the LIFO rule while opening. Thus if you are fast enough you can kill the SC before it fully runs. Then you can install the Malwarebytes’ Anti-Malware. Perform a quick scan, delete the results and here you go.. =)
Hope you all have a good day..
Mehmet, Turkey
Nate
Dec 11, 2009 @ 21:13:08
I found this to be extremely helpful. I recieved this little gem last night and I was able to follow the instructions to remove security central. I was unable to download the malware and burn it to disk due to the fact that I use a netbook. By pulling up command promt before security central had time to load it did in fact make it possible for me to install the removal tool and to save my computer and sanity. I recomend this advice to anyone dealing with this virus.
Nate, Michigan, USA
senna
Dec 17, 2009 @ 17:44:13
I just renamed the “security central.exe” file from the “Program Files\Security Central” and restarted the computer. On start-up, it couldn’t find it, because it had a new name, so the system was working as normal. Run the msconfig.exe from the Run … window and from the start-up tab unchecked the Security Central entry. Performed a search with the criteria Modified date set to today, so I could see what are the files that were created or modified by this malware, and I deleted the files which seemed suspicious.
I’m not saying that this is better then the application linked in the previous posts but it’s a way you can regain control of the system with Security Central running.
Kallen
Dec 18, 2009 @ 04:39:17
This is an easy process.
1.Restart Windows. As soon as it starts to boot hit F8 repeatedly so that your computer opens in SAFE MODE. Select SAFE MODE if it gives you more than one option.
2. Go to MY COMPUTER, open PROGRAM FILES. You will see a folder titled SECURITY CENTRAL. DELETE or Send this folder to the recycling bin.
3. From the RECYCLING BIN, delete the folder and file permanently.
4. Restart Windows. It will boot in regular mode if you touch nothing. SECURTY CENTRAL will be gone.
5. Pick up a antivirus tool so you don’t have to deal with this mess next time.
It is just that easy.
piyush
Jan 20, 2010 @ 08:46:29
thanks guys, renaming was the simplest thing to do, damn virus.
Fred Bloggs
Jan 28, 2010 @ 03:23:52
Since Security Central knocked out all of my antivirus programs, I started Windows in Safe Mode, typed in REGEDIT at Start and found all files with Security Centre, deleted them, then restarted normally and used Malwarebytes to find and delete all rogue files. No need to download any programs (they may have a virus attached) and puts you in complete control.
King JaJa
Feb 10, 2010 @ 09:30:22
that one seems to have worked like a charm so far, I’m back in biz …. fingers crossed.
hey friends
Feb 11, 2010 @ 22:30:32
restarting in safe mode worked perfectly. Virus scared the crap out of me. Thanks Kallen
Anto
Feb 13, 2010 @ 02:03:30
Thanks Kallen, Your trick did a great job
pedro malavhhe
Feb 13, 2010 @ 03:57:35
hi kallen god bless you ,i used your trick , its very effective. i visited a lot of web pages looking any tip to get rid of that page, no body has posted a simpler solution but you. thanks again. pedro from venezuela.
Kronsdat
Feb 14, 2010 @ 13:59:25
Thank you Kallen. That worked perfectly.
Switzer
Feb 15, 2010 @ 17:23:39
Thanks Kallen, it really worked! , thanks again! = D
ALRED
Feb 15, 2010 @ 22:50:59
I got infected with this virus yesterday and what I did is press CTRL-ALT-DEL just after the desktop shows and quickly delete the process securitycentral.exe and it stopped!… I’ll try Kallen suggestion next! TO THOSE WHO MADE THIS VIRUS – GO TO HELL!
Ed
Feb 20, 2010 @ 21:08:33
I tried something different than any of you and this worked for me. After starting the system in safe mode, I was finally able to run a system restore (security central wouldn’t allow me to do this before). I restored my computer to the previous day and once everything rebooted and started up, all traces of security central were gone. I agree with Alred- I hope the pieces of crap that sit around writing these damn viruses go straight to Hell!! Thanks for wasting two precious hours of my Saturday!!
Riyadh
Feb 25, 2010 @ 16:34:38
thank you so much kallen! this really does work!
CJ253
Mar 02, 2010 @ 15:53:59
THANK YOU ALL, KALLEN YOURS DID IT. THANKS AGAIN. I WISH SOMEHOW WE COULD TRACE THESE WEB SITES AND SHUT THEM DOWN!!!! I WOULD BE WILLING TO GO TO THERE OFFICE AND USE A BAT ON ALL OF THEM!!!!!!!! THANKS AGAIN TO ALL YOU GUYS FOR DOING THE FIXING FOR DUMMIES LIKE ME. CJ253
Chewie
Mar 09, 2010 @ 03:04:44
Easy, change the extension of Security center.exe to Security center.kshdlkjashd (invalid extension). Reboot, you may now delete manually.
Christel
Mar 21, 2010 @ 01:02:13
My computer won’t start in safe mode!!! It just goes off and then reboots normally no matter what I do. Help!
CVS Raman
May 14, 2010 @ 13:26:21
I had registered for activating security central online for three years a week back. I have misplaced the registration key and the toll free telephone no.
my computer is infected with dangerous virus and I need to use security central antivirus immediately. Please help.
Allyson
May 17, 2010 @ 21:11:59
I already deleted the SC in the safe mode but it is still in my PC how can I delete it I don’t have Malwarebytes
I cant download it because of the stupid virus I need help
Sharat
May 21, 2010 @ 20:00:24
Thanks Senna and Kallen. I first changed the file name to ‘security central.exe’ as advised by Senna and then as advised by Kellen restarted the computer on Safe Mode and deleted. Restarted normally and scanned with McAfee anti virus program I already had in my computer. Now my computer is running normally. No trace of Security Central virus! The idiot who created this virus must be biting his/her fingers on disgust to find out this simple remedy from these two intelligent person!
frustrated
May 17, 2011 @ 03:36:47
Kallen! when i go to program files, i see no “security central”! but my problem is exactly like everyone else’s on this page :(
Hibbity
May 17, 2011 @ 04:17:20
Spy Bot Search & Destroy (free from Download.com) will eliminate most of this stuff for you.