XP Security Center 2011

7 April 2011 Rogue 4 Comments

XP Security Center 2011 is a misleading security program that claims to be another useful product, but in reality, it was made in the sole purpose of stealing money from victims credit card account. XP Security Center 2011 virus will use all possible approach to persuade user that a licensed version of the program is vital in resolving computer issues. It will start by producing fake pop-up alerts and warning messages announcing possible computer virus infection. From time-to-time, fake local virus scanning act is performed that detects dozens of threats. This process by rogue program is employed to ensure that it will be sold after convincing computer user that the system is under attack.

Ignore everything about XP Security Center 2011. The best method to clean the computer against this illegal activity is to download and install genuine anti-malware software. If anti-malware exists on the PC, you need to download the latest database and patterns to make sure that it can detect latest Trojans, viruses and malware threats. Updating the program is a one-click process. Just open your anti-malware software and click the update button. You must delete at once, any detected items that are associated or not with XP Security Center 2011. Other infections may already be residing on your computer that was brought about by the rogue program. Once finished, repeat the process after starting your Windows system in Safe Mode.

Screen Shot Image:

Image of XP Security Center

Technical Details and Additional Information:

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Malware Behavior
Other harsh actions by XP Security Center 2011 may not be evident. Aside from fake security warnings and sham virus scan, this object will perform other acts that may result to program malfunction. It can disable your security programs or end any running processes. Moreover, it will block your access to all installed software and declare that the file is at risks. You computer will end up unusable. Some may get it to work but instability will persist as long as XP Security Center 2011 is taking control of the system.

Added Registry Entries:

HKEY_CURRENT_USER\Software\3
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\PersonalIS2011.DocHostUIHandler
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1?
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyServer” = “http=127.0.0.1:25401?
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “UID” = “7?
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “88780570603?
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Personal Internet Security 2011?
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = “no”

Associated Files and Folders:

%UserProfile%\Start Menu\Windows Security 2011.lnk
%UserProfile%\Start Menu\Programs\Windows Security 2011.lnk
%UserProfile%\Application Data\r561\mSsecuritycenter.exe
%UserProfile%\Application Data\r561\PIS.ico
%UserProfile%\Application Data\r561\sqlite3.dll
%UserProfile%\Application Data\r561\unins000.dat
%UserProfile%\Application Data\r561\PISSys\
%UserProfile%\Application Data\r561\Quarantine Items\
%UserProfile%\Application Data\r561\mozcrt19.dll
%UserProfile%\Application Data\PIKKS\PIQBS.cfg
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Security 2011.lnk
%UserProfile%\Application Data\Windows Security 2011\
%UserProfile%\Application Data\Windows Security 2011\cookies.sqlite
%UserProfile%\Desktop\Windows Security 2011.lnk

How to Remove XP Security Center 2011

Manual Removal Procedure

1. Stop XP Security Center 2011 process by pressing Ctrl+Alt+Del on your keyboard. It will open Windows Task Manager. Look for the following and click on End Process.
(random characters).exe

2. You need to update your installed antivirus software. Please connect to the Internet and download the most recent database. This is a one-click process from your AV program’s console.
3. Run a full system scan. You must clean all detected files. If cleaning is not possible, you may delete or quarantine the item.

4. Edit your Windows registry. Find and delete XP Security Center 2011 entries as shown in the registry section. [how to edit registry]
5. Exit registry editor when you are done.

6. Remove XP Security Center 2011 start-up entry by going to Start > Run. Type msconfig on the "Open" dialog box. System Configuration Utility will open. Go to Startup tab and remove the check mark on the following items.
(random characters).exe
7. Click Apply and restart Windows.

XP Security Center 2011 Removal Tool

In order to remove the threat completely, you need to download and run Malwarebytes Anti-Malware. This is a free malware removal tool. If Trojan infection blocks the downloading of this program, get it using a clean computer. Rename the executable file before executing on the infected PC.

Use A Portable SuperAntiSpyware:
For complete removal of the virus, carry out a separate scan using different security program. This may catch infected items that evade your previous scan. Download and run SAS Portable Scanner.

Notes

During XP Security Center 2011 infection, it will drop several files under some areas of your system. It also alters some settings under Windows registry. To revert the changes made by the virus, try doing a System Restore first before proceeding with other removal guides. Running system restore replaces malicious files and registry entries with clean ones preserved under a restore point. Click here for procedures.

Warning!

You should not make changes to Windows Registry except it is crucial. Faulty registry entries may result to severe system malfunction. Please backup Windows registry before performing any changes so that you can restore it once an error is committed.Follow the procedures from this link.

Helpful Tip

If you cannot browse the web because XP Security Center 2011 is blocking your access, please see this tip on how to repair your Internet access.

What to do next...

Comments and Suggestions

On this area you can find Visitor's personal suggestions. We cannot control and evaluate each recommended procedure from visitors so please use it at your own risks. If your inquiry pertains to XP Security Center 2011 payment refund or lost serial key, kindly check the FAQ for rogue program first.

4 Comments

Micke
Apr 10, 2011 @ 00:20:43
Used superanitspyware portable fixed my problem
Sarah D
Jun 19, 2011 @ 10:44:28
Hi, I was in a complete panic when I couldn’t do anything with my laptop. It literally wouldn’t allow me to open anything. Thank you so much for your invaluable advice. For someone that is not very good computers, it was very clear and easy steps, with great links making it a very stress free process to tackle this issue.
Jeffrey A
Sep 07, 2011 @ 13:38:16
I want some payback. How do I get it? How does a relatively unskilled computer user like me find the IP address it originated from, find the ISP, and find the source of the virus?
Pascal23
Sep 07, 2011 @ 14:31:20
Jeff. Rogue software such as this is hosted on different web sites. So there is no way to track IP address of the attacker. Most probably, you have acquired it by visiting a contaminated web site. If you bought the program, immediately dispute charges with your credit card company.