Home Malware Programs Rogue Anti-Spyware Programs Security Solution 2011

Security Solution 2011

Posted: May 21, 2011

ScreenshotSecurity Solution 2011 is a rogue anti-virus program and a clone of other rogue threats that superficially imitate AVG brand software and Windows Security Center Alert pop-ups. Security Solution 2011 has no real anti-virus protection to offer and may even impede your ability to browse the web or run security-related applications. To safeguard the stability of your computer, you should remove Security Solution 2011 by using quality security software in Safe Mode or another secure operating mode that evades Security Solution 2011's automatic startup routine.

Security Solution 2011's Habit of Crying Wolf

Security Solution 2011 may not be able to find or delete computer problems, but that doesn't slow down its error messages and other deceptive pop-ups. As soon as Security Solution 2011 infects your PC, it will use startup entries in your Registry to run by default, and create system scan simulations and pop-up alerts. You can see some of Security Solution 2011's possible alerts below:

System critical warning!
You have been infected by a proxy-relay Trojan server

Security Center Alert
To help protect your computer, Security Center has blocked some features of this program.
Name: Screen.Grab.J.exe
Risk: High

Reported Insecure Browsing: Navigation Blocked
Insecure Internet Activity. Threat of virus attack
Due to insecure Internet browsing your PC can easily get infected with viruses, worms, and Trojans without your knowledge, and that can lead to system slowdown, freezes and crashes. Also insecure Internet activity can result in revealing your personal information.

Security Center
Unauthorized remote connection!
Your system is making an unauthorized personal data transfer to a remote computer!
Warning! Unauthorized personal data transfer is detected! It may be your personal credit card details, logins and passwords, browsing habits or information about files you have downloaded.
To protect your private data, please click "Prevent Connection" button below.

Your computer might be at risk
Antivirus detects viruses, worms, and Trojan horses. They can (and do) destroy data, format your hard disk or can destroy the BIOS. By destroying the BIOS many times you end up buying a new motherboard or if the bios chip is removable then that chip would need replacing.

Antispyware software warning
Your computer is infected with spyware and malware. Last scan results: 364 infected files found! Click this notification to fix the problem.

Security Solution 2011 can even imitate a Windows Security Center pop-up window, but its alerts are fraudulent and don't indicate any problems with your PC besides the presence of Security Solution 2011 itself. You may even experience application crashes or difficulty using Windows Task Manager and other basic utilities, but this is due to Security Solution 2011 interfering with the programs and not the result of the programs being infected, as Security Solution 2011 would like you to believe.

Security Solution 2011 rogue infections may also hijack your web browser to redirect you towards the Security Solution 2011 home site. Browser hijacks are evidence that Security Solution 2011 or a related threat is still running, even if you appear to have closed it and see no visible signs of Security Solution 2011 on your screen.

How to Avoid the Security Solution 2011 Rogue Threat

Avoid any contact with the following websites:

  • securitysolution2011.com
  • securitysolution2011ltd.com
  • securitysolution2011corp.com
  • antivirussystem2011tech.com

These websites are all affiliated with Security Solution 2011 or one of its clones, and may infect your PC with Trojans or other types of malicious software even if you don't download any files of your own accord.

Some known clones of Security Solution 2011 include Antivirus Antispyware 2011, Antivirus System 2011 and Antivirus Solution 2011, which share the same appearance and functions even if they have different names.

If you've purchased Security Solution 2011 before realizing its malicious nature, you should talk to your credit card company to have any charges revoked. There's no reason to buy Security Solution 2011, since it has no benevolent functions, and giving your credit card number to the people marketing Security Solution 2011 only puts you at risk for identity theft and fraud.

The greatest obstacle to removing Security Solution 2011 is its ability to start by default whenever you run Windows. Safe Mode may let you bypass this Registry-enabled startup routine, or you can boot from a CD or temporarily switch to a different OS.


ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %AllUsersProfile%\Application Data\[RANDOM CHARACTERS].dat
    2 %AllUsersProfile%\Application Data\[RANDOM CHARACTERS].ico
    3 %AppData%\Microsoft\Internet Explorer\Quick Launch\Security Solution 2011.lnk
    4 %AppData%\Security Solution 2011\IcoActivate.ico
    5 %AppData%\Security Solution 2011\IcoHelp.ico
    6 %AppData%\Security Solution 2011\IcoUninstall.ico
    7 %AppData%\Security Solution 2011\Security Solution.exe
    8 %AppData%\Security Solution 2011\securityhelper.exe
    9 %AppData%\Security Solution 2011\securitymanager.exe
    10 %Desktop%\Security Solution 2011.lnk
    11 %Programs%\Security Solution 2011.lnk
    12 %Programs%\Security Solution 2011\Activate Security Solution 2011.lnk
    13 %Programs%\Security Solution 2011\Help Security Solution 2011.lnk
    14 %Programs%\Security Solution 2011\How to Activate Security Solution 2011.lnk
    15 %Programs%\Security Solution 2011\Security Solution 2011.lnk
    16 %Temp%\[RANDOM CHARACTERS].exe
    17 %Temp%\ins2.tmp
    18 %Temp%\mv3.tmp
    19 %Temp%\wrk4.tmp
    20 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Security Center.lnk
    21 %UserProfile%\Desktop\Security Center.lnk

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Security Solution 2011 Security"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Security Solution 2011"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]"HKEY_CURRENT_USER\Software\Security Solution 2011HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List "C:\WINDOWS\system32\rundll32.exe" = 'C:\WINDOWS\system32\rundll32.exe:*:Enabled:Security Center'HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Security Solution 2011

Additional Information on Security Solution 2011

  • The following messages's were detected:
    # Message
    1 Antispyware software warning
    Your computer is infected with spyware and malware. Last scan results: 364 infected files found! Click this notification to fix the problem.
    2 Security Center
    Unauthorized remote connection!
    Your system is making an unauthorized personal data transfer to a remote computer!
    Warning! Unauthorized personal data transfer is detected! It may be your personal credit card details, logins and passwords, browsing habits or information about files you have downloaded.
    To protect your private data, please click "Prevent Connection" button below.
    3 Your computer might be at risk
    Antivirus detects viruses, worms, and Trojan horses. They can (and do) destroy data, format your hard disk or can destroy the BIOS. By destroying the BIOS many times you end up buying a new motherboard or if the bios chip is removable then that chip would need replacing.
    4 System critical warning!
    You have been infected by a proxy-relay Trojan server
    5 Reported Insecure Browsing: Navigation Blocked
    Insecure Internet Activity. Threat of virus attack
    Due to insecure Internet browsing your PC can easily get infected with viruses, worms, and Trojans without your knowledge, and that can lead to system slowdown, freezes and crashes. Also insecure Internet activity can result in revealing your personal information.
    6 Security Center Alert
    To help protect your computer, Security Center has blocked some features of this program.
    Name: Screen.Grab.J.exe
    Risk: High

3 Comments

  • Cory says:

    Thanks for this info! I think it's a disgusting practice of taking advantage of less knowledgeable people and forcing them to buy a piece of crap software that does nothing other than removing the garbage that they themselves forcefully installed on the unsuspecting pc user! I'm a little disappointed that my anti virus/spyware didn't completely catch this one though. Thanks again.

    cj

  • Indianer says:

    I think i got Security Solution 2011 from some adware blog thru Google, and found that it kept poping up on my comp. Trying to see If i can stop the popups and let it allow me to download security software. Won't let me download mcafee. not sure if that will even help. going to use your scanner to remove it. i can download that.

  • kebirungi diana says:

    i cannot remember the name of my favourate uncle that you need for me to sign in my email,please help

Loading...