Total Secure 2009 Description

Total Secure 2009, TotalSecure2009 or TotalSecure 2009, is a rogue anti-spyware application. Total Secure 2009 may be installed into the user’s computer system with the help of a Trojan called Zlob found in fake video codecs or by clicking on a download link from a malicious domain. Total Secure 2009 is also propagated through spam emails.

In addition, Total Secure 2009 generates fake scan results stating that it has detected spyware in order to trick the user into purchasing the program. Total Secure 2009 is a clone of IE Antivirus, IEDefender, Malware Bell and Files Secure.

Type: Rogue AntiSpyware Programs

How Can You Detect Total Secure 2009?

Total Secure 2009 Technical Report

As new Total Secure 2009 details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following Total Secure 2009 files with its MD5s were created in the system:

Total Secure 2009 Video Demo

Click on the “How Total Secure 2009 Infects Your Computer” video to see a Total Secure 2009 infection in action! See through the eyes of an unsuspecting Internet user while him/her is being victimized by Total Secure 2009.

At the end of this video, there’s a link to download SpyHunter’s Free Spyware Scanner. SpyHunter’s Free Spyware Scanner is for detection purposes only. To remove Total Secure 2009, you must purchase SpyHunter’s full version.

Tip: Turn your sound ON and watch the video in Full Screen mode to fully experience how Total Secure 2009 infects a computer. The video contains clickable buttons.

Total Secure 2009 has typically the following processes in memory:

• scan.exe
• %SYSTEMROOT%\system32\mipinu.dll
• %SYSTEMROOT%\system32\gopfa.dll
• %SYSTEMROOT%\system32\SYSBAS~1.DLL
• TotalSecure2009[1].exe
• mopona.dll
• %PROGRAMFILES%\TS-2009\scan.exe
• %SYSTEMROOT%\system32\ifsndu.dll
• %SYSTEMROOT%\system32\dzhoil.dll
• c:\Program Files\TotalSecure2009\uninstall.exe
• hare32.dll
• gopfa.dll
• ifsndu.dll
• dzhoil.dll

Total Secure 2009 created the following directories, files, paths:

• %ProgramFiles%\TS2009
• %ProgramFiles%\TotalSecure2009

Total Secure 2009 creates the following registry entries:

• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “TotalSecure2009″
• 8EF40C36-293F-4749-8EA0-94FB3AD83FA1
• 98237227-8F14-46CA-B743-241103BEE8A6
• 5B171109-DED1-4403-90E9-6F7778533B9A
• BCCCB3D5-17DC-43DD-9F46-A31AB28FECB2
• 720F11ED-6980-432E-B402-63548BA2A33A
• A2F253AD-1F23-4D87-A64B-D6987F38D981
• DED2B61B-1A26-4566-BF2F-DE539D4468DD
• 6F3F7760-9532-4481-9F7F-1E27D0DABD04
• E20621C6-E1E1-4701-AE1C-6B74E57A46CF
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Total Secure 2009
• TotalSecure2009
• 0F95467C-AB44-4274-BEEA-2A75AB01B77E
• 4D8F81B2-80C9-45B1-9F03-67B2B0D2320B
• 57BE2636-F271-4151-9D4A-40A2663E4FD7
• 435ADC46-DCAB-4593-92C8-25D2BEFCEAB7
• 10026069-7A5F-4531-811E-C8DF20643BEE
• C420CF9F-D9D6-421F-958F-AA59906C2B12
• D76FBC4F-5E07-41FA-9013-FA3A53E46B95
• 8F7B8659-9FB9-4239-88F6-75A5612ED0FE
• HKEY_CURRENT_USER\Software\TotalSecure2009
• D79DA7F1-9B93-45CC-9019-26BD0A086577
• 1EF7B347-DBAF-412F-879D-DC7A95BFCC94
• F7B20872-3B45-4F1D-A45E-A360E4102BDA
• E402C66A-D5CB-441E-9F12-A5A864430AA2
• A9D17DA6-022A-454A-AB26-E104C0F6D13A
• FDF87042-0D74-42E4-AFC5-0CDA77BC74BA
• 6ECB8E85-7A9E-4175-8113-1136D1A325DB
• B31F9EF2-40D0-4F3E-9334-502C709DDC57
• EFEA05D9-BCB2-4438-A4EB-BD467692C24F
• 3A303EF6-2598-4D2D-B4DA-DEFA7CD0DC51

Important Article Disclaimer