Total Vista Security Description

Total Vista Security is a bogus anti-spyware application that is secretly installed onto users’ machines by Trojans. Total Vista Security displays misleading pop-up ads, security alerts and system scanners in order to trick victims into purchasing its full version. Should a victim click on any of the fake security notifications displayed by the rogueware, he/she will be redirected to malicious websites that promote the rogueware. Total Vista Security is unable to detect or remove any type of computer threat and it must be removed from an infected machine as soon as possible.

Type: Rogue AntiSpyware Programs

How Can You Detect Total Vista Security?

Total Vista Security has typically the following processes in memory:

• %UserProfile%\AppData\Local\av.exe

Total Vista Security creates the following registry entries:

• HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1″
• HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1″
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
• HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “av.exe” /START “iexplore.exe”

Important Article Disclaimer