Avsavior.com is a malicious website that is considered the main website for the rogueware called Antivirus Live 2010. Avsavior.com is spread via Trojans that place the website into users' Hosts files causing their browsers to be frequently redirected to it. Once a victim lands on Avsavior.com, fake security alerts and system scans will be displayed claiming that the system is infected. The victim will then be prompted to purchase the "full" version of Antivirus Live 2010 in order to fix the problem. Avsavior.com and Antivirus Live 2010 are not to be trusted; instead they should be removed with a reliable security tool upon detection.

File System Details

Avsavior.com may create the following file(s):
# File Name Detections
1. %UserProfile%\Local Settings\Application Data\[random symbols]\[randomsymbols]sysguard.exe
2. %UserProfile%\Local Settings\Application Data\[random symbols]\

Registry Details

Avsavior.com may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random symbols]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http="
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random symbols]"


Most Viewed