Description is a malicious websites involved in the distribution of the fake security application called Antivirus Soft. Users that encounter have typically been infected with Antivirus Soft or have been infected with browser hijacking Trojans. Once has been placed inside a victim's browser, the victim will be frequently redirected to the harmful website and alarming security alerts or pop-up messages will also be displayed. will conduct a fake online system scan that will claim that the system is infected and the only solution is to purchase the "full" version of Antivirus Soft. Do not believe any of the security notifications displayed by or Antivirus Soft. Use a good anti-spyware program to detect and remove and its associated malware.

Technical Information

File System Details creates the following file(s):
# File Name Detection Count
1 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sysguard.exe N/A
2 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sftav.exe N/A

Registry Details creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http="