Description also known as is a deceptive domain that promotes rogue software. is involved in the malvertising of the fake anti-virus application called Antivirus Live. is a site that victims are typically redirected to unintentionally. The redirection is achieved with the help of harmful Trojans that are able to modify the Hosts file and browser settings of a compromised system. Once a victim hits he/she will be informed that a scan conducted by Antivirus Live detected numerous malware infections on his/her computer. The user will also be advised to purchase the "full version" of Antivirus Live in order to remove all the detected malware. Users should be aware that any malware detected by Antivirus Live is fake and Antivirus Live does not have the functionalities of a legitimate security application.

Technical Information

File System Details creates the following file(s):
# File Name Detection Count
1 %Documents and Settings%\[UserName]\Application Data\[RandomSymbols]\[Random4Symbols]sysguard.exe N/A

Registry Details creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows Script
HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings