Description also known as, is a malicious domain used to maladvertise rogue programs. uses deceptive advertisements to trick users into purchasing and installing Antivirus System PRO. is a warning page that informs its victims that they have been browsing unsafe websites. The warning page also advises the user to purchase Antivirus System PRO in order to continue browsing safely.

Trojans that are used to get onto the system, modify the Hosts file ensuring that the user will be frequently redirected to Users should avoid browsing and use a legitimate security tool to remove the Trojan and files related to

Technical Information

File System Details creates the following file(s):
# File Name Detection Count
1 %ProgramFiles%\Antivirus System PRO\Antivirussystempro.exe N/A
2 c:\WINDOWS\sysguard.exe N/A
3 %ProgramFiles%\Antivirus System PRO\uninstall.exe N/A

Registry Details creates the following registry entry or registry entries:
Registry key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad “ieModule”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Antivirus System PRO”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “system tool”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antivirus System PRO