Description is a criminal website that specifically promotes the rogueware called Antivirus Soft. is inserted into victims' Hosts files by sneaky Trojans that specialize in infiltrating users' computers without their knowledge. is the fake warning page that victims are redirected to when attempting to access another site; it claims that visiting the intended website may harm the computer.

The user is then given the option to click on "purchase for secure internet surfing" where he/she will be transferred to, which is a payment page. Never purchase anything on this payment page, any software listed on the website is fake. It is imperative to use a reliable security application to remove and any other malware related to it.

Technical Information

File System Details creates the following file(s):
# File Name Detection Count
1 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sysguard.exe N/A

Registry Details creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http="