« Spyware.Perfect
Control Center »

SiteVillain

No Comments
Sumo3000 By Sumo3000 in Rogue Anti-Spyware Program | 0 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

SiteVillain Description

 
 
Image Screenshot
[+] Click Image to Enlarge
 
 

SiteVillain, also known as Site Villain, is a fraudulent security application from the same malicious rogueware family as AntiAID. SiteVillain attempts to convince victims to purchase it by tricking them into believing that numerous parasite infections were detected on their computers. SiteVillain will conduct a fake scan, display random warning and alert messages as well as display annoying pop-ups in order to scare a victim. Site Villain may enter a computer system via a sneaky Trojan that can exploit security vulnerabilities. Site Villain can deteriorate the performance of an operating system; therefore it should be removed immediately after it is detected.

Type: Rogue AntiSpyware Programs

How Can You Detect SiteVillain?

 
 

Download SpyHunter’s Detection Scanner
to Detect SiteVillain.

 
 

SiteVillain Technical Report

As new SiteVillain details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following SiteVillain files with its MD5s were created in the system:

File Name File Size MD5
setup[1].exe 1734072 51deebf6100c7826265a0f4292bba733
setup[2].exe 373760 61754587a03d1d05466f0c6c68e11431
SiteVillain.exe 1634304 dc960cd129e8a4181b3f9973c2a74a14

SiteVillain has typically the following processes in memory:

  • %Temp%\2gbk87zj.exe
  • %Program Files%\SiteVillain Software\SiteVillain\uninstall.exe
  • SiteVillain.exe
  • %Program Files%\SiteVillain Software\SiteVillain\SiteVillain.exe
  • %Temp%\8enyqcv1.exe

SiteVillain created the following directories, files, paths:

  • %AllUsersProfile%\Start Menu\Programs\SiteVillain
  • %ProgramFiles%\SiteVillain Software\SiteVillain

SiteVillain creates the following registry entries:

  • HKEY_LOCAL_MACHINE\SOFTWARE\SiteVillain
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “%ProgramFiles%\SiteVillain Software\SiteVillain\SiteVillain.exe -min”
  • SiteVillain
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “%System%\8enyqcv1.exe”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SiteVillain

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 11/16/09 and is filed under Rogue Anti-Spyware Program. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs


Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.