Siegare.com

Siegare.com Description

Siegare.com aka Siegare.net is a malicious website. Siegare.com is the payment page for the rogueware called Antivirus Action. Numerous scare tactics and fake security notifications will be displayed on a victim's machine in order to coerce him/her into paying for the full version of Antivirus Action. Users should avoid visiting or clicking on anything on Siegare.com and never waste money purchasing Antivirus Action.

Technical Information

File System Details

Siegare.com creates the following file(s):
# File Name Detection Count
1 %Temp%\{random}\{random}agnz.exe N/A
2 %Temp%\{random} N/A

Registry Details

Siegare.com creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\{random}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:33921"
"{random}agnz.exe"