Safeom.com Removal Report

Safeom.com Description

Type: Adware

There are a number of malicious sites currently spreading malware over the internet. A website identified as Safeom.com was discovered to be another malicious site that spread malware. The malware that Safeom.com was found to spread is the rogue anti-spyware program called Antivirus Scan. Antivirus Scan is a fake security program that mimics the actions of a legitimate malware remover. The Safeom.com site was designed to market and sell the Antivirus Scan program which leads us to believe that the hackers that created Antivirus Scan are in the business of creating several sites that help spread the Antivirus Scan program in hopes that they are rewarded with a quick payday. Safeom.com should never be trusted or visited for any reason.

If a PC automatically loads Safeom.com in the web browser, then it is possible that it is infected with malware and a trusted spyware removal program should be used to remove it immediately.

Technical Information

File System Details

Safeom.com creates the following file(s):

Expand All | Collapse All

#	File Name	Detection Count
1	%Temp%\[random]\[random].exe	N/A
Name: %Temp%\[random]\[random].exe Type: Executable File Group: Malware file
2	%Temp%\[random]\	N/A
Name: %Temp%\[random]\ Group: Malware file

Registry Details

Safeom.com creates the following registry entry or registry entries:

Registry key

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = '0'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = '1'

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = '1'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = 'http=127.0.0.1:59274'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random].exe"

HKEY_CURRENT_USER\Software\[random]

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = "

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.exe'

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Safeom.com

Safeom.com Description

Technical Information

File System Details

Registry Details

Site Disclaimer

Your comment is awaiting moderation.

Please verify that you are not a robot.

Leave a Reply

Popular Malware

Popular Trojans

Popular Ransomware

Popular Issues

Popular How-Tos

Products

Malware Research

Company

Legal