Safeom.com

Safeom.com Description

Type: Adware

There are a number of malicious sites currently spreading malware over the internet. A website identified as Safeom.com was discovered to be another malicious site that spread malware. The malware that Safeom.com was found to spread is the rogue anti-spyware program called Antivirus Scan. Antivirus Scan is a fake security program that mimics the actions of a legitimate malware remover. The Safeom.com site was designed to market and sell the Antivirus Scan program which leads us to believe that the hackers that created Antivirus Scan are in the business of creating several sites that help spread the Antivirus Scan program in hopes that they are rewarded with a quick payday. Safeom.com should never be trusted or visited for any reason.

If a PC automatically loads Safeom.com in the web browser, then it is possible that it is infected with malware and a trusted spyware removal program should be used to remove it immediately.

Technical Information

File System Details

Safeom.com creates the following file(s):
# File Name Detection Count
1 %Temp%\[random]\[random].exe N/A
2 %Temp%\[random]\ N/A

Registry Details

Safeom.com creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = 'http=127.0.0.1:59274'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random].exe"
HKEY_CURRENT_USER\Software\[random]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = "
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.exe'

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.