Multi-Device Licenses (Volume Discounts)

Change Region

English Español Português
Threat Database Rogue Websites Softmetalgroup.com

Softmetalgroup.com

By Domesticus in Rogue Websites
Translate To:
English

Softmetalgroup.com is a criminal website that specifically promotes the rogueware called Antivirus Soft. Softmetalgroup.com is inserted into victims' Hosts files by sneaky Trojans that specialize in infiltrating users' computers without their knowledge. Softmetalgroup.microsoft.com is the fake warning page that victims are redirected to when attempting to access another site; it claims that visiting the intended website may harm the computer.

The user is then given the option to click on "purchase for secure internet surfing" where he/she will be transferred to Softmetalgroup.com/purchase, which is a payment page. Never purchase anything on this payment page, any software listed on the website is fake. It is imperative to use a reliable security application to remove Softmetalgroup.com and any other malware related to it.

File System Details

Softmetalgroup.com may create the following file(s):
Expand All | Collapse All
# File Name Detections
1. %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sysguard.exe

Registry Details

Softmetalgroup.com may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\AvScan
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"

Trending

Most Viewed

Loading...