Softmetalgroup.com

Softmetalgroup.com Description

Softmetalgroup.com is a criminal website that specifically promotes the rogueware called Antivirus Soft. Softmetalgroup.com is inserted into victims' Hosts files by sneaky Trojans that specialize in infiltrating users' computers without their knowledge. Softmetalgroup.microsoft.com is the fake warning page that victims are redirected to when attempting to access another site; it claims that visiting the intended website may harm the computer.

The user is then given the option to click on "purchase for secure internet surfing" where he/she will be transferred to Softmetalgroup.com/purchase, which is a payment page. Never purchase anything on this payment page, any software listed on the website is fake. It is imperative to use a reliable security application to remove Softmetalgroup.com and any other malware related to it.

Technical Information

File System Details

Softmetalgroup.com creates the following file(s):
# File Name Detection Count
1 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sysguard.exe N/A

Registry Details

Softmetalgroup.com creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\AvScan
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"