UnVirex Description
Type: Rogue AntiSpyware Programs
UnVirex is a fake malware cleaner program. In many cases UnVirex is disguised as a video codec download. Once your system has UnVirex installed, it starts to scan your computer detecting a video codec parasite that is claimed to only be removed with a full version of a malware remover application. UnVirex is not able to effectively detect or remove malware. UnVirex may come from the UnVirex.com website where it is falsely advertised and sold as an application that is able to provide protection against spyware, viruses, adware and malware.
Aliases
3 security vendors flagged this file as malicious.
Anti-Virus Software
Detection
Symantec
Unvirex
Panda
Suspicious file
Microsoft
Trojan:Win32/FakeRean
Technical Information
File System Details
UnVirex creates the following file(s):
| # | File Name | MD5 | Detection Count |
|---|---|---|---|
| 1 | %ProgramFiles%\UnVirex\daily.cvd | N/A + | |
| 2 | %ProgramFiles%\UnVirex\Drvfltip.sys | N/A + | |
| 3 | %ProgramFiles%\UnVirex\hjengine.dll | N/A + | |
| 4 | %ProgramFiles%\UnVirex\IEAddon.dll | N/A + | |
| 5 | %ProgramFiles%\UnVirex\main.cvd | N/A + | |
| 6 | %ProgramFiles%\UnVirex\MFC71.dll | N/A + | |
| 7 | %ProgramFiles%\UnVirex\MFC71ENU.DLL | N/A + | |
| 8 | %ProgramFiles%\UnVirex\msvcp71.dll | N/A + | |
| 9 | %ProgramFiles%\UnVirex\msvcr71.dll | N/A + | |
| 10 | %ProgramFiles%\UnVirex\pthreadVC2.dll | N/A + | |
| 11 | %ProgramFiles%\UnVirex\shellext.dll | N/A + | |
| 12 | %ProgramFiles%\UnVirex\siglsp.dll | N/A + | |
| 13 | %ProgramFiles%\UnVirex\uninstall.exe | N/A + | |
| 14 | %ProgramFiles%\UnVirex\UnVirex.exe | N/A + | |
| 15 | %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\UnVirex.lnk | N/A + | |
| 16 | %UserProfile%\Local Settings\Temp\[RANDOM CHARACTERS]\ext.dll | N/A + | |
| 17 | %UserProfile%\Local Settings\Temp\[RANDOM CHARACTERS]\System.dll | N/A + | |
| 18 | C:\Documents and Settings\All Users\Desktop\UnVirex.lnk | N/A + | |
| 19 | C:\Documents and Settings\All Users\Start Menu\Programs\UnVirex | N/A + | |
| 20 | C:\Documents and Settings\All Users\Start Menu\Programs\UnVirex.lnk | N/A + | |
| 21 | C:\Documents and Settings\All Users\Start Menu\Programs\UnVirex\How to Register UnVirex.lnk | N/A + | |
| 22 | C:\Documents and Settings\All Users\Start Menu\Programs\UnVirex\Register UnVirex.lnk | N/A + | |
| 23 | C:\Documents and Settings\All Users\Start Menu\Programs\UnVirex\Uninstall.lnk | N/A + | |
| 24 | C:\Documents and Settings\All Users\Start Menu\Programs\UnVirex\UnVirex.lnk | N/A + | |
| 25 | UnVirexInstall[1].exe | 6780076ba7af1149d876875da5bd635d | 0 + |
| 26 | UnVirex.exe | 884a2ca2d31288483c0f8e295267228c | 0 + |
| 27 | b0dmthvqvdbk.exe | e8ed30c99f9fd9e9ff62e955ec14bedd | 0 + |
Registry Details
UnVirex creates the following registry entry or registry entries:
Clsid
{C0E56AC2-9F72-436E-B6E7-AEC28AF9E4EB}
Directory
%ProgramFiles%\UnVirex
Registry Key Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\"UnVirex" = "UnVirex"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\00000001\"PackedCatalogItem" = "%ProgramFiles%\UnVirex\siglsp.dll"
Registry Keys and Subkeys
HKEY_CLASSES_ROOT\AppID\IEAddon.DLL
HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\unvirex_contextscan
HKEY_CLASSES_ROOT\IEAddon.StatusBarPane
HKEY_CLASSES_ROOT\IEAddon.StatusBarPane.1
HKEY_LOCAL_MACHINE\SOFTWARE\UnVirex
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DrvFltIp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DrvFltIp
Run Keys
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"UnVirex" = "C:\Program Files\UnVirex\UnVirex.exe"
Site Disclaimer
Enigmasoftware.com is not associated, affiliated, sponsored or owned
by the malware creators or distributors mentioned on this article. This article should NOT be
mistaken or confused in being associated in any way with the promotion or endorsement of malware.
Our intent is to provide information that will educate computer users on how to detect, and ultimately
remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on
this article.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.