UnVirex, fake anti-virus

Recently, I saw a new fake malware cleaner from UnVirex which claims to be designed by “the industry’s top software experts”. Sophos detects the installer, as well as its main components as Troj/FakeVir-NA.

Most of the time, this rogue anti-spyware is advertised as a video codec on various questionable websites or from UnVirex’s own website – unvirex.com (access to which is blocked by Sophos’s web appliance).

After installation, the malware will display a window, asking the user to update its virus definitions (this is where it usually downloads more components.)

The malware makes false claims about the user’s computer being infected by providing a list of various security and privacy issues that threaten it. This is done to make the user believe that their computer is genuinely compromised.

When the user clicks on the “Remove Threats” button, the malware provides a window in which the user is prompted to pay for a full version of the rogue software in order to remove the threats – but no legitimate security product evaluation will behave like this.

Please do not trust UnVirex, and don’t purchase this rogue anti-spyware.