Contraviro
Contraviro is supposed to be a security program that will protect computers from viruses and threats. During security expert’s studies and evaluation, it appears that Contraviro is a threat itself.
This program came from the same authors who made Univerex, another bogus program propagated in the same manner. It was created only to convince people that it is a legitimate software and gain profit when innocent user purchased the product using unfair marketing method.
A form of its deception includes browser redirection, fake online virus scanner and excessive warning alerts of potential security threats. All of these will lead user to a fraudulent payment website to process the transaction for this useless program. We strongly recommend removing Contraviro virus as soon as possible.
Screen Shot Image:
Technical Details and Additional Information:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista
Malware Behavior
While running on the computer, Contraviro displays fake alerts on infected objects identified on several locations of the computer. The warnings may contain scary messages in the following format:
Contraviro found infected objects at your system!
You can lose personal data and infect other network computers.
When user attempts to repair infected files, Contraviro will launch a new browser window where victims can purchase the licensed version of the program.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform "Contraviro"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Contraviro"
HKCR\*\shellex\ContextMenuHandlers\antivirus_contextscan
HKCR\AppID\{C0E56AC2-9F72-436E-B6E7-AEC28AF9E4EB}
HKCR\AppID\IEAddon.DLL
HKCR\CLSID\{08EEC6AD-7486-487F-89B7-5A3716DDAE14}
HKCR\CLSID\{CCB5551D-8594-4999-85F9-1E3EABCB95AC}
HKCR\Drive\shellex\ContextMenuHandlers\antivirus_contextscan
HKCR\Drives\shellex\ContextMenuHandlers\antivirus_contextscan
HKCR\Folder\shellex\ContextMenuHandlers\antivirus_contextscan
HKCR\Interface\{5B184B9D-B7BD-4FEA-8D1F-5E27182206A5}
HKCR\TypeLib\{3ED0E410-5C8E-47B6-A75D-D10B886E903C}
HKLM\SOFTWARE\Contraviro
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB5551D-8594-4999-85F9-1E3EABCB95AC}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Contraviro
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
Associated Files and Folders:%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Contraviro.lnk c:\Documents and Settings\All Users\Start Menu\Programs\Contraviro c:\Documents and Settings\All Users\Desktop\Contraviro.lnk c:\Documents and Settings\All Users\Start Menu\Programs\Contraviro.lnk c:\Documents and Settings\All Users\Start Menu\Programs\Contraviro\Contraviro.lnk c:\Documents and Settings\All Users\Start Menu\Programs\Contraviro\How to Register Contraviro.lnk c:\Documents and Settings\All Users\Start Menu\Programs\Contraviro\Register Contraviro.lnk c:\Program Files\Contraviro\Contraviro.exe c:\Program Files\Contraviro\daily.cvd c:\Program Files\Contraviro\Drvfltip.sys c:\Program Files\Contraviro\hjengine.dll c:\Program Files\Contraviro\IEAddon.dll c:\Program Files\Contraviro\main.cvd c:\Program Files\Contraviro\MFC71.dll c:\Program Files\Contraviro\MFC71ENU.DLL c:\Program Files\Contraviro\msvcp71.dll c:\Program Files\Contraviro\msvcr71.dll c:\Program Files\Contraviro\pthreadVC2.dll c:\Program Files\Contraviro\shellext.dll c:\Program Files\Contraviro\siglsp.dll c:\Program Files\Contraviro\uninstall.exe
How to Remove Contraviro
1. Kill any running process that belongs to Contraviro.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for the following files and click End Task.
Contraviro.exe
2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit. This will open registry editor.
- Find and delete the following:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Contraviro"
- Close registry editor. Changes made will be save automatically.
3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please Update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
4. Delete all files dropped by Contraviro.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Associated Files and Folders.'
Comments and Suggestions
On this area you can find Visitor's personal suggestions. We cannot control and evaluate each recommended procedure from visitors so please use it at your own risks. If your inquiry pertains to Contraviro payment refund or lost serial key, kindly check the FAQ for rogue program first.
Disclaimer:
Read our article disclaimer about Contraviro.