ContraVirus

Description: Rogue Security Program
Risk Level: Low
Date of First Occurence: Friday, May 09, 2008
Software Developer: (unknown)
Brief Info: Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal: This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "ContraVirus"

Threat Info

View All

Detected Items

  1. Detected Files: %WINDIR%\wincom27.dll MD5: 508AD6502860BA3796DE7E50810F1A72 Size:32816 %WINDIR%\system\ext32inc.dll MD5: 9C86BBB80450AF95B6A4EA8EBDA93D76 Size:2176 %PROGRAMFILES%\ContraVirus\secieaddin.dll MD5: 94FD92D5AF852E025354736B128F7F79 Size:73728 %SYSDIR%\xpuupdate.exe MD5: CD2669CE3B0EDECF4B3C1F3A12590E24 Size:54784 MD5: 8B8297C5E076FA9145711295E5DA5E65 Size:54784 MD5: AD35D7B1472893C069F683FD55769C9C Size:54784 MD5: F770770E5BB7B67B393BF615E87242EB Size:54784 MD5: 78B76FF44E30DB830D84BF27E2D64472 Size:54784 %PROGRAMFILES%\ContraVirus\Plugins\StartupEditor\StartupEditor.dll MD5: 594517FCBAB7458D5CB71EE81FBFD63C Size:851968 %PROGRAMFILES%\CONTRAVIRUS\CONTRAVIRUSPRO.EXE MD5: 21C89CF74FE205D27F4D715A459606D4 Size:1617920 %PROGRAMFILES%\ContraVirus\cvantispam.dll MD5: C227AA8DAC3DC6810C9C6537DDE83F59 Size:647168 %PROGRAMFILES%\ContraVirus\msvcp71.dll MD5: 561FA2ABB31DFA8FAB762145F81667C2 Size:499712 %PROGRAMFILES%\ContraVirus\plugin.dll MD5: EBBE4C9A9C55020887E36198D4EFF42C Size:266 %PROGRAMFILES%\ContraVirus\extension.dll MD5: 08CB911FB09E0B4E4540C9520BB61218 Size:59 %PROGRAMFILES%\ContraVirus\DbgHelp.Dll MD5: 647C65CFE03C00114A9B5D351DB4B23E Size:634880 %PROGRAMFILES%\ContraVirus\uninst.exe MD5: 5ED4EF822905996ED409BF2189A62B1C Size:68334 %PROGRAMFILES%\CONTRAVIRUS\CONTRAVIRUS.EXE MD5: D596B1BBA22AC58662A9D1551D1CFF82 Size:1634304 %PROGRAMFILES%\ContraVirus\ToolBand.dll MD5: 81A92D1A5BD27BB1ABA84CEEEEF187F9 Size:110592
  2. Detected Files with variable Filenames: MD5: 86F1895AE8C5E8B17D99ECE768A70732 Size: 348160 %PROGRAMFILES%\ContraVirus\msvcr71.dll %PROGRAMFILES%\ContraVirus\msvcr71.dll.ren

Detecting items list:

  1. Files by Name %PROGRAMFILES%\ContraVirus\adpiemonitor.dll %PROGRAMFILES%\ContraVirus\ADPNoSpam.dll %PROGRAMFILES%\ContraVirus\contravirus.exe %PROGRAMFILES%\ContraVirus\DbgHelp.Dll %PROGRAMFILES%\ContraVirus\ToolBand.dll %PROGRAMFILES%\ContraVirus\ToolBarNotifier.exe %PROGRAMFILES%\ContraVirus\ToolBarNotifierPS.dll %PROGRAMFILES%\ContraVirus\uninst.exe %programfiles%\ContraVirus\secieaddin.dll %PROGRAMFILES%\ContraVirus\Plugins\DesktopManager\DesktopManager.dll %PROGRAMFILES%\ContraVirus\Plugins\MessengerControl\MessengerControl.dll %PROGRAMFILES%\ContraVirus\Plugins\StartupEditor\StartupEditor.dll %START_PROGRAMS%\ContraVirus\ContraVirus 2.0 Website.lnk %START_PROGRAMS%\ContraVirus\ContraVirus 2.0.lnk %START_PROGRAMS%\ContraVirus\Uninstall ContraVirus.lnk %DESKTOP%\ContraVirus*.lnk %windir%\system\ext32inc.dll %windir%\wincom27.dll %SYSDIR%\xpuupdate.exe %APPDATA%\Microsoft\Internet Explorer\Quick Launch\ContraVirus*.lnk
  2. Files by MD5 MD5: BA2C2A5DE1122E1CC0290BD41169A879 Size: 54784
  3. Files by Directories %PROGRAMFILES%\ContraVirus %START_PROGRAMS%\ContraVirus
  4. Files by CLSID or Name CLSID=1BE8C6A5-A75F-4e33-89C3-18CC58A0B952 CLSID=2D8C4BF1-05FB-44D2-B6A1-CE7D740FC755 CLSID=61877300-54DB-4746-BA42-03E03A2B269C CLSID=99A753C6-E429-46BD-989E-DD4A21CD059D CLSID=BBBD3E11-D201-46C9-8471-091D33159287 CLSID=BCDB97EE-2C5B-4F69-861A-02ABEF4D94E5 CLSID=BFCBB188-18E3-1DEB-59D5-BACE1CE655A4 CLSID=D2C1986A-FBEC-4472-AABF-6D42F08DBC8E CLSID=D7ABE914-B8CF-4602-9145-6BDAAEDA21AA CLSID=DBE5BEE8-F032-11DB-826A-C4BB56D89593 CLSID=E6B4AB50-F423-4EE6-9839-B35DCFCDFA49 CLSID=EA038DDD-0FE0-41f5-BA60-FC3660529E71
  5. Registry Keys HKLM\SOFTWARE\Classes\CLSID\{1BE8C6A5-A75F-4e33-89C3-18CC58A0B952} HKLM\SOFTWARE\Classes\CLSID\{2D8C4BF1-05FB-44D2-B6A1-CE7D740FC755} HKLM\SOFTWARE\Classes\CLSID\{61877300-54DB-4746-BA42-03E03A2B269C} HKLM\SOFTWARE\Classes\CLSID\{99A753C6-E429-46BD-989E-DD4A21CD059D} HKLM\SOFTWARE\Classes\CLSID\{BBBD3E11-D201-46C9-8471-091D33159287} HKLM\SOFTWARE\Classes\CLSID\{BCDB97EE-2C5B-4F69-861A-02ABEF4D94E5} HKLM\SOFTWARE\Classes\CLSID\{D2C1986A-FBEC-4472-AABF-6D42F08DBC8E} HKLM\SOFTWARE\Classes\CLSID\{EA038DDD-0FE0-41f5-BA60-FC3660529E71} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ContraVirus.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2D8C4BF1-05FB-44D2-B6A1-CE7D740FC755} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContraVirus HKCR\Ad-Protect.Addin HKCR\Ad-Protect.Addin.1 HKCR\Ad-Protect.Server HKCR\Ad-Protect.Server.1 HKCR\AppID\ad-protect.EXE HKCR\AppID\spamdet.DLL HKCR\AppID\ToolBarNotifier.EXE HKCR\IEControl.IEExtension HKCR\IEControl.IEExtension.1 HKCR\SCToolBand.SCToolBandObj HKCR\SCToolBand.SCToolBandObj.1 HKCR\spamdet.SpamDetector HKCR\spamdet.SpamDetector.1 HKCR\ToolBarNotifier.Notifier HKCR\ToolBarNotifier.Notifier.1 HKLM\software\ContraVirus
  6. Registry Values HKLM\software\Microsoft\Windows\CurrentVersion\Run ValueName=ContraVirus Value=%programfiles%\ContraVirus\ContraVirus.exe

« Go to Software Database