ContraVirus Trojan

How To Remove ContraVirus?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

---

ContraVirus is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
The term ransomware is commonly used to describe such software,
although the field known as cryptovirology predates the term "ransomware".

This type of ransom attack can be accomplished by (for example) attaching
a specially crafted file/program to an e-mail message and sending this to the victim.

---

---

ContraVirus It also known as:

[Kaspersky]FraudTool.Win32.ContaVir.b;
[Other]Program:Win32/Contravirus,ContraVirus,ExpertAntiVirus,contravirus

---

ContraVirus Symptoms:

Files:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\ContraVirus 2.0.lnk
[%DESKTOP%]\ContraVirus 2.0.lnk
[%PROFILE_TEMP%]\CVRLanguage.ini
[%PROGRAM_FILES%]\ContraVirus\ContraVirusPro.exe
[%STARTMENU%]\ContraVirus 2.0.lnk
[%SYSTEM%]\xpuupdate.exe
[%DESKTOP%]\ContraVirus 2.0.lnk
[%DESKTOP%]\encouraging registration.bmp
[%DESKTOP%]\install214.exe
[%PROFILE%]\Recent\encouraging registration.bmp.lnk
[%PROFILE_TEMP%]\21448.exe
[%PROFILE_TEMP%]\E9E6C0ED.TMP
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\ContraVirus 2.0.lnk
[%DESKTOP%]\ContraVirus 2.0.lnk
[%PROFILE_TEMP%]\CVRLanguage.ini
[%PROGRAM_FILES%]\ContraVirus\ContraVirusPro.exe
[%STARTMENU%]\ContraVirus 2.0.lnk
[%SYSTEM%]\xpuupdate.exe
[%DESKTOP%]\ContraVirus 2.0.lnk
[%DESKTOP%]\encouraging registration.bmp
[%DESKTOP%]\install214.exe
[%PROFILE%]\Recent\encouraging registration.bmp.lnk
[%PROFILE_TEMP%]\21448.exe
[%PROFILE_TEMP%]\E9E6C0ED.TMP

Folders:
[%PROGRAMS%]\ContraVirus
[%PROGRAM_FILES%]\ContraVirus
[%APPDATA%]\ContraVirus AntiSpam
[%DESKTOP%]\ContraVirus

Registry Keys:
HKEY_CLASSES_ROOT\Ad-Protect.Addin
HKEY_CLASSES_ROOT\Ad-Protect.Addin.1
HKEY_CLASSES_ROOT\appid\{6b677f1f-f86c-4757-bf24-7d865ef20639}
HKEY_CLASSES_ROOT\AppID\{7C11C36C-2AE0-4489-9B09-A6129139D52D}
HKEY_CLASSES_ROOT\clsid\{1be8c6a5-a75f-4e33-89c3-18cc58a0b952}
HKEY_CLASSES_ROOT\clsid\{61877300-54db-4746-ba42-03e03a2b269c}
HKEY_CLASSES_ROOT\CLSID\{99A753C6-E429-46BD-989E-DD4A21CD059D}
HKEY_CLASSES_ROOT\CLSID\{BBBD3E11-D201-46C9-8471-091D33159287}
HKEY_CLASSES_ROOT\clsid\{bfcbb188-18e3-1deb-59d5-bace1ce655a4}
HKEY_CLASSES_ROOT\CLSID\{D2C1986A-FBEC-4472-AABF-6D42F08DBC8E}
HKEY_CLASSES_ROOT\CLSID\{DBE5BEE8-F032-11DB-826A-C4BB56D89593}
HKEY_CLASSES_ROOT\CLSID\{EA038DDD-0FE0-41F5-BA60-FC3660529E71}
HKEY_CLASSES_ROOT\IEControl.IEExtension
HKEY_CLASSES_ROOT\IEControl.IEExtension.1
HKEY_CLASSES_ROOT\interface\{307c2e42-267a-11dc-aca0-7ccb56d89593}
HKEY_CLASSES_ROOT\interface\{61877300-54db-4746-ba42-03e03a2b269c}
HKEY_CLASSES_ROOT\interface\{63321a5c-d8fe-432c-8d2f-61c0fc264320}
HKEY_CLASSES_ROOT\Interface\{D2C1986A-FBEC-4472-AABF-6D42F08DBC8E}
HKEY_CLASSES_ROOT\Interface\{F51BC478-D997-4C56-988D-79D9EEAAD1EC}
HKEY_CLASSES_ROOT\Interface\{FD4DCB8B-C33A-4E70-A351-6FAB7E1071A4}
HKEY_CLASSES_ROOT\sctoolband.sctoolbandobj
HKEY_CLASSES_ROOT\sctoolband.sctoolbandobj.1
HKEY_CLASSES_ROOT\toolbarnotifier.notifier
HKEY_CLASSES_ROOT\toolbarnotifier.notifier.1
HKEY_CLASSES_ROOT\typelib\{2c02e5fc-7fe3-4122-911f-829314fe9bbc}
HKEY_CLASSES_ROOT\TypeLib\{32BD20FD-41FD-47FB-9BC9-28DCBD7D55D7}
HKEY_CLASSES_ROOT\typelib\{6b677f1f-f86c-4757-bf24-7d865ef20639}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\contravirus.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBE5BEE8-F032-11DB-826A-C4BB56D89593}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\contravirus
HKEY_CLASSES_ROOT\ad-protect.addin
HKEY_CLASSES_ROOT\ad-protect.addin.1
HKEY_CLASSES_ROOT\appid\contraviruspro.exe
HKEY_CLASSES_ROOT\appid\{7c11c36c-2ae0-4489-9b09-a6129139d52d}
HKEY_CLASSES_ROOT\clsid\{5af53372-266a-11dc-874d-879e56d89593}
HKEY_CLASSES_ROOT\clsid\{99a753c6-e429-46bd-989e-dd4a21cd059d}
HKEY_CLASSES_ROOT\clsid\{bbbd3e11-d201-46c9-8471-091d33159287}
HKEY_CLASSES_ROOT\clsid\{d2c1986a-fbec-4472-aabf-6d42f08dbc8e}
HKEY_CLASSES_ROOT\clsid\{dbe5bee8-f032-11db-826a-c4bb56d89593}
HKEY_CLASSES_ROOT\clsid\{ea038ddd-0fe0-41f5-ba60-fc3660529e71}
HKEY_CLASSES_ROOT\cvpro.server
HKEY_CLASSES_ROOT\cvpro.server.1
HKEY_CLASSES_ROOT\iecontrol.ieextension
HKEY_CLASSES_ROOT\iecontrol.ieextension.1
HKEY_CLASSES_ROOT\interface\{d2c1986a-fbec-4472-aabf-6d42f08dbc8e}
HKEY_CLASSES_ROOT\interface\{f51bc478-d997-4c56-988d-79d9eeaad1ec}
HKEY_CLASSES_ROOT\interface\{fd4dcb8b-c33a-4e70-a351-6fab7e1071a4}
HKEY_CLASSES_ROOT\typelib\{283ed043-d403-4808-bf28-fcde29dcf1fb}
HKEY_CLASSES_ROOT\typelib\{32bd20fd-41fd-47fb-9bc9-28dcbd7d55d7}
HKEY_CLASSES_ROOT\typelib\{fe4054f8-266a-11dc-aea3-b9a056d89593}
HKEY_CURRENT_USER\software\microsoft\office\outlook\addins\ad-protect.addin.1
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{dbe5bee8-f032-11db-826a-c4bb56d89593}

Registry Values:
HKEY_CLASSES_ROOT\appid\iecontrol.dll
HKEY_CLASSES_ROOT\appid\toolbarnotifier.exe
HKEY_CURRENT_USER\software\microsoft\office\outlook\addins\ad-protect.addin.1
HKEY_CURRENT_USER\software\microsoft\office\outlook\addins\ad-protect.addin.1
HKEY_CURRENT_USER\software\microsoft\office\outlook\addins\ad-protect.addin.1
HKEY_CURRENT_USER\software\microsoft\office\outlook\addins\ad-protect.addin.1
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shell extensions\trace7
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shell\dnl7\tracer
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\software\contravirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CLASSES_ROOT\appid\toolbarnotifier.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shell extensions\trace7
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\shell\dnl7\tracer
HKEY_CURRENT_USER\software\microsoft\windows\shellnoroam\muicache
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

---

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

---

Also Be Aware of the Following Threats:
Formador Trojan Information
Remove VirTool.Win32.ShadowAdmin Trojan
Pigeon.ERG Trojan Removal instruction
Removing FY Trojan