ContraVirus

ContraVirus is a rogue spyware application that poses as a legitimate anti-spyware program.[1] The application uses a false scanner to force computer users to pay for the removal of non-existent spyware items. It may also be known as ExpertAntivirus.[2][3]

Not to be confused with Coronavirus.

Methods of infection

ContraVirus may be downloaded as a trojan horse, along with possible other software. Typically, it may be installed by the SmitsFruad trojan.

Symptoms of infection

ContraVirus has been known to display fake messages stating that a user's computer is infected with spyware. It may also install the file wincom27.dll, located in C:\WINDOWS\ and ext32inc.dll located in C:\WINDOWS\system\, in order to persuade a user to purchase the software.[4] Traditionally, a user will see Contravirus running a "scan" of their computer at which time a user will be prompted to purchase the Contravirus software in order to remove the threat. It may also hijack the user's browser and install a toolbar.[5]

95, 98, Me, NT, XP, Server 2000, 2000, Server 2003, Vista, Server 2008, 7 and Server 2008 R2 are operating systems capable of becoming infected.

Removal

The removal of Contravirus is difficult and may require assistance from qualified IT Support Personnel. However, users have had success removing the program using the SmitFraudFix.zip program, as well as known programs such as Kaspersky Anti-Virus, Spybot Search & Destroy, and the Norton Family of Security products.

gollark: I think I was mostly just ignoring it and treating it as random bad background event #9372628 until march or so.
gollark: In general I mean.
gollark: > If you can see yourself needing something, and recognize the inevitability of wide scale spread, it’s preparation.I would assume that a lot of panic buyers assume they're just rationally preparing too.
gollark: > god bless australian mass surveillance and privacy invasionThe UK has that and we're not doing great! I think it's a population density thing.
gollark: It would be politically bad to close them because people would complain about "an entire lost generation" or something as if school is *that* important.EDIT: over here, I mean.

See also

References
  1. "Archived copy". Archived from the original on 2009-09-01. Retrieved 2008-08-20.CS1 maint: archived copy as title (link)
  2. http://www.symantec.com/security_response/writeup.jsp?docid=2007-050111-3914-99&tabid=2
  3. http://www.ca.com/securityadvisor/pest/pest.aspx?id=453113271
  4. http://www.bleepingcomputer.com/forums/topic95405.html
  5. Vincentas (12 October 2012). "ContraVirus in SpyWareLoop.com". Spyware Loop. Retrieved 28 July 2013.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.