Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


New ransomware called AntiVirus being seen in the wild

  • Please log in to reply
3 replies to this topic

#1 Grinler


    Lawrence Abrams

  • Admin
  • 43,716 posts
  • Gender:Male
  • Location:USA
  • Local time:01:51 AM

Posted 26 March 2010 - 12:47 PM

A new rogue/ransomware, called AntiVirus, was discovered today that attempts to ransom the ability to run certain programs for $5. This program is a bizarre mixture of spelling mistakes, odd choice of programs to disable, and very crude programming. Unfortunately, though, even with all of this, the program still stands a good chance of making money for the malware developers.When AntiVirus is installed it will change certain Windows Registry settings so that you cannot run the FreeCell, Internet Explorer, iTunes, Limewire, MalwareBytes', Microsoft Paint, Notepad, Rundll32, Task Manager, Windows Media Player, and Wordpad programs. When you attempt to run any of these programs you will be shown an alert that states that the program is infected. If you wish to remove this infection, AntiVirus prompts you to send $5 to an @yahoo.com email address where they will send you an activation key. Once the activation key is installed, the program will supposedly allow you to use the programs again. For those with browsers other than Internet Explorer, you can easily download some tools to remove this infection. At this time, though, the majority of users still use Internet Explorer and will be unable to use it while this infection is active. Therefore, this malware developer stands to make some money from those who have no choice but to pay the $5 ransom. If you run into this program, please do not send them money. Instead use the below guide to remove it for free.

BC AdBot (Login to Remove)


#2 xblindx


  • Banned
  • 1,923 posts
  • Gender:Male
  • Local time:02:51 AM

Posted 26 March 2010 - 04:07 PM

Wow, when will these new programs stop coming out? Never it seems like. Why cant people just do an honest day's work? Its kind of pitiful.

#3 starcraftmaster


  • Members
  • 1,109 posts
  • Gender:Male
  • Location:australia
  • Local time:05:51 PM

Posted 27 March 2010 - 06:14 AM

Why cant people just do an honest day's work? Its kind of pitiful.

I think they would , just trying to make a quick buck.

#4 chromebuster


  • Members
  • 899 posts
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:02:51 AM

Posted 25 June 2010 - 04:39 PM

Then make a dang honest buck!

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users