New Rogue: XP AntiVirus

by Erin on October 11th, 2007 in Researcher Comments, Security Alerts.

A new rogue, known as XP AntiVirus or XPAntiVirus, has been making the rounds. Typical of fraudware, this rogue anti-virus software creates registry entries for fake, non-existent malware that it then "detects" when it scans your PC. This tactic is used to scare you into purchasing the software.

While the program does come with a removal option, when PC users attempt to uninstall it, XP AntiVirus will start up again the next time they reboot.

We currently have the rogue in detection in the Definitions File Beta; those who are registered as beta testers for our Definitions File can detect and remove this rogue. If you haven't yet signed up to get the beta def files, you'll see this one in the final release on Monday.

The crew at BleepingComputer.com has also posted helpful information and removal instructions.