You are here: Home > The XP Rogues (Fake Anti-virus) are Back for 2011

The XP Rogues (Fake Anti-virus) are Back for 2011

It’s the Operating System that will not die and is still favored by so many…Windows XP.  Malware authors and distributors know this and consequently have made a new round of Rogues (fake antivirus) to trick users into handing over their cash and worse, their identities.

Yesterday I encountered 2 new XP Rogues:

  1. Windows XP AntiSpyware 2011 – Vipre eventually killed this one, but did allow it to load and run.
  2. XP Internet Security – Microsoft Security Essentials just ignored this one.  I had to use Malwarebytes to get rid of it.

Here are some screen shots of these two new XP Rogues (click for a larger image):

XP-Internet-Security

XP-AntiSpyware-2011



, , , ,

  • http://malwarekiller.co.cc Christos(ballader1 on YT)

    MSE ignored XP Internet Security ?!?!?!?!?!?!?!?!?!?!?!?!?

    Did you upload XP Internet Security to virustotal.com to see which av vendors detect it?

  • Adam

    I have really found MSE doesn’t do very well against Fake AV’s

  • http://malwarekiller.co.cc Christos(ballader1 on YT)

    Well, MSE does good with 80% of the rogues and it is a pretty good free antivirus, that’s why I was like WTF when I read that it missed it.

  • malwarekilla

    @Christos(ballader1 on YT) – no, wish I would have though. I was pretty burned out by that time (it was like 9 pm).

  • http://malwarekiller.co.cc Christos(ballader1 on YT)

    @malwarekilla Oh, ok.

  • http://malwarekiller.co.cc Christos(ballader1 on YT)

    @malwarekilla Q: What do you prefer? Avast!5 or MSE, I think MSE, but I just want your opinion (my reviews and tests show me MSE as better).

  • gusthebus

    I saw something like this just yesterday on my family member’s PC.

  • Shaun Zhang

    When the new version of Microsoft Security Essentials (Microsoft Security Essentials 2.0) is released, I expect that the behavior monitor might catch this one, otherwise, the script scanning of Microsoft Security Essentials 2.0 should be able to prevent this one from getting into the computer through a legitimate website.
    Did you send this to Microsoft for analysis?
    Go here to send this file to Microsoft if you haven’t done so already
    https://www.microsoft.com/security/portal/Submission/Submit.aspx

  • elliotcroft

    I would bet on Comodo finding this. Believe it or not Comodo has a very high detection rate. Defense+ would most likely also catch it. I’m currently using Comodo Internet Security Version 5 and am looking forward to the DACS technology in V5.1 which will apparently give the best detection of any antivirus guaranteed.

  • Shaun Zhang

    When are you going to upload more video reviews?

  • Ron

    The bottom screen shows vipre running as well. Did it not catch/clean it at all?

    • malwarekilla

      @Ron – Yes, Vipre did kill this rogue.


Remove-Malware Traffic Stats