Back in the day (the mid 1960’s), I heard an old time College Football coach (Darryl Royal, of the University of Texas Longhorns) say, in answer to a question concerning his plans for an upcoming game, “we’ll dance with who brung us”.
What he meant was, he would continue to go with the players, and plays, that had contributed to a winning season. Or, to put it more succinctly – success breeds success.
Cyber criminals, particularly those responsible for the rogue software/scareware application, XP Antivirus, have learned this lesson well. XP Antivirus is back, and is running rampant on the Internet at the moment; having morphed from previous versions we had to deal with in 2008, and 2009.
Of all the rogue security applications released to date, and there have been thousands of them, this particular one has been the most successful for the criminal developers.
I first wrote on this scourge in 2008, and in the interim period, that specific article has been read 130,000+times. In the last week or so, I was surprised to see this older article, suddenly jump to the top of the daily read chart.
This shift in popularity, coupled with a number of readers reporting having to deal with infections caused by XP Antivirus 2010, convinced me to cover the scareware issue once again.
Just like its predecessor, XP Antivirus 2010 installer can be found on adult websites, salacious news sites, or it can be installed manually from rogue security software websites.
After the installation of XP Antivirus 2010 be prepared for false positives; fake or false malware detection warnings. As with all rogue security applications, XP Antivirus 2010 was developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.
If the full program fee is not paid, XP Antivirus 2010 continues to run as a background process incessantly reporting those fake or false malware detection warnings. To really try your patience, this rogue security software cannot be uninstalled using the Windows Add/Remove Programs tool.
XP Antivirus 2010 Removal Instructions:
If you have become infected by XP Antivirus 2010, or other scareware (rogue software), have your PC worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage.
If you feel you have the necessary skills, and you want to try your hand at removal, then by all means do so.
The following free resources can provide tools and the advice you will need to attempt removal.
Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.
411 Spyware – a site that specializes in malware removal. I highly recommend this site.
Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software. This is another site I highly recommend.
SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security app
What can you do to ensure you are protected, or to reduce the chances you will become a victim?
Consider the ramifications carefully before responding to a Windows Security Alert pop-up message. This is a favorite vehicle used by rogue security application to begin the process of infecting unwary users’ computers.
Be cautious in downloading freeware, or shareware programs. Spyware, including scareware, is occasionally concealed in these programs. Download freeware applications only through reputable web sites such as Download.com, or sites that you know to be safe.
Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications, since exposure to rogue security applications is widespread.
Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is WOT (Web of Trust), an Internet Explorer/FireFox add-on, that offers substantial protection against dangerous websites.
As a form of added protection, you should consider running in a virtual environment while connected to the Internet. To find out what this means to your overall security, and to download a free virtual software application, please read “Download Free Returnil Virtual System 2010 Home”, on this site.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
Bill Mullins' Weblog - Tech Thoughts 
Thanks Bill for warning us from XP antiVirus 2010 again.
Hey Ahmed,
You know how to handle this sort of malware, and will never get caught. But still, a reminder never hurts.
Bill
Bill,
These things just keep on coming at ya!.
Thanks for the warning.
Liam
Hey Liam,
You’re right.
This type of malware is a real money maker for cyber criminals, so I wouldn’t expect relief any time soon.
Bill
Hi Bill,
As you know I’m aware of the recent outbreak. I pretty well nuked it with a combo of Malwarebytes and Superantispyware, people need to keep in mind it might take 3 or more consecutive scans and reboots before the infection is taken care of. I also used Process Explorer from Sysinternals to check the system once the automated tools did their thing. I feel confident the machine back to normal at thisd point but I’ll continue to check it periodically for issues over the next few weeks.
Mark
Hi Mark,
I remember saying to you at that time, I didn’t envy you the work you had to do on this, Way to go in killing this piece of crap! Good to know it can be done, even if it takes this huge effort.
Best,
Bill
Oh that scare ware is lower than low.Excellent info Bill as always 🙂
You’re right – “scareware is lower than low”.
Thanks for stopping by Rose.
Bill
Hey Bill,
Hope I never get it, my paranoia level is bad enough lol.
Cheers
Hey Mal,
How’s this for a comment:
“Perhaps public executions should be re-instated for the infantile hackers who devised the very annoying Antivirus 2010, which popped up on my computer just two days ago and which has been a constant annoyance since then. I dont feel competent to attempt the processes you describe, as I am not comfortable tinkering with software, so Ill spend money with a good local technician [Friendly Computers’ local rep] to have him do the job.
The hackers simply dont seem to care that their malicious, cutesy invasive programs may, indeed, be more than just an annoyance, but could cause loss of business to home-based businesses [like mine] or loss of confidence in computer system security owing to concerns about security of, for example, transmission of credit card, medical data, or other private information sent by e-mail. Such invasiveness can make one more than a little paranoid and more than a little hopeful that my suggestion in paragraph 1, above, be put into effect soon”.
This is a real comment – so paranoia? I hear ya. lol
Bill
Since XP Antivirus seems to be installed as a drive-by on certain sites, those of us who haven’t yet been hit by the malware can add another preventative layer of protection. Install the WOT – Web of Trust add-on for your browser. It rates the overall “safety” of sites before you go there. Very helpful tool.
Hey Stormin’ Norman,
No doubt about it.
As I said in this post – *”Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is WOT (Web of Trust) , an Internet Explorer/FireFox add-on, that offers substantial protection against dangerous websites”*
Thanks SN, for emphasizing this important point.
Bill
Hi Bill,
Just read this on info world http://www.infoworld.com/d/security-central/security-companies-warn-uptick-in-attacks-using-new-ie-flaw-603?source=rss_infoworld_news
Good (another) reason to avoid IE.
Mark
Thanks Mark.
Staying ahead of the flaws is now more than a full time job.
Best,
Bill
Thanks, its goot to know
Hey, you have a great blog here! Thank you for your info.