On March 19, a faux anti-virus program calling itself "XP Security" installed itself on my Windows XP system, adding a four-color shield icon (Microsoft in appearance) to my system tray. ZoneAlarm Internet Security Suite did not stop it and does not detect it after a scan.
XP Security pops up various hysterical virus warnings every 45 seconds, which must be manually closed, such as Privacy Threat!, System Hijack!, Virus Infection!, and so on. I can "recover from an infection right now, by performing a free system scan, click here." Every hour it pops up a full window, "XP Security - Unregistered version" pretends to do a scan, in 5 seconds, reports the details of 33 faux infections, and asks if I want to activate XP Security or stay unprotected. Activation costs $49.99. Every two hours it will also pop up a full window entitled "Windows Security Center" explaining that "Security Center helps you manage your windows security settings," and informing me that my Firewall is off (it isn't), Auto update is on, and virus protection is off (it isn't).
On an irregular basis, it will try to run ave.exe and connect to various internet locations. ZoneAlarm anti-virus firewall catches such attempts, and I deny ave.exe access. When I open Firefox, I instead get an "XP Security Firewall Alert" informing me that "XP Security has blocked a program from accessing the internet," due to a changing roster of faux infections. I can either choose to "activate XP Security" or "continue unprotected;" the later choice gives me access to Firefox. XP Security completely blocks access to Control Center, Firewall.
An internet search revealed a www.bleepingcomputer.com forum which advises of ways to kill "XP SecurityCenter." The screen shots looked identical to my "XP Security." So, I downloaded and tried to run Malwarebytes Anti-Malware (MBAM), but XP Security blocked MBAM from running. After some more research, I downloaded and ran RKill. It shuts down XP Security and any other malware it can find. Then I ran MBAM. It updated, then killed XP Security dead.