Showing Content for | Change your ZIP Code

Enter another ZIP to see info from a different area. X | `>`

!We can't find that ZIP Code. Try again.

Recognizing and avoiding Rogue Software or FakeAlert Trojans

Learn how to recognize and avoid Rogue Software or FakeAlert Trojans.


About Rogue Software or FakeAlert Trojan recognition

What is a Fake/Rogue software product or alert?

Fake or rogue software and FakeAlert Trojans are illegitimate security applications that are presented as valid, for monetary gain. This scam involves the distribution or aggressive promotion of a Trojan disguised as legitimate security software. While these programs usually use scare tactics and behave aggressively, it may still be difficult to recognize the illegitimate behavior and distinguish a valid product from a fake or rogue software product.

What are the symptoms of such an attack on my computer?

Some common symptoms include:
  • Receiving multiple pop-up messages which state that your system is infected and prompt you to download specific software to remove the infection.
  • Receiving notifications from an application that you've never seen before which tell you there are an unusually high number of viruses or other malware on your computer, and won't clean them unless you purchase the product.
  • New icons for an unknown program show up on your desktop or in the taskbar beside your clock.
  • Unexpected network connections are made to unknown domain(s) when you open your web browser or while browsing the Internet, you are directed to a page other than your home page or intended destination.

Note: Do not click directly on these pop-up messages, even to close them. Clicking Cancel or the X in the top right corner can sometimes cause the application to install itself.

If you receive an unexpected message from a rogue application

  1. Right-click an empty spot on your Windows taskbar and select Task Manager.
  2. Click the Applications tab, highlight the false notification message, then click End Task.
  3. If you are unable to end the task in this manner, shut down and restart your computer to clear the notification. This will not remove the malware.

McAfee recommends that you clear the cached (stored) data in your web browser after ending the malware task or restarting the computer. You can do this using the steps below.

Microsoft Internet Explorer
  1. Click Tools, Internet Options
  2. Under Browsing History, click Delete.
  3. Click Delete Files.
  4. Click Yes.
  5. Click Delete Cookies.
  6. Click Yes.

Mozilla FireFox:
  1. Click Tools and select Clear Private Data.
  2. Ensure only Cache, Cookies, and Offline Website Data are selected.
  3. Click Clear Private Data Now.

What are some of the known names of these fake or rogue security products?

This is not a complete list of all rogue security applications:
  • AntiSpyware Pro 2009
  • Antivirus Plus
  • Antivirus System PRO
  • Antivirus XP
  • AV AntiSpyware
  • Malware Doctor
  • PC Privacy Center
  • Personal Antivirus
  • Spyware Protect 2009
  • Spy/System Protector
  • System Security 2009

What can I do to prevent these programs from infecting my computer?
Block these commonly used Installation domains:
  • 72-9-10 8-82.reverse.ezz

Block these commonly accessed domains:

Please visit these links for more information:

Community forums

Have questions about your AT&T Internet service? Explore our community forums for answers.