Threat Description

Rogue antispyware/antivirus software

Details

Aliases: Rogue antispyware/antivirus software, Fraudtool.[variant], Fraudpack.[variant], Trojan.fakealert
Category: Malware
Type: Rogue
Platform: W32

Summary


Deceptive or fraudulent antispyware/antivirus software that uses misleading or high-pressure tactics (e.g., falsely claiming a malware infection or deliberately infecting the machine) to pressure users into installing or purchasing the software.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More scanning & removal options

More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.


Suspect A False Alarm?

If you suspect a file has been incorrectly identified as malicious, (that is, it is a False Alarm or a False Positive), please first ensure your F-Secure security program is up-to-date with the latest detection database updates, then rescan the suspect file.

If you continue to suspect a False Alarm, you may submit a sample of the suspect file to our Security Labs for further analysis via the Sample Analysis System (SAS).




Further actions

In some cases, a rogue may have been silently installed on the system in a 'drive-by download'. In such cases, disinfection should be accompanied by a check to determine if any programs require updating or patching; if so, please refer to the program vendor's site for further details.



Technical Details


Rogue antivirus/antispyware programs (generally known as 'rogueware' or 'rogues') are security applications that use misleading, high-pressure, fraudulent or malicious sales tactics to convince users into installing and/or purchasing the product.

The quality of the purchased software itself is also suspect; once installed, the product may not perform as expected. Some are simply substandard products that present false information or false positives due to bugs in the software's code, rather than because of an outright deception. Code corrections can move a suspect program off the rogueware detection lists. Other rogues however are intentionally malicious and either do not bring no benefit to the user, or actively interfere with the computer's operations or compromise the user's data.

Rogue antispyware or antivirus programs typically closely mimic legitimate applications, using similar (or even identical) styling and packaging to convey legitimacy. As such, it can be difficult for both technical and non-technical users to differentiate between legitimate and rogue applications.

For more information about rogues, please see Article: Rogues






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Scan & clean your PC

F-Secure Online Scanner will scan and clean your PC in just a few minutes for free

Learn More