Rogue security programs
are one of the most common sources of malware infection
. They infect machines by using social engineering
and scams to trick a user into spending money to buy a an application which claims to remove malware. They typically use bogus warning messages
and alerts to indicate that your computer is infected with spyware or has critical errors
as a scare tactic to goad you into downloading a malicious security application to fix it. The alerts can mimic system messages so they appear as if they are generated by the Windows Operating System. It is not unusual for malware writers to use the names of popular and legitimate security programs as part of the name for a fake anti-virus software
in order to trick people into using them. There are at least two rogue security programs
that use part of or all of the Malwarebytes name. There are also rogues for SmitfraudFixTool
, Spybot Search and Destroy
, Avira AntiVir
and many more. Even Microsoft has been targeted by attackers using such names as Microsoft Security Essentials
, MS Anti-virus
for their programs and incorporating the names Defender
, and Vista
into naming schemes for other rogue applications.
Rogue antispyware programs are responsible for launching unwanted pop ups, browser redirects and downloading other malicious files so the extent of the infection can vary
to include backdoor Trojans
which compromise the computer
and make the infection more difficult to remove. If your machine has been infected it will show symptoms such as those noted above.
Windows Defender installs in the C:\Program Files\Windows Defender\ folder. The version of Defender included with all versions of Windows 7
is part of the operating system.