Rouge Protection System targets MalwareBytes Anti-Malware
Tom Kelchner at Sunbelt Systems reports about a rogue software (viz. Protection System) that tries to trick Windows users into uninstalling MalwareBytes’ Anti-Malware. Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware. Rogue security software, in recent years, has become a growing and serious security threat in desktop computing.
You will find a very long list of rogue softwares here and here. The list of legitimate software can be found here and here.
During installation, the Protection System rogue will generate the following message if it detects MalwareBytes.
“There is unauthorized antivirus software detected on your computer. It is recommended you to remove it, other it could conflict with Protection System. Press OK to remove MalwareBytes’ Anti-Malware_is1”.
If the user clicks on the OK button, it will call the MalwareBytes uninstaller and uninstall the software. After the install, it then asks for the users email address. Then a “Thank you” message appears as shown in the screenshot below as if the user had actually purchased the rogue.
This article is a warning for all unsuspecting Windows users so that they don’t get tricked by this rogue software and uninstall the legitimate MalwareBytes Anti-Malware.
Tom Kelchner also authored a PDF entitled How to Tell If That Pop-Up Window Is Offering You a Rogue Anti-Malware Product which discusses about these kind of rogue software.