backtop


Print 46 comment(s) - last by Amused2Deth.. on Oct 4 at 5:40 PM


  (Source: tabacco.blog-city.com)
Microsoft sues software maker who tricked Windows users into buying software for non-existent problems

Spam isn't the only computer nuisance that lawmakers and corporations are going after these days. The Washington State Office of the Attorney General filed a suit in cooperation with Microsoft against a software market that allegedly tricked consumers into buying software they didn’t need.

Washington State Attorney General Rob McKenna said in a statement, "The Attorney General’s Office along with Microsoft has yanked the fear factor dial out of the hands of businesses that use scareware as a marketing tool and have spun it toward them."

The filing of the suit was allowed after the improvement of a law in Washington State called the Computer Spyware Act. McKenna continued, "We won’t tolerate the use of alarmist warnings or deceptive ‘free scans’ to trick consumers into buying software to fix a problem that doesn’t even exist. We’ve repeatedly proven that Internet companies that prey on consumers’ anxieties are within our reach."

The Computer Spyware Act not only bans and makes illegal spyware, but any other program that misleads consumers into believing that a problem is present and a fix is needed for security.

Named in the suit are several defendants including makers of Registry Cleaner XP, Branch Software, and Alpha Red. Specifically named in the Registry Cleaner XP filing is company owner James Reed McCreary IV.

The complaint is that the defendants sent multiple pop-ups to Windows users that mimicked the look of actual error messages from Microsoft. The messages reportedly read "CRITICAL ERROR MESSAGE! – REGISTRY DAMAGED AND CORRUPTED" directing users to a site where they could pay for the software, which allegedly did nothing.

According to the Attorney General office statement, the software firms were able to send these pop-ups by taking advantage of computers capable of receiving Windows Messenger Service pop-ups. The service is intended to be used by system administrators on a network to contact computer users and is different from the Windows chat application.

Any computer capable of receiving Net Send messages was vulnerable. The messages routed the user to the site for a free scan of their computer, which always found errors and asked for $39.95 to download software to repair the errors.

Senior Counsel for the Attorney General's Consumer Protection High-Tech Unit, Paula Selis said, "Consumers who visited the Web site were offered a free scan to check their computer – but the program found ‘critical’ errors every time. Users were then told to pay $39.95 to repair these dubious problems."

According to Microsoft, the 50% of its customer support calls are related to crashes blamed on spyware. The penalty if convicted is a fine of up to $2,000 per incident, restitution, and attorney's fees. Some reports say that one IP address received as many as 200 of the pop-ups per day.

Ironically, this suit isn’t the first brought against the same people from Microsoft since 2005 when Washington State's Computer Spyware Act was enacted. The firms were previously sued under the act and the plaintiffs were granted injunctions and settlements.

Microsoft Senior Attorney for Internet Safety Enforcement said, "Microsoft is honored to assist Washington Attorney General McKenna in helping to protect consumers from online threats. Cybercrime continues to evolve, but with public/private collaboration such as this, we can work to champion tougher laws, greater public awareness and, ultimately, stronger protections for online consumers.”



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Conspiracy
By gigahertz20 on 9/30/2008 2:14:07 PM , Rating: 5
I've always had this thought at the back of my head that all these anti-virus and software security companies probably secretly hire people on the back side to write viruses and other crap to infect people's computers, that way all these companies can keep selling their anti-virus software and other security packages.....sounds like a great conspiracy at least.




RE: Conspiracy
By JasonMick (blog) on 9/30/2008 2:22:09 PM , Rating: 4
I was friends with one of the original programmers of AdAware. He quit after they started taking payments from virus/malware/spammers to "overlook" certain items, he told me.

I know some people would find your comments crazy, but if what my friend alleged was true, they're really not.

BTW, the same friend after graduating from UG with me went to work for Microsoft and is part of their security team. His job offer was pretty cushy, I was impressed.


RE: Conspiracy
By Spivonious on 9/30/2008 2:27:58 PM , Rating: 2
Yeah, AdAware routinely misses items that other scanners find. Greed is a powerful thing.


RE: Conspiracy
By dever on 9/30/2008 2:34:29 PM , Rating: 2
Isn't it possible that greed could have also inspired a longer term outlook of refusing payoffs, creating the best possible product for the consumer and making more money that way?


RE: Conspiracy
By amanojaku on 9/30/2008 2:47:59 PM , Rating: 5
No. Greedy people are rarely that prescient, ethical, or hard working.


RE: Conspiracy
By Solandri on 9/30/2008 3:33:25 PM , Rating: 2
No, greed is not a determining factor here. Assuming it's true, their choice was to make money by working hard to make a better product, or to make money by doing nothing. Since they would've made money either way, that eliminates greed as a factor. Laziness is the culprit.


RE: Conspiracy
By othercents on 9/30/2008 3:41:37 PM , Rating: 2
I believe that they would have made the same amount from the sell of the product even if they caught all spyware vs having a select few make it through. Plus to purposely not detect something is going to be just as hard as detecting it. The only reason not to detect it is because they got paid not too.

Other


RE: Conspiracy
By Oregonian2 on 9/30/2008 7:23:14 PM , Rating: 2
I don't think those were only the choices presented. One can also work hard, make a great product, and still make diddly squat. So the choice was perhaps money for sure now vs money later maybe.


RE: Conspiracy
By murphyslabrat on 9/30/2008 2:53:30 PM , Rating: 2
It is possible. However, while "my friend" is a pretty dubious nomination, I am inclined to believe that such occurs. Two things would support such: limited expertise and mass of competitors. You need employees capable of performing well enough to bring your product up in rankings, and you are still only one of many products that are predominantly seen as perfectly equivocal.


RE: Conspiracy
By Spivonious on 9/30/2008 3:16:11 PM , Rating: 2
Not when the program is free to use.


RE: Conspiracy
By Adonlude on 9/30/2008 2:47:29 PM , Rating: 2
So what is the best spyware remover these days? I have been using AdAware.


RE: Conspiracy
By afkrotch on 9/30/08, Rating: 0
RE: Conspiracy
By SilthDraeth on 9/30/2008 3:00:51 PM , Rating: 5
Thats called Teatimer, and you CAN disable it. I wouldn't take this guy's opinion to seriously if he uses them all, and can't figure out how to disable a simple feature in Spybot.

That feature is meant to lock a system's registry down, you are supposed to enable it in an evironment where you do not want registry changes to occur, or when you want to monitor exactly what parts of the registry get changed when you install a new application.

Of course Sysinternals offers tools that can do that, without pop up spam, but they are meant for that, Spybot's feature is an added bonus for advanced users to use.


RE: Conspiracy
By FITCamaro on 9/30/2008 4:59:59 PM , Rating: 4
Yeah I use spybot and AVG Free 8.0. I have Teatimer enabled with Spybot as well. It's especially helpful when you install programs that try to put in a start task you don't want. *cough* Adobe. Quicktime. *cough*


RE: Conspiracy
By Amused2Deth on 10/4/2008 5:40:39 PM , Rating: 2
I used to use AVG Free until I got this virus that did this same stuff.. AVG couldn't see it so I went back to using Trendmicro's PCcillin and it cleaned it up.. I've used AVG for 8 months and to see what it misses makes me regret using it.. I also use AdAware now and it picked up stuff AVG didn't.. It's also a little annoying but it works..


RE: Conspiracy
By rudolphna on 9/30/2008 3:06:19 PM , Rating: 2
best programs are Trend Micro Hijackthis, and Combofix. You run the programs, post the logs on a site where it can be analyze (pchelpforum for example) and they will instruct you how to remove the problems.


RE: Conspiracy
By Reclaimer77 on 9/30/2008 6:10:20 PM , Rating: 1
Spybot is awesome. What are you smoking ?


RE: Conspiracy
By SilthDraeth on 9/30/2008 2:57:46 PM , Rating: 2
SuperAntiSpyware is recommended pretty regularly on Anandtech Software forums by Schadenfrah and MechBgon. I haven't personally used it, but if they recommend it I believe it to be good. I still use Spybot Search and Destroy.


RE: Conspiracy
By Screwballl on 9/30/2008 3:35:25 PM , Rating: 2
AdAware is mediocre
Spybot S&D is mediocre
SuperAntiSpyware is one of the best
Spyware Terminator is very good but the popups can be annoying.

Norton and Mcafee are resource hogs and greedy SOBs..


RE: Conspiracy
By Spivonious on 9/30/2008 3:18:53 PM , Rating: 2
Back when I was on XP I used Spyboy S&D (www.safer-networking.org) and AdAware. On Vista I just let Windows Defender run itself. With UAC and IE7 Protected Mode I feel confident that I won't accidentally install any malware.

For seriously infected machines, the above three apps plus HijackThis and Avast! usually do the trick, but be sure to run them all in safe mode.


RE: Conspiracy
By kkwst2 on 9/30/2008 11:08:52 PM , Rating: 2
Yeah, this is a huge advantage about Vista and one that I think Microsoft somehow didn't do a good job of selling. I see people on forums rant about how annoying UAC is and even people I would consider pretty unsophisticated users know how to turn it off.

People just don't get it. It could be tweaked a little, but after a bunch of prompts while getting my systems set up, I rarely get a UAC prompt. I've gotten a couple that apropriately stopped registry changes. It's just not that obtrusive after you've got your computer set up. I think it's worth it.

I hadn't thought about it lately until this article. I'm not up to date on spyware removal programs because it's just not a problem for me anymore.


RE: Conspiracy
By tjh on 9/30/2008 5:27:47 PM , Rating: 2
I've been having the most luck lately with Malwarebytes. Also use Spybot, but it's not as good right now.


RE: Conspiracy
By Cincybeck on 9/30/2008 7:20:54 PM , Rating: 3
I use ESET's Security Suite. It's pretty light on resources specially compared to Norton or Mcafee. It scans faster then any other AV software I've ever used. I've read this is because it's mostly programmed in Assembly. I dunno, but it works. I've never seen anything popup from it but supposedly it's Heuristic real time scanner is pretty good and can detect 80% of threats before it has signatures for them. This is starting to sound like an infomercial. LoL Lets just say I'm pleased with a product I paid for. for once.


RE: Conspiracy
By Smilin on 10/1/2008 6:08:46 PM , Rating: 2
Best spyware remover?

MSConfig, Regedit, and a healthy dose of idiot-b-gone.


RE: Conspiracy
By AnnihilatorX on 9/30/08, Rating: -1
RE: Conspiracy
By eyebeeemmpawn on 9/30/2008 3:35:51 PM , Rating: 2
quote:
You seriously think the police would hire criminals to commit crime and get caught to boost their performance number? ; Or that firemen would hire people to commit arson for them to keep their jobs? Not to mention doctors... :)


from what I've seen, if there is enough money in it, you can get anyone to do just about anything. Some doctors receive payments for prescribing certain drugs.


RE: Conspiracy
By BladeVenom on 9/30/2008 4:20:14 PM , Rating: 5
That's almost as paranoid as thinking someone would put poison in milk or dog food to fool protein testing.


RE: Conspiracy
By Final8ty on 9/30/2008 8:32:55 PM , Rating: 2
quote:
by gigahertz20 on September 30, 2008 at 2:14 PM I've always had this thought at the back of my head that all these anti-virus and software security companies probably secretly hire people on the back side to write viruses and other crap to infect people's computers, that way all these companies can keep selling their anti-virus software and other security packages.....sounds like a great conspiracy at least.


I have been thinking the same for some years.


Hate this guy
By japlha on 9/30/2008 2:22:09 PM , Rating: 4
I hope they destroy this guy or others like him in court.
I think it's unethical to take advantage of someone's ignorance of computers.
Simulating false warnings is pretty low but to sell someone a program that does nothing?
It's unbelievable the types of people in this world.




RE: Hate this guy
By Indianapolis on 9/30/2008 2:29:22 PM , Rating: 3
More than just taking advantage of someone's ignorance, these "scareware" programs can actually make the computer unusable. Here in Indiana, theft is defined as:

"A person who knowingly or intentionally exerts unauthorized control over property of another person, with intent to deprive the other person of any part of its value or use, commits theft, a Class D felony" IC 35-43-4-2

That's exactly what these people are doing when they basically hold someone's computer hostage. They should be forced to pay harsh penalties and should definitely do time in jail.


RE: Hate this guy
By HrilL on 9/30/2008 2:36:45 PM , Rating: 2
Yes as do I but I can't denie that they also give me plenty of work since people call me asking why do I have so many viruses and them asking if they should buy the anti-virus program that found them. AV 2009 one is called. It completely makes up a list of stuff that isn't there. It changes the windoes security warnings so it warns you that you have no anti-virus even if you do. I've had to remove this many times from users computers. It completely wrong and I wonder how many people actually pay up. Sadly I know a lot of people that call me have or were going to before they talked to me. And then they have to pay me to remove it. Ignorance is golden I suppose.


RE: Hate this guy
By Spivonious on 9/30/2008 3:22:36 PM , Rating: 3
If people send money to the scammers in Nigeria, I'm sure 1000x more people send money to these software "developers".


RE: Hate this guy
By marvdmartian on 9/30/2008 4:32:33 PM , Rating: 2
Yeah, I personally got caught, about a month ago, when I tried to view a photo on a questionable (overseas) website, and got hit with a trojan that installed on my system. The scary part is I didn't have to press anything for it to install, it just did it (I've been online long enough to know not to click okay on pop-ups). Next thing I know, there's something called AV2008XP (or something like that) on my system, it's trying to suppress my windows firewall and Symantec antivirus, and it changes my desktop image to something that looks scarily like a windows security alert image, plus it put an icon in my system tray warning me of all these horrible things it had found on my computer.....

...and all that happened within a few seconds.

Too bad for them it was a simple matter of Googling the name of the program, finding multiple reports of people having dealt with this stupid trojan, and giving me advice on how to get rid of it. 5 minutes later, it was gone.

But for the non-savvy folks out there, I can see how easy it would be to be tricked by this sort of sleaze software. Personally, I'd rather see the people that create this horse whipped in public, but guess the "cruel and unusual" types would think me a savage for wanting that, eh?


RE: Hate this guy
By Spivonious on 10/1/2008 9:43:08 AM , Rating: 2
Time to upgrade to IE7.


RE: Hate this guy
By foolsgambit11 on 9/30/2008 3:58:30 PM , Rating: 2
Yeah, but this poor guy was doomed from the start. I mean, really, if your name is "James Reed McCreary IV", you're pretty much guaranteed to end up with a criminal record, right?


RE: Hate this guy
By Indianapolis on 9/30/2008 5:57:07 PM , Rating: 3
Either that, or you'll be a lawyer. Six of one, half a dozen of the other...


Wake Up People
By TechGuyCalifornia on 9/30/2008 7:45:01 PM , Rating: 2
This is probably what most firms are doing (McaFee, Norton, AVG and any other virus programs). They create fear which forces novice users into buying crap that they don't even need. I feel that this practice exists in all types of software that diagnoses computer issues and such. This is a system wide problem. Sort of like a doctor stating you have an issue and just creating things that are wrong with you. These people that create these types of problems are Chiropracters of the internet!! LOL...duhh people, stop loading crap when you don't know what it is. Everyone needs to be educated before they get on a computer.




RE: Wake Up People
By Gzus666 on 9/30/2008 10:05:42 PM , Rating: 2
I have to say I agree, I have used Windows XP without any protection from virus or spyware programs for years, without issue. Just keep it up to date, use Firefox with ad blocker, and make sure I keep away from shifty sites (besides porn of course). I have never used a virus program, and really have no issue. Sure makes you wonder...


RE: Wake Up People
By Mike Acker on 10/1/2008 11:06:09 AM , Rating: 2
if you connect a new XP to the net it will become infected within a few minutes unless you put a quality a/v package on it before you take it online.

i have recently cleared several XP computers for friends, each so loaded with virus codes that it wouldn't run anymore. the complaint generally was "my computer is slow can you take a look at it?"

so far ever one has ended in a hard disk re-format and re-install of XP. I use PC/Tools Internet Security suite but any well-recommended package should do the trick. Be sure it has a firewall and when you finish go to a site that offerers intrusion testing.


RE: Wake Up People
By wempa on 10/1/2008 12:49:44 PM , Rating: 2
quote:
if you connect a new XP to the net it will become infected within a few minutes unless you put a quality a/v package on it before you take it online.


That's only for a non-firewalled Windows installation. I have 2 Windows XP machines up and running behind both a hardware firewall and the Windows firewall. Neither of them has an anti-virus package and they haven't had any problem. I also use Firefox as my main browser. Those reports of Windows getting hacked within minutes were done back in the days when Windows didn't automatically turn on a firewall (pre SP1 I believe). A lot of the attacks were done through the regular old file sharing port 139.


Can I sue Microsoft?
By the goat on 10/1/2008 7:52:49 AM , Rating: 3
[quote]The Computer Spyware Act not only bans and makes illegal spyware, but any other program that misleads consumers into believing that a problem is present and a fix is needed for security.[/quote]

Doesn't [i]windows genuine advantage[/i] fall into this category?




RE: Can I sue Microsoft?
By the goat on 10/1/2008 7:54:30 AM , Rating: 2
Whoopse used the wrong mark up symbols. Supposed to say:

quote:
The Computer Spyware Act not only bans and makes illegal spyware, but any other program that misleads consumers into believing that a problem is present and a fix is needed for security.


Doesn't windows genuine advantage fall into this category?


hmmm
By omnicronx on 10/1/2008 10:02:59 AM , Rating: 2
Now I could be wrong on this one, but isnt the messenger service disabled by default as of XP service pack 2?




RE: hmmm
By MystaEB on 10/3/2008 3:45:37 AM , Rating: 2
Yes it is, but it is highly likely there are a huge number of machines out there still capable of exploited using this method.

That damn messenging service has always been trouble!


Wording
By ggordonliddy on 9/30/2008 7:37:36 PM , Rating: 3
From the 4th paragraph:

> "The Computer Spyware Act not only bans and makes illegal spyware"

That really sounds like the Act creates illegal spyware. It might be technically valid to word it like that, but it would be much more clear to use:

"The Computer Spyware Act not only bans and makes illegal the creation of spyware"
-or-
"The Computer Spyware Act not only bans and makes spyware illegal "




[semi-OT] net send?
By carroll on 10/1/2008 4:50:04 AM , Rating: 2
quote:
According to the Attorney General office statement, the software firms were able to send these pop-ups by taking advantage of computers capable of receiving Windows Messenger Service pop-ups. The service is intended to be used by system administrators on a network to contact computer users and is different from the Windows chat application.


well, uh. net send is default off since sp2, isn't it? i wouldn't know since i modify services with a reg script, but still that's sort of the first service that i learned of to deactivate.
typical standard joe-user doesn't have a clue about that of course ... i fixed a comp of a friend. he had an annoying mimick of that horrid security center icon running down left. kept telling him his comp was infected and tried to sell some programs to fix that ... he actually was inclined to do just that. these things make my hair stand up. i mean i would get cautious if i saw two of these icons down there, with one of them sending dubious popup windows to the desktop ...




"If you mod me down, I will become more insightful than you can possibly imagine." -- Slashdot











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki