Microsoft, Washington state sue over 'scareware' pop-up ads

Microsoft and the Attorney General's office in Washington state said on Monday they have filed a handful of lawsuits over pop-up ads that scare consumers into paying for software that supposedly fixes critical errors on a PC.

The lawsuit filed by the Attorney General's office alleges a Texas firm sent incessant pop-up ads that falsely claimed the computer had critical errors in its registry and directed people to a Web site where they could download free scanning software to find the problems.

This is an example of the pop-up that consumers received from a Texas firm sued for allegedly spreading "scareware."

(Credit: Washington Attorney General's office)

The software then reports 43 critical problems and offers to sell a fix for $39.95. However, the software, dubbed "Registry Cleaner XP," does nothing but lull the consumer into a false sense of security, officials said.

It's a "blatant rip off of consumers," Washington State Attorney General Rob McKenna said in a news conference. Consumers were "duped into downloading a fake scan (of the computer) and then duped into paying for software they don't need."

The pop-ups take advantage of a function called Windows Messenger (not to be confused with Microsoft's instant-messaging program Windows Live messenger) that was designed to allow network administrators to send alerts to Windows PCs on a network. The functionality was turned off in Windows XP Service Pack 2, said Richard Boscovich, senior attorney for Microsoft's Internet Safety Enforcement Team.

The messages often would be displayed repeatedly, with one IP address receiving more than 200 in one day, the complaint alleges.

That lawsuit, which includes claims of misrepresentation, harassment, and high pressure sales, names as defendants Texas companies Alpha Red and Branch Software, and their owner James Reed McCreary. McCreary did not return a call seeking comment.

Microsoft filed five new lawsuits and amended two previous complaints against SMP Soft and Registry Update, all relating to programs that allegedly falsely alert consumers to problems on their computers and offer to sell software fixes. The programs listed include Scan & Repair, Antivirus 2009, MalwareCore, WinDefenderXPDefender.com and WinSpywareProtect. Most of the defendants are listed as "John Doe" because investigators do not yet know the identities of the people behind the programs.

The lawsuits were enabled by a broadening of Washington's Computer Spyware Act, which was amended earlier this year to outlaw misrepresentation of the source of a message to a computer user in order to scare the person into installing software.

Consumers can file complaints on their own, officials said. Meanwhile, the defendants face penalties of up to $2,000 per violation plus restitution and attorney fees.

Microsoft has brought 17 spyware-related legal actions since the Computer Spyware Act was enacted in 2005.

To protect themselves against these and other threats, computer users should keep their operating system, antivirus, firewall and antispyware software updated, Microsoft said.

More information and a link to the complaint against McCreary is on the Washington Attorney General's Web site.

The RegistryCleanerXP software supposedly finds 43 critical errors, even on machines that have no problems, officials say.

(Credit: Washington Attorney General's office)

Updated 1:15 p.m. PT with more details on Microsoft lawsuits.

[benjaminstraight]

Go figure. Playing on fears to sell a product.

[quirK]

Not a surprise. The Patriot Act's success was driven by fear, too.

[dadsgravy]

Having a 90% share of the OS market gives you 100% of the retards.

[drfrost]

The "mac versus pc" religious war rears it's ugly head once more.

How... irrelevant.

[Vegaman_Dan]

Good luck on collecting anything even if you win the lawsuit. This falls into the same category of activity as spammers. It's easy to win the judgement. It's another thing to actually collect or prevent them from shutting down one company and starting up another one.

[Penguinisto]

Well, you know...

Not to point fingers, but you notice that there's no such cottage "industry" surrounding OSX, Linux, etc... Just Windows.

Now, yes, Windows has the biggest marketshare right now, which likely explains it for the most part. OTOH, it's easy to play on the fears of the tech-ignorant when the base premise being pointed at is actually quite sound: a registry that does corrupt and slow down the computer over time, viruses and malware running rampant, etc etc.

I actually would like to see MSFT make some progress against the obvious scammers, but there is one thing that disturbs me about this... why doesn't Microsoft itself provide at least some of the tools with the OS? They once had and distributed a registry cleaner app (you just had to know where to look for it). Where is that app now?

Also, why don't they do something towards ultimately putting folks like that out of business - that is, build an OS design that isn't so drop-easy prone to compromise and corruption? While certainly there is no excuse for the scammers' actions, One has to wonder: They have a very plausible-sounding line of spamvertising... based on some very real problems which MSFT has yet to diminish, let alone eliminate. If MSFT can reduce the very real problems they have to a point of statistical anomaly, then maybe they wouldn't have so many problems with scammers trying to weasel a buck out of a population that has had to put up with these deficiencies.

(...and for the record, if this was OSX and OSX had such drastic design deficiencies, then oh yes, I'd happily blame them too).

[Vegaman_Dan]

It's even more sad when you find out that some of the defendants were running Mac's and got the same popup ads. They paid the money and got software that wouldn't work on their Mac either.

Just because you choose OS X, Windows, or Linux doesn't mean you aren't ignorant enough to fall for social engineering schemes like this.

I'm disappointed that Penguinisto would turn this very real social engineering method of scamming people into yet another MS bigoted hatred rant.

[McPlot]

I do tech support, the most computer ignorate people I help, have Macs....

[Penguinisto]

If a Mac user buys a "registry cleaner", IMHO they deserve to get screwed. :/

Can you show me an instance of a company purporting to sell Mac registry cleaners? I'm really curious to seeone.

[inachu]

Put me in a room alone with these scareware makers just for 5 minutes.

[Imalittleteapot]

Only if you take me too.

[compudoc318]

i cant believe how many people pay for these rogue programs...i do computer repair, and ive cleaned 2 "antivirus 2008" this week alone, and in both cases, the customer paid for them!!! Think people, how did that company get in your computer to know youre infected unless they are the ones who infected you...lol...oh well, job security for me.

[schroeder787]

Google RegistryCleanerXP, AntiVirusXP, SpywareRemoverXP. Each one of these has been around for a few years now with many name variants. This is not news, the manual fix for each of these has been around for at least 2 years now, as I contracted AntiVirusXP at about that time.

Why is this coming to light just now? How could the journalist who wrote this article not have at least Googled the subject of his article?

[elinormills]

The news is that the lawsuits were filed, not that the program exist.

[DJRWolf]

Because the law just changed to allow it.

"The lawsuits were enabled by a broadening of Washington's Computer Spyware Act, which was amended earlier this year to outlaw misrepresentation of the source of a message to a computer user in order to scare the person into installing software."

[sythara]

Look, people need to learn how to make their own desisions and be responsible for what they do. If you're at a stop light and someone comes up to you and says that your car's air filter is clogged and offers to change it on the spot for $39.99 wouldn't you be suspicious?

You should be the same way with computer software. I mean people's stupidity or ignorance is whats causing this problem in the first place. Computers have become such integrated part of our lifes, and everyone has access to one, even those who are obviously too dumb to operate it. Not everyone should be driving a car, same applies to computers.

[vgraybeard]

"stupidity or ignorance is whats causing this problem in the first place". While there is no cure for stupidity, there is one for ignorance; it's called information. To expect people to learn without information is ....well ????

[drfrost]

Nonsensical posting. People's stupidity or ignorance is what's causing such idiotic posts in the first place. Blogs/discussion boards/etc. have become such an integrated part of our lives, and everyone has access to one, even those who are obviously too dumb to reason. Not everyone should be driving a car, same applies to online posts.

/sarcasm

You can't compare a vehicle with a computer. And you certainly can't conclude that operating a computer should require a license because operating a vehicle requires one.

[humanssssss]

They can sue for false advertisement. Meaning, what they advertised for the service rendered is not what they get. That they can sue. But suing for something they didn't purchase is a different matter unless it's against the law to make wild claim of advertised product. This lawsuit comes in a grey area. If however the popup did not have permission to sit on the computer in the first place, the company can be sued for Computer Fraud.

[DivingDancer]

Saying that people need to learn to make their own decisions is great in theory. As is the statement that computers are an integrated part of our lives. The problem is that both statements have some flaws.

I'd liken this to the situation where you take your car to the mechanic, and he says "Oh, look at this! You need a new distributor cap and wires, or you're certainly going to be stranded in the snow on your way home". Cars are also an integrated part of our lives, but very few people can count themselves as qualified mechanics. At some point you have to draw a line around the part of your life that you count as your competencies, and you have to look to others for the rest of it. Computers fall into that same category.

Whether I want her to or not, my grandmother is never going to be a expert at using a computer. She usually asks me, or others that know more about computers than she does, for advice. I'd like to think that if one of these types of messages popped up on her screen, she'd ask somebody about it. But I also know, from experience, that if it looks official she's likely to follow the lead.

I wouldn't really have a problem with something popping up a scary looking warning, if what it was saying was actually true. Sometimes people need to be scared into action. But only if the warning is based on the truth. This thing, on the other hand, ALWAYS says "43 problems found", even if none exist. It doesn't check anything. It simply pops up a warning.

Hang 'em, I say.

[drfrost]

Hang them from the highest microwave tower in the land!

[TF_kj]

Rogueware, scareware, same thing. It's all fraud. People can be fooled into all sorts of things that they don't understand -- installing phony codecs, opening files containing embedded exploits that install fakealert components and rogueware, visiting websites that effectively attack their systems and install downloaders that pull down this "scareware".
We've been observing this stuff, blogging about it, and protecting users against it for years now.
http://blog.threatfire.com/search/label/Rogueware

It's impressive that Msoft can file against unknown defendants in this case.

[funatwork2]

I had for years and never had any problems. It was the safest, most user-friendly program there is. plus i used to reinstall my system all the time wich made me happy. plus i had a free subscription to the McCaffe security suite that came with my internet provider wich I'm sure helped, since I later found out xp's firewall didnt prevent outgoing traffic, or something like that. i think i only got some pop ups problems when going into the porn site tubegirl.com at the time. it now doesnt exist.

[clydeostephens]

I just got almost exactly the same type of warning message on my Mac running OSX 10.4.11, The warning popup was OSX style with the "cancel and OK" buttons on the lower right. The warning window said the system had some "viruses detected" It offered to run a scanner called "Virus Scanner 2009." I clicked the cancel button at the bottom of the warning window and it closed Next the Firefox window jumped over to the right to occupy half of my main display and the other half on my secondary display. In the middle of the Firefox window was a popup claiming to be scanning my hard drive. I clicked the red close button on the Firefox Window and then shut down Firefox. All is well! This is the first time I have had this experience since I "switched" a little more than two years ago. Thanks "NoScript" etc.