INFOSEC - Microsoft figures show some users may like adware

New statistics from Microsoft show the pervasiveness of dodgy security programs and other advertising software.

It would seem logical to think most Internet users are annoyed by software that causes pop-up advertisements to appear on their screens.

But new statistics released by Microsoft would indicate that not all users are clamoring to uninstall adware programs, even if they're flagged as somewhat suspicious by security software.

Microsoft's latest security data is particularly interesting because of the sheer number of machines that the company can electronically survey with one of its free security programs, the Malicious Software Removal Tool (MSRT).

The MSRT is a low-end security tool that removes some of the most common classes of malicious software. The MSRT, which is an optional installation, scans machines once a month, and reports its findings back to Microsoft.

The software is on an astounding number of PCs: 450 million worldwide, according to Tim Rains, group product manager for Microsoft's Trustworthy Computing Group, which handles security issues. Rains made his presentation Tuesday at the Infosec security show in London.

Microsoft released data on Tuesday collected by the MSRT from July through December of 2007. The tool detected 129.5 million pieces of "potentially unwanted software," the term for programs that may have been intentionally installed by people but have certain suspicious functions in the eyes of security professionals.

Those programs can include advertising software and other dodgy security programs that claim a computer is in poor health, among others.

But Microsoft's data has a surprise: Of 129.5 million potentially unwanted programs detected by the MSRT, only 71.7 million were removed by users.

"Our customers choose to run some of this stuff," Rains said. "Some of them get some value from it. Some of them don't realize what they are doing. Some of them do. That's why we call them potentially unwanted. Some of them are legitimate companies with legitimate products. We don't want to make any value judgements on that."

But obviously, Microsoft and other security companies do that by flagging the programs in order to alert their users. The latest statistics reveal that some of the most persistent questionable programs on the Internet from the last few years still have huge numbers of users.

"The most prevalent rogue security software detected in the second half of 2007 was Win32/Winfixer, with more than five times as many detections as any other single family [of potentially unwanted programs]," said Microsoft's latest Internet Security Threat Report, released on Tuesday.

Winfixer often ends up installed on machines by exploiting vulnerabilities in the operating system or browser. Once on the machine, it displays persistent warnings that the machine is infected, and the user can pay around US$39.95 to fix the machine. It is extremely difficult to remove from a machine once it has been installed. The people who profit from Winfixer have been hard to track down.

The MSRT found close to 3.4 million instances of Winfixer running on machines, up more than 100 percent from the first half of 2007, the last time the company published statistics.

Of the top five malicious programs detected, two were Trojan downloaders, or small programs that can download other malicious programs onto a machine, and three adware programs.

Two of those adware programs, HotBar and ZangoSearchAssistant, are produced by Zango, an adware company in Bellevue, Washington. Zango was ordered by the U.S. Federal Trade Commission in November to give up $3 million in ill-gotten gains from its adware operations, which at times used deceptive means to get people to install the software.

Microsoft said it detected 7.1 million instances of HotBar, and 4.9 million instances of the ZangoSearchAssisant.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?