INFOSEC - Microsoft figures show some users may like adware

New statistics from Microsoft show the pervasiveness of dodgy security programs and other advertising software.

It would seem logical to think most Internet users are annoyed by software that causes pop-up advertisements to appear on their screens.

But new statistics released by Microsoft would indicate that not all users are clamoring to uninstall adware programs, even if they're flagged as somewhat suspicious by security software.

Microsoft's latest security data is particularly interesting because of the sheer number of machines that the company can electronically survey with one of its free security programs, the Malicious Software Removal Tool (MSRT).

The MSRT is a low-end security tool that removes some of the most common classes of malicious software. The MSRT, which is an optional installation, scans machines once a month, and reports its findings back to Microsoft.

The software is on an astounding number of PCs: 450 million worldwide, according to Tim Rains, group product manager for Microsoft's Trustworthy Computing Group, which handles security issues. Rains made his presentation Tuesday at the Infosec security show in London.

Microsoft released data on Tuesday collected by the MSRT from July through December of 2007. The tool detected 129.5 million pieces of "potentially unwanted software," the term for programs that may have been intentionally installed by people but have certain suspicious functions in the eyes of security professionals.

Those programs can include advertising software and other dodgy security programs that claim a computer is in poor health, among others.

But Microsoft's data has a surprise: Of 129.5 million potentially unwanted programs detected by the MSRT, only 71.7 million were removed by users.

"Our customers choose to run some of this stuff," Rains said. "Some of them get some value from it. Some of them don't realize what they are doing. Some of them do. That's why we call them potentially unwanted. Some of them are legitimate companies with legitimate products. We don't want to make any value judgements on that."

But obviously, Microsoft and other security companies do that by flagging the programs in order to alert their users. The latest statistics reveal that some of the most persistent questionable programs on the Internet from the last few years still have huge numbers of users.

"The most prevalent rogue security software detected in the second half of 2007 was Win32/Winfixer, with more than five times as many detections as any other single family [of potentially unwanted programs]," said Microsoft's latest Internet Security Threat Report, released on Tuesday.

Winfixer often ends up installed on machines by exploiting vulnerabilities in the operating system or browser. Once on the machine, it displays persistent warnings that the machine is infected, and the user can pay around US$39.95 to fix the machine. It is extremely difficult to remove from a machine once it has been installed. The people who profit from Winfixer have been hard to track down.

The MSRT found close to 3.4 million instances of Winfixer running on machines, up more than 100 percent from the first half of 2007, the last time the company published statistics.

Of the top five malicious programs detected, two were Trojan downloaders, or small programs that can download other malicious programs onto a machine, and three adware programs.

Two of those adware programs, HotBar and ZangoSearchAssistant, are produced by Zango, an adware company in Bellevue, Washington. Zango was ordered by the U.S. Federal Trade Commission in November to give up $3 million in ill-gotten gains from its adware operations, which at times used deceptive means to get people to install the software.

Microsoft said it detected 7.1 million instances of HotBar, and 4.9 million instances of the ZangoSearchAssisant.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?