Microsoft and Washington State officials announced a new partnership today aimed at fighting scareware in general and one specific vendor in particular. Today isn't such a good day for one James Reed McCreary IV, of The Woodlands, Texas. Mr. McCreary is the sole director of Branch Software, which created the Registry Cleaner XP program, and the CEO of hosting company Alpha Red. Scareware, it should be noted, isn't malware—at least, not technically. Instead of installing its own set of viruses, worms, or Trojans, a scareware program tricks the end user into believing he or she needs the program to correct a nonexistent error within the operating system. This type of falsified error was a common tactic in the days before Windows XP's SP1 (supposedly) closed the door that made the random pop-ups possible; I still remember seeing ads pop up on customers' desks insisting that they needed to download Program X for $9.99 to fix this issue.
No one likes the badware industry, but scareware has to be one of Microsoft's least-favorite types. It's the equivalent of a mechanic who wants to change the oil in your serpentine belt, or who insists that the transmission fluid in your car needs to be swapped out every 10,000 miles. In a best-case scenario, scareware does no harm after the consumer has been tricked into installing it. Worst case, the stuff is as full of malware, exploits, and/or system-crashing instabilities as the problems it purports to solve. Malware exploits may give Microsoft a bad reputation in general, but scareware actually charges the user for her own infection, and that tends to make people a wee bit cranky. Ironically, Microsoft's reputation ends up tarnished, in this case, by a product that takes advantage of a consumer's gullibility rather than an OS-related design flaw.
Registry Cleaner XP is an example of exactly this sort of product. Web 0.5-styled website that appears to have been written by a kindergartner with an unactivated copy of FrontPage? Check. Product website consists of a single page, with no "About Us" information, list of press contacts, or even a list of other products? Check. Prominent endorsement from nonexistent rating service? Check. WebTronics, if such a service ever existed, doesn't appear to exist anymore, and there's no link to any sort of page promoting that recommendation. Read through what the program supposedly does, and it's an obvious fraud to those of us who know what to look for, but your average user confronted with bizarre pop-up errors and warnings may not be able to distinguish it from a legitimate piece of software. Running Registry Cleaner XP, by the way, always results in the program finding errors. Consumers are then told to pony up $39.95 if they want to clean their systems.
James Reed McCreary
AlphaRed's involvement is harder to quantify. McCreary is listed as a company employee (though not as CEO), but the firm appears to be a legitimate hosting business. Legitimate hosting companies can still host plenty of illegitimate activities—ask Atrivo if you don't believe us—but the links between AlphaRed and any sort of scareware or illicit business are at least slightly camouflaged. Digging around online, I found vague references to bad experiences with AlphaRed or its onetime affiliate OrangeWire, as well as references to a scammer that went by the name of Chris Gotzmann, aka Michael Sanduval, but most such discussions date back to 2004-2006. According to Microsoft, AlphaRed sold Registry Cleaner XP, though it's not apparent how/when such transactions occurred.
In its formal complaint (PDF), Microsoft details the means by which Registry Cleaner XP sought out and attempted to persuade victims to purchase its dubious services. Redmond charges that McCreary has committed five separate violations of the Consumer Protection Act and/or Washington State's Computer Spyware Act. The company than asks for a permanent injunction against McCreary's products, as well as relief and court costs. When Microsoft and Washington State announced this new initiative today, Washington Attorney General Rob McKenna had strong words for the companies and programmers that produce and market scareware. "The Attorney General's Office along with Microsoft has yanked the fear factor dial out of the hands of businesses that use scareware as a marketing tool and have spun it toward them," McKenna said. "We won’t tolerate the use of alarmist warnings or deceptive 'free scans' to trick consumers into buying software to fix a problem that doesn’t even exist. We've repeatedly proven that Internet companies that prey on consumers' anxieties are within our reach."