Update: Microsoft, Washington attorney general sue alleged spyware company

While Dozier could not say who wrote the software in question, it appears to have been authored by a developer named Mladen Bajic, according to Eric Howes, director of malware research at antispyware vendor Sunbelt Software Inc. The software is similar to a number of other antispyware products (http://www.spywarewarrior.com/family_resemblances.htm#5) including software called Scan & Repair Utilities 2006, and SpyVest, he said.

Spyware Cleaner does detect some spyware and adware, but it does not qualify as reputable software, Howes said. "It's not completely worthless, but compared to the top antispyware products on the market, it's not even in the same class," he said. "The number of false positives turned up by this product was just ridiculous."

Windows expert Mark Russinovich, best known as the discoverer of the Sony BMG Music Entertainment rootkit software, recently analyzed Spyware Cleaner and found it lacking. "Even on a freshly installed copy of Windows XP, Spyware Cleaner reports close to a dozen 'extreme risk' and 'high risk' infections that include innocuous items like cookies left by MSN.com and several built-in Windows COM components," he wrote in a January 3 posting. (http://www.sysinternals.com/blog/2006/01/antispyware-conspiracy.html)

Spyware Cleaner has been sold since about 2004 and the product has been marketed via "spam, pop-up ads and deceptive hyperlinks," offering a free spyware scan, the attorney general's office said in a statement. These scans inevitably detected spyware, even when none was present and then instructed users to buy Spyware Cleaner. Once customers had paid the US$49.95 purchase price, the software would then erase the computer's hosts file, which can used by the browser to block unwanted Web sites.

In tests, the state's investigators found that Spyware Cleaner was unable to detect most genuine spyware programs and that it often falsely identified legitimate files as spyware. "We [tested] this on a computer when we had a fresh install and it falsely identified a number of programs as being spyware when really they were not," McKenna said.

If the allegations in this case are true, Secure Computer could pay dearly. The Washington spyware act imposes a penalty of $100,000 per violation, and the company is also looking at penalties of $250 per violation of the CAN-SPAM Act, as well as $500 and $2,000 per violation, respectively, under Washington's antispam and consumer protection laws.

Based on the money that Secure Computer has made off the product, McKenna estimated that thousands of users have been affected and that the penalties will amount "to millions of dollars."