Tens of millions of users said to have benefited from Redmond’s anti-crapware initiative

Junkware, crapware, bloatware – three words no one wants to be uttering on a Monday, for the likelihood is that they will conjure up images of a somewhat depressing past.

It’s not so long ago that the Windows ecosystem was plagued with ‘free’ anti-malware or system optimizer programs that subsequently strong-armed users into paying for errors to be removed from their PC.

It may have been a while since you came across such deceptive software. And if so, you can thank Microsoft’s security team, which has continued to clamp down on coercive practices in a bid to protect users from being duped.

In March last year, Redmond implemented new changes to its anti-malware evaluation criteria.

Under the initiative, Windows Defender Antivirus and other Microsoft security products started to classify programs that display “coercive messages” as unwanted software, which would be detected and removed from users’ PCs.

“There has been an increase in free versions of programs that purport to scan computers for various errors, and then use alarming, coercive messages to scare customers into buying a premium version of the same program,” Windows security researcher Barak Shein said in a blog post last year.

Working for the clampdown

Twelve months on, The Daily Swig spoke with Tanmay Ganacharya, general manager of Windows Defender Security Research, who said Microsoft’s updated evaluation criteria has helped protect millions of users.

“We’ve seen great success over the last year with this initiative that resulted in tens of millions of customers becoming protected,” Ganacharya said. “We found that most of the applications blocked actually described themselves as systems optimizers.”

Talking us through the process of how potentially deceptive software is blacklisted, Ganacharya said apps can be flagged in numerous ways.

“Our products monitor the behaviour on a user’s system and, at times, some of these behaviours can be considered malicious or unwanted,” he explained. “Our customers are also sending us files they believe should be reviewed.

“We have a number of machine learning models that can identify files and applications based on the behaviour and reputation. If our automation or indicators have enough confidence of malicious behaviour or poor reputation, our products will block the application.

“If there is not enough confidence for an automatic blocking, the application or file will be reviewed by a researcher. This review process can vary in length.”

As we reported last year, there’s a certain sweet irony to the notion that freemium junkware apps claiming to help clean up a user’s PC will now be consigned to the recycle bin.

However, while the move continues to help keep deceptive software developers out of the Windows ecosystem, hope is not lost for those legitimate app creators whose products may have mistakenly been flagged for removal.

“If a developer believes that their application is in line with our criteria and their application is being detected, they can let us know by visiting here to submit an inquiry,” said Ganacharya.

“After submission, the application will be reviewed and feedback will be given to the developer.

“Because we focus on the behaviour and reputation of files and applications, if a developer can change the application to be compliant with our criteria it should no longer be detected.”

He added: “Our criteria is always being reviewed. We take feedback from our customers and the rest of the industry and review if our criteria best protects our customers.”