Microsoft announces harder stance against programs with coercive messaging

Martin Brinkmann
Jan 31, 2018

Quick, our trustworthy program found issues that you need to address right now. Look, you have malware on your system which you need to remove asap. All you have to do is buy the premium version of our program or this add-on service to address these issues.

Maybe you encountered programs of the kind before, or helped friends, family or colleagues remove these programs after the fact from their systems.

Fake programs use coercive messaging to get users to purchase premium versions or additional services by using exaggerated reporting, giving users limited time to react, or by suggesting that the program is the only solution for the described issues.

Unwanted programs: coercive messaging

Microsoft's Windows Defender Antivirus solution and other Microsoft security products will classify programs with coercive messaging as unwanted software starting March 1, 2018.

Microsoft updated the software evaluation criteria for malware and unwanted software recently to reflect the change.

Unwanted behaviors: coercive messaging

Programs must not display alarming or coercive messages or misleading content to pressure you into paying for additional services or performing superfluous actions.

Software that coerces users may display the following characteristics, among others:

Reports errors in an exaggerated or alarming manner about the user’s system and requires the user to pay for fixing the errors or issues monetarily or by performing other actions such as taking a survey, downloading a file, signing up for a newsletter, etc.
Suggests that no other actions will correct the reported errors or issues
Requires the user to act within a limited period of time to get the purported issue resolved

Microsoft classified other behavior as unwanted in the past. This includes programs that make "exaggerated claims about the system's health," "make misleading or inaccurate claims about files, Registry entires, or other items on the system," or "decrease computer reliability".

Programs classified as unwanted software may be blocked from being downloaded to the system or installed. Microsoft mentioned furthermore that unwanted software would be removed automatically from Windows systems if detected.

Software developers and companies are asked to validate their applications on the Windows Defender Security Intelligence portal. Windows users and administrators may report programs with unwanted behavior -- be it through coercive messaging or other means -- to Microsoft for evaluation.

Closing Words

It is time that Microsoft puts an end to this practice. While some users may dislike the fact that Microsoft will remove these programs automatically if installed already on user systems, it is probably fair to assume that most users will find this helpful especially if you consider that these programs are snake oil at best. (via Deskmodder and Dr.Windows)

Microsoft announces harder stance against programs with coercive messaging
Article Name
Microsoft announces harder stance against programs with coercive messaging
Microsoft's Windows Defender Antivirus solution and other Microsoft security products will classify programs with coercive messaging as unwanted software starting March 1, 2018.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Supergirl said on February 8, 2018 at 6:56 pm

    What is Microsoft so afraid of..??

    there actions arent rational.

    People dont like to be bullied , do they?

  2. Tree said on February 1, 2018 at 4:46 pm

    I have a paid version of Avast! and receive popups all the time. They try to sell other things. Do not buy their Cleanup product. It has it’s own pop-ups so I used Autoruns to stop it from running. Ccleaner is superior.

  3. Sophie said on February 1, 2018 at 3:21 pm

    No!!! Don’t use it, don’t miss it, don’t want it.

  4. Sophie said on February 1, 2018 at 3:19 pm

    This is mission-creep…..Microsoft have been stealthily doing this sort of thing, and now its ramping up a gear. It is completely unacceptable. They want us to only use their ‘options’. What’s truly laughable about this, is how poor the Windows store is. I use practically nothing of their Apps, yet I have many many wonderful legacy type apps written by the many gifted folk around the world.

    I completely disable Defender months ago. And for a long time, my copy of Windows 10 was resetting everything……..and I mean EVERYTHING….. : each file association that I made, Windows would wreck it, and the notification centre would reset what I had just done. What was really bad about their behaviour, was that as I was installing something, say, a Video software, they would reset other associations that had nothing to do with what I had just installed. For a while, Windows 10 took on a mind of its own, and it was a true battle, trying to get settings to stick.

    They are truly out of their minds!!!!

  5. Zippydsmlee said on February 1, 2018 at 2:12 pm

    Good thing I disabled defender and removed MS’s malware app off my computer… Kas and MWB is good enough for me…

  6. ilev said on February 1, 2018 at 9:42 am

    Anyone use Microsoft’s Windows Defender “Antivirus” ? Really ?

    1. chesscanoe said on February 1, 2018 at 2:37 pm

      I use AVG Internet Security and Defender concurrently on Latest Windows 10 x64 Home version 1709 Build 16299.214 . No conflict; Defender still gives me a Health status and scan periodically. No detections and no false positives from either in a long time.

  7. Klaas Vaak said on February 1, 2018 at 7:04 am

    I don’t see any reason why users need the tutelage of MS. If you have a problem with coercive behaviour by a program, just install it. Why does MS need to decide for us whether it is right or not?? If you go to a shop and have to deal with a coercive sales person there is nobody to get rid of that person for you, you just walk out of the shop.

    Bottom line: MS itself is becoming ever more coercive & intrusive.

  8. ULBoom said on February 1, 2018 at 5:44 am

    I don’t like this at all, it’s another attempt at forcing Win Defender, which they’ve been trying to do lately, on users. On the other hand, it seems like most software advertised online is coercive malware but I can spot it and remove it, so no big deal. Once more the mass of giddy button pushers are ostensibly “protected” at the expense of advanced users.

    I don’t use win defender and won’t. It comes with windows and microsoft shouldn’t care less if users turn it off, it’s free, they make no money from it. They do, however, get a ton of user info from those who leave it on, almost everything you do while on the machine.

    Next, they’ll start forcing that laughably insecure built in VPN, which also is free, on users and scan everything going through it. Who knows what happens to suckers who use the MS VPN setup to install a 3rd party VPN; it’s not necessary at all but there are instructions all over showing that method.

  9. john said on February 1, 2018 at 2:31 am

    Microsoft looks in the mirror and there is no reflection…

  10. dark said on February 1, 2018 at 12:33 am

    Microsoft should make a GNU/Linux distro instead based on Arch with fully open source Windows as a Desktop Environment WDE, with backward compatibility to Windows programs and games.

  11. Stefan said on January 31, 2018 at 11:35 pm

    Will this remove Windows 10 Malware Edition to ?

  12. pHROZEN gHOST said on January 31, 2018 at 9:45 pm

    Coming soon …

    These non-MS products are malware. We have much better products. We are automatically removing them and installing ours. Please do not turn off your PC.

    Your PC is a battle zone.

  13. Rush said on January 31, 2018 at 6:52 pm

    “Unwanted behaviors: coercive messaging, brought to you by the good folks of Microsoft?”

    Oi Vey…..

    ~ GWX Control Panel

    1. Jason said on January 31, 2018 at 10:19 pm

      Yeah, MS have zero credibility on this issue.

  14. seeprime said on January 31, 2018 at 5:44 pm

    I suspect the long term goal of Microsoft is to have ALL software for Windows downloaded from the Microsoft Store, where they take a nice cut of any purchase price. They can control what gets put up on the Store and take it down, if they so desire. MS is now developing the third version of Store only Windows, 1) RT, 2) Windows 10 S, and 3) the in-development Polaris. They keep trying to change how we use our computers. We have a few customers that already are preparing to switch to Chromebooks when their current Windows 10 machine dies and isn’t worth repairing. In our area all the schools use Chromebooks. So, they’ve seen them and used them without issue. At least Microsoft is wise enough to realize that their future is primarily in the Enterprise.

  15. Clairvaux said on January 31, 2018 at 4:37 pm

    Re : banner. Ha ! Following Troy Hunt’s footsteps, aren’t you ?

  16. vosie said on January 31, 2018 at 4:08 pm

    Do you remember for XP Antivirus 2008 and others? They opened endless amount of popus, changed and locked a lot of things in the system, and even changed the background to this to scare the users:

    (My original comment have disappeared after editing, and the other one was posted accidentally, sorry.)

  17. LD said on January 31, 2018 at 3:58 pm

    I’d like to know what it means to register a program with Microsoft. As with joining any private club, there is usually a yearly membership fee. A service fee, as it is called today. If this is indeed the case, it will hurt the providers of free programs the most. Not all of them have a pro or premium version on offer and those that do usually offer a trial period on them. This may mark the end of the count down clock on trials.

    I like the idea though. The scammers must go.

    It all comes down to how the implementation and on-going surveillance works. If the removal or blacklisting of programs is totally Microsoft’s decision, that bothers me. As Microsoft have made this a part of their security policy, it gives them a broader, deeper reach, so users will have to be vigilant.

    1. John Fenderson said on January 31, 2018 at 6:54 pm

      I figure it doesn’t matter, personally — the chance of me using the Microsoft Store is approximately zero anyway.

    2. Sophie said on January 31, 2018 at 4:09 pm

      @LD – yes, very well said…….Microsoft should never be the sole ‘policeman’ of such things, and to be honest, I don’t think this is good practice. Surely the user of the OS is the best person to determine what is right for them. It will also take a lot of telemetry to determine these things in the first place.

  18. AnorKnee Merce said on January 31, 2018 at 3:55 pm

    Isn’t Windows from M$ also a program with coercive messaging, eg GWX KB3035583’s “Upgrade to Windows 10” , “Unsupported hardware; … Your PC uses a processor that is designed for the latest version of Windows. Because the processor is not supported together with the Windows version that you are currently using, your system will miss important security updates.”, etc.?

    “The pot calling the kettle black.”

    1. John Fenderson said on January 31, 2018 at 6:53 pm

      This sort of thing was my first thought, too, except in shorter form: will they apply their “harder stance” to themselves?

      1. Klaas Vaak said on February 1, 2018 at 6:59 am

        MS, like the country where it’s located, is exceptional. The rules apply to all other programs (like to all other countries) but not to me.

  19. BM said on January 31, 2018 at 3:26 pm

    Malwarebytes upgrade prompts?

    Latest reinstall of the “Free” version keeps prompting that the “Free trial” (wasn’t what was advertised on the website) will end soon.

    1. Klaas Vaak said on February 1, 2018 at 6:57 am

      Excellent point. I went for the free trial, and at the end when I did not upgrade it reverted back to the free version, but MB anti-Exploit was gone !

      1. A different Martin said on February 2, 2018 at 2:28 am

        @Klaas Vaak: Do a Web search for “Anti-Exploit Beta” and install that. You’ll find links to it in a dedicated forum on the Malwarebytes Forums. Oh, what the heck. Here’s the forum:

        and here’s the thread linking to what is currently the latest installer:

        It’s actually more fully featured and more configurable than Anti-Exploit Free was, and it works fine with the latest Anti-Malware Free.

      2. Klaas Vaak said on February 2, 2018 at 3:11 pm

        @A different Martin: many thanks for your tip. I was under the impression that MBAE was not available as standalone anymore but only as a part of the premium MBAM. Thanks again :-))

    2. Stefan said on January 31, 2018 at 11:32 pm

      I got that to in one of their versions, even if i did untick the trial…. Rapidly went back to 1.75. Their damn loss…..

    3. Gary said on January 31, 2018 at 3:55 pm

      You needed to decline the trial version when you installed it. After the trial period, unless they’ve changed it, it will revert to the free version.

      1. Sophie said on January 31, 2018 at 4:06 pm

        @Gary – ah, reading BMs post again, I think he is referring to the trial ending and reverting. I think I read it as meaning that even the ‘free’ version would perhaps stop working. Thank you.

    4. Sophie said on January 31, 2018 at 3:44 pm

      Really? Can you say what version you are using, as mine is ‘near’ up to date, but I don’t get that, and I did want to stick with free, as I only want occasional scans at my own instigation, and nothing running in the background.

      That is….unless Microsoft decide to remove it altogether of course!

  20. vosie said on January 31, 2018 at 2:18 pm

    Do you remember for XP Antivirus 2008 and others? They opened endless amount of popus, and even changed the background to this to scare the users:

  21. anon3 said on January 31, 2018 at 2:00 pm

    Another +1 for the first party banner.

  22. flash said on January 31, 2018 at 1:30 pm

    That’s funny. Aren’t some competitive (freemium) anti-virus software exactly the type of software this would apply to? When I think back on my time with this or that free software like Avast, the things that stand out are the pop-ups with messages a well-informed user would just click away in annoyance while someone with less knowledge of the topic might genuinely be scared.

    1. Clairvaux said on January 31, 2018 at 3:04 pm

      You beat me to it. I was wondering whether Microsoft would remove my Avast free anti-virus. Almost at the same time I read this, Avast opened a previously unseen popup, saying : you have xx broken registry entries, xx old programs and xx GB of junk, which are slowing down your computer. Click Resolve to (presumably) give us a chunk of your money. Of course I dismissed the silly thing.

      1. Clairvaux said on February 1, 2018 at 5:11 pm

        I had a look behind my Avast anti-virus popup, and it’s indeed as much of a scam as it seems. Among the “unnecessary programs started at launch and slowing down your computer” are my USB 3.0 driver, several programs I deliberately setup to start at launch because I need them to, etc.

        Among the “unnecessary junk slowing down your computer” are my Windows-made, custom, periodic backups (of course you don’t need backups, do you ?). Then there are many programs I’m supposed not to need (how does Avast know ?), and which are supposed to “slow down my computer” by virtue of just laying down unused on my hard disk, plus the inevitable “registry errors” causing extreme slowness, etc.

        Of course the proposed remedy will relieve you of a few euros every month, and then, being lighter in the wallet, you’ll be able to run faster (or somesuch).

      2. birmingham said on January 31, 2018 at 3:26 pm

        For me it was only a short but complete (and thus scary) browser freeze today until I noticed, oh it’s Aviras inline messaging thing again, giving me another random ad pop-up at snailspeed :)

    2. birmingham said on January 31, 2018 at 2:46 pm

      That’s really funny and I just asked myself if Defender would also uninstall my Avira AntiVir Free, as it almost matches all the mentioned criteria – perhaps in a not so “exaggerated” way like other AV software and “must-have life saving” system tools.
      I guess that might be the end of many free AV and so-called system care products.
      On the other hand I’m sure the well-known AV companies and MS will find a deal to “validate” what’s “unwanted” or not, so it rather sounds like gaining more control for MS and maybe a clean-up in the big AV market swindle.

  23. Yuliya said on January 31, 2018 at 1:09 pm

    Assuming this is part of MSE/MSRT/SmartScreen I like the idea. I haven’t dealt with something similar on anyone’s computer for years, but that doesn’t mean this horrible behavior has gone away.

    +1 for 1st party banner.

    In other news, 7-Zip 18.01 has been released three days ago (:

  24. Richard Allen said on January 31, 2018 at 12:51 pm

    Martin, 1st party banner ad? Excellent! Seriously!

    Stupid question, If I click on the ad and then visit and scroll the page, will you still get credit for my visit when I have javascript disabled? I’m thinking you would. And I assume length of visit plays into it as well.

    1. Richard Allen said on February 2, 2018 at 12:19 am

      Well, didn’t take EasyList long to block the banner ad.

      I was able to allow the banner ad in uBlock Origin by using:
      in “My filters”.

      1. Martin Brinkmann said on February 2, 2018 at 7:37 am

        I wonder why they’d do something like that. The banner is an image, it is not tracking users and it is not making any third-party connections either. Yes, it is an ad, but if that is the only parameter that is valid for them, they should also block any sponsored post and any post with affiliate links on any site.

      2. Richard Allen said on February 4, 2018 at 7:30 pm

        Sorry Martin, and I totally agree. I was surprised when it disappeared and I didn’t know that 1st party ads are being removed. I’ve seen 1st party ads before and it never bothered me but if they ended up being removed by an adblock filter list I never noticed. I tried to login on the Easylist forum and my login doesn’t work anymore, probably been a couple years since the last time I used it. Too many login attempts, I’ll try again later.

      3. Martin Brinkmann said on February 4, 2018 at 7:49 pm

        I guess I’m just tired of groups not seeing the bigger picture. Publishers fail to realize that they need to reinvent advertising on the Internet, and blockers that the blocking leads to the death of sites, the rise of in-text, sponsored texts and other new forms of advertisement that cannot be blocked.

        I just thought today that without all the fees involved in payment processing, users could spend $5 or whatever each month to hand out $0.01 per site if they’d visit 500 different sites per month (which they probably don’t). This would still work for many sites if all users would pay $0.01 per month per site they visit.

        I know, some don’t want to pay at all and that is perfectly fine. But if you think about it, you pay $5 per month and get an ad-free web in return, I’d pay that willingly.

        But micro-payments don’t work if you pay $0.25 or so for every transaction you make.

    2. Martin Brinkmann said on January 31, 2018 at 3:30 pm

      Richard, yes JavaScript plays no role in that. The banner is a test, if it works well it might lead to a full cooperation between my site and Private Internet Access.

      1. Jason said on January 31, 2018 at 10:17 pm

        This is an excellent development!

      2. James said on January 31, 2018 at 3:58 pm

        I find it perfect from a user point of view. No privacy issue, no security risk, no hogging resources, not annoying. I hope it works out from your point of view :)

      3. John Fenderson said on January 31, 2018 at 4:56 pm

        I agree. Good job, Martin!

      4. Martin Brinkmann said on January 31, 2018 at 4:34 pm

        I do as well. Speeds up loading of the site and no issues on the user side.

      5. Klaas Vaak said on February 1, 2018 at 6:54 am

        Good job Martin, I clicked on the ad & looked around on their page a bit just so you get the revenu.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.