I don't think that only users are to blame. The Windows has its part of this as so many vulnerabilities and exploits exists that if you open a simple out of the box Windows on the network you'll be infected immediatelly without doing anything.

What it freaks me out is that instead of redesigning the security system in a way that prevents this kind of attacks they created a detection tool which most often do not do anything except then detect the intrusion.

This sounds like you'll give to the guys having AIDS aspirin, at least they do not have problems with the headeaques anymore.

Hi,
interesting article. I wonderthough if the percentage of rootkit finds were low due to the very nature of rootkits...they hide themselves. It is true to say that many are distinguishable via signatures but there are many that use new techniques and methods that can subvert scanners.

Maybe Microsoft should ask each person whose PC was scanned a question like Have you noticed any further malware activity, popups, increased network activity, etc.. on your PC since a scan was run?

Rootkits are too obvious a tool for malware authors to ignore. I dont think they are and the rootkits are doing their jobs.

The Microsoft report says that, on average, 1 piece of malware is removed from every 311 PCs scanned: "On average, the tool removes at least one instance of malware from every 311 computers it runs on."

How does that become (in your article), "with six out of every ten computers scanned by the Windows Malicious Software Removal Tool found to be infected [with a malicious bot]"?

It sounds like 1 out of 311 PCs are infected to me :) The "6 out of 10" figure was, I assume, derived from the statement that 62% of infected PCs are infected with a backdoor trojan. So, that's 62% of 1/311, which is 0.2% of PCs scanned, or 0.02 out of 10.

That's a big error!

Reread the article. It says that of all infected computers, 62% had bots. Within the scope of infected computers, that's pretty significant.

Yes, you are right that 1 in 311 computers in this study were infected at the time of scanning. 0.3% is still a large number.

no no, you are misinterpretting the results.

1 malware is REMOVED on 1 in 311 machines.

WMSRT found 6 in 10 machines infected with bots.

malware is found on ALL machines, but maybe whatever method they have on the machine isn't effective, so the threat is not elminated.

That's all its saying.

The numbers are still accurate, according to these findings. 1 in 311 remove the threat, but MS Malicious software removal tool finds that 6 in 10 have bots.

I think it's a bit of both.

I'm a bit wrong, but the article also isn't as clear as it could be. It's not true that, for every 10 PCs scanned, 6 will have a backdoor trojan ("Malicious bots are becoming quite common, with six out of every ten computers scanned by the Windows Malicious Software Removal Tool found to be infected").

It's true that, of all of the PCs ever scanned, at some point in time, 6 out of 10 have had a backdoor trojan.

Regardless, I agree that it's a big number.

Actually, if you do the math right: 16 million pieces of malware found on 5.7 million PCs = 16/5.7 = 2.8 pieces of malware per infected PC. Also, out of 270 million computers scanned in total: 270/16 = 16.8 meaning 1 piece of malware per 16.8 computers and similarly 270/5.7 = 47.4 or one in every 47.4 computer is/was infected. There appears to be no supporting data for the 1 in 311 PCs assertion!

Bots are not the problem.

Idiot users are the problem.

I keep saying..

PEOPLE are the problem.. Bots are the result.

PEOPLE are the problem.. Bots are the result.

I thought the result was kids? Bots would be easier to raise. At least, until they became self-aware....

I thought bots were kids. Self-aware bots, would therefore imply intelligence, and thus "kids" are the new nomenclature.

Intelligence?

Not met many kids, have you?

Just when you think it's fool proof they come up with a better fool.

Microsoft calls them "zombies." :v

Zombies in folklore

In the Middle Ages, it was commonly believed that the souls of the dead could return to earth and haunt the living. The belief in revenants (someone who has returned from the dead) are well documented by contemporary European writers of the time. According to the Encyclopedia of Things that Never Were, particularly in France during the Middle Ages, the revenant or zombie rises from the dead usually to avenge some crime committed against the entity, most likely a murder. The revenant usually took on the form of an emaciated corpse or skeletal human figure, and wandered around graveyards at night. The "draugr" of medieval Norse mythology were also believed to be the corpses of warriors returned from the dead to attack the living. The zombie appears in several other cultures worldwide, including Japan, China, the Pacific, India, and even the Native Americans.

Not just Microsoft. Google it.

what

the

hell?

(Nice to see you can cut&paste from Wikipedia™)

*grin*

Wasn't sure if he was laughing at Zombies or at the fact that they call Bots Zombies running on Microsoft machines...

I wasn't sure he knew what a zombie was.

so I posted it for everyone to see.

Yeah, I plagiarize. It's for a good cause.

Is it too late to switch to the latest MAC?

They have bots on MACS too, Virus, security issues, MACS aren't invulnerable, and if you think so, you are as dumb as the people the don't pay attention to what they are doing on their computers.

Never saw any claim that they *were* invulnerable.

Just seemed to imply that the current landscape looked a tad less threatening in that respect on the MAC side of things.

his post was "swittch". That implies he thinks it is safe. I wanted to set the record straight.

arguably...it is. At least, in comparison to Windows.

...for the time being.

Well look at market share. its what, 10%? That 10% hackers, 10% shareware, 10% of the viruses.. its all relevant. As it gets bigger, so will the attention it gets.

So Windows is the biggest draw. If you have some podunk bank on the left, and Bank of America on the right. Which one do you rob?

You wouldn't go a small bank if you wanted to get some real money. The risk is the same. They both have vaults. Seemingly Bank of America would have better security maybe not. Podounk bank could have better security measures, because they only have 1 location.

In any case, the debate rages on, but its ALL academic. Apple releases security updates to their software just like everyone else. they haven't tested Apple Mac and it doesn't get the attention like Windows, because Windows is everywhere. Therefore, if you were looking to infiltrate a building, you certainly wouldn't send a virus that targets a MAC machine, because you MIGHT get lucky and have 1 user, Windows, you can pretty much guarantee that security machines, servers, the receptionist..would all be on the same platform.

So the MAC has not been proven, and by comparison that's not accurate. There is no real world attempts to infest a MAC machine, it doesn't mean it can't be done, it just means that with only 10% presence, why bother? Its a waste of time.

Exactly.

Which group would a paranoid rather be a part of, the 90%, or the 10%?

The larger, or smaller target?

ok....

name ONE virus or bot that meets the following criteria

a) is NOT proof of concept virus or bot written by an anti virus company

b) runs in osx

c) is spreadable and copyable on its own w/o user input

just name one, that meets those criteria, i dare you to try

whoops double post

You know, I read this article and thought... WOW...

I can't believe Sony has infested 6% of all scanned PC's......... *shakes head and walks away*

That's exactly what I thought, too...

Nah, that's 14%.

and rootkits were also an issue on 14 percent of the PCs scanned

*grin*

That is really funny, so did I. It is said that things come in threes.

Never had a threesome before.

I can't get any of my friends/family to update or scan their PCs ever. I go to there house only to see there still running the original XP version that came with there Dell PC, only half have a virus scanner that never gets updated. BTW they all have broadband AOL and Dell PCs. I think it's just Dell and AOL users that get infected.

Well, it goes way beyond just what you call an "AOL" or "Dell" users. The discussion would take pages and hours to go through, but I really don't have the time and energy to go through it right now.

For the most part, users just aren't informed and when they are given information, it is tainted by the person giving it. Two types emerge, pro MS or con MS. Not necessarily on the side of the user, but those giving the advice on what to do with the PC.

From News(Media), technicians, and the likes of us here, everyone has opinions. Some of us are knowledgeable in giving it and others just claim it. Each effecting how the end-user operates his PC.

For the most part on AOL user's defense, They never knew they were using Windows, just AOL and they had been updating it all along. Don't even mention the fact that the updates from MS were so large that you would have to spend hours downloading. What then, when you were bumped off the system. It was just easier to keep using it.

There will be a change in these coming years as broadband is more accessible. Though the cost of Antivirus, Adware, Spyware removal products increase and the disception that some companies pose, it is still difficult to forecast how these habits will form.

Education is the key, but many won't want to go "back to school" or change their habits on surfing.

well, looks like MS realizes theres a problem with viruses and spyware
took em a while
meanwhile in the real world, we've had spybot, adaware, pest patrol, NAV, AVG, etc. etc...

i like the idea of a MS made scan and removal tool, but i haven't noticed it's better than any other out there.
why can't they just stick to making a more secure OS, and leave the virus and spyware removal to other companies who specialize in this area
hard for others to compete, when MS's is automatically installed with windows update

been using the vista beta lately, still not impressed. :-(

Umm.. viruses are the result of malicious people, not the software. This is like saying cars are the problem with drunk drivers. Drunks use their vehicles to commit the crime, the car is not the problem.

Microsoft Software isn't the problem, its the fact that so many people dedicate their time and use it for ill will. So yes there is a problem with PEOPLE making viruses and spyware, but the OS is fine.

And Microsoft tried releasing an anti-virus a few years ago.. this isn't new, they got SUED by Symantec, and Symantec said it was infringing on their clientel.

The Malicious Software tool isn't designed to REPLACE spyware or be used as an alternate. It's ONLY function is to indentify particularly nasty programs which could interfere with installation and services. That's ALL

Spybot, ad-ware, pest patrol, et.. are all good ideas. MS is NOT interested in becoming the next antivirus software company.

The OS is actually very secure. Consider, a bank is very secure also. You have to PHYSICALLY show up and do something at a bank which is being watched. But if you figure a way to break the security, the vault can be opened, if you know the procedures. 9/11 also showed some glaring security vulnerabilities also..

People don't care about security. It's easy to look around and blame everyone else for not doing security, but its YOUR computer, YOU should take measures to protect it. Not Microsoft, not spyware, not antivirus, YOU!

I can take a machine, ANY machine, I can take a un-patched XP machine, and surf the net. I will never get a syware, a virus, or a bot. Now why is that?

The ONLY difference is *I* know to stay off those "3rd world sites". I don't visit joke sites, and music groups, and use bit torrent, or install programs that allow external access.

Its all basic common sense.

You can't blame Microsoft for making an OS easy to infiltrate, when people will do WHATEVER it takes to break it.

There isn't a single device a man has made that another man CAN'T destroy or break apart.

Its all a matter of time.

still in MS's court eh? :-p

funny thing is, i wasn't meaning to bash MS for having swiss cheese for an OS. i realize it's not their fault people exploit the OS's functions, till they have to write so many work-arounds that it becomes a bloated OS.

i just think MS could leave the bot searching to companies that started up for this purpose. MS could even show them how to better diagnose windows files for viruses. but no, they need to compete with them. cashpool they haven't tapped into yet.

honestly now, i really like my win2000 and xp. (legal copies too :-)
just don't like the way MS operates.
stifles competition.

Then, according to your logic, MS should not develop any additional software but either spoon-feed it to competitors or give them the technology altogether. *shakes head*

The business principles you speak of would cause any company to stagnate or go out of business rather than compete and grow. You would also not make a good businessman.

MS should have not developed OneCare, but should have given that technology to Symantec or McAfee so they could bury it and continue selling their bloated software to the public. Media Player should be left to Real and Winamp; IE7 should be left to Firefox(Mozilla).

Though you say you aren't bashing, you either want us to believe you weren't or too confused to recognize you were.

I believe that the individuals that wrote the code had no intentions or inclinations of the many issues that evolved surrounding their code. In fact, they work harder at ways in which to fix them, and so they will work with the thousands of other programs that work on the system too.

My hat is off to them and their efforts. It would be very silly of me to expect Vista to be perfect out of the box like some demand it to be. The very fact that "no" program is. It is only a matter of time with the "wrong" individual that can change anyones mind. If all the efforst from those attacking MS now were diverted to other programs like Apple, and Mozilla it would only then open the eyes of the blind that point fingers.

IMO

Because we know how well the bot searching companies are doing at their job. Yes, I know, some of the best solutions are the free ones; but the people who only know how to check their email and use google are not going to know about those, and if they do, won't know which ones they can trust.

An interesting idea occurred to me lately, probably due to the larger companies like google and symantec starting to cry foul about competition. Microsoft doesn't stifle competition all the time. In fact, in many cases, they encourage and create competition...it just seems many companies aren't ready to play with the big boys. (And if they didn't bundle IE, how would we download Firefox, Opera, etc...)

"Media Player should be left to Real..."

Ack, Real!!! I am getting flashbacks of some online courses I took in college that required Real Player to view the lectures...I reinstalled windows after those two semesters were over. Still haven't quite gotten the taste out of my mouth.

(Yes, I know athome was not serious when they said that; so nobody point out that it was sarcasm, okay.)

"Microsoft doesn't stifle competition all the time. In fact, in many cases, they encourage and create competition"

i agree, it goes both ways, they just have such a HUGE impact on the market

" (And if they didn't bundle IE, how would we download Firefox, Opera, etc...) "

they could always include a VERY basic browser, and have IE as an extra feature or a paid feature. (didn't take me long to think up an answer to that one eh?)
sorta like notepad, wordpad and MSword

"MS should have not developed OneCare, but should have given that technology to Symantec or McAfee so they could bury it and continue selling their bloated software to the public. Media Player should be left to Real and Winamp; IE7 should be left to Firefox(Mozilla)."

those are your words, not mine
you obviously missed the meaning behind my post
i won't bother explaining myself to you, you probably wouldn't get it anyway

"I believe that the individuals that wrote the code had no intentions or inclinations of the many issues that evolved surrounding their code. In fact, they work harder at ways in which to fix them, and so they will work with the thousands of other programs that work on the system too."

what the hell are you talking about?
that has nothing to do with my post

"other programs like Apple, and Mozilla"

ah,
now i see how far the intelligence goes

People want to surf not tiptoe barefoot through a cow pasture. Microsoft knows the experience is the product, and what they sell is not good.

This is a bit late, but was referring to TheMan's comments. Those comments were in relation to his ignorance of business and pro on the side of MS for developing programs

If your a smart guys that dont go to crappy adware sites, there is mutch bigger change that you wont get this. ^^

Astounding and eye opening, even moreso with the knowledge that there are over 300 million WIndows PC's out there, so many are not scanned at all.

I use my common sense, NOD32 that is disabled from running in background so I just scan suspcious files when I download them and I also use the Windows Firewall plus Adaware, I've had windows installed since december and no problems yet.

It sound like a marketting department is hard at work for Microsoft.
Where is the incentive for MS, I don't get it!!!

A world where the doctors not only heal but also cause the sickness in the first place.
I bet we'd have doctors who are a lot richer.
That may work with lawyers also but it think they may have some form of that working already
in real life.

Great statistics and when M$ start charging 49.99 a pop, are the people who do not protecting their computers suddenly going to shell out the money.
I've used the software and it doen't do a 100%.
I do not like it, it's slow and very intrusive.

Webroot Spysweeper is much better.

Why are their different products one for virus's and on for spyware, who decided not to treat spyware as a virus in the first place?

Frank

Microsoft is the problem.

Why? Perhaps the biggest piece of sypware known to man, Windows Genuine Advantage. If you havent heard it just happens to be a little app that makes your computer phone home to billy and stevy every day. And the bad part is not that its there, because the company can't really do anything but obtain data, the really sad part is, it is foribly installed onto your computer without them ever leading on to the fact that it phones home your computers information every day. And if you have done a recent install of XP, as I have you will notice that you cannot download your what is it, 59 updates that are their without it.

Macs arn't much better. Why? Their arn't many virus' for them, but the ones that are their are much better than the ones on a PC. For instance, one day about six months ago my schools net work, which is entirly Mac whent down. Every singal computer had massive data corruption, and the only thing that the computer would allow you to do is turn it on and look at a pop up box telling the school that they had been hacked. Now Mac doesnt want you knowing thoughs stories does it?

Its really sad when you can no longer trust anyone arround you. Virus', spyware, malware, comeing from who? Not that bad man who live in his mothers basement but Microsoft and Sony. And we're not even going to be able to get arround the internet without paying toll both charges to hop onto a line. Its sad an appaling that we have to live with such things. Exspecially when you pay 100-500$ for a Microsoft product. And a Sony starter laptop will run you arround 1,300$.

*roule des yeux*

Perhaps the biggest piece of spyware known to man? Get real. There are much nastier spyware out there. Don't ruin your argument with such an inane statement.

Yeah it is the biggest piece of spyware known to man when it is distributed by the people who are supposed to be protecting you from spyware.

Nope, you're still wrong. Do you know what hyperbole is?