Windows Malicious Software Removal Tool Observations
Microsoft released a pdf file with the name "MSRT - Progress Made Lessons Learned" yesterday which provides an analysis of the data that the Malicious Software Removal Tool collected during computer scans. The tool itself was executed more than 2.7 billion times on at least 270 million unique computers since January 13th, 2005. In that time, it removed more than 16 million instances of malicious software that it found on computer systems. This means that on average every 311th computer was infected.
Backdoors and Trojans were found on 3,5 million unique computers or on 62% of all infected systems (think multiple trojans on single systems). Rootkits have been found on 14% of all infected computers with 6% identified as the Sony BMG Rootkit. About 80% of the computers were newly infected ones while 20% were computers that had been infected before.
I think Microsoft is making available some interesting stats in the publication. The tool itself can only identify a fraction of the malware that is currently known, and while it can identify many popular malware apps, it means that numbers can be much higher than what Microsoft has uncovered. It is alarming that 20% of computers were infected more than once which can only mean that their users failed to protect their system properly after the last infection.
Microsoft should think about adding an educational component to the Malicious Software Removal Tool that aids users not only in the identification and removal of malicious software but also educates them about it. It could scan the system for vulnerabilities, or provide users with a short list of things they should follow when they are online.
Update: Windows users can download Microsoft Security Essentials for free for their computer system. The program protects the computer against many know threats, but not against unknown threats as it comes without heuristics to detect those. It will however work nicely with other security software installed on the system.
The Malicious Software Removal Tool is also still available. It can be downloaded from this official web address. Please note that it can only remove known and popular threats from your computer.
Advertisement
The Microsoft Windows Malicious Software Removal Tool is definatly detecting and cleaning not enough trojans and virii.