Ed Bott has been around a while. He did some useful work tracking down a report that 50% of PCs in the world were infected with malware but then attempted to debunk it with an equally biased report, M$’s analysis of infections on its PCs covered by MSRT etc. MSRT doesn’t even scan for the vast majority of malware so it of course comes to a far too-small number around 1%.
According to Wikipedia MSRT is “an on-demand anti-virus tool that scans the computer for specific widespread malware and eliminates the infection”. So many people suspecting their machines were infected will invoke it, just as at Pandalabs, but because MSRT doesn’t even try to scan for the majority of malware but only the current tsunami of trojans, viruses, worms and spyware, it is aiming low.
Another source of information are the tests of effectiveness of malware scanners. The best seem to get 95%+ of the most prevalent few thousand malwares, but there are millions of malwares out there, so 5% is likely the lowest plausible number for share of infected machines. In my own work about half of the XP machines I have scanned show something, usually some trojan that is not active because nothing else appears. Still those PCs are infected and if the trojan becomes active bad things will happen. I believe the 50% number is a lot closer to the truth than 1%. How many people have had to have that other OS re-installed because of malware? That is a very high percentage.
Other reports show a low percentage of PCs are kept updated (illegal copies will have autoupdate off, something like 10% of PCs) and so are very prone to infections. 1% is hilarious. 48% is realistic.
UPDATE Another article appeared supporting Ed Bott: NetworkWorld
I wrote this comment there:
Scanners cannot catch 100% of malware. The best are near 100% on the few thousand most prevalent malwares. There are millions of malwares in the wild. That M$’s Security Essentials finds malware on 5% of PCs is not better information than Panda Labs finding malware on 50% of PCs scanned.
A recent test of M$ Security Essentials found only 50% of 0-day malware at AV-test.org
My conclusion is that infection rates are far above 5% and are closer to 50% than 5%. I think it is reasonable to assume that a PC running that other OS would be certain to install malware without a scanner and a scanner that allows 50% of malware would allow 50% of PCs to be infected, so 50% is about right.