---

Davec33 wrote:

Bombastus - I beg to differ - when I search Aviras forum for "W32/Patched.UC" (using the parenthesis as it will return unrelated stuff otherwise) I get ONE match.

 

 

---

Seriously, just click the link I posted and look at the screen that appears, then click yourself backwards in time on the forum. If your eyes show you 100 threads with the W32/Patched in the title, but a search brings up one result, you can't understand that the search is giving you the wrong result?

Users Complaining about Norton and Zeroaccess, the fact all AV's are struggling and users with other AV's are complaining theirs as well. etc. etc.

Don't worry I now and then give Symantec a piece when something is wrong, and they will agree with that. 

have users noticed this graph and it's title

Source : SophosLabs

The word  Unique

Quads

Q:

> have users noticed this graph and it's title

Are the numbers in this poorly titled graph specific to zeroaccess, or what?

---

joen wrote:

Are the numbers in this poorly titled graph specific to zeroaccess, or what?

---

Yes.  The graph appears in a Sophos White Paper on Zeroaccess, accompanied by this text:

The ZeroAccess rootkit is a dangerous threat that has been circulating for several years. SophosLabs has recently seen the number of machines infected with ZeroAccess increase sharply as there has been a proliferation of samples appearing in the wild.

The title of the graph refers to the fact that tens of thousands of unique individual Zeroaccess variations have been released into the wild, and the rate is increasing.  Each new sample is designed and tested by the malware authors to be undetectable by AV products at the time it is released.  The graph shows how busy the bad guys have been.