Taking my theory here a step further, I'm guessing that the reason these potential threats were being included was to attempt to show the skeptics that OneCare is really protecting them. We've heard the complaints from a few that they haven't seen anything actually happen, so they're wondering if OneCare is really doing anything.
The funny part is that if OneCare is really doing its job, the typical user really shouldn't ever see more than an occaional firewall alert about something new accessing the Internet. Only those who tempt fate by opening questionable email attachments or browsing risky web sites should even see an AntiMalware alert in most cases.
This is the paradox of truly good protection, it's not noisy unless it has to be. Unlike the antispyware that alert every time they find a 'bad' cookie, OneCare reserves this for real issues that deserve the user's attention.
Finding this balance is the difficult part and the Monthly Report looks to me like the Onecare attempt. It tries to inform the user what OneCare has been doing without inflamed scare tactics or spurious alerts. How to do this without adding the very complexity it's designed to avoid is the deeper issue though.
I've experienced exactly the kind of confusing graphs and sketchy explanations we've seen so far in the sophisticated vulnerability scanner reports of the several products I've worked with. That's why we can make good money explaining these reports to customers, the information is right there in front of your face, but totally obscured at the same time.
I believe the flaw is inherent in the attempt to 'quantify', which is a management (read 'Bean Counter') approach, rather than really trying to explain what's happening. In this case, the offending 'number' appears to be nothing more than a count of "We don't know what these are yet" items that would be better off ignored [by the user] until they're identified. I haven't really tried to analyze any of the other entries yet, since I truly have almost no interest in this information in the first place.
I don't know what might really be of interest or value to the non-technical user, but I'm almost sure that these numbers aren't the answer. More likely, they'd care whether all of the most recent viruses displayed in the news had been added to detections and an even more useless count of how many new malware detections have been added in the last week/month. Again, I don't really care about any of this myself, but it would depend what the purpose behind the report is supposed to be in the first place.
All of the information presented is simply a summary of existing entries in the Support Log, or more accurately in the OneCare database. Which of the items there actually generate interest would be valuable to know. I personally only care that the product blocks malware, either automatically, via reduced vulnerability or by requesting my input when the potential threat is unknown.
OneCareBear
