Victek said:
Malware cannot be stopped "at the source" any more than any other kind of criminal behavior.
I disagree. Just as with every other kind of criminal behavior, if there were no laws, enforcement of those laws, or incentives not to break those laws (getting caught, jail, fines, execution) then criminal activity would be rampant and anarchy would ensue.
Of course total, 100% criminal behavior cannot be stopped. But when there is ZERO effort to stop spam, spyware, and malicious code at the source, it becomes the free-for-all that it is.
Even in law abiding countries, most ISPs do nothing to stop anyone from uploading malware. They may stop someone from sending a thousand emails at once, but then that's why badguys use 1000s of compromised computers, so they can send just 10 infected emails at once from each computer, and fly under the RADAR. If ISPs scanned for malicious code at the source, much would be stopped.
P2P and torrent sites that condone and support illegal filesharing are a major source of malware. These sites
know illegal filesharing is taking place, but turn a blind eye to it. Badguys know that no one is watching and have a heyday. These site are often the launching site for new, yet undetectable, malware.
Malware could be significantly minimized if governments would create and support international law with regard to cyber-crime, but that level of cooperation does not exist yet in the international community.
Exactly, but there are already plenty of existing laws on the books right now that all UN member countries, by being members, have agreed to enforce. But sadly, many don't. They have corrupt government officials watching over corrupt ISPs who turn a blind eye to the badguys. If those countries made even a small effort to enforce those existing laws, it would make a huge impact on what gets distributed on the Internet. And in many law abiding countries, the US for example, our elected officials have not provided law enforcement the resources ($$$) to enforce the laws. Of course, that typically requires raising taxes which most taxpayers balk at. I say, see the 2nd line in my sig.
Also note that in some cases (Iran, North Korea, China) it is the government who are the badguys and who are intentionally distributing malware, DDoS attacks, and other illegal activities. But again, this malicious code is being routed over "friendly" satellites, and transcontinental and oceanic cables owned, operated and regulated by companies in, or by UN member countries.
The big telecommunications carriers who provide the big backbone support around the world do NOTHING to stop the malware. Current estimates show in excess of 90% of the email traffic on the Internet is spam. The big carriers have no incentive to stop spam, they would much rather sell you more bandwidth.
There's plenty of incentive for anti-malware companies to try as hard as they can to minimize malware though, and that's to make money.
Oh? Then why don't they? They don't! The anti-malware companies need malware to thrive, so the threat remains ever constant so user buy their products. They are not trying to stop or even minimize the proliferation or distribution of malware. They are just trying to prevent it from infecting your machine so you don't switch to a competitor.
That's why free products like MSE and Windows Firewall are so important. MS does have an incentive to rid the world of malware.
They failed miserably! Malware has mushroom insidiously, not only in quantity, but in maliciousness and in methods of delivery. And in the meantime, the biased IT media and Microsoft/Bill Gates bashers have relentlessly blamed Microsoft, and not the badguys, or the politicians who failed to fund law enforcement of even the existing rules against malware and software piracy (a major source of malware). 
