Microsoft: Trojans like USA, worms prefer Brazil!

Following the public release of Microsoft Security Essentials a few weeks ago, Microsoft has combed its data and released an interesting set of results showing how different infections apply across the 19 countries in which the software is available. This is how the breakdown of threats fell across those countries:-

According to the data, trojans come up as the number one detection in the USA, worms affect Brazilians the most, and China is mainly affected by potentially unwanted software threats.

Breaking the results down into particular threat families, the Wimad trojans and FakeXPA trojan are the top culprits when it comes to infection in the USA. Brazil is mainly infected by the Conficker worm and the Taterf worm, and China's software exploits include Shellcode and IFrameRef.

In total, around 4 million threats were detected on the 500,000 machines the survey included. This equates to around 8 detections per machine, suggesting that most machines had multiple threats.

Interestingly, 44% of machines that use Microsoft Security Essentials are running Windows 7, which isn't due for release until October 22. Of those, about one-third are running in 64-bit mode.

The most detections were found on machines running the ageing Windows XP, and the least on Windows 7, which Microsoft suggest follows the typical trend of seeing fewer threats on newer operating systems.

Microsoft Security Essentials is currently available for download for Windows users at

Report a problem with article
Previous Story

Windows 7 vs Snow Leopard benchmarks

Next Story

Microsoft opens Kid's Corner programming education website


View more comments

I think the pirated versions can get the critical updates but the general fixes and patches are only available if you have the WGA patch installed. At least that what it seems like when I end up patching machines for people that haven't updated in 5 years.

I should note that in Windows 7 if you don't activate you absolutely stop getting updates so you must activate to continue getting updates. You can continue using the OS without activating and end up with the black background but as I said, the updates stop appearing. You could do it manually I suppose.

Or maybe they're also scared to use windows update because they think MS will kill their pirated copy? You can't expect everyone to know it's ok or not to use WU.

alex3299 said,
Using a pirated version or a original version of windows is the same, the only difference is the activation code.

kpl update is the main reason.. wpa kill kill. kills the wpa kill and makes it a black screen saying your a theif thisis stolen

Neowin didn't note the stats.

Although installations were:
33% Windows XP
23% Windows Vista
44% Windows 7

Infected machines were:
52% Windows XP
32% Windows Vista
16% Windows 7

The limitation of course is that we don't know how old those installs are, but they did report a trend showing that machines with newer service packs and more updates were, on average, less infected.

What it really showed was that UAC on Vista works and all the nerds using Windows 7 before its even released are obviously less likely to be susceptible to Viruses and Worms and such.

This doesn't show UAC works. Excluding Windows 7 there are about 40% infected Vista machines.Thats a pretty high number imo. And I agree that the main reason because Windows 7 has less detections is that the people who are using WIndows 7 are not main stream users i.e. mostly people who know a bit about computers and who dont think the big blue icon gets them to the internets and emails. These stats would make more sense when MSE has a bigger install base among home users.

MS survery has nothing to do with "infected machines" I had many trojans and worms on my PC but none of those infected me and my PC was never compromised.

The presense of harmful code on the machine does not indicate it been infected.

Beastage said,
MS survery has nothing to do with "infected machines" I had many trojans and worms on my PC but none of those infected me and my PC was never compromised.

The presense of harmful code on the machine does not indicate it been infected.

Oh so what you mean is you had pirated copies of software and the infected keygens that go with them.

For those who have seen the "Whats a browser" videos, this should be the next question. Whats Windows Update? and Do you know how to use Windows Update? I'm sure the result will show really why these issues exist and why many pc users have no clue what so ever.

TechGuyPA said,
What's Windows Update?

Windows Update provides a user interchangeable service directly to the client by means of various telecommunications mediums, whereby installations of unique modules are redistributed purposely to the user interface of downdated customers. This security paradigm shifts the burden of quality control to the server subsystems.

"user interchangeable"?

Interchange definition:
1 : to put each of (two things) in the place of the other
2 : exchange

Does that mean we can exchange users with Windows Update? Lol

"In total, around 4 million threats were detected on the 500,000 machines the survey included."

CORRECTION: 4 million threats were found on 500,000 infected machines. The survey covered 1.5 million machines.

DerAusgewanderte said,
they like to invade other countries with tricky methods ;)

Yeah, nothing trickier than coming over your border with a bunch of tanks and planes.

Windows 7 prices in Brazil are a shame, for instance. And yes, people do turn off WU. When will MS start to give the same discounts it gives to other countries? No family pack, same Vista prices and no FX reflection of the dollar worldwide downfall. Many users want to stop pirating Windows, but MS seems to ignore them.

As far as I know, there are two forms of updates (assuming that the services are set correctly). Automatic updates that patch certain important flaws; but the software needs to have passed genuine advantage to install ALL patches. This is the confusion at the start of the comments, which is VERY misleading.

Now, if someone has installed MSE, it suggests that they are up to speed with new releases of MS products. They will have already patch the PC. Therefore it doesn't explain why regular patching, and MRT is not keeping this garbage at bay - if you believe the stats are straight (which I doubt... There is undoubtedly a bit of Win7 marketing going on here).

Another thing I'd like explained is why is MSE a whapping 50 Mb download (inc signature), when Malware Bytes works great, and can do the lot with a 6 Mb download (3 Mb for the program and 3 Mb for the signature update) Why is Microsoft's offering so huge, especially considering they know the O/S, files, file system and registry inside out!

Commenting is disabled on this article.