During the six month study, researchers from Avast have sampled 630, 000 Windows rootkits, to find out that the majority have infected pirated copies of Windows XP.
According to the study, 74% of infections originated from Windows XP machines, compared to 17% for Vista and only 12% from Windows 7 machines. The study also found that rootkits infecting via the MBR were responsible for over 62% all rootkit infections. Driver infections made up only 27% of the total. The clear leader in rootkit infection were the Alureon(TDL4/TDL3) family, responsible for 74% of infections.
With millions of PCs behind the WGA (Windows Genuine Advantage) wall, the number of infections is prone to increase. Not surprisingly, the researchers contribute the limited number of infections affecting Windows 7 to the availability of UAC, Patchguard and Driver Signing in the latest Windows versions.