The study identified several computers carrying malware loaded onto them before reaching a customer or end purchaser, including a virus dubbed Nitol that steals personal details to help criminals steal money from online bank accounts, the BBC reported Thursday.
In a report describing its effort to disrupt a botnet of Nitol-infected computers, Microsoft said cybercriminals had taken advantage of insecure supply chains to get viruses installed on PCs after they were manufactured but before reaching purchasers.
The viruses were uncovered when Microsoft investigators bought 20 PCs -- 10 desktops and 10 laptops -- from different cities in China.
Four of the computers were found to be infected with malicious programs even though they came straight from the factory, Microsoft said.
The four viruses were included in counterfeit software some Chinese PC makers were installing on computers, it said.
"We found malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim's home or business," Richard Boscovich, a lawyer in Microsoft's digital crimes unit, said in a blogpost.