However, that's one of the first things researchers at Kaspersky Labs found after purchasing and firing up a Companion Touch netbook, a $499 portable from M&A Technology. Kaspersky researcher Roel Schouwenberg told Computerworld that his colleagues noticed "something strange was going on".
Indeed, three malware programs were found on the netbook.
"This was done at the factory," said Schouwenberg. "It was completely brand new, still in its packaging."
With a little more digging, Schouwenberg found multiple Windows system restore points, typically an indication that the machine had been updated with new drivers or software had been installed before it left the factory. One of the restore points, stamped with a February date, included the malware, indicating that it had been put on the machine before then. And the malware itself hinted how the netbook had been infected.
"In February, the manufacturer was busy installing some drivers for an Intel product in the netbook," said Schouwenberg, citing the restore point. Among the three pieces of malware was a variant of the AutoRun worm, which spreads via infected USB flash drives.
"The USB stick they used to install the drivers onto the machine was infected, and [it] then infected the machine," said Schouwenberg. Installed along with the worm was a rootkit and a password stealer that harvests log-in credentials for online games such as World of Warcraft.
M&A Technology, which is based in Carrollton near Dallas, specializes in providing computers for education. The Companion Touch is a ruggedized netbook designed to be handed out by schools for students to take home.
M&A is relatively small - most brand-name computer makers don't update their products' drivers with USB flash drives. Still, this story can serve as a cautionary tale, particularly for those buying computers from so-called "white box" and custom-build vendors. You never know what the level of quality-control is going to be like in a small shop.
But malware can bite even big names. Samsung sold some digital picture frames last year that came with a little something extra - a Trojan downloader. It was included on the CD that contained Windows-based software for managing the frame's content. And in 2006, Apple shipped a handful of iPods that included a Windows virus.
Schouwenberg had some advice for those starting up a new machine:
Did you like this post? Leave your comments below!
To ensure that a new PC is malware-free, Schouwenberg recommended that before users connect the machine to the Internet, they install security software, update it by retrieving the latest definition file on another computer and transferring that update to the new system, then running a full antivirus scan.
"That's the best course of action, even though it sounds like a lot of work," said Schouwenberg.
Found this Post interesting? Receive new posts via RSS (What is RSS?) or Subscribe to CR by Email