The advice about installing the OS yourself to avoid a "pre installed"
root kit will *almost* guarantee that an RK will not be present.
BUT, there are other methods that can be used by a computer manufacturer
that are almost impossible to detect. In one scenario, the root kit can
be installed to a layer between the hardware and the OS which is called
a hypervisor -
http://searchsecurity.techtarget.com.au/articles/27889-Is-it-possble-to-un-install-a-rootkit-
" A rootkit hypervisor is an even more powerful and dangerous beast. A
hypervisor is a layer of virtualisation software that runs between the
operating system and hardware, acting as a virtual machine monitor. A
rootkit hypervisor doesn't rely on hacking the kernel. It takes control
by running the original operating system in a VM or virtual machine. By
controlling the complete universe in which an operating system runs, it
can deceive any operating system running inside it, thus defeating any
security defenses running on the guest VM. This means there's really no
practical way to detect it except through extreme measures. "
The following article provides a detailed explanation of RKs and the
differing types, of which there are at least 5 :
http://www.anvir.com/rootkit.htm
" Here's lookin' at you, kid "
MowGreen
================
*-343-* FDNY
Never Forgotten
================
banthecheck.com
"Security updates should *never* have *non-security content* prechecked
Sam Spade wrote:
> I just ordered a new pc from a small system builder. It will have Windows 7
> Ultimate.
>
> I'm not accusing anyone of anything, but how can I tell whether it comes
> with a rootkit installed?
>
>
>
/technet.microsoft.com/en-us/sysinternals/bb897445.aspx>