The laptop was manufactured by Hedy, a large manufacturer based in Guangzhou, China, and purchased in Shenzhen. The other three computers with inactive malware were from "major manufacturers" but Microsoft is not identifying the brands, Boscovich said.

It is believed that the computers became infected after the devices left the factory. In China, many computers ship with just DOS, and an operating system is installed later. "Somewhere in that retail or wholesale supply chain, something happens," Boscovich said.

Consumers in Western countries may not be vulnerable to the kind of tampering, but they do face risks if they download counterfeit software from the internet, Boscovich said.

The malware discovery led to a larger investigation into the Nitol botnet, which was controlled through the domain "3322.org." The domain has been linked to malicious activity as far back as 2008, Boscovich said.

The 3322.org domain contained more than 500 strains of malware hosted on some 70,000 subdomains, Boscovich said. The malware hosted is capable of a range of malicious functions, from turning on a computer's microphone and video camera to logging keystrokes, according to a Microsoft .