Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Question about rootkits


  • Please log in to reply
3 replies to this topic

#1 jjng

jjng

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:04 AM

Posted 07 November 2009 - 10:16 PM

Is it possible for a refurbished/factory-reconditioned computer system to come with a rootkit infection? I purchased a refurbished laptop (IBM Thinkpad T43) from Overstock about 3 months ago, and have been having problems with it since. It did not come with any discs, and the first time I turned it on, it automatically ran an installation of Windows XP off the hard drive.

If Overstock will not replace the computer (I'm not too hopeful), I've already decided that I want to just reformat and reinstall the OS. Will this guarantee that the rootkit is gone, or is there a chance it will still somehow be in the system? Here's the original thread where I posted about this. Didn't get an answer to my last post there, so figured I'd try again. Using an old laptop now - haven't turned on the infected one since I realized how serious the problem was.

http://www.bleepingcomputer.com/forums/t/267026/need-help-rootkit/

Thanks!
Jennifer

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,087 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:04 AM

Posted 09 November 2009 - 12:08 PM

Did they did a reformat and reinstall (clean install) the OS or just do a repair install? Reinstalling Windows without first wiping the entire hard drive with a repartition/reformat will not remove the infection. The reinstall will only overwrite the Windows files. Any malware on the system will still be there afterwards.

Any company that would sell infected machines would not be in business very long, so I doubt a rootkit was on the computer when you purchased it.

BTW, since you already were receiving help in that other thread, you should have continued there. You should not start new threads or duplicate topics as this causes confusion and makes it more difficult to get the help you need to resolve your issues. It appears I missed the notification on your last reply but you could have replied again to bring it back to the top. I have now closed that thread to avoid confusion.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 jjng

jjng
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:04 AM

Posted 09 November 2009 - 11:51 PM

I contacted Overstock.com's tech support, and they had me run IBM Restore and Recovery, which reformatted and reinstalled WindowsXP. I chose the settings to not backup anything, wipe all files, and restore to original 'factory condition.' This was done off of the computer itself since it didn't come with any discs. Do you think this will be adequate to get rid of the rootkit? How would I know? The tech support rep I spoke with wasn't specifically familiar with rootkits and said that she couldn't guarantee the problem was gone, but said that it "should" take care of it.

Since running the restore, I installed AVG and ZoneAlarm from previously downloaded files before even connecting to the Internet. Just connected to update both programs and run Windows Update. I'm hesitant to do much more with that laptop and am still using my old one. I'm also wondering if there is any risk to my old (clean) laptop since I use a wireless router to access the Internet with both computers. Maybe I'm just being paranoid now, but I obviously don't understand how viruses get onto computers and I have no idea how my new laptop got so many problems.

Thanks, and I'm sorry about the new thread - will make sure I continue in the same thread from now on.

Jennifer

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,087 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:04 AM

Posted 10 November 2009 - 08:29 AM

they had me run IBM Restore and Recovery, which reformatted and reinstalled WindowsXP. I chose the settings to not backup anything, wipe all files, and restore to original 'factory condition.'

That should work unless the recovery partition was infected which sometimes can occur. If you immediately become reinfected, you will need to recontact the manufacturer, explain what happened and ask them to send full recovery disks to use instead.

Maybe I'm just being paranoid now, but I obviously don't understand how viruses get onto computers and I have no idea how my new laptop got so many problems.

Read How Malware Spreads - How did I get infected
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users