Dell Laptop Possibly Infected Seriously

Hi my name is Mike and I'm a college student. I will try to explain my problem as best as I can. Recently over my christmas holiday I sent in my laptop to Dell, it is a Dell Latitude D820, because it needed a new motherboard as well as palm rest. Both of those were replaced leaving all the original hardware in it. I just received it in the mail a few days ago. When I restarted the computer I had a blue screen on startup. I decided that because the motherboard had just been replaced and it was essentially a new computer, that I should reformat it so that it could be fresh. So I decided to reformat it. I know I had viruses on it when I sent it in so was planning on reformatting it anyways. After reformatting it though I still had problems. When I first started up windows I decided to do the windows updates. I noticed though that the laptop was being very slow after the updates. I then decided to check for malware, specifically rootkits, so I used combofix to do that. The reason I used combofix was because I once had a rootkit before and couldn't remove it by reformatting my laptop and after instruction on a blog like this was told to use combofix. After using combofix and turning off my computer and restarting it my laptop would go to a bluescreen each time I started it again. I then decided to reformat it again thinking that perhaps I did something to it when using combofix. I reformatted it again and then did the windows updates but was still having problems. I decided to try another rootkit program called rootkit revealer. It found some files and said that it cleaned them up. It seemed to be working until I restarted it and it bluescreened. I then decided to reformat it again and still had problems after the updates and then reformatted it again this morning. I ran the windows updates again this morning. This morning the updates were better than before but now I get the bluescreen when I restart my computer again. Like I said, I once had a similar problem about 2 years ago and joined a blog like this and was told that I had a serious rootkit and was given instructions on how to remove it. I'm not sure if it is a rootkit, but I think I have something which will not go away when I reformat my laptop. As I said previously, I'm a student and need to use this computer for school. Fortunately because the semester has just started and classes are not heavy I can go without it. Do you think that you can help me?

After a ReFormat and Install there should be no malware,except a possible MBR infection.
Using ComboFix unassisted is not recommended and may have altered something.


To check for and confirm the MBR rootkit.


Please download mbr.exe and save it to the root directory, usually C:\ <- (Important!).

• Go to Start > Run and type: cmd.exe
• press Ok.
• At the command prompt type: c:\mbr.exe >>"C:\mbr.log"
• press Enter.
• The process is automatic...a black DOS window will open and quickly disappear. This is normal.
• A log file named mbr.log will be created and saved to the root of the system drive (usually C:\).
• Copy and paste the results of the mbr.log in your next reply.

If you have a problem using the command prompt, you can just double-click on mbr.exe to run the tool.

Edited by boopme, 20 January 2011 - 01:43 PM.

Here is what the log said:

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6000 Disk: TOSHIBA_MK1254GSYF rev.LF001D -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

What do these reesults mean?

Edited by coolguy223, 20 January 2011 - 02:37 PM.

Nothing there. I suspect a hardware issue. Either take it back or repost this question in Internal Hardware forum and they can test a few things.

Okay. Thanks for all your help. I appreciate it.