Security check on refurbished computer
August 13, 2021 4:47 PM   Subscribe

Just ordered a refurbished computer. The situation feels pretty amateurish. Now that I've received it, what should I check or do?

Oddities:
- Shipped out late. (They made up for it by paying for overnight shipping when I complained though.)
- Packed in a reused Amazon Prime box (consistent with the theme of reuse, I guess?)
- In the package, the padding included padded envelopes addressed to the seller (instead of Computers 4 U or whatever business name I knew them as)
- Sticker on the computer says i5. I bought an i7. In the system specs for the processor (under "SystemPropertiesComputerName") it says it's an i7. Why the wrong sticker?
- Booting up didn't give me that Welcome schpiel you get on a just-out-of-the-box windows installation.
- I seem to have some office software I don't remember seeing in the listing? (Maybe just forgot?)

I am wondering if I need to do anything to protect against identity theft or to just generally reassure myself that this is on the up-and-up. If it's just a disorganized seller, that's okay, but it doesn't feel entirely secure.
posted by slidell to Computers & Internet (37 answers total)
 
Assuming this is a Windows box:

1) about what you expect from amateurs
2) about what you expect from amateurs
3) not that good a feeling
4) amateurish. It sounds like you got an i7 as ordered
5) worrysome.
6) worrysome more.

I would assume the machine was resold from some other purchase, and the software should be treated as unknown and possibly virus infested. If I purchased such a system, i would immediately to a full erase and install of a new copy of Windows. Don't keep anything of the current contents.

At the least, I would run Microsoft Security Defender and malwarebytes and hope nothing shows up. But given how poorly it was handled, I would assume that not even the seller knows the true state of the software. Start over from a new, clean, erased machine.
posted by blob at 5:12 PM on August 13, 2021 [4 favorites]


Honestly, unless you got an incredible deal, I would immediately return this. You bought "refurbished," and this sounds more "used." If you want to keep it, then I would, automatically, format and reinstall Windows. If you don't have the capability to do that, whether for missing media or loss of license, I would return to my first thought and return it. If you are dead-set on keeping it, I would be wary and figure out any way to reinstall an operating system, whether Windows if you can get it, or Linux if you can't.
posted by General Malaise at 5:19 PM on August 13, 2021


Response by poster: Is there a way to start fresh from what I have or do I just have to return this, do you think? I'm trying to not go buy a new copy of Windows; my budget assumed the computer came with it. Could I do a clean Windows install by, like, (googling...) from the "OEM image" whatever that is? Or by downloading it from Microsoft who could maybe (?) detect it from the current installation?

I of course don't mind that reinstalling Windows would delete things like PowerPoint -- I use this machine for taxes and want to make sure it's not sending my data off somewhere.

Could I contact the seller and ask them to send me a Windows license key (is that the right terminology even)?
posted by slidell at 5:32 PM on August 13, 2021


Response by poster: Oh, and by the way, this is a Back Market seller that has 100 sales and a 4.4 star rating. I just thought I'd mention that, even though I don't think it changes the basic facts.
posted by slidell at 5:35 PM on August 13, 2021


I agree with General Malaise that it sounds like this computer was merely acquired and resold, not actually refurbished. I mean, maybe they blew the dust out of it and deleted some icons off the desktop? 🙄

A possibility that might explain the mismatching i5/i7 is they took several dilapidated PCs and frankensteined them into one. Like maybe they bough a pallet of random mixed junk computers off one of those dirt cheap auction sites, and the i7's case was completely trashed but there was an i5 of the same basic model that wouldn't boot so they just put the entire assembled mobo and drive of the i7 into the case of the i5 or any similar low-hanging-fruit shenanigans one might come up with.

Rhetorical question: If you didn't get the OOBE (out-of-box-experience) then what user account are you even logging into? I wouldn't trust that at all.

I would nuke it and reinstall Windows, but I do this sort of thing all the time, for fun. Assuming the existing Windows is genuine, you don't have to buy another copy, just use the Media Creation Tool from Microsoft and it should work fine.

The other option is just send it back.
posted by glonous keming at 6:00 PM on August 13, 2021 [4 favorites]


Response by poster: I would nuke it and reinstall Windows, but I do this sort of thing all the time, for fun. Assuming the existing Windows is genuine, you don't have to buy another copy, just use the Media Creation Tool from Microsoft and it should work fine.

Okay, I'll give this a try later. Thanks.
posted by slidell at 6:35 PM on August 13, 2021


If the PC has a legitimate copy of Windows on it, you should be able to recover the product key and use it again, either on the same PC or another one. I only ever bought one copy of Windows back in 2002, and reused the same product key on a new PC in 2005, and again in 2008, and again in 2011, then finally sold that PC (along with the windows product key) to a friend. Then you can format your computer and do a fresh install.

Some ways to recover a product key.

Normally formatting the computer is a bit of a pain if you don't have the original installation media. You would have to download a windows installer into a thumbdrive or DVD, depending on what your computer supports, this is slightly complex. Some computer hardware is old enough that it doesn't support booting from USB, or some computers don't have DVD drives.

An easier alternative is to reinstall windows directly - this are instructions from Microsoft. Don't need to create the installation media if you go down this path.
posted by xdvesper at 6:42 PM on August 13, 2021 [6 favorites]


With windows 10 you don't even have to recover the product key. There's an option somewhere under settings to reset the computer to a clean windows install (I can hunt it down in a pinch, but with this messy a situation I wouldn't suggest it), or you can download a copy of windows 10, write it to an 8gb or larger USB key, and reinstall clean, formatting the disk as you go. The key is saved somewhere deep enough in the computer that the installer should find it and not even bother you about it.
posted by wotsac at 7:45 PM on August 13, 2021 [1 favorite]


I once received a factory new computer from a business partner that was in a similar state. He basically bought the cheapest overseas computer he could find and even though it was factory new it booted right into Windows and also had a bunch of folders in Chinese from the results of imaging the computer. I discovered the product key and it was all over the Internet. A universal enterprise key for Windows 10 Pro that was pretty much the same as the cost of the laptop gave it away.

- You should have one of those Windows 10 certified hologram stickers somewhere on the computer or in a packet even if it is resold. Otherwise assume the key is stolen.

- Office itself is pretty expensive, assume that's pirated as well.

- I am not aware of any Windows recovery related viruses/malware from doing the procedure wotsac mentioned but seeing as your computer is potentially compromised I would not trust that procedure.

- I doubt your seller sent you anything with a virus in it intentionally but if they were this sloppy in sending you a PC I would assume they weren't exactly discerning when it came to torrenting software.

- I would ship it back unless you got it for a bargain rate. I'd not trust ANYTHING on this computer, do not sign into gmail or any sites. Realistically any malware is not capturing a small site like metafilter but casting a wide net for everyone who logs into say Google. Even somewhat benign malware like bitcoin miners might be running, so I'd just keep it off and unplugged.

- Installing Windows to a USB key or drive and then formatting the PC is incredibly trivial. If you do not feel comfortable doing it or aren't sure about it then just return the PC. Think of it as if you have to even question whether or not you can do it, better safe than sorry.
posted by geoff. at 8:52 PM on August 13, 2021


Response by poster: Thanks. Leaning toward returning it. Side detail: the Office shortcuts on the desktop were created in 2017 lol. If it was refurbished, it was a long time ago.
posted by slidell at 10:40 PM on August 13, 2021


You bought "refurbished," and this sounds more "used."

Refurbished products may be unused customer returns that are essentially "new" items, or they may be defective products that were returned under warranty (which can be several years), and resold after repairing the defects and ensuring proper function.

A 2017 machine being sold in 2021 is most likely from some office which has switched to home working. Depending what you paid, and assuming you reset windows, this may not be a bad deal but if you were expecting a 6 month old machine then you might want to take advantage of the return window.
posted by Lanark at 3:57 AM on August 14, 2021


When I bought a refurbished machine, the first thing I did was erase the HD and install Linux.

I wouldn't trust any seller claiming a machine is bug free etc. Never chance it is what I was taught.
posted by james33 at 5:37 AM on August 14, 2021


I tried Some ways to recover a product key.

The 'Embedded in the PC's UEFI firmware' method returned nothing. The 'Stored in the Windows Registry' returned a key different from the one included when I purchased a legitimate copy of Win 10. Perhaps both those errors are because the linked Microsoft article is over 4 years old and Microsoft doesn't periodically verify their answers still work.
posted by Homer42 at 6:45 AM on August 14, 2021 [1 favorite]


Best answer: Easiest way to recover the product key from a working installation of Windows is by using the Magical Jelly Bean Keyfinder to ask that installation what it's been registered with.

Given that what you have is clearly an existing Windows installation that is not fresh and has definitely been Used For Stuff, its state of play vis a vis malware is unknown. Therefore, it makes sense to treat it as if it's infected with something very nasty until after you've nuked and paved it. Therefore, do not connect the new box to your local network, not with wires, not with wifi, and do not plug any non-disposable portable storage devices into it until after you've erased it and installed a fresh OS.

Get yourself a couple of new USB sticks, and use a known clean computer to download the Keyfinder installer onto one of them and make a Windows installer out of the other.

Start Windows on the new box (again, do not connect it to your local network), plug in the Keyfinder USB stick, run the Keyfinder installer off it to put Keyfinder onto the box, then run Keyfinder and write down the Windows product key that it reveals, or (preferably) take a good photo of it off the computer screen with your phone camera so you can type it back in accurately during Windows installation. You might actually never need to do this because the required product key might already be flashed into the BIOS EPROM, but it's good to have it just in case.

Pull out the Keyfinder installation stick and dispose of it, either by breaking it with a hammer or by giving it to a friend with a Linux box who knows how to erase it safely. Generally, any USB stick that's ever been plugged into a Windows box of unknown provenance and has not subsequently been competently erased is best assumed to be carrying the vilest imaginable malware.

Next, restart the computer and work out how to get into its BIOS boot options menu. Quite often this involves pounding repeatedly on the F12 key as the machine is starting up, but depending what kind of BIOS ROM your box has it could be different. Once you have practised getting into the boot options menu enough times that you are completely sure you can do it without giving the existing Windows installation any chance of starting up instead: power the machine down, plug in the Windows installer USB stick (preferably into a rear-panel USB socket), then power up the box and use its boot options menu to make it boot into the Windows installer from the stick.

If you see a prompt asking you to "press any key to boot from CD", do it; that's expected behaviour for a Windows installer stick that detects the presence of an existing installation. If you don't press a key to "boot from CD", the Windows installer won't run - it will boot the existing Windows installation instead, and you don't want your nice clean installer stick to risk being infected that way.

Once you're in the installer, you'll want to choose the "Custom - Install Windows only (advanced)" option, because you're explicitly trying to erase everything that might already be on the box. When you get to the step where you're asked where to install Windows, the only option you should pick is "Drive 0 Unallocated Space". If you don't see that option, keep clicking on existing partitions and then clicking Delete until that's all that's left.

After the Windows installer has done the first part of its thing and rebooted at least once, you should be OK to connect the box to your LAN. Note that this time around, you don't want to "press any key to boot from CD".

Why the wrong sticker?

Most likely the CPU got upgraded at some point. Maybe the motherboard did as well. Stickers don't mean anything.
posted by flabdablet at 9:07 AM on August 14, 2021 [3 favorites]


When you get to the step where you're asked where to install Windows, the only option you should pick is "Drive 0 Unallocated Space". If you don't see that option, keep clicking on existing partitions and then clicking Delete until that's all that's left.

To clarify: you want "Drive 0 Unallocated Space" to be the only option presented to you, and then you want to install Windows onto that. Delete everything else even if there is already some unallocated space available from the get-go.
posted by flabdablet at 9:25 AM on August 14, 2021 [1 favorite]


Response by poster: The seller said "It is definitely a fresh Windows installation. I have to create a user account in order to load Windows and get it set up- Windows Updates, driver updates, software installation, etc."

I just wrote back "the shortcuts on the desktop were created in 2017" and included a photo, which probably wasn't the best reply as it isn't conclusive (could've been a clean install all those years ago).

What's the way to convey that this isn't the right way to do things? Also, can I ask for the MS Office keys or registration numbers or whatever? I don't even remember it from the listing to be honest, but I can't go back and look because of the way Back Door works.

I also greatly appreciate all of the how-to material. When I have time later, I may resort to that because I want a computer, like, yesterday, so if I can follow those directions successfully, I might. Am I understanding right that this would eliminate the risk?

Unfortunately I did use wifi. That's it, though, along with the URLs above. Haven't logged in to anything like google or metafilter.

The computer itself doesn't feel super "used" -- the screen and keyboard and all are super clean. There's a little wear on part of the case, but that's it. But someone can do a clean install of everything and install something sketchy, even accidentally.

Thanks so much for all of this help!
posted by slidell at 10:50 AM on August 14, 2021


Response by poster: Sorry for all the updates, but before I go quiet for awhile again, here's the answer from the seller.

"I can understand your thinking. When you install Microsoft Office, it does not add links to the desktop so I drop the links on the desktop from my flash drive as I'm installing it. Here is a screenshot from my computer showing the same files with the same dates. That is when I originally created the links.

"Give this a try- Hit the Start menu and type " cmd " and open the file titled cmd. Then type into the window (or copy and paste) " systeminfo " and hit Enter. This will give you a bunch of info. Near the top, it shows the Windows original install date."

I tried that and it is this January, so that's more recent. Just FYI if this is at all relevant.
posted by slidell at 10:54 AM on August 14, 2021


I'd nuke and pave regardless, just because I prefer knowing that the only stuff on my boxes is what I chose to put there, not what J. Random eBay Vendor thinks is a good way to set them up.

Selling a Windows box that doesn't present the end user with Microsoft's unadorned out-of-box experience on first boot is all of a piece with using random bits of crap for packaging. The installation might be perfectly fine but personally I wouldn't be comfortable assuming so.

"...I have to create a user account in order to load Windows and get it set up- Windows Updates, driver updates, software installation, etc."

Windows 10 does a really good job of installing drivers all on its own. Unless there's some quite obscure hardware installed in this box, there's usually no need to use OEM-provided drivers any more.

Running Magical Jellybean Keyfinder on your vendor's installation should reveal its current Office keys as well as its Windows one.

What's the way to convey that this isn't the right way to do things?

A lack of repeat business.
posted by flabdablet at 12:06 PM on August 14, 2021 [1 favorite]


I'd also be Googling all the product keys that Keyfinder reveals as being in use. If they're fully legit, Google won't find them.

If Google does find them, there's a chance that some of the software your vendor had to create a (no doubt annoyingly named) user account in order to install was key-authentication bypass workarounds, which might well mean that clean installs using those same keys will fail.
posted by flabdablet at 12:15 PM on August 14, 2021


It's not clear to me yet still if this is malice or inexperience (or both) at work, but if you want to do this vendor a solid favor and make their life easier in the future you could suggest to them to research how to use the sysprep utility to enable the OOBE for their refurbs and it would almost certainly decrease their support requests from buyers. Your call.
posted by glonous keming at 1:20 PM on August 14, 2021


Response by poster: Ok so the key (w269n-wfgwx-yvc9b-4j6c9-t83gx) is all over Google. It is apparently related to using a Key Management System. Does that mean I am supposed to depend on some KMS host out there running? And do they have access to the computer in any way?

(When I powered down earlier, I got a message about "Someone else is still using this PC..." That's weird, because I can only see one user. On the other hand, maybe I'm just being paranoid.)

I would like to err on the side of making this work but am starting to not see how I can at this point, is that right? What are the right words to use to get this seller to let me return it? Or is this KMS stuff more okay than it seems?
posted by slidell at 9:37 PM on August 14, 2021


There are two ways for corporate users to volume-license Windows: MAK and KMS keys. Of these, KMS keys are slightly less of a pain in the arse for the system administrator. In a KMS scenario the site runs its own Key Management Server inside the corporate LAN, which centralizes all knowledge about how many legitimate concurrent activations the org has bought licenses for, and the endpoints check their licensing state against the local KMS instead of phoning home to the Microsoft mothership.

There's a set of well known product keys published by MS that tells any Windows installation installed with them to go looking for a KMS on the LAN instead of phoning home to MS.

And of course it didn't take very long for the activation protocol to get reverse engineered, and there are now several open-source KMS implementations from non-MS sources that let anybody put a fake KMS on their own LAN that simply says Yes, You Are Activated to any workstation that asks, without making any attempt to check with MS about how many licenses have actually been purchased. I linked to one of those upthread.

do they have access to the computer in any way?

No. Endpoint Windows installations go looking for the KMS, not the other way around, and all they ever ask of it it is "Am I legit?". What a real KMS is supposed to do is keep track of how many separate Windows installations have asked it that, and start saying No if more of them ask than licenses have been purchased for.

If your vendor has just used one of the publicly available fake KMS implementations to do the Windows install on your box, as it looks very likely to me that they have, then at some point your box is going to go looking for a KMS on your LAN, fail to find it, and then declare itself non-activated and start nagging you about that.

Microsoft Office can also use a KMS server to validate its own installation state. I suspect that if your vendor has pre-installed Office on the box they sold you, they'll have used a KMS key for the Office installation as well.

What are the right words to use to get this seller to let me return it?

"It appears that the Windows installation you have sold me was activated with a volume licensed KMS product key, w269n-wfgwx-yvc9b-4j6c9-t83gx. Please provide me with the original Microsoft installation media, so that I can be sure of owning the retail or OEM Windows product key that licenses it legitimately."

I suspect that they will issue a reply that attempts to baffle you with bullshit, at which point you tell them

"Since you can't or won't provide me with a legitimate product key for this installation of Windows, please refund the amount I paid for this computer and provide a return shipping label that I can use to get it back to you, or I will have no option but to open a dispute with (eBay, Amazon, PayPal, credit card provider) to recover this amount."

I'm as backyard as the next pirate but I have never tried to make a buck out of ripping off MS and I have no time for this kind of cheeky bullshit.
posted by flabdablet at 12:04 AM on August 15, 2021 [3 favorites]


Or, if you got the box at a really good price for just the hardware and you're not interested in any kind of ongoing business relationship with this vendor, you could just eat the cost of a retail Windows license yourself, or jump ship to Linux and free yourself forever from Microsoft's increasingly intrusive and prescriptive corporate behaviour.
posted by flabdablet at 12:15 AM on August 15, 2021


Response by poster: Thanks flabdablet. I've been sent a key that doesn't show up on Google so the saga continues... Thanks.
posted by slidell at 8:53 AM on August 15, 2021


I take it you've still received nothing to prove conclusively that this is indeed a legitimate retail or OEM key, like original packaging for physical installation media or an order confirmation from MS for a key purchased online?

If you want to test that key without going through a full clean installation, and you're willing to trust your vendor not to have sold you a malware-ridden nightmare, the method with the fewest steps is via a cmd window.

Log onto Windows, type cmd into the Search box, and press Shift-Ctrl-Enter to run it as an administrator. You'll be asked to give permission to run the Windows Command Processor with elevated privileges; do.

When the administrator console window opens up, type
slmgr.vbs /ipk wfgwx-yvc9b-4j6c9-t83gx
into it (substitute your new key for that old KMS one) and hit Enter. A few seconds later you should see a Windows Script Host pop-up that says something like "Product key installed successfully". Close that, then connect the PC to your local network, then type
slmgr.vbs /ato
into the administrator console window and hit Enter. A few seconds later you should see a popup telling you activation was successful.
slmgr.vbs /dlv
will display detailed information about the current licensing state of your Windows installation. You could also use that before installing the vendor's recently supplied non-Googlable key if you're curious.

All that said, and even if all that works, I still recommend the nuke and pave.
posted by flabdablet at 9:19 AM on August 15, 2021 [1 favorite]


Response by poster: Thanks... Working on it... Currently needing the seller to send over the Bios administrator password... This is quite the adventure.
posted by slidell at 5:14 PM on August 15, 2021


> Bios administrator password

Aww hell naw. That is absolutely unacceptable. IMO you should do whatever you need to do to get your money back up to and including a chargeback on your CC. This isn't an adventure. Don't accept another word from this shit show of a scam dealer other than "here's your refund and here's your return label."
posted by glonous keming at 6:11 PM on August 15, 2021 [1 favorite]


The situation feels pretty amateurish.

That's kinder than any of the words I'd use to describe it. Four and a half stars for this? Back Market customers are a generous bunch.
posted by flabdablet at 6:26 PM on August 15, 2021 [1 favorite]


If you don't want to return the machine and you also don't want to wait for Clowny McClownshoes to get back in touch, one of these methods will almost certainly remove any BIOS passwords and get you on your way. Personally I'd start with the third one (BIOS reset jumper).
posted by flabdablet at 6:57 PM on August 15, 2021


Response by poster: I think I'm missing why this is where people draw the line, but I did email him to ask the password and will have to return it if he can't provide it. I reserve screwdrivers for non-computer-opening purposes and, where computers are concerned, try to stick to my main skillsets (typing words and clicking mouse buttons).

This isn't that great of a deal -- I have been trying not to return it (a) to save time, (b) because it seems like a nice computer, (c) because I don't know where our packing tape is, and (d) because the Amazon refurbished equivalent only offers a 30 day warranty and seems to have a far worse return policy so I'm a little concerned by that.

What's the best place to buy refurbished computers?
posted by slidell at 10:19 PM on August 15, 2021


I think I'm missing why this is where people draw the line

For me it's not so much drawing a line as watching a Jenga tower made out of opportunities to choose the right way to do things finally fall down as yet another one proves to have been missed.

Or, if you prefer baseball metaphors: Shitty packaging, strike 1. Shitty Windows installation, strike 2. Shitty BIOS configuration, strike 3 yerrout.

I reserve screwdrivers for non-computer-opening purposes and, where computers are concerned, try to stick to my main skillsets (typing words and clicking mouse buttons).

Fair enough, though resetting CMOS settings by moving a jumper or temporarily popping out a battery is pretty hard to get wrong if you've seen it done and exercise a modicum of care, and in my experience nothing bad has ever come from a progressive gentle stretching of my IT skillset.

What's the best place to buy refurbished computers?

Small, local computer shops who source used machines from local schools and businesses and refurbish them onsite, in my experience.
posted by flabdablet at 2:45 AM on August 16, 2021


By the way, once you've hook or crooked your way into the BIOS settings, I recommend finding the one that lets you reset them to what's usually called "optimized defaults". Do that, then find your way to "Save changes and exit" or similar, restart the machine, then get back into its BIOS settings. You should be able to do that without supplying any passwords.

BIOS settings I will usually check/tweak away from typical defaults before performing a clean Windows installation are these:

1. Make sure the date and time are correct.

2. Make sure all SATA controllers are set to AHCI mode, if available. Don't pick RAID mode unless this is one of those weird-ass Dell BIOSes that makes RAID or IDE the only choices. You definitely don't want IDE mode, because that will make hard disk access happen at about half the speed it's actually capable of. Some BIOSes won't let you set AHCI mode for channels that optical drives are detected on; that's OK, optical drives are slow enough anyway that the controller mode will never bottleneck them.

3. Make sure that the alternate boot menu option is enabled, and make a note of the hotkey that activates it on startup. You'll need to pound on that to make the machine boot from the Windows installer USB stick.

4. Set the default boot device to the first hard drive. If the menu structure allows, disable all the remaining boot options so that the only thing the machine will ever try to boot from, unless you specifically activate its alternate boot menu, is the first hard drive.

If you install Windows while the BIOS is set to IDE mode, Windows will install IDE hard disk drivers instead of AHCI hard disk drivers, and if you then change the BIOS setting to AHCI, Windows will refuse to boot because it's just painful that way. You can fix that without reinstalling, but it's kind of a pain in the arse and just getting the BIOS set right before the initial install saves a lot of time and effort.

5. Sometimes there's a "Boot from LAN" or "LAN option boot ROM" option available in the LAN controller's settings, separate from the other boot settings. Disable that to make sure the machine doesn't hang about for an annoyingly long time for an opportunity to boot from the network every time you start it.

6. Change the "AC back" setting in the power options to "Always off". It usually defaults to "Previous state", but if you do actually have a power outage that shuts your PC down, the last thing you want to be worrying about is having it turn itself back on and Do Stuff while you're still in the bathroom putting bandaids on the toe you stubbed horribly while lurching around the house in the dark looking for the flashlight. "Previous state" is OK for headless server machines, but it makes no sense for a desktop PC.

7. If all you're doing is looking at BIOS settings but the machine's cooling fans are doing an impersonation of a medium sized passenger jet aircraft about to take off, find the fan control settings and set all available fans to "intelligent" or "smart" or "adaptive" or whatever your BIOS calls the option to run them only as hard as they need to be run. These settings don't usually take effect until the next start, so make sure they're OK by going through a Save Changes and Exit / machine restart / Enter Setup cycle.

I recommend not picking the "quiet" option in these settings, because it often leaves the CPU running hotter than is really good for it in the long term. If your fans are unduly noisy even when being run at sensible speeds rather than permanently flat-out, replacing them with better-designed and usually therefore larger and slower fans is best practice.

The defaults for the rest of the BIOS settings are usually non-irritating enough to leave alone unless you have specific reasons not to.
posted by flabdablet at 3:28 AM on August 16, 2021


By the way, this advice doesn't apply only to refurb machines. I generally recommend doing a clean Windows installation from an unmodified Microsoft installer even for new machines bought with Windows pre-installed.

In my experience, plain vanilla is absolutely the best flavour for Windows, and a minimally fucked-with Windows installed from Microsoft-supplied media on a machine with a properly set up BIOS always outperforms the value-subtracted, bloated mess that OEMs preinstall in order to fulfil the multitude of partner obligations their marketroids always sign them up for.
posted by flabdablet at 3:40 AM on August 16, 2021 [1 favorite]


> I think I'm missing why this is where people draw the line

Re: BIOS password

There's only a couple scenarios I've personally ever encountered with the BIOS passwords being employed. One is in corporate/enterprise IT, to keep end-users out of places they don't belong. It's not their computer, it's the enterprise's computer. Part of the IT department's job is to safeguard the digital assets of the organization and that can mean keeping users out of the BIOS of the expensive computer.

The only other place I've ever seen BIOS passwords being set is when people take their PCs to small mom & pop computer shops run by some frustrated petty dictator-type, who decides to lock the PC owner out of their own computer BIOS to fuel their administrative power-trip hacker fantasy or whatever. When I encounter those I have the victim take the machine back and have the shop remove the password and advise them never do business with that shop again.

In your case, as for now, that computer is yours, not the IT department's, not the enterprise's, so case 1 does not apply. If the BIOS password is in place because of case 2, well then that's yet another strike against this seller in my book. Either way, buying a refurbished computer should be a turn-key transaction. You absolutely should not be locked out of the BIOS on a computer you purchased.

Personally I suspect that seller doesn't even know the BIOS password, because they didn't set it to begin with. I think a likely scenario is that the BIOS password was set by the previous enterprise owners (case 1), and the reseller never bothered to check and/or remove the BIOS password. Which goes back to the earlier supposition that this isn't a "refurbished" computer to begin with, but a used computer misrepresented as refurbished.

Assuming the seller continues to respond to you, you'll either get instructions similar to what flabdablet provided above on resetting the password, which for me would confirm case 1, or you'll get the actual BIOS password, which would confirm case 2. Either case would be grounds enough for me to terminate my business relationship with this seller, thus my "aww hell naw" comment from before.
posted by glonous keming at 4:03 PM on August 16, 2021 [1 favorite]


You absolutely should not be locked out of the BIOS on a computer you purchased.

Heartily endorsed.

I know that in general AskMe is not the place for back-and-forth conversation, but I would love to read a progress report if you can be bothered.
posted by flabdablet at 1:25 AM on August 17, 2021


Response by poster: Ha ha, happy to provide an update. I was afraid I was nearing the mods' tolerance for back and forth, though I must say that it made this thread 100 times more useful than just sitting back and reading answers, so thank you to everyone for it!

Basically, the seller tried to convince me to reset Windows from within the computer. He didn't try to solve the Bios issue at all, just work around it. I repeatedly said that I'd need to return it if he couldn't provide the password, and he never addressed that directly, so my guess would be that he doesn't have it.

I mentioned why I wanted to reinstall windows. He seems to truly believe that a fully refurbished computer should boot to the desktop so that a new user doesn't have to mess with driver updates or anything. I sent him this article as kind of an FYI. He said again that I could reinstall Windows from within the computer.

Midway through this little discussion, he offered a return label, saying that he likes trying to resolve the problem, but here's a label if I need it, so while we chatted a little more, I have it boxed up and am sending it back.

I ordered a nearly identical one from Amazon refurbished. It has no Office software and costs $25 more, so that's the amount of the discount I was getting.

Keep your fingers crossed for me that it doesn't break or "break" while being shipped, but I'm hopeful. All in all, so far it has gone about as well as it could go given the original situation. Also, hopefully the Amazon one is good and doesn't track me any more than Amazon already does (ha ha).

Thanks so much for all of the guidance throughout this process! I really appreciate it.
posted by slidell at 8:11 AM on August 19, 2021 [1 favorite]


the seller tried to convince me to reset Windows from within the computer

If you can't boot from alternative media without resetting the BIOS password first, then neither could your vendor have done. So if this really is a "clean installation" and not just an old one with assorted pieces deleted by hand, then the fact that it's still got a BIOS password set on it is solid evidence that a reset from within Windows is the way your vendor did it, and that process does nothing to assure that malware lurking within the old installation has no opportunity to reinstall itself in the new one.

I think you've made a sound choice here in upgrading a lack of repeat business to a lack of any business. This asshat has already cost you way more than $25 worth of wasted time.

hopefully the Amazon one is good and doesn't track me any more than Amazon already does

I can only repeat my strong recommendation to do your own Windows installation on it using your own boot media containing a plain vanilla Windows installer downloaded from Microsoft, along with the Windows product key that any reputable vendor will make sure you're supplied with for a box that comes with Windows preinstalled.
posted by flabdablet at 9:09 AM on August 19, 2021 [1 favorite]


« Older Help with kaput capacitor   |   The Noise Problem Is Coming from INSIDE the House!... Newer »

You are not logged in, either login or create an account to post comments