Helping people with computers... one answer at a time.
A computer that has suffered from a virus needs a thorough cleaning to be sure all symptoms of the virus are gone. It would have been nice to have an image backup...
Hi, Leo. I ran into a problem this week. I have two computers: one with Windows XP, SP3 and the other with Windows 7 Ultimate. I transferred some of my documents over to the computer with Windows 7 via USB. Unfortunately, the USB had some malware in it, which I didn't know of so when I attached it to the computer, MSE gave an alert about a potential threat. I used MSE to clean the USB and scanned the computer fully and thought that everything was back to normal.
However, from then on, whenever I turn my computer on, it gives me a message that Windows is not genuine. I went to the Microsoft site and one of the reasons stated there as to why such a message appears was that any malware modifies the files in Windows in some manner. I used the System Restore to restore the computer to a previous state, but that didn't work either. What do I do now? Also, if any other piece of malware finds its way into my computer through let's say, the internet, would I need to start over and do everything again because the copy of Windows would become illegal?
In this excerpt from Answercast #30, I look at getting a virus off a computer with a repair install and what may happen with future infections.
A couple of confusions here.
Let's start with what you do next to clean up that machine.
My belief is that the best approach to fixing that particular machine is doing what's called a repair install of Windows. Basically, that involves using the original Windows installation media for the machine; installing Windows but making sure to install it as an update, rather than a clean install.
I have an article on that on the site:Repair install in Windows 7.
Now the other thing I would certainly do is I would backup before you do that install... just in case. By back it up, I mean taking a system image of the entire machine; just in case something goes wrong when you do the repair install.
Now, that leads me to my next comment and that is:
In other words, this is one of the many, many, many things that a regular daily or periodic backup of your system would save you from.
The solution in your case; the "what do you do now" then would be simple: restore your Windows 7 machine to the backup that had been taken immediately prior to it becoming infected and "poof" – it's back to what it was.
Then, you can go through and clean the USB; re-copy the files, whatever it is you want it to do at that point.
Now, if any other piece of malware finds its way on your computer, "Would I then need to start over because the copy of Windows would become illegal?" No.
Microsoft is basically saying that malware, in general, can cause your Windows installation to become invalid. That does not mean that all malware causes your Windows installation to become invalid.
That's not to say that malware shouldn't be avoided – absolutely, you should avoid it for any number of different reasons.
Invalidating your Windows install happens only with certain types of malware, certain variants of malware, certain instances of malware. It's not something that is, to be honest, all that common. I mean, it happens; but it certainly does not happen in the majority of cases.
I wouldn't worry too much about that.
I would absolutely start doing regular backups... because no matter what,
whether it invalidates your Windows install or not, a backup is going to save
you from this kind of stuff every single time.
Next from Answercast 30 – How do I restore a backup to a smaller hard drive?