Helping people with computers... one answer at a time.

A computer that has suffered from a virus needs a thorough cleaning to be sure all symptoms of the virus are gone. It would have been nice to have an image backup...

Hi, Leo. I ran into a problem this week. I have two computers: one with Windows XP, SP3 and the other with Windows 7 Ultimate. I transferred some of my documents over to the computer with Windows 7 via USB. Unfortunately, the USB had some malware in it, which I didn't know of so when I attached it to the computer, MSE gave an alert about a potential threat. I used MSE to clean the USB and scanned the computer fully and thought that everything was back to normal.

However, from then on, whenever I turn my computer on, it gives me a message that Windows is not genuine. I went to the Microsoft site and one of the reasons stated there as to why such a message appears was that any malware modifies the files in Windows in some manner. I used the System Restore to restore the computer to a previous state, but that didn't work either. What do I do now? Also, if any other piece of malware finds its way into my computer through let's say, the internet, would I need to start over and do everything again because the copy of Windows would become illegal?

In this excerpt from Answercast #30, I look at getting a virus off a computer with a repair install and what may happen with future infections.

Repair install

A couple of confusions here.

Let's start with what you do next to clean up that machine.

My belief is that the best approach to fixing that particular machine is doing what's called a repair install of Windows. Basically, that involves using the original Windows installation media for the machine; installing Windows but making sure to install it as an update, rather than a clean install.

I have an article on that on the site:Repair install in Windows 7.

Backup image

Now the other thing I would certainly do is I would backup before you do that install... just in case. By back it up, I mean taking a system image of the entire machine; just in case something goes wrong when you do the repair install.

Now, that leads me to my next comment and that is:

  • All of this could have been avoided if you had simply had a backup!

In other words, this is one of the many, many, many things that a regular daily or periodic backup of your system would save you from.

The solution in your case; the "what do you do now" then would be simple: restore your Windows 7 machine to the backup that had been taken immediately prior to it becoming infected and "poof" – it's back to what it was.

Malware infections

Then, you can go through and clean the USB; re-copy the files, whatever it is you want it to do at that point.

Now, if any other piece of malware finds its way on your computer, "Would I then need to start over because the copy of Windows would become illegal?" No.

  • All malware doesn't cause this scenario.

Microsoft is basically saying that malware, in general, can cause your Windows installation to become invalid. That does not mean that all malware causes your Windows installation to become invalid.

That's not to say that malware shouldn't be avoided – absolutely, you should avoid it for any number of different reasons.

Invalidating your Windows install happens only with certain types of malware, certain variants of malware, certain instances of malware. It's not something that is, to be honest, all that common. I mean, it happens; but it certainly does not happen in the majority of cases.

I wouldn't worry too much about that.

I would absolutely start doing regular backups... because no matter what, whether it invalidates your Windows install or not, a backup is going to save you from this kind of stuff every single time.

Article C5526 - June 28, 2012 « »

Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.