Something you never need to do.
You should never need to buy a new computer because of malware.
I regularly hear from people with machines infected with varying amounts of malware. Their computer is crippled, and they just want it to work.
If that’s you, and you’re at the point where you’re considering getting a new computer because of it, STOP.
Before you get out your credit card, allow me to clear up some confusion and possibly save you some cash.
Become a Patron of Ask Leo! and go ad-free!
Fixing malware doesn't require a new computer
Repairing a machine infested with malware doesn’t require purchasing a new computer. Malware is just software, and software can be erased. If traditional anti-malware tools fail to erase the malware, then a complete reformat and reinstall of Windows, or a restore to an image backup taken prior to the infestation, will.
Hardware versus software
The fundamental concept getting lost here is the difference between computer hardware and computer software.
Your computer — the box, the power supply, the hard disks, the monitor — are all hardware. They’re physical things you can see, touch, and feel.
Windows, your applications, your data, your pictures, and anything else stored on your computer are all software. They’re simply data — nothing more than a collection of ones and zeros — stored on magnetic, electronic, or optical media.
Malware is software. It’s nothing more than data. Data crafted to cause your computer to misbehave, but data nonetheless.
And data can be erased.
How a new computer solves malware infections
When you get a new computer, besides all that brand-spanking-new hardware, you’re also getting completely new software. That new computer comes with a new install of the operating system. New installations of the applications you use will either be pre-installed on the machine, or you’ll re-install applications you’ve downloaded or purchased yourself.
The bottom line is that when you get a new computer, you’re getting completely new/refreshed software.
Unless you reinstall the malware, the malware is gone, because you’ve started over from scratch.
You don’t need a new machine to do that.
Getting rid of malware without resorting to a new machine
Replacing your computer because of malware is like getting a new toaster because the bread was moldy. Yes, you’ll probably get fresh bread at the same time, and all will be well. But you could have just cleaned your toaster.
You can clean your computer.
“But that’s what I’ve been doing!” I can hear you saying.
Yes and no.
There are several approaches to malware removal. One approach is to run anti-malware tools and follow instructions to remove the malware while leaving your system otherwise (hopefully) unaffected. That’s a common first step … and second, and third, and fourth step, until your patience wears out. And it’s probably what you’ve been doing.
It’s also where many people give up.
There’s another, more drastic step.
The nuclear option
Here’s the 100%-guaranteed five-step approach to removing all malware from your machine without buying a new computer.
- Back up your computing using a complete system image. Yes, you’ll be backing up the malware, but you’ll also be backing up everything else, including everything you care about and everything you didn’t know you needed.
- Reformat the computer. This will erase everything from it, including the malware. It’s gone. This is often part of the next step, but I want to call it out because of what it does.
- Reinstall Windows from scratch from the original installation media.1 You can use the same version, or any version your hardware supports. Heck, you can use any operating system you might care to switch to, for that matter.
- Reinstall your applications from scratch. These are the programs you use that don’t come preinstalled with Windows — office suites, different browsers or email programs, image management tools, and more. This is all up to you and how you use your computer.
- Restore your data from the backup or wherever else you happened to keep it. Do this carefully to avoid re-installing any malware. Generally, data backed up before the malware arrived should be safe.
The malware is gone. You have all new software on your computer. It just works.
It’s almost exactly like buying a new computer, except you didn’t have to buy a new computer.
And it’s all that’s required, even after the worst malware.2
Prevention is best
Naturally, prevention is the best approach to malware: don’t get it in the first place. Internet Safety: 7 Steps to Keeping Your Computer Safe on the Internet has a great overview of the steps you should take to keep your computer — your existing/old computer — safe.
But stuff happens, even to the best of us. That’s another reason I’m such a strong proponent of regular system-image backups. If your machine becomes infested with malware, there are two scenarios where a backup can completely save the day:
- Simply restore your machine to an image taken prior to the infestation.
- Restore your machine to an image you took on the day that machine arrived. That’s like starting over from scratch without needing to reinstall everything that was on the machine that day.
In either case, the malware is gone.
And you didn’t have to buy a new computer.
Maybe you needed an excuse?
There are many reasons to get a new machine. Recovering from a malware infection is not one of them.
If you just want a new machine, then get a new machine. Don’t wait for a disaster to give you some kind of excuse. Switching to a new computer is a much more pleasant experience if you’re not simultaneously trying to avoid transferring over the malware that got you into some bad situation.
You’re also much more likely to make a reasoned choice if you’re not under the gun to get a new machine.
So, sure, get a new machine. Just don’t kid yourself into thinking that you have to do it because of malware.
You don’t.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
Podcast audio
Footnotes & References
1: Or, alternately, use system recovery disks provided by the manufacturer. Or restore a system-image backup that you took prior to the infection, or one you took immediately after getting the machine originally.
2: I know that some will bring up malware that infects/damages the computer BIOS. While they exist, they are extremely rare. It’s extremely unlikely that that you have this problem. And if you do, the BIOS is just another form of software and can typically be replaced/reset without buying a new computer.
Saving data from a heavily infected computer is a bit of risky work. You don’t want to carry the infected part of the data to the new machine. I have used the following steps several times to save friends’ data.
1. Boot from a live CD – preferably a linux cd.
2. Transfer the data and only the data to an empty external drive.
3. Do not transfer any programs and its associated files. eg. do not copy EXE, DLL etc. You can reinstall them from clean source.
4. Take the external drive to a clean PC and scan it thoroughly with all your security software updated with latest definitions. Make sure that it is clean.
5. If clean, then you can take it to the new machine. If infection found in any of the files, let the security program delete it. Or delete it yourself. Take only clean files to the new machines.
Key here is to keep the data from the older infected machine isolated before confirming that it is clean.
– then Nuke the old machine –
I assume you mean DBAN, not destroying a good drive.
get a good antivirus such as avast home. it doesn’t cost anythiing and it updates itself. if you try to download anything with a virus or ago to a site that contains malware it will warn you of this. i use avast and i will not use anything else
I apparently caught a virus – when booting I got a strange pop-up saying something about registering. I restored the drive from a ghost image and the pop-up went away.
Seems to be an excellent way to backup for a no-hassle restore.
“I have downloaded much of my music from the piratebay and torrentspy using bittorrent.”
Guess what, you are downloading things from dishonest people. They aren’t honest in everything but stealing music or software.
Expect to get massive virus infections regardless of how often you clean your computer or run antivirus programs. You are inviting the most dangerous of the bad into your computer.
Hey Bill, that is not true. I’ve downloaded from those sites and others and have never gotten infected. If you keep your anti-virus software up to date and keep your downloads in a secure spot away from system files and have your anti-virus set to scan all downloaded files BEFORE YOU DO ANYTHING…you should be OK. Most viruses and other crap come from websites that download payload junk to your computer and by answering Yes to every pop-up that wants to scan your computer after it tells you your computer maybe infected. Oh yeah…toolbars are another gateway to infection hell…stay away!
My PC Checks out “Clean”, but it is slowing down noticeably, I didn’t get a installation disk with the machine. Any tips from anyone about a complete reinstall using the windows set up data from the hard drive? I use Windows XP SP 2 home.My main worry is getting all current updates and protections without any protection. Thanks for any help or suggestions.
Nobody gets installation disks, anymore(cheaper for the computer maker). You were suppose to burn them yourself with DVD-Rs that you purchased yourself. It may be too late, now. Try booting into the recovery partition and res-install Windows. HP does this without erasing your personal files.
Ray, I wouldn’t worry about it too much. As long as you use the Windows Update in the Start menu you shouldn’t have any problems. Just don’t wander off anywhere else on the web without protection. Also make sure your Windows firewall is activated and working. Unless you’re connecting through a router which has a hard firewall built in. Just make sure it’s on.
If you (anyone) made a backup of data on an external disk before nuking the contents of the hard disk, make sure you disable autorun (see Leo’s recent piece) before restoring the backed up files, in case the malware copied itself onto the backup.
(It would be annoying to go to the trouble of backing up and nuking, only to let the malware back on five minutes after you have a nice clean computer.)
For best results, boot up into Knoppix (or a similar OS-on-a-CD) to perform the backup, so the malware doesn’t get a chance to run while you backup.
Downloaded ErrorFix 2wks ago. As of today I have 368 prob. If I don’t subscribe will my p.c. eventually crash? Also have AVG8.0 free & Spybot. Registry Cleaner show over 600 prob. which I unistalled. P.C is 3 yrs. old.
My 2 cents:
It is my professional experience that NO one program will rid you of massive malware/virus infections.
You’re scanning tools themselves may be compromised. So even better is using startup scanning tools burned onto a cd or dvd.
Booting up in safe mode and then running your antimalware tools will often yield best results.
Registry cleaners don’t fix any problems.
Don’t restore backups you made after the first infection occurred without scanning the disks the backups are on.
Restore points can get infected too.
For me there is only 1 procedure that has always worked and that is the Majorgeeks malware removal guideline.
I keep recommending it because I use it all the time.
If you have a problem
If no one else can help you
And if you can find them
Maybe you can hire
Majorgeeks
Good luck!
Not all anti-malware software will run in Safe Mode.
While I agree that buying a new machine just to get away from the bugs(viruii, etc) in your machine is not appropriate, there is something else you have to consider.
Who will be doing the service on this machine? If you, the owner are, or a friend who will not be charging you a fee, then fine, spend as much time as is required to resolve this issue.
But, if you are like 80% of America who are affraid of their computer and will be forced to seek profession, fee based support, then purchasing a new computer might be less expensive than paying a company say $400+ to spend 30+ hours trying to remove the really bad nasties that are out there.
I’m posting this simply as a counter point.
16-Mar-2009
I have a 2002 dell. I have had a lot of problems with freezes the last two months. It runs really slow, when it’s been working anyway lately. I downloaded from service pack 1 to service pack 3, because Norton Antivirus 2009 required this, it wouldn’t work otherwise. Tech for Norton gave me a website. It took 8 hrs to download pk.3 Also downloaded music on a walmart prepaid music card. Have a massive problem now. Computer read to run in safe mode and crashed. Now the screen is blue.
Had a major major breakdown…all kinds of notices about viruses, trojan horses et al and my dell pc didn’t move…couldn’t get on to the internet, nada…called Verizon Tech…it took them 3 hours to clear up eveything…lots of junk was also on my toolbar..$14.99…of course I had to sign a contract at $14.99 per month for the next 10 months, but I figure it’s worth the protection since I’m just a novice at anything technical…my computer now works like a charm but I notified all my cronies I will not open any attachments with tons of names
While an infection should never be THE reason to replace your computer, there are times when it makes sense for it to be the straw that breaks the camel’s back. And I saw one this week.
A friend of mine had an old machine running an old operating system for which she didn’t have the installation media. It had been poorly monitored for malware for years and this week finally caught a bad one that forced her to address the issue. Unfortunately, she addressed it by calling me. (Why am I always the IT guy for friends & family?)
Anyway… I ran a recent scanning software from a boot CD and it found and removed lots of Bad Stuff. Then I installed the free trial of Kasperksy which found and removed more stuff, but still didn’t fix the Big Bad that triggered the panicked phone call to me.
I spent many hours trying to remove it using lots of different software and procedures, but it had just done too much damage and was amazingly stubborn.
I finally gave up and told her we’d need to format the drive and reinstall the OS and apps. She had no backups, so I told her we could move a lot of her data files to USB sticks and then restore them on the fresh OS.
She didn’t have the install media. (I suspect it wasn’t a legal copy to begin with, but that’s not really relevant – the point is she had nothign from which to install from scratch.)
So she’d have to buy Windows. But the computer wasn’t up to the task of running even XP, much less Vista or Windows 7. She could have probably found an old copy of 2000 available on eBay or somesuch, but it was going to be a major pain.
Or, she could buy a nice new system for less than $700 that comes with Windows 7 preinstalled and she’d have a much, much, much better system and could still recover the data files via USB sticks.
She didn’t really -NEED- a new system, and wouldn’t have bought one if she had the original install media for her OS, but it made for a much faster and simpler solution than trying to resurrect the old beast.
First of all, and I don’t believe anyone has covered this yet, even if you buy a new pc or spend the time and money to ‘clean’ this one…the problems will return as soon as you re-install your infected files. That’s why I highly recommend ridding your current pc of malware first. What I would do (for myself or a customer) is 1. download and install AVG Free 9.0, PCTools Spyware Doctor, and A-Squared Free.Then update and completely scan your computer, these 3 can scan at the same time. (These are all free programs, and I’ve had 99.99% success with this combination). Probably 50% of pc repairs I do on customer’s computers are caused by malware they didn’t think they could have because they pay for ‘Norton’ or some other security program. 2.when you are sure your pc is clean, (keep in mind no security program will ever ‘repair’ damage already done from malware), back up all of your music and whatever else you downloaded onto CD’s or DVD’s. Now they should be safe to transfer to any PC. Although places like piratebay are just loaded with malware (nothing’s truly free,right?) they can come from just about anywhere these days. 3. Download and install Comodo Firewall + Defense. Disable Windows (all but worthless) firewall and install Comodo. It’s free, easy to use and I’ve had virtually no software conflicts with it so far. (Some firewalls will interfere with downloads, browsers, download managers, etc.).4. Anytime you download anything,scan it with all 3 programs before opening it. All 3 of these programs give you a context menu, (Right-click on the file you want to scan, then select ‘scan with AVG’ and so on). Good luck!
We have a local company in Eastern Ohio that will “reset” your computer to “factory default” (provided you have the original discs or a valid recovery partition) for a flat fee of $85.00.
Then they are making out like bandits!!!
You can do it yourself for free with very little computer expertise.
Under the 3rd step of your recovery process, “Nuke It” I would include “recovery from a full image copy backup”. Granted many people don’t have backups, but articles like this one will encourage them to more backups. I actually suggest at least 3 levels of backups. Last Image copy after Patch Tuesday, Image Copy initial application install after initial OS install/upgrade and Initial OS Image copy. If you have at least the last 2 it will greatly speed up your recovery time. Restoring a backup is faster than re-installing the OS and applications.
In the first place, prevention is always less expensive than cure. You don’t have to pay big bucks for prevention, in fact, I’ve never spent a cent in my entire computing life towards it. For a long time, I used Avast, along with SuperAnti Spyware for a second scan. I do these twice weekly. There’s also Windows Live Safety Scanner, they have XP & below and a Vista / Windows 7 versions. Then(if you’re a legit Windows user), you get a free tool from Microsoft every month, their Malicious Software Removal Tool. This runs automatically, but you can run it manually. In Vista / Windows 7 click Start, type “mrt” w/o the quotes, you can run the scanner how you want. Since I’ve moved to Windows 7, I’ve made only one change, I switched to Microsoft Security Essentials (MSE), as my main anti-virus. You have every tool here to keep your system clean, if only you will USE them along with smart computing practices. No Pirate Bay, P2P sites and so forth. We can talk cure all we want, prevention is the key. And whatever browser you choose (that’s your preference), keep it updated to the latest version. By doing these things, you shouldn’t need to worry about a malware infected PC, and enjoy your cyber life.
When you buy a new computer, you will get all the ‘Crapware’ that computer manufacturers load on the machines they sell. So you are not getting a ‘clean slate’. You have to spend time and effort to clean out all the useless garbage, which can be almost as bad as malware. So, you might as well clean the existing computer.
Part of my business is repairing machines with these sorts of problems, and sometimes, when the machine is several years old, and and other things are breaking down, it is worth junking the old machine because it was time anyway. It is less costly for my customer to replace the main machine while things are still working (but poorly) than backing up, and wiping the drive and spending several hours rebuilding just to have a machine with an old OS and less power than one can get today.
With a new machine and good solid security software, one can remove the old infected drive from the machine, hook it to an external USB case, or device that allows USB connections, and scan it before loading files onto the new machine. This even works most of the time when the drive will not boot properly because of non hardware issues.
I try to save my customers money. If it was almost time to get a new machine, the infections made it the tipping point. Its like a car- if the engine is smoking and the brakes squeek and the body is rusty, do you put 4 new tires on it?
I only buy new machines to be thrilled with the new found speed and power. Yahoo!! I keep my machines as safe as I possibly can. If, however, I had a problem, I would first look for viruses, then malware. If all else fails – Nuke It! I have yet to find a virus that can survive a low level format. And, after going through that process, one takes tends to reflect heavily on why it happened and then take additional protective measures or discipline myself not to be tempted to click – no matter how arousing. Easy way to get your nose clean. Actually, I don’t believe I have ever had a virus at least one that jumped over my security software. But if I hadn’t had protection, yikes!!! I would never take my computer in. I’m too cheap.
Agree totally!
I do have two minor comments to your article.
a) often, a PC or laptop will have a recovery partition along with a recovery manager program that will give the option of the Factory Restore – which includes reformatting the Windows (usually the C: drive) partition. It will also suggest backing up data files before doing so.
I’d quibble a bit and say, if possible, to just back up the files and folders that hold personal data. And then scan that backup on an uninfected computer. You might count this as #2.
b) I think there’s a better analogy than moldy bread and a toaster. I’d say, a computer is acting up – reboot it. It’s the same software, but reloaded.
Thanks as ever for your well-written articles!
original installation media – What’s that :)
Who includes that with a new machine now days?
All you get is a reinstallation disk with all the original ‘malware’ on it.
I’ve only bought one pc in my life and had just as many, if not more issues with it than my self-builds.
Just don’t install anything without several —‘BACKUP IMAGES’—- to fall back to. Cause you never know how long something is going to take to manifest itself.
:)
I make a backup as soon as I buy a machine. Then I strip away the crapware that comes with the machine and take another backup. Then I install my backbone programs, Office etc. When I find that all is well with my machine after a few weeks, I erase the first two backups. That becomes my new “original installation media”. After that third backup, I download the Ninite installer from Ninite.com. It downloads and updates about 95% of all the freeware programs I use.
Wow! Ninite is AWESOME! Thanks!
“What if” (like me) your computer came with Windows pre-installed, and you have no other copy?
Also, IF one does have “the original” which you re-install after re-formatting, won’t the computer spend the next fortnight downloading (again) all those upgrades ? Is there a way to avoid that, for those of us who only have a limited download budget?
Unfortunately, you’d have to go through the long download process to get all of the updates. That’s one of the benefits of incremental backups. You can roll the computer back to the last good state. That’s a true system restore.
Image backups solve both of these scenarios.
a) take an image backup of your new machine. Save that. REstore to that in case you ever need to restore to factory settings.
b) Take periodic image backups. Restore to the most recent and appropriate, depending on the reason for needing to do something. Updates pick up where that left of.
When you restore – to a factory install, or to a backup image – updates do indeed pick up where that image or backup left off. Still, it’s WAY better than not being able to reinstall at all, and STILL doesn’t require buying a new machine.
For Step 4, I would modify it to “Install quality antivirus and malware protection, then do Windows updates over and over, until there are no more to be done. Then copy only your data back to the PC.”
Just one hard learned word of caution. Do not use mypcbackup to backup your computer. It is absolutely filled with malware.
I finally got it all removed and got rid of mypcbackup but it was a pain.
They have a poor rating on WOT and Symantec. They used to post Spam comments on Ask Leo!
I cannot believe people STILL fall for this stuff. I cannot believe that People still don’t burn their recovery disjs(3 hours, 4 DVD-rs, now), as soon as you open the box and set up the computer. I was told that HP will mail your recovery disks for $20. Malware bytes has never failed me and now I add adaware cleaner from bleeping computer.
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.malwarebytes.org/lp/malware_lp_form/
My former primary tool was combofix, but it is not compatible with Windows 8.1
You can burn windows defender offline on another computer or make a flash drive with it on that. It is a real pain to get a Windows 8 computetr to boot from a flash drive, I had to disable secure boot in the bios, before changing the boot order. I suggest the boot able DVD-R, it may not be updatable, but it is easier,
One question Leo, you said ‘reformat and it will get rid of everything’ or similar.
Why is it then, that when I reformat a HD that previously held an operating system an insert it into a USB cradle, using as data backup, upon start-up the comp. will try to boot from it? (the boot sequence is set to USB-CD- HD) On occasions it actually can boot into a mangled OS like old Vista despite formatting?
Do you need low level formatting to make sure it doesn’t happen.
If there’s anything left on the drive then it wasn’t completely formatted.
“If there’s anything left on the drive then it wasn’t completely formatted.”
not trying to be sarcastic, but was an obvious observation, I was more interested in what caused it as it had happened more than once I do full format not a quick format.
What’s obvious to you and me, I’ve found, is frequently not obvious to everyone – hence I cannot assume it was obvious to you.
I can’t really hazard a guess. Don’t know how you’re formatting it, for example (exactly what steps). If I had to make a guess anyway I’d say you formatted one partition and there was another partition still on the drive that was left untouched. But that’s just a wild guess.
I’m always trying new “utility” and other questionable programs just to see how they work, plus do software programming using commands that I learned I should not. Eventually things get so gunked up, even with the “cleaners”, so it is time to wipe and start over. I always make backups every week since I EXPECT things to go wrong several times a year.
No big deal to me.
I know it takes 25 minutes to load the OS, another 20 minutes for Office, then let Windows update take over for a day or so. I found I don’t use most of the old programs loaded, so less to mess with.
Then I can scan and copy my data files as needed, finding I don’t really need all of them anyhow (outdated).
Housecleaning and reorganizing is a good thing.
The malware that my computer was infected with was hacking software. I have excellent regular malware protection. The hacking malware has disallowed me access to install or remove any files or use the control center options. Is there anything I can do besides buying a new HD and reinstall everything from original disks?
Why would you need to buy a new HD? You can reformat and reinstall everything from scratch on the existing hard disk, just as discussed in the article you just commented on.
One other alternative, this article: How do I remove a virus if it prevents me from downloading or installing anything?
I downloaded the program on your article page “REMOVE MALWARE FREE”. I guess my definition of FREE and yours is quite different; a special offer of $24.95 to remove the malware from my computer for FREE. So no, I won’t get a new computer, but I will find a more honest site for information!
You appear to have confused an advertisement with my recommendation. I have little control over what ads promise. Please read: What’s the difference between an ad and your recommendation? which is linked in the footer of every page on Ask Leo!.
Restoring by pressing some keys to start the built-in ‘factory recovery’ mat not work to remove all malware, because you are still booting from the hard drive, just in to a recovery partition, not the main OS.
If you have an infected MBR/boot sector then the malware has started when you booted and it won’t be removed. The on-board factory recovery just restores the Windows partition, not the entire hard drive.
This is why factory recovery disks are important, because you boot from the recovery disk, not the hard drive. However depending on what the factory recovery does, you still might have a problem. If it rewrites the entire hard drive then it will definitely get rid of all malware. This is what it should do because this would be the only way to recover to a new hard drive if the original drive physically failed.
I have a 128GB SSD that I use for my OS. That is usualy the only drive that needs to be backed up. You can buy a 500GB hard drive that you can partition as 4 separate drives. 3 of them as 128GB and the 4th with what’s left. As far as the cost goes, if you look around, you can find a stand-alone drive for about $50. I bought a 1TB Seagate Expansion for $59 from Target and that can be partitioned into 8 drives.
Once you have the NEW hard drive partitioned you can use your favorite disk cloner software. From your NEW computer, or recent NEW OS install make a “clone” on the first partition. Now every week or month do a “clone” of the current system to partition 2,3 etc till you use all the available partitions. Once they are all used start over rewriting your “clones” starting with the 2nd partition. Keep the 1st or “original” clone intact, just in case you absolutely have to start over again. You can name the partitions anything you want as long as you include the date.
Now, if you need to restore your computer at a later date, you use that same “clone software” to recreate your OS drive using the last clone. If that doesn’t work the next older copy and so on. If all else fails you still have the original on the 1st partition.
Doesn’t take more than minutes to do and covers your complete OS including your other software programs. Just keep your data files on a separate hard drive. Those data files don’t need to be backed up anywhere near as often. Just back them up whenever you do a major project, just in case.
As far as the cloning software goes there are several “free” versions available. Select one that includes support for whatever OS you are using. Windows 7 & 8 are particularly fussy in the use of “clones”. Some work and some don’t. Once you find one they are very easy to use. All you have to do is select the original drive or partition and the destination drive or partition. The only time you might have a problem is if the source and destination are different sizes then you have to select between clone which will make the new disk the exact same size as the old one, or proportionate clone which will fit it to a larger drive with the added size increase.
If you use backup software like Macrium Reflect, there’s no need to partition your backup drive. The data is compressed and backed up, and no space is wasted as it would be using partitioned drives.
Your way would work if Windows was still functioning. My way would keep at least three running (bootable) copies for you to use if Windows isn’t working. For minor problems your way would be much faster.
You don’t need a running system to be able to restore from an image backup. All good backup programs allow you to create a bootable rescue CD. If your system fails and you haven’t made the CD, you can even create one on another computer.
I HAVE EXPERIENCED THAT SYSTEM IMAGE IS REALLY A BAD CHOICE. BY THE WAY I DID NOT HAVE ANY VIRUS OR MALWARE. I JUST WANTED MY ITUNES BACK WHICH HAD DISAPPERED. MY LAPTOP DID NOT WORK AT ALL AFTER THE SYSTEM IMAGE. NO INTERNET NOTHING. AFTER THAT I HAD IT TESTED FOR SYSTEM ERRORS AND IT TURNED OUT THERE WERE JUST TOO MANY ERRORS. THE LAPTOP HAD BE REFORMATTED AT GREAT EXPENSE.
I like the idea of being able to reformat my computer. Any recommendations where I can go to learn how to do that? I have been using System Restore fairly successfully on Windows XP. Thought about reformat and install latest Windows OS.
This article will help with that: http://ask-leo.com/how_do_i_reformat_and_reinstall_windows.html
Is this advice still valid today if someone got remote access on your computer? My wife fell for the Microsoft virus scam. For 20 minutes she followed the instructions given her by two MS “technicians.”
My wife is almost literally a pc illiterate. She does not have the admin password for the computer. She said at one point she was told to make payment at an address in our town, and at this point a window opened with the address on it (and without her typing anything in; for this reason I suspect that someone got control of the pc and maybe installed spyware or other malware.
Would the above-mentioned procedure remove any malware directly loaded to my pc? Also, do I need to worry about the BIOS or my router having been compromised?
I am grateful for any advice!
This would apply today as well as on the day it was written. Unfortunately, in some cases, the only way to bee 100% you’ve rid yourself of the virus is “The nuclear option” as described in the article.
This advice is still true. You do NOT need to buy a new computer. Wipe the existing computer and install Windows, programs and restore your data all from scratch.
When you restored your files on a New formatted drive with reinstalled Windows. Dosent the Malane got reinstalled to from the infected copy of your harddrive.
I thought the answer was “sure, go get yourself a new computer, and I’ll be happy to take your old one off your hands, no charge”? :-)
I thought there was a new class of malware that could hide in BIOS or other hardware-related memory and thus could not be removed by the measures Leo cites. Am I wrong about that?
The thing to focus on when thinking about malware is prevention. So number one, learn how to be safe on the internet. And two… backup. If you have a full baseline backup you can recover anything.
While possible it’s exceptionally rare.
I’m so glad to hear that no one should have to buy a new computer due to malware. I recently discovered that my PC was infected after weeks of extremely slow response time and many, many pop ups. I really liked your comparison of the computer to a toaster. You just need to clean it to get it working right! I’ll start looking for a recovery disc after I back everything up. {link removed}
Hello, Leo I am very much a novice with a computer , but do you mean I will need an external hard drive to transfer all my data onto it Thank-you p.s I am not using my computer at the moment
Yes. To do an effective backup, an external hard drive is recommended. Here’s an article with more information:
https://askleo.com/external-drive-get/
You need SOME way to save all your data before reinstalling the OS from scratch, yes. An external hard drive is absolutely one way to do it.
As usual, excellent advice. I go a little further: Every two or three years I reinstall the operating system (Windows 10) and the applications. My data doesn’t need recovering because I keep software and data on different disks (except for those programs, like Outlook, that force data on to the C drive).
With Windows 10, reinstallation is rarely necessary, even if you’ve been hit with malware or some critical files were damaged. In the case of malware, you should have a good recent backup to roll back to and in the case of damaged critical files, sfc /scannow or a repair reinstall usually work, although a good recent backup is still best.
Agreed Mark, especially the point about having a good recent backup. I reinstall occasionally to effectively remove the overhead of applications I no longer need. It always surprises me how fast my computer is after the reinstall.
Leo – Might be worthwhile to emphasize the difference between “back up” in your “Nuclear Option”.
“1. BACK UP your computing using a complete system image. Yes, you’ll be backing up the malware…”
. . .
“5. Restore your data from the BACKUP or wherever else you happened to keep it. Do this carefully to avoid re-installing any malware. Generally, data backed up before the malware arrived should be safe.”
I presume the backup referred to in step 5 is from a backup that was created weeks or months ago, and NOT the backup created in Step 1. Some might assume you mean the backup created in step 1 even though you mention “before the malware arrived”.
BTW… a neighbor of mine had malware on her PC. The PC was “scrubbed”, OS reinstalled, software re-installed from www, and data restored from a 3-week-old backup. She was hit with malware within days. I checked her old backup and discovered she had an infected data file from 4 months earlier that was set to infect her PC at a future date.
No, I do mean the backup you just took. (If you had an image backup from before the malware’s arrival, I would assume you would have restored that and this step moot).
The key is that you would only restore your data. Malware generally infects programs and system files, so don’t restore them. And yes, even restoring your data needs to be done carefully, but as you restore your anti-malware program should have an opportunity to flag something bad. There’s also a very good chance you’ll realize that “I got infected when I opened this file” means don’t restore that file.
Leo is right as always. The thing I want to emphasize is that your computer being infected with virus is not “the” reason for buying a new computer. Ok, Leo explained that. But the basic reason is that even if you have a new computer, you still want to re-install your old data onto the new one. Do you have it? If you had not had a system of backup, then just go ahead and buy a new computer, and deal with the fallout. You may or may not have your data back. If you had backup, then you can follow Leo’s procedure, and nothing is lost except a bit of your time, so you don’t need a new computer.
There’s never a reason to get a new computer because of malware, no matter how bad it is. If you have a backup from before the infection, simply restore from that backup. If you don’t have a backup, perform a system image back up of the infected system to preserve your data. Reinstall Windows and your programs from their installation media. Copy the personal data from your backup.
If you are reading this article, you should never have to reinstall Windows because of malware, because if you’re paying attention ;-) , you will be doing regular system image backups and you’ll have a working system to restore to your machine.