Hi, Leo. I ran into a problem this week. I have two computers: one with
Windows XP, SP3 and the other with Windows 7 Ultimate. I transferred some of my
documents over to the computer with Windows 7 via USB. Unfortunately, the USB
had some malware in it, which I didn’t know of so when I attached it to the
computer, MSE gave an alert about a potential threat. I used MSE to clean the
USB and scanned the computer fully and thought that everything was back to
However, from then on, whenever I turn my computer on, it gives me a message
that Windows is not genuine. I went to the Microsoft site and one of the
reasons stated there as to why such a message appears was that any malware
modifies the files in Windows in some manner. I used the System Restore to
restore the computer to a previous state, but that didn’t work either. What do I
do now? Also, if any other piece of malware finds its way into my computer
through let’s say, the internet, would I need to start over and do everything
again because the copy of Windows would become illegal?
In this excerpt from
Answercast #30, I look at getting a virus off a computer with a repair
install and what may happen with future infections.
A couple of confusions here.
Let’s start with what you do next to clean up that machine.
My belief is that the best approach to fixing that particular machine is doing what’s called a repair install of Windows. Basically, that involves using the original Windows installation media for the machine; installing Windows but making sure to install it as an update, rather than a clean install.
I have an article on that on the site:Repair install in Windows 7.
Now the other thing I would certainly do is I would backup before you do that install… just in case. By back it up, I mean taking a system image of the entire machine; just in case something goes wrong when you do the repair install.
Now, that leads me to my next comment and that is:
- All of this could have been avoided if you had simply had a backup!
In other words, this is one of the many, many, many things that a regular daily or periodic backup of your system would save you from.
The solution in your case; the “what do you do now” then would be simple: restore your Windows 7 machine to the backup that had been taken immediately prior to it becoming infected and “poof” – it’s back to what it was.
Then, you can go through and clean the USB; re-copy the files, whatever it is you want it to do at that point.
Now, if any other piece of malware finds its way on your computer, “Would I then need to start over because the copy of Windows would become illegal?” No.
- All malware doesn’t cause this scenario.
Microsoft is basically saying that malware, in general, can cause your Windows installation to become invalid. That does not mean that all malware causes your Windows installation to become invalid.
That’s not to say that malware shouldn’t be avoided – absolutely, you should avoid it for any number of different reasons.
Invalidating your Windows install happens only with certain types of malware, certain variants of malware, certain instances of malware. It’s not something that is, to be honest, all that common. I mean, it happens; but it certainly does not happen in the majority of cases.
I wouldn’t worry too much about that.
I would absolutely start doing regular backups… because no matter what, whether it invalidates your Windows install or not, a backup is going to save you from this kind of stuff every single time.
Next from Answercast 30 – How do I restore a backup to a smaller hard drive?