Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 10 OS installation as a Virus removal tactic?


  • Please log in to reply
14 replies to this topic

#1 OrdinaryItemMerchant

OrdinaryItemMerchant

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 21 December 2015 - 04:49 PM

(I'm so new to forums and not half as tech smart as I think I am. So sorry for any errors or if I posted this to the wrong forum!)

 

Hello!

 

So, I just bought this old, refurbished computer as a last resort from what I'd heard was a trusted tech guy. I'm prospering art student so I NEEDED a working computer that could handle art programs since my old one had a motherboard problem and was days away from not even turning on anymore. But soon after I got this one I noticed it had some strange tendencies. Like how at random points in usage the CPU would spike and when I checked the running programs in Task Manager the only things using a lot of CPU was SVChost. I ran some free virus removal software (Malwarebytes) on it just to see if anything showed up, knowing that absolutely nothing should since it was a supposedly clean computer. And yet I got a list of fifteen different Trojan.FakeMS.ED's. I tried searching the virus type and didn't come up with much results.

 

I don't have the money right now for virus removal software right now, but I know that a hard drive reformatting and reinstalling my OS would probably benefit my computer greatly. However, I don't have the installation disks for the Windows 7, which is what my computer's running on now. Before I noticed the viruses and was only experiencing problems with the computer speed and some temporary update installation issues, I asked the man I'd bought the computer from and he suggested a few things and told me if I continued having trouble he could take it back for a while and reinstall the OS. But you could probably understand why I'd be hesitant to do that with a virus chilling on my computer already when I've mostly only installed widely-known, harmless programs like iTunes and Steam so far.

 

With all the work done on this one I'm not so sure how much accurate information I can provide, but it's a Dell Precision M4300 and it's system properties tells me it's got 3 GB of RAM, a Intel® Core™2 Duo CPU processor with 2.5GHz and ~70 GB of hard drive space. I have a NVDIA Quadro FX 360M graphics card and the computer currently has a 32-bit Windows 7 Professional operating system. 

 

I wanted to know if it was possible to download all of the Windows 10 installation data to a DVD-R, reformat my hard drive and OS and then install Windows 10? And if doing so would have even a little chance of helping my situation out at all?

 

Thank you!



BC AdBot (Login to Remove)

 


#2 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,968 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:01:28 AM

Posted 21 December 2015 - 05:53 PM

Hi :welcome: to BleepingComputer,

 

 

Does the machine have the Windows 7 key on a sticker similar to this?

 

HardwareCOA.gif

 


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#3 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 6,883 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:08:28 PM

Posted 21 December 2015 - 06:08 PM

Were I you, I would do the standard upgrade installation of via GWX (the Get Windows 10 "nag" that shows up as a Windows 10 icon in your system tray and gives occasional popups) then immediately follow that with a clean full install of Windows 10.  This is if your machine passes the compatibility checks for upgrade to Windows 10.

 

That way your computer will already be recognized by Microsoft as a Windows 10 machine then the clean full install will give you a fresh machine.  Mind you, if you've got infections in your existing data, and bring that back from a backup, it could try to propagate itself again.  One would hope that your antivirus (whether Windows Defender or a third-party one you install) would do its job in clearing up an infection, though.

 

If you have existing third-party antivirus software I would uninstall it immediately prior to doing the upgrade to Windows 10 and then promptly reinstall it (or use Windows Defender) once your clean install of Windows 10 is complete.


Brian  AKA  Bri the Tech Guy (my website address is in my profile) Windows 10 Home, 64-bit, Version 1709, Build 16299

       

    Here is a test to find out whether your mission in life is complete.  If you’re alive, it isn’t.
             ~ Lauren Bacall
              

 


#4 OrdinaryItemMerchant

OrdinaryItemMerchant
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 21 December 2015 - 07:56 PM

@SleepyDude Thank you! And yes it does. It's labled "Windows Vista Business OEMAct"

@britechguy I was under the impression that installing Win 10 via the popup would automatically carry all my files over though. Which is unnecessary since I still have so many of them backed up from when I got rid of my old computer and will also likely cause the virus to persist. I also thought a hard drive formatting would wipe the OS, requiring a reinstallation. Is upgrading to 10 that way without it backing up my files an option?

#5 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 6,883 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:08:28 PM

Posted 21 December 2015 - 08:55 PM

OrdinaryItemMerchant,

 

            Your last response confuses me slightly because you say the OEM license key is for Windows Vista, and you should not be able to upgrade (for free, via GWX) unless you are running WIndows 7, at earliest, as an OS.

 

            The GWX process does, indeed, carry all your data files over if it works correctly, but one should never attempt a major OS upgrade like this one without having backed up all your user data first, and perhaps doing a system image, too.  However, since you say your system is infected and has not been able to be healed I don't think a system image would do you any good.  I have not proposed, anywhere, that you reformat your hard drive.  If you go through the GWX upgrade and your virus persists (and it might) then you are going to have to do a full, clean Windows 10 installation and that automatically sets up the hard drive again as a part of the process.

 

             Your situation is "a bit complicated."  Were I you I would take every step I could to clear the virus from my existing system, including downloading tools like Malwarebytes, before trying any sort of upgrade.  It's difficult to give "good advice" on how to upgrade an unstable system and then get rid of the instability afterward.  The only reason I am suggesting you do the GWX upgrade (presuming you are running Windows 7) is so that it will be easier for you to do the clean Windows 10 install after the fact.


Brian  AKA  Bri the Tech Guy (my website address is in my profile) Windows 10 Home, 64-bit, Version 1709, Build 16299

       

    Here is a test to find out whether your mission in life is complete.  If you’re alive, it isn’t.
             ~ Lauren Bacall
              

 


#6 OrdinaryItemMerchant

OrdinaryItemMerchant
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 21 December 2015 - 09:58 PM

I apologize for the confusion. My computer is undoubtedly running on Windows 7 as of right now. I didn't buy the computer directly from Microsoft or a shop, but from what I had thought to be a trusted seller since I know someone else who'd done business with him without any problems. I believe it probably originally ran on Vista and he must have installed the Windows 7 OS before putting it up for sale. I have downloaded Malwarebytes and have run it several times, quarantining everything that it lists after each scan and subsequent reboot. Within the last couple hours it's finally stopped finding anymore malware. I mentioned formatting my hard drive because I figure that would be the most definitive way of getting rid of the virus since it either kept coming back or Malwarebytes kept finding more after my initial scan with my antivirus software, but I have yet to find anymore dangerous files in my last few scans.

#7 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,968 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:01:28 AM

Posted 22 December 2015 - 04:21 AM

I apologize for the confusion. My computer is undoubtedly running on Windows 7 as of right now. I didn't buy the computer directly from Microsoft or a shop, but from what I had thought to be a trusted seller since I know someone else who'd done business with him without any problems. I believe it probably originally ran on Vista and he must have installed the Windows 7 OS before putting it up for sale.

 

To have a legal Windows 7 installation he must provide you the original key for the Windows Edition that is installed on the machine.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#8 bobjimmy123

bobjimmy123

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 22 December 2015 - 08:13 AM

You should be able to extract the product key from your current OS using this tool: http://www.nirsoft.net/utils/produkey-x64.zip

After running that let us know what version of Windows 7 it says you have. (If the above link doesn't work then try this one: http://www.nirsoft.net/utils/product_cd_key_viewer.html#DownloadLinks)


Edited by bobjimmy123, 22 December 2015 - 08:32 AM.


#9 JohnC_21

JohnC_21

  • Members
  • 22,650 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 PM

Posted 22 December 2015 - 09:54 AM

If the Windows 7 key is retail you also have the option to download the Windows 7 iso here. If the key is OEM then Microsoft will give you a message the download is not possible.

 

Right click Computer > Properties. At the bottom of the Window look at the PID. If OEM is in the PID then you cannot download from the link I provided. You may also want to back up your Windows 7 key and Activation files using Advanced Token Manager.

 

 



#10 bobjimmy123

bobjimmy123

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 22 December 2015 - 12:12 PM

Well their Windows 7 key is most likely not an OEM key because it was not shipped with Windows 7. If I were you I would skip the upgrade process and instead choose the "create media for another computer" option and burn a DVD then do a clean install from that. Then during the installation it will ask you for a product key and you would then insert the one that you obtained from the tool that I linked.



#11 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 6,883 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:08:28 PM

Posted 22 December 2015 - 01:11 PM

Well their Windows 7 key is most likely not an OEM key because it was not shipped with Windows 7. If I were you I would skip the upgrade process and instead choose the "create media for another computer" option and burn a DVD then do a clean install from that. Then during the installation it will ask you for a product key and you would then insert the one that you obtained from the tool that I linked.

 

And this is a fine idea if you definitely have a valid license key, either OEM or retail.   The only reason I suggested doing the GWX upgrade first is because it doesn't require this and MS has been allowing Win10 upgrades from machines that didn't have authentic copies of Windows 7.  It was more of a "safety in achieving upgrade, no matter what the Win7 license circumstance" than anything else.

 

I also wouldn't be so sure that the license key is not an OEM key.  You could buy OEM licensed copies of Windows 7 all over the place.  When I did the upgrade from Win7 Home to Win7 Ultimate way back when it was with an OEM version of the upgrade software that was legally purchased and worked just fine.  People will often buy OEM licenses if they know that the machine in question is the only one on which they ever intend to do the install and don't need or want MS technical support or manufacturer support.  Those licenses are cheaper than retail.


Edited by britechguy, 22 December 2015 - 01:15 PM.

Brian  AKA  Bri the Tech Guy (my website address is in my profile) Windows 10 Home, 64-bit, Version 1709, Build 16299

       

    Here is a test to find out whether your mission in life is complete.  If you’re alive, it isn’t.
             ~ Lauren Bacall
              

 


#12 OrdinaryItemMerchant

OrdinaryItemMerchant
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 22 December 2015 - 05:48 PM

Okay, I have a PID as listed from my system properties and it has OEM in it. What I originally wanted to do was burn it to a CD, I just wasn't sure if that was a possibility. But if the GWX upgrade will suffice I can just as easily do that. I'd just like to know if and how I can achieve a clean install before I go through with it. 



#13 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 6,883 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:08:28 PM

Posted 22 December 2015 - 06:02 PM

You can do a clean installation after a GWX upgrade in one of two ways:

 

1.  Use the Reset option under the Update & Security Settings, Recovery Pane and not keeping your files and folders.

 

2.  Use installation media you create via download from the Microsoft Media Creation Tool to do an install.

 

Both do pretty much the same thing.


Brian  AKA  Bri the Tech Guy (my website address is in my profile) Windows 10 Home, 64-bit, Version 1709, Build 16299

       

    Here is a test to find out whether your mission in life is complete.  If you’re alive, it isn’t.
             ~ Lauren Bacall
              

 


#14 wfallon

wfallon

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 24 December 2015 - 10:18 AM

Let's get back to the basic problem. If you ran MBAM, make a list of what it found. then have MBAM remove the viruses.

 

Then search for any files of the same name as the viruses. If you find any, delete them, if you don't find any, the system should be clean. Run MBAM again, should be clean. Also get SuperAntiSpywareand run that. If both are clean, you should be fine.

 

Now the bad news:

 

    Your hard drive is not big enough for Win 10. It does a lot of backing up of files and will quickly exede your HD.

 

    If you do go go Win 10, Nvidia does not play well with Win 10.

 

Bill



#15 rp88

rp88

  • Members
  • 2,937 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:28 AM

Posted 25 December 2015 - 05:08 PM

Changing OS from your current one to windows 10 MIGHT remove the virus, as the changing of systenm files might have the side effect of replacing infected ones, however depending on where the virus is lurking it might have no effect at all. There are much better ways to dsinfect yourself, you could ask for help in the virus removal section here (the people there do an excellent job) or you could reinstall your curent windows verson. As a user of particular programs (perhaps arare ones) which are curical to your workflow, that art software you mention, I strongly suggest NOT upgrading to windows 10 but instead reinstalling your current OS or starting a thread in the virus removal section here to get the virus removed without altering your system setup. When you depened on being able to run a certain program switchng OS is not a good thing to do because of the risk that the program might not run in windows 10 even though it works fine in your current OS. If after doing this you want to, once the system is disinfected either through virus removal or through reinstallation, then go on to windows 10 you can do this, but that will likely uninstall the art program in question, which may or may not eb able to be succesffully reinstalled once you are on windows 10. Note that if you reinstall your current OS you'll definitely need to install the art program again but you can be confident it will work, because you'll still be using your current OS. Or if after removing the virus (by whichever means works) you decide you don't want to upgrade to windows 10 there are things you can do so that the GWX pop-up will not bother you.

One other thing, you could have easily got thr virus from an advert on a website, these days there is something called malvertising whereby you can be infected wthout any user nteractin beng needed, you smply visit an infected page, or a legitimate page which has suffered the misfortune of a malicious advert being placed on it, and get infected without having to doanything. A tool like NoScript or one like malwarebytes anti-exploit can block this type of infection method, after fixing your system I suggest you look into installing them, both are free and very effective virus PREVENTION* tools. It doesn't matter if you've never downloaded anything, you can still be infected by sheer bad luck of visiting a malicious page or a page serving a malicous advert, only with tools like those I mention can you protect from this sort of threat, after having the virus removal section team help you with your problem (or reinstalling your current OS yourself) you can ask them, or ask in the general security section, for tips on preventing drive-by/malvertising infections (the type I mention here) and other infecton types.

*they'll prevent viruses arriving but you'll still need an antivirus as well, and these two tools won't do anything to help with removal of viruses you currently have. start a thread here to deal with virus removal: http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/ read the pinned topics at the top, then start a thread, incude the logs asked for and also include any information you think would help someone in diagnosing exactly what you've been infected with.

Edited by rp88, 25 December 2015 - 05:10 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users