Safely rebuild your Windows computer

Important:

You may need or want to rebuild Windows in case of:

  • Performance issues
  • Hardware or software upgrades
  • System compromise (that is, the contraction of malware, such as a browser hijacker, fake antivirus, or ransomware). Rebuilding your computer removes all traces of the compromise.

To thoroughly clean and rebuild your computer after a compromise, be sure to follow all of these steps; failure to do so can put both the entire IU network and your personal identity information at risk.

Note:
If you were blocked from the network, you must request that the block be removed after completing these steps. Once you receive confirmation that the block has been removed, you can use the network again.
  1. If your computer has been compromised by a virus, remove it from the network by unplugging the network cable from the computer, or by turning off the wireless or dial-up connection. Do not reconnect your computer to the network until you have begun step 3; otherwise, you risk spreading the virus.
  2. In preparation for wiping your computer's hard drive, back up your personal files to an external source, such as a flash drive, an external hard drive, or an IU Cloud Storage service (see Options for storing files at IU). If your computer was compromised, cloud and networked storage solutions will not be available to you on the IU network.
  3. Perform a clean install of Windows 10 or Windows 8.x. (Be sure you've backed up your personal files; they will be unrecoverable after you wipe the hard drive.) Do not back up your programs; instead, reinstall the software applications you own using the installer files from the original disks or from IUware. Make sure you use a different password for the administrator account than you used in the previous installation. When you reboot your computer, allow automatic updates when prompted, which is the recommended action. For instructions, refer to the Clean install section of Install Windows at IU.
  4. Unless you've prepared media ahead of time with the updates, drivers, and patches mentioned in steps 5 through 7 below, you may connect to the internet at this time to update your operating system and security software. However, you should only connect to the IU network if it's your sole source for downloading and installing updates.
  5. Windows 10 and Windows 8.x include security software by default. Make sure it is up to date before proceeding.
    Note:
    For recommendations about antivirus software, see Recommended antivirus software at IU.

    If you use security software from Microsoft, make sure the Windows Firewall is turned on.

    For help, see Microsoft Support.

    If you're using other third-party security software, make sure the firewall in that program is enabled; check your security software's documentation for further assistance.

  6. Reinstall drivers for your network card, printer, and other devices. Either use the driver disk provided by the manufacturer of the device, or visit the manufacturer's website and download the driver.
  7. Install the latest Windows patches and service packs. All patches are available from the Windows Update service included in every copy of Windows by default.
    Note:
    Unless you reconnected to the network in step 4, you'll need to have downloaded these patches and service packs ahead of time on separate media.
  8. If your computer was compromised and you have not yet done so, reconnect to the network, and change your IU passphrase immediately after you have rebuilt your computer. The compromise may have allowed malicious parties to log your usage and keystrokes, including passwords and email conversations. (You may also want to change your password for any non-IU accounts you have accessed on this computer.)

    If you were blocked from the network, you must request to have the block removed. Once you receive confirmation that the block has been removed, you can connect to the network.

UITS also recommends the following to help prevent future system compromises:

  • Keep your Windows service packs current by scheduling daily automatic updates.
  • Schedule your security/antivirus software to perform daily updates and scans.
  • Practice the principle of least privilege when using your computer. If your computer is compromised, it can prevent the attacker from acquiring administrative access.

For help, see Microsoft Support.

This is document anbp in the Knowledge Base.
Last modified on 2020-09-09 12:07:09.