Safely rebuild your Windows computer

Important:

You may need or want to rebuild Windows in case of:

  • Performance issues
  • Hardware or software upgrades
  • System compromise--that is, the contraction of malware, such as a browser hijacker, fake antivirus, or ransomware. Rebuilding your computer removes all traces of the compromise.

To thoroughly clean and rebuild your computer after a compromise, be sure to follow all of these steps; failure to do so can put both the entire IU network and your personal identity information at risk.

Note:
If you are a student needing either wired (Ethernet) internet access or direct access to university databases, after the rebuild is complete, follow the instructions in Use OnGuard for students who need direct network access to databases and/or remote desktop. If you were blocked from the network, you must request that the block be removed. Once you receive confirmation that the block has been removed, you can use the network again.
  1. If your computer has been compromised by a virus, remove it from the network by unplugging the network cable from the computer, or by turning off the wireless or dial-up connection. Do not reconnect your computer to the network until you have begun step 3; otherwise, you risk spreading the virus.
  2. In preparation for wiping your computer's hard drive, back up your personal files to an external source, such as a flash drive, an external hard drive, or cloud storage (for example, Box or Google at IU Drive). If your computer was compromised, network storage solutions such as Box or Google at IU Drive will not be available to you on the IU network.
  3. Perform a clean install of Windows 7 or higher. (Be sure you've backed up your personal files; they will be unrecoverable after you wipe the hard drive.) Do not back up your programs; instead, reinstall the software applications you own using the installer files from the original disks or from IUware. Make sure you use a different password for the administrator account than you used in the previous installation. When you reboot your computer, allow automatic updates when prompted, which is the recommended action. For instructions, refer to the Clean install section of Install Windows at IU.
  4. Unless you've prepared media ahead of time with the updates, drivers, and patches mentioned in steps 5 through 7 below, you may connect to the internet at this time to update your operating system and security software. However, you should only connect to the IU network if it's your sole source for downloading and installing updates.
  5. Windows 8 and newer versions of Windows include security software by default. Make sure it is up to date before proceeding. If you are using Windows 7, install security software from a flash drive or other external source; you'll want to prepare this ahead of time. Refer to Safely upgrade security software in Windows 7.
    Note:
    For recommendations about antivirus software, see Recommended antivirus software at IU.

    If you use security software from Microsoft, make sure the Windows Firewall is turned on.

    For help, see Microsoft Support.

    If you're using other third-party security software, make sure the firewall in that program is enabled; check your security software's documentation for further assistance.

  6. Reinstall drivers for your network card, printer, and other devices. Either use the driver disk provided by the manufacturer of the device, or visit the manufacturer's website and download the driver.
  7. Install the latest Windows patches and service packs. All patches are available from the IU Microsoft Update Service; see About the IU Microsoft Update Service using WSUS.
    Note:
    Unless you reconnected to the network in Step 4, you'll need to have downloaded these patches and service packs ahead of time on separate media.
  8. If your computer was compromised and you have not yet done so, reconnect to the network, and change your IU passphrase immediately after you have rebuilt your computer. The compromise may have allowed malicious parties to log your usage and keystrokes, including passwords and email conversations. (You may also want to change your password for any non-IU accounts you have accessed on this computer.)

    If you were blocked from the network, you must request to have the block removed. Once you receive confirmation that the block has been removed, you can connect to the network.

UITS also recommends the following to help prevent future system compromises:

  • Keep your Windows service packs current by scheduling daily automatic updates.
  • Schedule your security/antivirus software to perform daily updates and scans.
  • Practice the principle of least privilege when using your computer. If your computer is compromised, it can prevent the attacker from acquiring administrative access.

For help, see Microsoft Support.

This is document anbp in the Knowledge Base.
Last modified on 2019-02-14 15:19:33.

Contact us

For help or to comment, email the UITS Support Center.