Home Page Navigation Contents Contact Sitemap Search

Clean win­dows 10 installation

Your PC has become infected with mal­ware? You don’t know exactly how to rein­stall your system cor­rectly? The fol­lowing step-by-step instruc­tions will help you run a clean install on your PC and simul­ta­ne­ously reduce the risk of a reinfection.

These instruc­tions are meant for pri­vate users, and have there­fore been kept as simple and gen­eral as pos­sible. How­ever, a cer­tain level of tech­nical knowl­edge has been assumed. If you are at all uncer­tain, get help from a specialist.

To be able to prop­erly rein­stall your system in accor­dance with these instruc­tions, you will need a valid licence plus a Win­dows 10 instal­la­tion medium. This could be a USB stick, a DVD or CD.

PLEASE NOTE: If you have no Win­dows 10 instal­la­tion medium yet, you can create one on a Win­dows 10 com­puter. You should note that that this must be a PC free from mal­ware, and that this must not be done on the infected machine. You will have to down­load and exe­cute the Microsoft Media Cre­ation Tool to create this instal­la­tion medium. You can find instruc­tions and fur­ther infor­ma­tion on how to use this tool here.

Step 1: Dis­con­nect your PC from the network

  • If your PC is con­nected to the net­work via a cable, simply pull out the net­work plug.
  • In case you are using a wire­less net­work (WLAN), please acti­vate flight mode (click the net­work symbol at the bottom right of the taskbar → click the button for flight mode).

Step 2: Backing up per­sonal data and licence

  • Con­nect an external storage medium (external hard drive) with the “shift” key pressed, and back up all your per­sonal data. If pos­sible, do not use your “usual” back-up medium to do so, but a new, com­pletely blank one.

PLEASE NOTE: Mal­ware on your PC can lead to your external storage medium and all data stored on it becoming infected, too. The Autorun func­tion in par­tic­ular is exploited by mal­ware to spread via external storage media (USB stick etc.). It is rel­a­tively simple to tem­porarily deac­ti­vate this Autorun func­tion. To do so, keep your key­board “shift” key pressed while con­necting the external storage medium to your PC. Only let go of the “shift” key a short time later. In this case, the “shift” key pre­vents Win­dows from auto­mat­i­cally exe­cuting pro­grams and files on your external storage medium.

When sub­se­quently for­mat­ting your PC – some­thing urgently rec­om­mended in case it is infected with mal­ware – your licence might be lost, too. It is there­fore impor­tant that you back this up first.

  • Click the Win­dows logo bottom left in the task bar.
  • Open a com­mand prompt window by typing in “cmd” and then pressing “Enter”.
  • Enter the com­mand “wmic path soft­ware­li­cens­ingser­vice get OA3xOriginalProductKey“ and then press the Enter key. Your licence will then be displayed.
  • Save your licence in a word pro­cessing appli­ca­tion, and back this up to your external storage medium, too.

PLEASE NOTE: In case the above com­mand results in a blank output, no licence is stored in your UEFI/BIOS. In this case, the licence was orig­i­nally entered man­u­ally, and you will prob­ably find a note of it on a sticker on your PC case some­where. If this is not the case, you can read out your licence from your PC reg­istry with a pro­gram such as Mag­ical Jelly Bean Keyfinder or Win­dows Product Key Viewer.

Step 3: Clean your GPT or MBR

Cer­tain mal­ware will infil­trate the GPT (GUID par­ti­tion table) or MBR (Master Boot Record) of a PC. For this reason, the GPT or MBR should be rewritten and cleaned this way.

PLEASE NOTE: MBR (Master Boot Record) is an old par­ti­tion style which still in fre­quent use. GPT (GUID par­ti­tion table) is the new par­ti­tion style in increasing use today.

  • Con­nect your Win­dows 10 instal­la­tion medium (USB stick, DVD or CD) to your PC and restart it.
  • If your PC does not boot from the instal­la­tion medium inserted after this restart, set the required drive as the first device in your PC’s UEFI/BIOS (see main­board manual). Alter­na­tively, press the “F8” func­tion key straight after starting your PC. This will take you to the boot man­ager where you can select the required start-up drive.
  • Press any key when you are asked to do so.
  • Press the “shift” and “F10” key com­bi­na­tion in Win­dows set-up to open a com­mand prompt window.
  • Open the diskpart tool by entering the “diskpart” com­mand and con­firming it with the Enter key.
  • Enter the com­mand “list disk“ and then press the Enter key.
  • Enter the com­mand “select disk “ and then press the Enter key.

PLEASE NOTE: For “disk number” you will have to enter the number of the drive where Win­dows is to be installed later. Warning: If you choose the USB stick with the Win­dows 10 instal­la­tion medium on it here, it will be deleted.

  • Delete the GPT or MBR by entering the com­mand “clean [-all]” and pressing the Enter key.

WARNING: Deleting the GPT or MBR will erase all data on your system!

  • Close the com­mand prompt window, and close your PC down. Leave your Win­dows 10 instal­la­tion medium (USB stick, DVD or CD) con­nected to your PC.

PLEASE NOTE: Fur­ther infor­ma­tion on erasing the GPT and MBR and rein­stalling Win­dows 10 can be found here.

Step 4: Rein­stalling Win­dows 10

  • Restart your PC.
  • If your PC does not boot from the instal­la­tion medium inserted after this restart, set the required drive as the first device in your PC’s UEFI/BIOS (see main­board manual). Alter­na­tively, press the “F8” func­tion key straight after starting your PC. This will take you to the boot man­ager where you can select the required drive.
  • Press any key when you are asked to do so.
  • Install Win­dows 10 with the set­tings you require.

PLEASE NOTE: Erasing the GPT or MBR will also delete all par­ti­tions. Create new ones the way you need them.

WARNING: You can already make some deci­sions with regard to data pro­tec­tion while installing Win­dows 10. For instance, you will be asked about the extent of diag­nostic data you would like to send to Microsoft. At this point, you can only choose between “full” and “basic”. To pre­vent Win­dows from sending too many data unin­ten­tion­ally, you should switch all set­tings to “basic”. Once Win­dows 10 has been installed, you can per­son­alise cer­tain set­tings. Wait until Win­dows 10 has fin­ished installing, and then change your set­tings. Our instruc­tions with addi­tional useful infor­ma­tion on data pro­tec­tion in Win­dows 10 can be found here.

  • Finish installing Win­dows 10 with the set­tings you require.
  • Con­nect your PC to the Internet (insert net­work plug).
  • Update your oper­ating system by clicking the Win­dows logo bottom left in the task bar, entering “Win­dows update” and con­firming with the Enter key. Then click on “Check for Win­dows updates”. These updates will then be installed automatically.

Step 5: Installing antivirus software

  • Install antivirus soft­ware from a trust­worthy source and update this using the inte­grated update function.

PLEASE NOTE: A list of rec­om­mended antivirus soft­ware can be found here.

Step 6: Installing and updating programs

  • Install the required pro­grams. Update all pro­grams, and acti­vate the auto-update func­tion wher­ever possible.

PLEASE NOTE: Please make sure to only install pro­grams from trust­worthy sources (e.g. man­u­fac­turers’ down­load sites or soft­ware archives such as PCtipp, Heise, etc.).

Step 7: Scan­ning data

  • Hold down the “shift” key and con­nect the external storage medium (external hard drive) with the data backed up pre­vi­ously to your PC.

PLEASE NOTE: In case mal­ware was copied to the external storage medium when backing up your data, your PC can become rein­fected! To pre­vent this, it is vital to hold down the “Shift” key when con­necting the external storage medium.

  • Scan the whole system and the external storage medium using the antivirus soft­ware installed pre­vi­ously. In case any infected files are found, you should clean or delete them!

PLEASE NOTE: A better, yet more elab­o­rate alter­na­tive to scan­ning newly installed sys­tems would be to check your external storage medium via a bootable live CD or from another oper­ating system (e. g. Linux, macOS).

Step 8: Restoring data

  • Restore your backed-up data from the external storage medium to your PC.

Step 9: What else you should do!

  • As mal­ware fre­quently cap­tures user names and pass­words, you should make sure to change all pass­words on your system itself, but also all pass­words for log­ging into any web­sites (e.g. e-banking, e-mail access, Face­book etc.).
  • In addi­tion, you should closely check your e-banking state­ments and your credit card statements.

What else would you like to learn about security when e-banking?

Reg­ister for a course now
and learn more:

Basic course

Find out about cur­rent Internet threats and some easy pro­tec­tive mea­sures, and how to securely use e-banking.

fur­ther information

Prac­tical course

Prac­tice the most impor­tant mea­sures for your com­puter and e-banking secu­rity on com­puters pro­vided by us.

fur­ther information

Online course for the under-30s

Learn how to use your smart­phone securely. Next to basics, we will show you what you should know about social media, clouds, mobile banking and mobile payments.

fur­ther information

Course for SMEs

Is your organ­i­sa­tion suf­fi­ciently secure? Learn which mea­sures you can take to sig­nif­i­cantly strengthen your organisation’s IT security.

fur­ther information

Send this to a friend