If your system got infected, would you reformat?

[+Warwagon MVC]

If you got infected with malware, would you reformat.

Let's say, for instance, that your machine for whatever reason got infected with malware. Doesn't really matter which malware, just that it got infected, which required a ton of different scans to get rid of it. Now assuming you don't already have a system image saved on an external or internal drive what would you do? Would you keep using the computer as was after the malware had been removed or would you reformat your machine just to be safe.

The reason for this poll, is for all the computer repair technicians that tell me that they don't feel its necessary to reformat a customer's computer after its been infected with malware. I say, treat a customers computer as you would treat your own.

Yesterday I came across a computer that was infected with that root-kit that prevented windows from booting up after installing the latest updates. The only thing she used the computer for was browsing the internet and "Paying bills online".

Now I could have sat there for 3 hours running scan after scan after scan after scan after scan. 3 hours later I would have finished but I would never have felt right letting her use that computer entering in personal information . So I reformatted. Had the system reformatted, with all the latest updates, IE 8 and Firefox with all the latest drivers in 1.2 hours. This particular customer didn't have anything she wanted backed up. But if they did I would have booted off a BartPE cd and back it up to an external hard drive then scan it. MOST people save all of their stuff inside the my documents folder. Some have Quickbooks, money and quicken.

Most people are capable of reinstalling all of their application once the OS is in a usable state. People may say, "You don't re install all of their applications for them?". I install enough to get them on their feet, I see no reason to suck the clock and bill the customer for something they are fully capable doing themselves. I also install gotoassist express, so If on the off chance they need help after I leave, they open gotoassit and I reconnect with them and help them with their issue. if its a quickfix this is usually done so at no charge.

I consider a reformat a far more cost effective, and secure way of malware removal.

[iamwhoiam]

IF I were to get infected and I didn't already have an image to restore from, then I'd format.

[morebaker]

The odd time i suspect anything i always reformat and reinstall.

Tinfoil hat is mandatory. :shiftyninja:

[+Anarkii Subscriber²]

Ive done it in the past, so yep id do it again.

[metheweirdo]

depending on the situation this is what i do

if it gets infected and it gets hard to remove the malware, i still dont format. this is what i do

shut down the computer

2.boot from some kinda of cd, either linux, bartPE, or active boot disk

3. move all my personal stuff to a folder direcly on C;/ drive

4.delete all other folder. (i.e. Windows, ProgramFiles , Documents and settings

5. shut it down and reinstall the operating system

and sometimes scan that folder i saved after the install just to make sure nothing infected is there

only time i do reformat is when im bored or i dont have anything important there

[zhangm Supervisor]

I'd isolate the system from any outside network and clean it.

The belief that once infected implies always infected is faulty - if you're willing to assume that a machine is infected without actual evidence of it being so, then you must also accept the possibility that every single machine you use is already compromised by some stealth program. This is defined as paranoia.

Windows has, believe it or not, only a finite number of mechanisms that can be used to execute code without user interaction. After checking all those, and verifying system file checksums, I'd be reasonably certain that the machine is clean.

[+Warwagon MVC]

I'd isolate the system from any outside network and clean it.

The belief that once infected implies always infected is faulty - if you're willing to assume that a machine is infected without actual evidence of it being so, then you must also accept the possibility that every single machine you use is already compromised by some stealth program. This is defined as paranoia.

'

For the most part that is true when talking about any machine other than your own. Personally I never use any machine other than my own to log into any site which requires a password because "it can not be trusted"

[Azusa]

i would never really get an infection because i have this thing called an idiot friend to learn from.

one thing i learned from him was Don't go getting a cracked version of office(not that i would being an open office user) as it came with something that disabled UAC on his system and was killing his internet connection and aprently only something called prevex could remove the problem. So even after installing/buying a sub for prevex and ESET SS he still can't turn UAC on what's up with that?

[jshimmy3]

Here's what I'd do...

a. I keep all essential data stored on a separate, external drive. So losing data won't be a problem.

b. If I'm infected, I wouldn't bother going through scanning - just the peace of mind of restoring my fresh base image (in probably a shorter time frame :p) is fine by me.

c. If I didn't have that image for one reason or another, I have no problem formatting, either. I keep all installers with the external drive, so it just becomes a matter of going through them all.

[bjoswald]

Why trust an antivirus program if you're just going to reformat? I would rather remove the infection(s) and exhaust all other recovery options before that.

[clotz2000]

Depending on the infection, I have customers (and family members) that are usually pretty bad off before they even contact me, in which case I usually backup all of their files and reformat. if it's just some spyware, I just scan it with 2-3 apps and declare it clean once done.

[Nightwind Hawk]

I suppose it depends what.... if it's something stupid like Antivirus 2010 then I'd remove it (although I'd never get that.... I HATE having to remove it on other peoples' computer!)

[DirtyLarry Veteran]

Not even a second of hesitation on my answer, reformat instantly. I keep my OS pretty lean and mean (meaning not all that many additional items and are apps installed at all especially on my gaming PC), all of my media is on another partition, so in most cases reformatting would actually be quicker than trying to troubleshoot whatever issues I may have. Luckily (knock on wood) I have not had to ever deal with this particular situation, but if I did have to, reformat no question about it.

[LUTZIFER]

Hell no! And lose everything, and then have to reinstall everything again.

I've gotten rid of viruses completely for many people, without reformatting. Sure it can take some time, but a fraction of what it would take to reformat.

I myself have have only gotten 1 virus in like 15 years of going online and I download stuff non-stop... porn, warez, cracks, you name it, many times without even antivirus programs.

The time I did get the virus was out of panic, lookin for a crack for a program and not havin any luck for the most part, stupid really, but got rid of the virus in no time manually.

I`ve always been the kinda person where I think if I have to reformat, I might as well just give up on computers altogether.

Even when I get a new computer, I just transfer all programs from the programs folder and program data folders, and documents, etc. etc. over to it, so that everything is pretty much the same, cuz I hate redoing stuff.

[null_]

Yes, no questions asked.

[Draconian Guppy]

Why trust an antivirus program if you're just going to reformat? I would rather remove the infection(s) and exhaust all other recovery options before that.

+1 The whole point of running an AV is to avoid re-format. Refomart is a No-NO, i'd rather scan and scan all over again, safemode, from ubuntu cd, etc. then reformat.

[splur]

I reformat if the computer performance is acting up, I wouldn't hesitate for a second to reformat if I was hit by a virus.

[rvbfan]

Personally, I like a challenge.

Formatting is always my last resort.

[Iian K]

I would reformat the computer, I've done it before.

I don't trust the cleaners out there, and it's not worth the time cleaning the system up.

[Rigby]

The last virus I got on my own system was from a 5.25" floppy disk (boot sector virus on a shareware game) back in 1994. However since it's my job, I deal with infected PCs all the time, and I always tell the customer it would be best to let me reformat and reinstall if they'll let me. Not only does it guarantee all the malware is gone, something no antivirus program can do, Windows just runs a lot better after a fresh install.

By the way, it seems like the common denominator of nearly all infected systems I see is Limewire.

[Iian K]

The last virus I got on my own system was from a 5.25" floppy disk (boot sector virus on a shareware game) back in 1994. However since it's my job, I deal with infected PCs all the time, and I always tell the customer it would be best to let me reformat and reinstall if they'll let me. Not only does it guarantee all the malware is gone, something no antivirus program can do, Windows just runs a lot better after a fresh install.

That's usually why I do it, because it guarantees that the virus is gone. I had a virus a long time ago, and have had to deal with idiot family members who've gotten it, I usually just backup and reinstall. :)

[The Teej]

Well, if I had my hard drive partitioned the way -I- want it to, then yeah, I'd reformat. But that's because I'd have the OS on one partition and everything else on another partition. Buuuuuuuuuuut, I don't. So, I'd bombard it with anti-virus software. Should do the trick quite easily, really. Then again I don't have anything so insanely personal it would destroy my entire life on it anyway. If someone gets hold of my bank details, I have a fairly laughable daily limit in real world terms and would just cancel my card immediately. All other "personal info" is just e-mails and forum passwords which are hardly life threatening if they get compromised, I have fail-safes in place for such measures.

I'm fairly confident of my computer security anyway. Not that I'm saying it's impenetrable, but yeah.

[John.D]

Depends what it was infected with.If it stopped me from booting into windows, I would just connect it to another system then scan it. There's other ways to fix a system, besides formatting. Altho, most of the PC's I've fixed haven't been my own. They're someone else's. And if a P2P program has been installed on it, thats usually the reason why it got infected in the first place. You forgot one option. Infected? Whats that. I fix other people's problems

[Orange Battery]

I keep a ghost image of my OS on an external hard drive, if I feel Ive been infected then I just do a quick restore.

[IceDogg]

Yes I would reformat. I'm a bit paranoid anyway and I just couldn't feel comfortable ever using that system for anything again until it was reformatted.