If your system got infected, would you reformat?

[Electric Jolt]

Why trust an antivirus program if you're just going to reformat? I would rather remove the infection(s) and exhaust all other recovery options before that.

Trojan horses suck big time... Always nice having a clean install before doing your backup. I still don't trust the software at all, not even Windows 7 will please me after that. I have to reformat.

+1 The whole point of running an AV is to avoid re-format. Refomart is a No-NO, i'd rather scan and scan all over again, safemode, from ubuntu cd, etc. then reformat.

Ugh, no. It is to stop it in it's tracks and protect your data. That's exactly what I use it for, it protects my data. If I backup bad data, reformats do nothing.

The last virus I got on my own system was from a 5.25" floppy disk (boot sector virus on a shareware game) back in 1994. However since it's my job, I deal with infected PCs all the time, and I always tell the customer it would be best to let me reformat and reinstall if they'll let me. Not only does it guarantee all the malware is gone, something no antivirus program can do, Windows just runs a lot better after a fresh install.

By the way, it seems like the common denominator of nearly all infected systems I see is Limewire.

Exactly... Songs are downloaded off Limewire and people download some virus instead. It's terrible. Everybody around me thinks I'm complicated for not using it, they think I'm stupid. Zune Pass is really nice. Have it for 3 months right now, so 30 songs to keep. :)

Ok. Well. Here is how it goes. Operating systems have a main problem, they all have it in common. Well, some don't, for example, iPhone OS (when it isn't jailbroken) does not have this issue. The operating system has everything mainly on one partition and allows so much modularity, that it blends right on in with the main functions of the operating system. Uninstall files, app settings, invalid registry entries, hidden Flash Player game files, computer repair utilities scattered, left-over files from bad uninstalls, etc. This all collects on most operating systems. Then you have complex ways to customize something and that goes wrong. For example, a friend had a desktop full of **** everywhere, and not only that, Luna was turned off, and some mix between Windows Classic and Luna was on, it was gray and ugly, that's all I know. I find this stuff on every computer before I reformat. A solution can be found for this. The boot loader can be isolated, and now in recent operating system releases, it has been. The boot loader can contact a filesystem which has information on where everything is. The boot loader finds the data store where Windows is located and launches it. Then you are in Windows, but the usual Windows folder is no longer available to you or any programs. An SDK can be used to change the way Windows functions. For most smart Windows users, you would just jailbreak, which would load another boot loader entry and it would find the authentication that would authorize access to Windows' inner workings. This would make everything more manageable as Windows would stay the same. I use Windows as an example as it suffers the most. Imagine everything being managed neatly and any modification to Windows could just be undone. Basically any modification would be launched on an insertion platform which the SDK would take advantage of. Anything that hurts Windows in the many years of having it running perfectly, could easily throw you into a Safe Mode which stops the insertion platform temporarily while the issue is fixed. This could stop BSODS, viruses, general clutter, etc. Until I see Windows manageable enough that after it is cleaned from a virus, it is completely identical to any other copy, I'm back to a reformat. This is the way it should be, an image that nothing can change it unless it is on the insertion platform. Right now, files can just be corrupted easily, and your Windows folder has to link to so much other stuff on your HDD, causing you to need to defragment it. If Windows was an image that had bits and pieces loaded into memory when needed, it could be kept on a certain location on your HDD, and during install, it would ensure no fragments were found, and that the image was always where it should be and not scattered across the HDD, needing constant defragmenting. Windows would still defragment your data though. Sounds like an idea to me. :D

[Obi-Wan Kenobi]

if it's my personal machine...then I trust my work...if it's a customer's machine...well, that may be a different story....it's not because I like to gouge them, it's because I've seen such terrible infections, that most of the time, that's the only solution....but not for me though. I run my own domain, and don't have to worry about stuff like this...I constantly repair several clients macnines per month...all successful...just general PEBKAC, for the most part....or kids, who think they know what they're doing...

Short answer edit: No, I would not format...most things can be solved or fixed with knowledge...where you find the knowledge is up to you...but I'll tell you what...I've been around neowin long enough, that I can tell you...there are other solutiions...and there are several experts to guide you...in particular, Budman is my fav...he's inspired me to go back to college, and get my Net+..and go beyond that, if I can...(thanks, b-man!) but anyway, if you trust yourself enough, and are confident in your work, you'll know what to do...and you won't make the wrong decisions ;) The correct answers will come to you, and you will do well, trust me, I get all sorts of people all of the time, saying, "How the H_E_DOUBLE_ELL did you do that?" Just do your homework....it'll come natural ;)

[devHead]

I would have to say, if it's pretty bad, I would reformat and reinstall. I would always have that feeling like something was still lurking. For viruses in files that I might download, well, I would just clean it or delete it. But if I realized I was pretty badly infected, I think it would just be safer to make a fresh start.

[ThisSiteHasLostItsCharm]

no, waste of time, unless windows gets messed up real bad then i'd format. Most of the time it's just a matter of deleting some startup items, cookies or something in the system folders.

[Osiris]

For me personally I would just restore from a clean install image but for technicians as per the original post theres alot of variables to consider and I can easily see why they would prefer not to do a format and clean install. That being said if you do reformat customers are usually pretty happy in the end anyway due to how much better the system is running.

[Hani]

I'd isolate the system from any outside network and clean it.

The belief that once infected implies always infected is faulty - if you're willing to assume that a machine is infected without actual evidence of it being so, then you must also accept the possibility that every single machine you use is already compromised by some stealth program. This is defined as paranoia.

Windows has, believe it or not, only a finite number of mechanisms that can be used to execute code without user interaction. After checking all those, and verifying system file checksums, I'd be reasonably certain that the machine is clean.

Wouldn't all that take lot of time? Not to mention that you still end up with a result that entails a margin of error. Formatting or image restoring is accurate, mostly automated, and quite quick (at least with Windows 7).

[Osiris]

Wouldn't all that take lot of time? Not to mention that you still end up with a result that entails a margin of error. Formatting or image restoring is accurate, mostly automated, and quite quick (at least with Windows 7).

What if the drive isnt partitioned and they have data all over it, youve then gotta scan it all and transfer it back and forth anyway; got to make sure you pull the product serials before formatting as you cant rely on customers to know where their install discs are (laptops being the worse for faded oem stickers, but also office etc if it was on there before hand); getting drivers for older laptops XP and even vista based ones can be painful and more often than not the original discs are buried in some box somewhere the client doesnt know where is; clients generally like their systems to come back to them as they were sans the infection and depending on what apps they have installed is another reason it can just be easier to clean it and keep the customer happy.

[Jebadiah]

Why should anyone format their computer if it's infected? How do you plan to recover your data then? It's amazing that more people voted "YES" on the poll. LOL

[Hani]

What if the drive isnt partitioned and they have data all over it, youve then gotta scan it all and transfer it back and forth anyway; got to make sure you pull the product serials before formatting as you cant rely on customers to know where their install discs are (laptops being the worse for faded oem stickers, but also office etc if it was on there before hand); getting drivers for older laptops XP and even vista based ones can be painful and more often than not the original discs are buried in some box somewhere the client doesnt know where is; clients generally like their systems to come back to them as they were sans the infection and depending on what apps they have installed is another reason it can just be easier to clean it and keep the customer happy.

If your sytsem got infected, would you reformat?

[Rigby]

Why should anyone format their computer if it's infected?

I believe you just answered your own question.

How do you plan to recover your data then?

How do you plan to recover your data if your hard drive fails? Some of us have enough sense to keep our data backed up. ;)

[tomwarren Veteran]

Definitely

[RoomKid]

Definitely

:cake:

-----------

I wouldn't. With the amount of important files I have, I wouldn't think of it. If it gets bad, then I'll have no choice to do so :(

[Sethos]

I never get any crap on my PC, mainly because I stick to gaming and visiting the same 5-6 websites but if it happened, I definitely would format!

Not that it matters, I do a format every other week on the dot :)

( Great to have a second 750GB HDD for backup )

[DJGM]

The whole point of running an AV is to avoid re-format. Refomart is a No-NO, i'd rather scan

and scan all over again, safemode, from ubuntu cd, etc. then reformat.

I think you missed something out there. Didn't you mean something like . . .

"The whole point of running an AV is to avoid re-format. Reformat is a No-NO, i'd rather scan and scan all over again, from safe mode,

from a ubuntu cd, etc ... then if all else fails, and I've exhausted all possible methods and ideas, THEN I'd reformat and reinstall."

. . . ?

I've put in italics the bit I think you had meant to include in your quoted post.

As for me ... reformat and reinstall would be a last resort, or if a system is fubar'd, and there's absolutely no other option left.

[strelok1911]

I'd reformat A.S.A.P. after changing my passwords on an uninfected PC.

[Osiris]

If your sytsem got infected, would you reformat?

Yes, and if you bothered to read the OPs actual post, rather than just the poll question, you would see he is also discussing this from the perspective of a technician dealing with clients. I answered what I would do in my first post and followed up your post with the technicians perspective for why its not so easy to just format away.

So put some context in your pipe and smoke that.

[Hani]

Yes, and if you bothered to read the OPs actual post, rather than just the poll question, you would see he is discussing this from the perspective of a technician dealing with clients. I answered what I would do in my first post and followed up some one elses discussion on formatting v. cleaning from a technician perspective..

So put some context in your pipe and smoke that.

Oh, but would you do the same thing for your PC? Or you just do a format?

[dav0]

I generally reformat every 6 months or so, so yeah, I probably would reformat if I got infected.

[Osiris]

Oh, but would you do the same thing for your PC? Or you just do a format?

Well if you refer to my original post about 1 to 2 places above yours on the second page, you would see I would format my OS partition and restore an image. However from a technicians perspective where time is money, where clients dont usually have images and nice paritions like so many of us do there would be a multitude of reasons to consider why not to format.

In the broader discussion of things whether you format or clean, if you wouldnt feel safe logging into your personal stuff on the clients machine by the time youre finished, then its not ready to go back to them. That would be my compass on this matter, not what I do with my PC.

[Rohdekill]

"The whole point of running an AV is to avoid re-format. Reformat is a No-NO, i'd rather scan and scan all over again, from safe mode,

from a ubuntu cd, etc ... then if all else fails, and I've exhausted all possible methods and ideas, THEN I'd reformat and reinstall."

Uhm... explain this to us all again? If you have an AV and get a virus the point of running an AV is to avoid formatting?

Isn't the point of an AV not to get the virus in the first place?

[Tekkerson]

I would reformat the computer, I've done it before.

I don't trust the cleaners out there, and it's not worth the time cleaning the system up.

This +1000

AV and Malware scanners cannot be trusted, period. Simply because they can't detect 100% of the viruses that are created. Call me paranoid but it's the truth.

[Athlonite]

i would never really get an infection because i have this thing called an idiot friend to learn from.

one thing i learned from him was Don't go getting a cracked version of office(not that i would being an open office user) as it came with something that disabled UAC on his system and was killing his internet connection and aprently only something called prevex could remove the problem. So even after installing/buying a sub for prevex and ESET SS he still can't turn UAC on what's up with that?

ROFL prevex is the most useless piece of junk around tell him to use MSE it's free and works unless he's also running a pirated copy of windows... it sounds like the crack he got is some remote network bot basically turning his machine into an zombie to be used in a botnet to DDOS or spam?

as for me i'd only reformat as a last resort or the system was still unstable after a clean out, not that i ever get anything but a few websites have tried good old antivirus 2010 aka 2009 and a whole host of other names my win7x64 + MSE took care of that cr@p though ?

[daiv_]

yeh id rather just reformat it, i have 4 hard drives anyway so all the stuff id like to keep is kept on a seperate drive.

id find the source of it, if its on C ill just reformat the whole thing, if its mixed in with the stuff i wanna keep, id just have to get rid of whatever it is causing, but id still reformat C incase it installed or changed anything on my C drive.

i usually end up clogging my OS anyway, so itd be some good incentive to clean it out.

[markwolfe Veteran]

On a Windows system, it is often much quicker to just reinstall (re-image, if one had the foresight to make an image of a fresh install).

Plus, I am not as versed in Windows malware removal any more.

On my Linux box, I have AV and have "chkrootkit" installed. I would be comfortable that I would be able to detect any system file tampering and correct it, so I voted "no". I would not reformat.

[JimmyCypherz]

Yep, i do it every time. Mine or not mine.