If your system got infected, would you reformat?

By +Warwagon
in Poll Station

 Share

If you got infected, would you reformat.  

242 members have voted

  1. 1. If you got infected, would you reformat.

    • Yes - Once you are infected, your sytsem can never be trusted again.
      159
    • No - I feel confident that once I get rid of all the malware my personal data from this point foward would not be at risk.
      83

Recommended Posts

Apprentice

GraveDigger27

Posted
Posted

If you got infected with malware, would you reformat.

Let's say, for instance, that your machine for whatever reason got infected with malware. Doesn't really matter which malware, just that it got infected, which required a ton of different scans to get rid of it. Now assuming you don't already have a system image saved on an external or internal drive what would you do? Would you keep using the computer as was after the malware had been removed or would you reformat your machine just to be safe.

The reason for this poll, is for all the computer repair technicians that tell me that they don't feel its necessary to reformat a customer's computer after its been infected with malware. I say, treat a customers computer as you would treat your own.

Although the computer repair professionals don't feel it's necessary, why NOT format? Unless you have a hidden partition containing recovery data, formatting the hard disk is the easiest way of making sure that there's nothing lingering around that could come back and bite the user in the butt. Although I DO think that users should be taught to make backups (and images) of their systems, I understand that many will never do more than save some of their data to a floppy disk (and many won't even do that...)

So if one of my brothers get their systems infected or their browser is hijacked I'm probably gonna spend little time trying to recover the system. If they have a computer purchased from a third party they'll need to either find the recovery software that came with the machine and revert the system back to the original, brand-new condition. If they haven't got backups of their preferences, favorites, cookies or documents - tough. Who knows what files are infected? I'll run a scan from a boot CD or USB key with Portable Apps or Liberkey on it, but I'm not willing to spend hours trying to bring them back to their previous, un-infected condition. I've installed free anti-virus programs and anti-malware utilities on their systems, but I've seen them fail to keep these programs updated and their spouses or children exhibit bad practices in roaming the internet, downloading and installing software without understanding what they're really doing and ignoring potential issues by not running system updates.

In these cases, my best response is - "Sorry, but if you can't be bothered to do the little things to keep the computer running correctly, then I can't be bothered when you screw it up." If they have to lose their data or buy a copy of the operating system because they never bothered to make a backup of their files or even make the recovery CDs (I've seen a couple of cases of that) - then perhaps a little pain is worth the learning. Harsh though it may be, you can't protect people from doing the wrong thing if they're not motivated.

Grand Master

+Warwagon MVC

Posted
  • Author
  • MVC
Posted

Hey,

If most people did this more often at home, there would be less botnets. Just sayin maybe once a year or so( for the less techy). i try to do it every 3 months.

Once every 3 months? For a reinstall not an image restore? For the fun of it? Why God, WHY?

Grand Master

zhangm Supervisor

Posted
  • Supervisor
Posted

Wouldn't all that take lot of time? Not to mention that you still end up with a result that entails a margin of error. Formatting or image restoring is accurate, mostly automated, and quite quick (at least with Windows 7).

If you don't care at all about driver updates, Windows updates, and personal data, then yes, formatting a Windows Vista or Windows 7 computer takes about half an hour from inserting the disk to logging into the new OS.

Since there are only so many different ways that malware can launch automatically without user intervention, I believe that there isn't really any margin of error associated with neutering the infection. For me, I don't really care whether I get all the bits and pieces. I just care about removing enough bits to ensure that it can't launch.

To me, the whole assumption that after a malware infection, there will be little bits of malicious code left over that no one can detect is much like believing in God, Allah, or the Tooth Fairy.

You may as well believe that I've managed to insert a piece of malicious code into this post. It executes by employing a buffer overflow vulnerability in your browser that has not yet been documented. Using this, I've managed to download a trojan horse/rootkit onto your hard drive, and now I'm tracking your keystrokes. I guess you better reformat, just to make sure, right?

Grand Master

hdood

Posted
Posted

I'd isolate the system from any outside network and clean it.

The belief that once infected implies always infected is faulty - if you're willing to assume that a machine is infected without actual evidence of it being so, then you must also accept the possibility that every single machine you use is already compromised by some stealth program. This is defined as paranoia.

Windows has, believe it or not, only a finite number of mechanisms that can be used to execute code without user interaction. After checking all those, and verifying system file checksums, I'd be reasonably certain that the machine is clean.

Sort of. They are finite, but they are complex and convoluted to the point where it really is exceptionally difficult for someone to know. Very few (any?) people have an understanding of every part of Windows. The run key might be obvious, but when you start considering other vectors like, say shell extensions or a file system filter or even just a DLL being present in a path that the loader searches, it suddenly becomes extremely difficult. Now, it is true that most malware is not particularly sophisticated (though some is), but it's still fairly arrogant to believe one has any chance of doing such a scan. Even just the act of verifying checksums becomes difficult when you consider upgrades. That said, it is a fine line between a rational measured reaction and paranoia.

Grand Master

Hani

Posted
Posted

If you don't care at all about driver updates, Windows updates, and personal data, then yes, formatting a Windows Vista or Windows 7 computer takes about half an hour from inserting the disk to logging into the new OS.

Since there are only so many different ways that malware can launch automatically without user intervention, I believe that there isn't really any margin of error associated with neutering the infection. For me, I don't really care whether I get all the bits and pieces. I just care about removing enough bits to ensure that it can't launch.

To me, the whole assumption that after a malware infection, there will be little bits of malicious code left over that no one can detect is much like believing in God, Allah, or the Tooth Fairy.

You may as well believe that I've managed to insert a piece of malicious code into this post. It executes by employing a buffer overflow vulnerability in your browser that has not yet been documented. Using this, I've managed to download a trojan horse/rootkit onto your hard drive, and now I'm tracking your keystrokes. I guess you better reformat, just to make sure, right?

But not all people have the skill to track down every piece of malware to ensure absolute safety. Besides some people (like me) are paranoid when it comes to their privacy.

Also, wouldn't driver and Windows updates be included in the image?

Mentor

Electric Jolt

Posted
Posted

Good one Electric Jolt, your funny!

I wasn't joking. I have several computers, and I'm a very disorganized and OCD-driven person. When I say OCD-driven, I mean I'm driven my obsessive compulsive disorder. So for example, my desktop might be clean during the first week, but the week after that I get sloppy and have pr0n everywhere. My OCD kicks in and I must have a completely clear desktop, if I experience a BSOD from just a driver I will reformat again and try to avoid that BSOD. I'm obsessive about it. Sometimes I like to install the latest release of Windows Server or Ubuntu. Whatever will float my OCD-driven boat. I don't even activate because of so many computers. My laptop for example is extremely old, it is a Dell Inspiron 1100 and because it has no DVD drive, I network boot the Windows 7 install. All machines must be running the latest copy of Windows, regardless of the slow speed. When activation is up, I just reinstall. That's how I get the job done.

Grand Master

_bobcat_ Veteran

Posted
  • Veteran
Posted

I probably would just reformat. I'd be so disturbed at having it in the first place.

I would also be likely to take a run through most of my online accounts when on a safe system and change my passwords, since I believe that getting that sort of information is the aim of a lot of malware these days.

Community Regular

murkurie

Posted
Posted

never had a virus but if I did, I would just reformat, it only takes 20mins to reinstall windows 7, faster then a full system scan, and I can reinstall all my programs and have everything reconfiged in about 1 hour and 20mins, I have my backup designed for a fast reinstall of windows, longest part is reinstalling games and patching them if I feel like it

Grand Master

NoneAvail

Posted
Posted

First I'd ask, a reformat or a cleaning session. Sometimes I get computers that are loaded with Windows XP installations that are about 3-4 years old and is starting to run sloppy and slow. I'd clean it, using the tools I prefer and seen success with and if it is still running slow then I'd ask if they want a reformat which i would back up everything in the documents, photos, music, etc. Get a list of the applications they once had installed and ask them which they used. reinstall their OS, and place everything back to the places they've been and they won't even know if I did a format or not.

Mentor

morphen

Posted
Posted

The odd time i suspect anything i always reformat and reinstall.

Tinfoil hat is mandatory. :shiftyninja:

+1 :p i never try to fix anything, too timeconsuming, also, it's a good excuse to clean up :p

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Creative Sound Blaster AE-X PCIe review: your headphones will love it

      By Jaybonaut · Posted

      You can't, if you didn't notice, it doesn't support surround at all, it's right in the spec list.
    • Creative Sound Blaster AE-X PCIe review: your headphones will love it

      By cleverclogs · Posted

      Hi — I’m always interested in soundcards. Like displays, I just want to know I’m getting as much clean “sonic juice” into my brain as possible as the years take their toll. I’m not entirely sure what to take away from this review, though. It doesn’t really tell me whether the AE‑X is a good product or who it’s actually for. Most of what I’m getting is: there’s a driver to install, here’s what it looks like, and here’s what’s in the box. There’s a lot of emphasis on the SPDIF input. When you mention not needing to switch headphones between console and PC — does that mean the PC has to be powered on just to pass audio through? That seems like a fairly big waste of energy. Is this more something a streamer would use alongside a capture card? How are you testing the sound? (Also, you might want to clarify that you’re using the headphones in wired mode when you mention they’re wireless.) You mention the lack of EMI shielding — how much real‑world difference does that make compared with typical motherboard audio? On multi‑channel: what exactly isn’t supported? Does this mean Windows spatial audio (Dolby Atmos for Headphones, DTS Headphone:X, etc.) won’t work, or just that the card itself doesn’t decode surround formats? And are there any true multi‑driver “surround” headphones left that would even use that? You also highlight support for high‑impedance headphones — but what does that translate to in practice? How does it compare to driving the same headphones from a normal device, and does it make any difference for everyday, lower‑impedance models? In short, who is this card actually targeted at?
    • The Microsoft Office feature that time forgot

      By cleverclogs · Posted

      Yes, THIS is wordart, not the styling that can now be done. Wordart was all about those curvy words, that you could change the path of, like making words go around a circle. I don't think it can be done now, right?
    • Waymo recalls self-driving software after cars enter closed freeway work zones

      By RangerLG · Posted

      Just saw a news report of a Waymo driving into a flooded road.
    • Password Safe 3.72.0

      By Copernic · Posted

      Password Safe 3.72.0 by Razvan Serea Password Safe is a password database utility. Like many other such products, commercial and otherwise, it stores your passwords in an encrypted file, allowing you to remember only one password (the "safe combination"), instead of all the username/password combinations that you use. Once stored, your user names and passwords are just a few clicks away. Using Password Safe you can organize your passwords using your own customizable references—for example, by user ID, category, web site, or location. You can choose to store all your passwords in a single encrypted master password list (an encrypted password database), or use multiple databases to further organize your passwords (work and home, for example). And with its intuitive interface you will be up and running in minutes. PasswordSafe was originally designed by the renowned security technologist Bruce Schneier and released as a free utility application. Password Safe 3.72.0 changelog: Fixed bugs Improved font scale handling - should resolve font size issues on high resolution displays. GH1749 In the Master Password Setup window, "Show Master Password" is no longer truncated on some displays. GH1092, SF1595 Size and position of main window is now correctly restored on scaled displays. SF1630 Keep password expiry date when both password and password expiry are changed; don't clear a non-recurring expiry when the password's changed. SF1628 Custom values can now be copied to the clipboard in read-only mode via Ctrl-C and right-click->Copy Value. New features GH1196 Dark display mode support: Password Safe now supports the system display mode, as well as setting the mode directly via Manage->Options->Display->Display Mode. This change also updates the general "look & feel" of the app to the current Windows theme. Known limitations: The Date picker and keyboard shortcut controls do not switch to dark theme The Customize Toolbar dialog does not switch to dark theme Custom Field support has been added to the more advanced features: Filters XML and Text import and export Comparison, Sync and Merge databases SF938 Custom field values may now be selected by name and copied via a "Copy Custom Field Value..." submenu in the entry context popup menu. SF936 Notes and Custom fields layout now overlap, selectable by tabs, resulting in a more compact and less cluttered layout. SF935 Autotype: Specifying '\v{name}' in the autotype text will cause the corresponding value to be autotyped. Download: PasswordSafe 64-bit | Portable 64-bit | ~20.0 MB (Open Source) Download: PasswordSafe 32-bit | Portable 32-bit View: PasswordSafe Website | Quickstart Guide | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware

  • Recent Achievements

    • Dedicated
      Almohandis earned a badge
      Dedicated
    • Dedicated
      JuvenileDelinquent earned a badge
      Dedicated
    • First Post
      DrWankel earned a badge
      First Post
    • Reacting Well
      DrWankel earned a badge
      Reacting Well
    • Week One Done
      Supreme Spray LV earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      503
    2. 2
      +Edouard
      170
    3. 3
      PsYcHoKiLLa
      88
    4. 4
      Steven P.
      76
    5. 5
      Michael Scrip
      74
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!