A non-tech-savvy member of my family has done something to compromise one of my computers. It was completely inundated with malware and viruses. I ran several scans from different anti-virus clients, including boot-time scans, which seemed to catch many of the worst cases of malware.
My bitcoin private keys are in cold storage using Armory on a device which has never been attached to a network. My question is, should it be safe to initiate a transaction from the compromised computer using the Armory client, to be signed later on the Armory cold storage device, or should I wait until after I have reinstalled the operating system on the first computer? Is there a precedent for malware that can tamper with unsigned transactions and alter addresses or amounts?