|
February 22, 2014, 09:38:05 AM |
|
It may help if AV software can't fix, but no, for the reason escrow.ms went into as well as some others.
There are some uncommon instances where a virus can continue after reinstalling Windows - ignoring the fact that you don't delete the virus on the storage device without completely reformatting (it'd be preferable to save low-risk files [documents, videos, pictures, wallets, that god-damned enormous blockchain] you want on a USB drive, then move the entire hard drive over to a "quarantine" drive [spare HDD or external hard drive] in case you end up needing those files at some point later).
1) BIOS infection. Through various potential methods, virus uploads modified firmware to BIOS which locks you out of changing it and will "replant" itself on new operating systems. This is fairly uncommon these days, but definitely out in the wild.
2) Your IP address is being targeted. In cases where your PC and/or network is not well-secured against the Internet, it's possible for an attacker to simply replant the virus when you reformat or reinstall.
3) Router infection. Router is compromised or modified firmware installed. AFAIK, the only thing like this out in the wild is called a "DNSChanger trojan," where your router credentials are cracked and settings are changed to use an attacker's DNS server, which could infect PCs on the network, or just serve them annoying ad pages.
As long as it's just adware, though, probably not worth panicking over (I'd still reformat). If it doesn't appear to do anything advertisement-related and/or is uploading data, that's when you should be freaking the fuck out, immediately disconnecting the infected computer, reformatting, calling ISP to change IP address, quickly going to a friend's house to change all passwords and creating a new email account to link all old accounts to, alerting everyone to the possibility that you'll be impersonated or that private information was leaked, etc.
|