Hey everyone! A friend of mine had a pretty bad malware infection on his PC that allowed a hacker to take full control. They used his accounts to send out fake giveaways and even locked him out entirely. After rebooting Windows without fully formatting the drive, his PC remained infected. Now that we've built him a new PC, we want to give his old one to another friend who recently lost his computer. I need to know how to be 100% certain that the old PC is clean before passing it on. Is just using a Windows installer on a USB to format the drive enough? I've heard that some malware can infect the BIOS; is that something I should worry about here? Any advice would be greatly appreciated!
6 Answers
BIOS malware is super rare, but to be extra cautious, you could format the drive using a Linux live USB like Ubuntu. This isolates the OS, and you can wipe the drive securely without any risk of reintroducing malware from a Windows environment.
If you wipe the drive and reinstall Windows from a USB, it should be clean. It's rare for malware to survive that. Just make sure that after reinstalling, your friend doesn't restore any backed-up files that might be infected. There's a chance the PC got infected again if they reused files that contained the malware.
Here’s a step-by-step: Create a Windows USB installer on another PC, disconnect the infected one from the internet, and reinstall Windows from that USB. Also, change passwords for all accounts and turn on two-factor authentication afterward. This should really help in securing the system.
Honestly, I wouldn't worry about the RAM as it's volatile. Malware can't stay in there after a restart. Wiping the drive and reinstalling should be all you need to do. No need to change RAM just because of a malware infection—it's unnecessary and spreads misinformation.
You should really only worry about the HDD or SSD for malware, not the hardware itself. Use a live CD for formatting and manage your disks carefully. Also, make sure not to sync with any infected accounts afterward, as that can bring the malware back.
Exactly, the first reinstall might have cleaned everything up, but if they don’t change their passwords, it's possible for the hacker to regain access if they still have those details.