Re: malware infesting windows part of dual-boot
Hi Charles, On 13/01/12 19:04, Charles Blair wrote: I have the lenny release of debian and windows XP as a dual- boot using grub 0.97. The debian system (of course) seems to be working fine, but I've gotten some malware (of course) on the windows side. Can somebody recommend software (preferably free) that will deal with the bad windows stuff without trashing the linux system? I'm concerned that running standard-issue diagnostic and treatment stuff will tamper with the boot sector, among other things. In the past I have sometimes found it more effective and overall less time-consuming to simply re-install the system on malware-infested windows installations, than try to 'clean' them. I say this because something like the Trinity live cd may take up to 1 day or even more to scan with all the available antiviruses. If you do decide to go this route the following cautions and drawbacks come to mind: - Be sure to back-up any valuable data both on the Windows and Debian partitions (you never know when playing around with partitioning-enabled software), this would typically include the Documents and Settings directories for the various users on the windows side, /home partition/directory on debian maybe something in /etc. - YMMV - This can usually be done by running any Live CD and attaching the machine to an external hard-disk but your mailage may vary depending on the size of data you need to backup. - Consider the fact that for the windows side any infected file you back-up still remains so, although copying it off on an external hard disk, even better if on a dedicated partition *should* reduce the risk of reinfection if you take some sanitisation measures such as having an updated, un-compromised antivirus, treating with suspicion .exe, .com, .dll, office files etc. - Reinstalling Windows XP *will* surely overwrite the MBR, thus if grub starts from there it will be unusable. But, this can easily be corrected, again through using more or less specific live CDs and googling around will provide many links. - IIRC Windows installer will offer to use whole disk thus potentially deleting your debian partition(s) too! Check *very* carefully the partitioning options of the windows installer. - In windows you will have to re-install all software. This is the biggest bummer, as it will be much more painful than e.g. re-installing all packages in debian because each software will have to be reinstalled manually. This especially applies to software with fussy authorisation methods such as sending emails, hardware snapshoting etc. A naive yet useful tip might be to print out the dir of the c:\Programs directory (or similar). In some enterprises windows machines bootstrapping is usually done to certain extent. Good luck, Lorenzo. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f13e726.30...@gmail.com
Re: malware infesting windows part of dual-boot
On Fri, 13 Jan 2012 19:40:56 +, Brian wrote in message <20120113194056.GE2926@desktop>: > On Fri 13 Jan 2012 at 13:04:16 -0600, Charles Blair wrote: > > >I have the lenny release of debian and windows XP as a dual- > > boot using grub 0.97. The debian system (of course) seems to > > be working fine, but I've gotten some malware (of course) on > > the windows side. > > > > Can somebody recommend software (preferably free) that > > will deal with the bad windows stuff without trashing the > > linux system? I'm concerned that running standard-issue > > diagnostic and treatment stuff will tamper with the boot > > sector, among other things. > > Debian, as you acknowledge, is a malware free zone. If something nasty > is affecting another OS you are better off dealing with it within that > OS. ..really??? Like Obama, I have 2 words for you, mine may be a little harsher: Track records. ;o) > If the treatment affects the MBR you can complain to the software > provider. Anyway, Debian has ways of restoring your MBR to good > health. ..try 'man -k grub' for a list of ideas, then e.g. 'man grub-mkrescue'. ..if you lack that, e.g. 'apt-cache search grub-mkrescue' will list a few install suggestions worth an 'apt-cache show $item'. -- ..med vennlig hilsen = with Kind Regards from Arnt Karlsen ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120114153830.6b6ee...@nb6.lan
[OT] Re: malware infesting windows part of dual-boot
On Fri, 13 Jan 2012 13:04:16 -0600, Charles Blair wrote: > I have the lenny release of debian and windows XP as a dual- boot using > grub 0.97. The debian system (of course) seems to be working fine, but > I've gotten some malware (of course) on the windows side. > > Can somebody recommend software (preferably free) that > will deal with the bad windows stuff without trashing the linux system? > I'm concerned that running standard-issue diagnostic and treatment stuff > will tamper with the boot sector, among other things. Yes, boot your windows system and use this online tool: http://www.eset.com/us/online-scanner/ It's an online scanner, it has saved me many, many times :-) Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/jesh1n$kef$3...@dough.gmane.org
Re: malware infesting windows part of dual-boot
On Fri, Jan 13, 2012 at 07:57:21PM -0600, John W. Foster wrote: > On Sat, 2012-01-14 at 00:45 +0200, Andrei Popescu wrote: > > On Vi, 13 ian 12, 13:04:16, Charles Blair wrote: > > > > > > Can somebody recommend software (preferably free) that > > > will deal with the bad windows stuff without trashing the > > > linux system? I'm concerned that running standard-issue > > > diagnostic and treatment stuff will tamper with the boot > > > sector, among other things. > > > > clamav? > > With clamav you need to make sure you save the log. I *think* that by default, clamav only detects viruses and does not delete or quarantine them. So you'll need to search through the log for certain keywords (which I can't remember, but probably something like "infected" or "detected"). -Rob -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120114153818.ga27...@aurora.owens.net
Re: malware infesting windows part of dual-boot
If you obtain a Trinity Rescue Disk (free download online) you can boot from that and run four different anti-virus softwares with one command. If I remember correctly, you can designate which partition to use them on. Using TRK: First, run updatetrk, then: virusscan -n -a clam;virusscan -n -a fprot;virusscan -n -a bde;virusscan -n -a va;virusscan -n -a avs You will need the key for Avast that you can get free online as well (good for 30 days). This will take awhile (hours). Each anti-virus software will write a report to the root directory of the partition you choose. Keith >I have the lenny release of debian and windows XP as a dual- > boot using grub 0.97. The debian system (of course) seems to > be working fine, but I've gotten some malware (of course) on > the windows side. > > Can somebody recommend software (preferably free) that > will deal with the bad windows stuff without trashing the > linux system? I'm concerned that running standard-issue > diagnostic and treatment stuff will tamper with the boot > sector, among other things. > >Thanks, everyone! > -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/ec33c15ea80a647bab80a5276469f556.squir...@webmail.strucktower.com
Re: malware infesting windows part of dual-boot
On Sat, 2012-01-14 at 00:45 +0200, Andrei Popescu wrote: > On Vi, 13 ian 12, 13:04:16, Charles Blair wrote: > > > > Can somebody recommend software (preferably free) that > > will deal with the bad windows stuff without trashing the > > linux system? I'm concerned that running standard-issue > > diagnostic and treatment stuff will tamper with the boot > > sector, among other things. > > clamav? > > Kind regards, > Andrei MalwareBytes has a free trial version that works well. frosty -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1326506241.32119.0.ca...@beast.home
Re: malware infesting windows part of dual-boot
On Vi, 13 ian 12, 13:04:16, Charles Blair wrote: > > Can somebody recommend software (preferably free) that > will deal with the bad windows stuff without trashing the > linux system? I'm concerned that running standard-issue > diagnostic and treatment stuff will tamper with the boot > sector, among other things. clamav? Kind regards, Andrei -- Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic signature.asc Description: Digital signature
Re: malware infesting windows part of dual-boot
On Fri 13 Jan 2012 at 13:04:16 -0600, Charles Blair wrote: >I have the lenny release of debian and windows XP as a dual- > boot using grub 0.97. The debian system (of course) seems to > be working fine, but I've gotten some malware (of course) on > the windows side. > > Can somebody recommend software (preferably free) that > will deal with the bad windows stuff without trashing the > linux system? I'm concerned that running standard-issue > diagnostic and treatment stuff will tamper with the boot > sector, among other things. Debian, as you acknowledge, is a malware free zone. If something nasty is affecting another OS you are better off dealing with it within that OS. If the treatment affects the MBR you can complain to the software provider. Anyway, Debian has ways of restoring your MBR to good health. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120113194056.GE2926@desktop
malware infesting windows part of dual-boot
I have the lenny release of debian and windows XP as a dual- boot using grub 0.97. The debian system (of course) seems to be working fine, but I've gotten some malware (of course) on the windows side. Can somebody recommend software (preferably free) that will deal with the bad windows stuff without trashing the linux system? I'm concerned that running standard-issue diagnostic and treatment stuff will tamper with the boot sector, among other things. Thanks, everyone! -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120113130416.3ad23...@debian.hsd1.il.comcast.net.