Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Ubuntu User (http://www.linux-archive.org/ubuntu-user/)
-   -   Virus question. (http://www.linux-archive.org/ubuntu-user/677319-virus-question.html)

Bill Stanley 06-26-2012 01:23 PM

Virus question.
 
Hi,

Maybe a bit of history is in order here...

Thankfully the problem does not affect my computer but affects my
sisters computer. She dual boots - Ubuntu and Windows XP (SP3) and
unfortunately mostly uses Windows. Earlier this year, I installed Avast
and I set it up to send an email alert to me when it runs into a virus.
After several months of no alerts from her computer, I finally got
one, an alert that the win32:Aluroot-C virus was encountered. Now the
Ubuntu part of the question.


Some research shows that it is a rootkit. Since she dual boots with
GRUB is the Linux part still safe? I am almost certain that it will be
unaffected. While the Windows partition might be trashed the Linux
partition still is usable (I hope). Since this is a rootkit, does it
insinuate itself before GRUB? What I also read is that manual removal
is probably the only sure way to get rid of it. I plan to dual boot the
Ubuntu partition and manually clean out the Windows partition. Will
using Linux to delete the Windows partition be reliable.


Bill Stanley

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

Rashkae 06-26-2012 03:04 PM

Virus question.
 
On 06/26/2012 09:23 AM, Bill Stanley wrote:

Hi,

Maybe a bit of history is in order here...

Thankfully the problem does not affect my computer but affects my
sisters computer. She dual boots - Ubuntu and Windows XP (SP3) and
unfortunately mostly uses Windows. Earlier this year, I installed Avast
and I set it up to send an email alert to me when it runs into a virus.
After several months of no alerts from her computer, I finally got one,
an alert that the win32:Aluroot-C virus was encountered. Now the Ubuntu
part of the question.

Some research shows that it is a rootkit. Since she dual boots with GRUB
is the Linux part still safe? I am almost certain that it will be
unaffected. While the Windows partition might be trashed the Linux
partition still is usable (I hope). Since this is a rootkit, does it
insinuate itself before GRUB? What I also read is that manual removal is
probably the only sure way to get rid of it. I plan to dual boot the
Ubuntu partition and manually clean out the Windows partition. Will
using Linux to delete the Windows partition be reliable.

Bill Stanley



The terminology is a bit confusing, but here you are mistaking a
'rootkit' for a boot sector virus. All the information I find on
Aluroot-C indicates it is a Windows system type rootkit, and does not
affect boot sector in any way, so it would be perfectly safe to boot the
system into Linux.


Secondly, before causing yourself lots of work and headache, you need to
examine that warning e-mail you got from Avast. If Avast was doing it's
job, the virus should have been caught by the Shield before it would
ever have had a chance to actually infect the system. In which case,
Avast did it's job and everyone can rest easy doing noting further.





--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users


All times are GMT. The time now is 10:36 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.