I hope this is not in the wrong forum, but I need urgent help-answer:
I have xp-opensuse dual boot, and a virus "rootkit.win.32.tdss.y shut down my comp, and cannot get back to windows in any way, no save mode, nothing. I have kaspersky, and it was simple owerhelmed with it.
I just don’t dare to boot with cd, because I don’t know how it will effect the opesuse side- which thanks god working, and allows me to access at least the internet.
Is there a way to clean up the other side from Opensuse? or at least to grab from there what is important, save it, and then reinstall xp? Of course without effecting Linux?
You could try installing an antivirus solution in Linux, then scan the Windows drive. There are several available, one of them is included, called ClamAV but it’s not very effective for rootkits.
However, F-Secure offers a downloadable CD that you can burn in Linux, boot from and then clear the Windows drive, please take a look here; Rescue CD
I’ve given it to other people in the past and they have been able to clean their machines with it so - remember to update the signatures after booting it (it has an option for it, clearly marked).
First of all, I need to save some files I worked on, when the computer shut down itself. But I cannot access them. The windows side keeps rebooting itself. Unfortunatelly, for work I need Windows and Office.
And I don’t know yet how to reinstall XP, without the need to reinstall Opensuse too. I am learning slowly linux, when I have time.
Since you are currently in Linux, we can help you to mount those partitions but first we’ll need some information.
Open a terminal then type these following commands to it; su -
(it will ask for your root password) fdisk -l
Then copy paste the results of that fdisk command - what it will do is tell us what partitions are on your harddrive and allow us to formulate a command to “mount” the Windows drive to a directory which you can then browse and rescue your files from.
But sometimes having company who can share a similar predicament means one does not feel as bad.
I bought my mother her 1st and current computer in 2001, and installed winME/winXP in a dual boot. Commencing in 2002 and every year for the next 4 years, within 6 to 10 months of operation, first one, and then the other Windoze boot partition would be infected and refuse to run. Hence every year, around Christmas (2002, 2003, 2004, 2005, 2006), when I flew across the Atlantic, my wife and I would end up re-installing winME and winXP on her computer. Until I showed up at Christmas, from the time her Windoze boot partitions died, my mother had no functional PC.
Finally in December 2006 I got smart and I also installed openSUSE-10.2 on her PC, setting it up as a triboot. In 2007 when winME and winXP failed, her openSUSE kept on running. Christmas 2007 we again repaired both winME and winXP (but openSUSE-10.2 was still running). By end 2008 her winME boot had died again, but this time her winXP while slow and infected, was still running. And her openSUSE-10.2 was still running fine. We manged to get her winME running again, and cleaned her winXP. We also updated openSUSE-10.2 to 11.1 (this was in Feb-2009). But then by April 2009 her winME died again. I finally gave up on it, and removed it as a possible boot option, and she now boots between winXP and openSUSE-11.1.
With so much maleware out there for Windows, it is really hard on the average population who are mostly Windows users. If for nothing else, having Linux handy as a rescue partition is IMHO a good idea.
Disk /dev/sda: 250.0 GB, 250059350016 bytes
255 heads, 63 sectors/track, 30401 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x3d7c3d7b
Device Boot Start End Blocks Id System
/dev/sda1 1 19688 158143828+ 7 HPFS/NTFS
/dev/sda2 * 19689 30401 86052172+ f W95 Ext’d (LBA)
/dev/sda5 19689 19950 2104483+ 82 Linux swap / Solaris
/dev/sda6 19951 22561 20972826 83 Linux
/dev/sda7 22562 30401 62974768+ 83 Linux
The Xp is Professional SP3
I am using Office Proffesional 2002. My main need for using windows is Access - and to communicate with others on that basis, and Adobe Photoshop and PDF maker.
Office 2002 does work in wine, so if you cant get windows working again you could install it in windows if you have the office 2002 disk.
Access also works in wine too, so its there for the most part.
The following commands, typed in a terminal will mount the Windows drive in /windows/ and make it read only for you to access it.
First, to switch to root privileges; su -
Then to create a directory where we will mount the windows drive; mkdir /windows
Then to mount the drive, with read only for normal users and read/write for root and permissions so that it will be owned by the users group (which you are part of as a normal user); mount -o gid=users,fmask=133,dmask=022 /dev/sda1 /windows
You can then navigate in your desktop environment to /windows/ using Dolphin or Konqueror for KDE and Nautilus for GNOME.
So now I will able to get into windows and my files from linux, but it cannot infect Linux? Can I copy files from there?
And can I run there some software to remove the virus?
If you have some form of external media such as a USB drive, you should copy those important files there (and on the Linux partition as well) - the more locations that you have your things secure the better, or even burn them on a DVD.
The Windows viruses will be unable to infect your Linux system as viruses have to be written for the particular OS in mind, there are very few viruses in existence that can infect both systems (you can count them with one hand and none are in the wild that I know of, anymore).
I would reinstall XP, install another antivirus software such as Avast (free), Nod32 (non-free) or F-Secure (non-free) which have had relatively good history of detecting problematic viruses, even if the rescue cd couldn’t clean it.
