Author Topic: Help! Rootkits and Linux.  (Read 1773 times)

0 Members and 1 Guest are viewing this topic.

Offline Millie-may

  • Jr. Member
  • **
  • Posts: 10
  • Karma: 0
  • I've just joined!
    • View Profile
    • Awards
Help! Rootkits and Linux.
« on: March 27, 2013, 10:24:17 am »
Hi, I am a complete newbie to this forum and nor sure if this is posted in the right place... Hopefully someone will say if not. I have an Acer Aspire 4280 travel mate with windows xp, yes it's old but does all it should or I say did all that I needed it to. I have discovered that it has 2 rootkits... I have been told that they are nearly impossible to get rid of   :-[ The computer would need to be wiped, and the hard drive scrambled 4 or 5 times may work.... I am not a computer techie so this seems serious, I may have to trash the laptop  :-\ It has been suggested that I could install Linux and that would clear the problem. I would like to know if this is the case? If anyone has had the same issue with rootkits and if I need to do anything else before installing Linux? I would be grateful for any advice.... Thanks

Offline Mark Greaves (PCNetSpec)

  • Administrator
  • Hero Member
  • *****
  • Posts: 14279
  • Karma: 354
  • Gender: Male
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
    • Awards
Re: Help! Rootkits and Linux.
« Reply #1 on: March 27, 2013, 10:47:38 am »
Hi Millie-may, and welcome to the forum :)

Yes, installing Linux will overwrite the whole n hard drive (including the master boot record) so any nasties will be gone.

No, you don't need to do anything else.

But so would wiping the drive and reinstalling Windows.

Can I ask if you understand what Linux is, and what you generally use your PC for ?
WARNING: You are logged into reality as 'root'

logging in as 'insane' is the only safe option.

Offline Millie-may

  • Jr. Member
  • **
  • Posts: 10
  • Karma: 0
  • I've just joined!
    • View Profile
    • Awards
Re: Help! Rootkits and Linux.
« Reply #2 on: March 27, 2013, 12:04:04 pm »
Hi Mark, Thanks for the reply... My understanding is that Linux is the operation system/platform that Microsoft etc use to write all their programs on,.so installing this OS will mean that I should be able to open up all my MS docs etc. I could use openoffice with Linux or install cross over or wine if I want to install MSOffice which I prefer using. I mainly email with thunderbird, use ms office, photoshop, firefox, itunes. My husband uses a program called Smart, a program used by schools for interactive whiteboard, not sure if this will run on Linux? I think I am just really concerned that the root kits don't reappear as I have heard horror stories that just when you think you have got rid of it it starts up somewhere else 'a difficult root that goes through everything' I have been told that wiping the drive doesn't always work and that it needs to be encrypted several times with special software or  replacing the hard drive would sort it... I just want something that will run the above sort of programs quickly and safely. There are files on the computer that I moved to a hard drive as I thought it was running slowly due to too many big files... Then I discovered the rootkits. I would like to know is there a chance that the files, mainly word docs, photos and smart files could be contaminated? How do I deal with that? If I were to sort out the rootkits and put windows back on the computer with an Internet security, this would check for viruses, root kits etc. I would like to use Linux and know that I don't need to to worry about anti virus, but if I have infected files on external hard drive, how would Linux deal with this?
« Last Edit: March 27, 2013, 12:57:41 pm by Millie-may »

Offline Mark Greaves (PCNetSpec)

  • Administrator
  • Hero Member
  • *****
  • Posts: 14279
  • Karma: 354
  • Gender: Male
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
    • Awards
Re: Help! Rootkits and Linux.
« Reply #3 on: March 27, 2013, 01:10:04 pm »
Quote
My understanding is that Linux is the operation system/platform that Microsoft etc use to write all their programs on


Somehow I doubt that .. that would  make them a bigger laughing stock than they already are :)

Quote
so installing this OS will mean that I should be able to open up all my MS docs etc


Generally LibreOffice (new variant of OpenOffice) will open MS Office documents, but there may be slight formatting issues, like a picture may appear to move position slightly in a .docx .. though I understand LibreOffice 4 has improved this .. it also has support for Publisher documents (.pub).

Quote
I could use openoffice with Linux or install cross over or wine if I want to install MSOffice which I prefer using


I'd advise you use LibreOffice 4, but yes AFAIK MS office can be made to work in WINE

Quote
I mainly email with thunderbird, use ms office, photoshop, firefox, itunes. My husband uses a program called Smart


Photoshop and iTunes may be problematic .. there is currently NO Linux version of iTunes but depending on the iDevice there may be alternatives .. some versions of Photoshop can be made to work under WINE but it isn't a trivial task, again there are alternatives (GIMP) but they would have a re-learning curve attached.

Smart .. let's have a look and see what the WINE application database says ..
http://appdb.winehq.org/objectManager.php?bIsQueue=false&bIsRejected=false&sClass=application&sReturnToTitle=Browse%20Applications&sTitle=Browse+Applications&iItemsPerPage=25&iPage=2&iappFamily-appNameOp0=2&sappFamily-appNameData0=smart%3Cbr%20/%3E&sOrderBy=appName&bAscending=true&iItemsPerPage=25&iPage=1

Hmm .. as I suspected, if you mean this:
https://www.smarttech.com/Solutions/Education+Solutions/Products+for+education/Software/SMART+Classroom+Suite+interactive+learning+software

I can find nothing about it in the WINE appdb .. doesn't mean it won't run under WINE, but it does mean you're on your own configuring it .. take t from me, that's unlikely to be easy even if possible.

Quote
I think I am just really concerned that the root kits don't reappear as I have heard horror stories that just when you think you have got rid of it it starts up somewhere else 'a difficult root that goes through everything' I have been told that replacing the hard drive would sort it.


Formatting the hard drive (including the master boot record) then reinstalling Windows would do the trick (no need to buy a new HDD) .. that said, Windows security sucks so there's always the chance that you could catch it again through the same security hole.

Linux would be FAR more proof against such nasties .. but if you NEED specialist software such as your husbands "Smart", I hate to say it but you may be better off sticking with Windows.



For what it's worth, my advice would be to transfer off any documents you may want to keep, then use a Linux LiveCD to completely format the hard drive (including rewriting the master boot record) then to reinstall Windows.

But if your PC can boot from USB .. Why not take Linux for a test drive on a USB stick or an external USB hard drive .. neither of which will make any changes to your Windows drive (unless you tell it to) .. that way you can see if Linux is for you or not.

No matter what you choose to do, a Linux LiveCD or LiveUSB is going to come in handy .. so why not use it to first evaluate Linux :)



For advice on which Linux distribution may best suit your needs .. can you tell us a little about the hardware .. eg. is it a new or quite old PC ?, do you know what CPU it's running and how much RAM ?, and your printer make/model ?



Any other questions .. feel free to ask :)
WARNING: You are logged into reality as 'root'

logging in as 'insane' is the only safe option.

Offline Toonman

  • Hero Member
  • *****
  • Posts: 901
  • Karma: 15
  • Freeing the World form the Microsoft scurge!
    • View Profile
    • Awards
Re: Help! Rootkits and Linux.
« Reply #4 on: March 27, 2013, 01:27:26 pm »
Quote
I hate to say it but you may be better off sticking with Windows.

WHAT!  Have you been drinking?  ;)

I moved over to Linux due to exactly the same problems.  There is a learning curve but it is worth it in the the end. Much safer and great support from places like this.
Life is for living.  RIP Keith Floyd.   ;)

Offline Mark Greaves (PCNetSpec)

  • Administrator
  • Hero Member
  • *****
  • Posts: 14279
  • Karma: 354
  • Gender: Male
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
    • Awards
Re: Help! Rootkits and Linux.
« Reply #5 on: March 27, 2013, 01:33:31 pm »
It's the fact that there quite possible is no alternative to the "Smart" software her husband requires that made me say that.

Linux doesn't suit everyone, and pushing them towards something that won't fulfil their needs is counter-productive.

I certainly agree Linux is more proof against rootkits, viruses, and malware in the long term .. but that isn't always the ONLY consideration.

I did say why not check it out on a LiveUSB .. then she can make up her own mind ;)

If security is an overriding factor .. yes, of course Linux wipes the floor with Windows :)

--
« Last Edit: March 27, 2013, 01:40:34 pm by Mark Greaves (PCNetSpec) »
WARNING: You are logged into reality as 'root'

logging in as 'insane' is the only safe option.

Offline Toonman

  • Hero Member
  • *****
  • Posts: 901
  • Karma: 15
  • Freeing the World form the Microsoft scurge!
    • View Profile
    • Awards
Re: Help! Rootkits and Linux.
« Reply #6 on: March 27, 2013, 01:38:45 pm »
Quote
I did say why not check it out on a LiveUSB .. then she can make up her own mind

Good advice, and also why not have a dual boot system for when you have to use Windows.  That way you can learn to use Linux at the same time.  Unless you are into high end graphics or Using RAW photo files The Gimp graphics program will do most things very well.  At some point Windows as we know it will dwindle into nowhere (IMHO) so it may be good policy to start learning now at your own pace.
Life is for living.  RIP Keith Floyd.   ;)

Offline Mark Greaves (PCNetSpec)

  • Administrator
  • Hero Member
  • *****
  • Posts: 14279
  • Karma: 354
  • Gender: Male
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
    • Awards
Re: Help! Rootkits and Linux.
« Reply #7 on: March 27, 2013, 01:57:11 pm »
I'd agree, a dual boot setup may be a great idea .. that way you can use Linux for most tasks, but boot Windows for offline tasks such as your husbands "Smart" software .. that would certainy cut down exposure to re-infection.

anyway .. in response to your edit -

Quote
I have been told that wiping the drive doesn't always work and that it needs to be encrypted several times with special software or  replacing the hard drive would sort it... I just want something that will run the above sort of programs quickly and safely.There are files on the computer that I moved to a hard drive as I thought it was running slowly due to too many big files... Then I discovered the rootkits. I would like to know is there a chance that the files, mainly word docs, photos and smart files could be contaminated? How do I deal with that? If I were to sort out the rootkits and put windows back on the computer with an Internet security, this would check for viruses, root kits etc. I would like to use Linux and know that I don't need to to worry about anti virus, but if I have infected files on external hard drive, how would Linux deal with this?

Quote
I have been told that wiping the drive doesn't always work and that it needs to be encrypted several times with special software

Rubbish .. wiping the drive (including the MBR) will clear any rootkits .. the only time it's necessary to overwrite the drive several times is to make sure forensic software couldn't be used to recover data .. there's even ongoing argument as to whether this is totally I just want something that will run the above sort of programs quickly and safely.necessary .. but if it will make you feel safer, you could use dd from a Linux LiveUSB to "zero" the drive first (this will overwrite EVERY sector on the drive with zeros) .. but it's NOT necessary.

Quote
I just want something that will run the above sort of programs quickly and safely.

This may be the stumbling block (see above) .. getting the Smart software and iTunes to work could be an issue .. and is unlikely to be "easy" even if possible.

Word documents and pics are unlikely to infected with anything other than possibly word macro viruses .. so disable the running of macros Office, and scan the docs using a good AV.

I cannot talk for the "Smart files" as I don't know the format .. but if they're not "executable" then they are "probably" safe, but scan them whith a good and current AV anyway.

Quote
If I were to sort out the rootkits and put windows back on the computer with an Internet security, this would check for viruses, root kits etc.

Yes, but no AV is 100% proof against a attack vectors.

Quote
I would like to use Linux and know that I don't need to to worry about anti virus, but if I have infected files on external hard drive, how would Linux deal with this?

a) if they're non executable files such as docs and pics, they cannot be infected with anything other than macro viruses.

b) Windows viruses and malware won't work in Linux .. so even if they're infected with a Windows rootkit Linux is safe .. just don't share them with Windows users ;)
« Last Edit: March 27, 2013, 02:17:43 pm by Mark Greaves (PCNetSpec) »
WARNING: You are logged into reality as 'root'

logging in as 'insane' is the only safe option.

Offline Emegra

  • Hero Member
  • *****
  • Posts: 2730
  • Karma: 54
  • Gender: Male
  • Devilishly Handsome
    • View Profile
    • Awards
« Last Edit: March 27, 2013, 02:08:47 pm by Emegra »
If you can keep your head while all around are losing theirs, then you're not quite grasping the situation

Offline Mark Greaves (PCNetSpec)

  • Administrator
  • Hero Member
  • *****
  • Posts: 14279
  • Karma: 354
  • Gender: Male
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
    • Awards
Re: Help! Rootkits and Linux.
« Reply #9 on: March 27, 2013, 02:19:43 pm »
Heh .. if it is, that's removed one of my main concerns :)

Well spotted .. I *did* mean to check that and forgot (no really, I promise I did ;) )

[EDIT]

Even if it is the right software .. it would be advisable to ask if the docs produced in the Windows version are portable to the Linux version (and vice versa if necessary) .. they "probably" would be, but always best to check.

--
« Last Edit: March 27, 2013, 02:23:45 pm by Mark Greaves (PCNetSpec) »
WARNING: You are logged into reality as 'root'

logging in as 'insane' is the only safe option.

Offline Emegra

  • Hero Member
  • *****
  • Posts: 2730
  • Karma: 54
  • Gender: Male
  • Devilishly Handsome
    • View Profile
    • Awards
Re: Help! Rootkits and Linux.
« Reply #10 on: March 27, 2013, 02:31:19 pm »
Quote
Well spotted .. I *did* mean to check that and forgot (no really, I promise I did  )

Yeah whatever :)
If you can keep your head while all around are losing theirs, then you're not quite grasping the situation

Offline Mark Greaves (PCNetSpec)

  • Administrator
  • Hero Member
  • *****
  • Posts: 14279
  • Karma: 354
  • Gender: Male
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
    • Awards
Re: Help! Rootkits and Linux.
« Reply #11 on: March 27, 2013, 02:32:44 pm »
:)
WARNING: You are logged into reality as 'root'

logging in as 'insane' is the only safe option.

Offline Mark Greaves (PCNetSpec)

  • Administrator
  • Hero Member
  • *****
  • Posts: 14279
  • Karma: 354
  • Gender: Male
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
    • Awards
Re: Help! Rootkits and Linux.
« Reply #12 on: March 27, 2013, 02:40:42 pm »
@Emegra

OK, we English sometimes aren't as thorough as we should be .. heck we've not kept up Hadrian's Wall :)

I'd better add this is a personal in-joke before I get attacked by a bunch of angry sgian-dubh wielding, kilt wearing maniacs, intent on ruining my morris dancing kit.

A particularly vicious form of English psychological warfare .. where our enemies die laughing

<a href="http://youtube.googleapis.com/v/RZjLATAUwao" target="_blank" class="new_win">http://youtube.googleapis.com/v/RZjLATAUwao</a>

Scary huh ?

--
« Last Edit: March 27, 2013, 03:47:44 pm by Mark Greaves (PCNetSpec) »
WARNING: You are logged into reality as 'root'

logging in as 'insane' is the only safe option.

Offline Emegra

  • Hero Member
  • *****
  • Posts: 2730
  • Karma: 54
  • Gender: Male
  • Devilishly Handsome
    • View Profile
    • Awards
Re: Help! Rootkits and Linux.
« Reply #13 on: March 27, 2013, 03:48:02 pm »
That's a really scary looking bunch Mark


so which one is you ? :)


I know which one I think it is , any prizes if i guess right ?
« Last Edit: March 27, 2013, 03:51:15 pm by Emegra »
If you can keep your head while all around are losing theirs, then you're not quite grasping the situation

Offline Mark Greaves (PCNetSpec)

  • Administrator
  • Hero Member
  • *****
  • Posts: 14279
  • Karma: 354
  • Gender: Male
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
    • Awards
Re: Help! Rootkits and Linux.
« Reply #14 on: March 27, 2013, 03:51:15 pm »
The one propping up the bar in the pub :)
WARNING: You are logged into reality as 'root'

logging in as 'insane' is the only safe option.

 


SimplePortal 2.3.3 © 2008-2010, SimplePortal