a computer infected with a r00t kit these days can be next to impossible to disinfect. even with kaspersky, or nod32 which i consider to be in the top few antivirus programs.
unfortunately they slow your computer down quite a bit.
after comming back from holiday to find my gf had somehow gotten the computer infected and it was a root kit that kept bringing in new malware that was the last straw. this virus must have been brought in on a usb stick and it was an encrypting virus that took some of my music and put it in passworded rar files. argh, this really did aggravate me!
so as i use ubuntu much of the time (as i find interface with the desktop much more relaxing than xp, and i use it for fortran and mathematica under linux. i also enjoy using many linux native programs such as kile and emacs) i decided on the following strategy.
partition the machine so that there is an 8gig system partition just for xp and core essential application
reinstall xp (hopefully for the last time ever)
fully patch xp and setup the hardware, install basic drivers for video and mobo
fully defragment this system partition
use something to erase the empty space on the partition (eg create a very large file containing only zeros) and then delete this file
reboot to ubuntu and use dd to backup this 8gig partition to a file, xpimage
go back to xp and do some further customisation
return to ubuntu and dd this 8gig customised version and rsync this against the basic backup
burn several copies to dvd (i think i made at least 3) of the basic image and rsync 'diff' (because the 8gig compressed very well even with gzip on fastest as it is largly empty space so it easily fits on a single layer )
now all documents and anything that is more permanent is saved to another ntfs partition. if windows is ever infected i can just reboot to ubuntu and then use something like
zcat xpimage.gz | dd - bs=100M of=/dev/hda2
which is very fast, ive timed it and specifying a large block size speed up the restore significantly reducing it from about 12min to 4min ~ 34meg/s..
so if xp ever gets infected i can restore it in 4min.. its just not necessary to have the speed of the computer constantly crippled by having everything that is executed or accessed, emulated and scanned and analysed.
if i need i will use antivir under linux to scan the secondary ntfs partition. antivir also provide an iso of a linux based virus rescue cd which is great for giving to friends with windows that keep asking for free reinstalls which can take several hours if you have download and install a sp and drivers (depending on how prepared you are and how fast the available internet happens to be)
and of course everything that should be archived is backed up
i really recommend this scheme its saved me a lot of stress and time. i hope it can be of some benefit for my fellow/.ers
Slashdot Mirror
could help take EV's mainstream.
a computer infected with a r00t kit these days can be next to impossible to disinfect. even with kaspersky, or nod32 which i consider to be in the top few antivirus programs.
unfortunately they slow your computer down quite a bit.
after comming back from holiday to find my gf had somehow gotten the computer infected and it was a root kit that kept bringing in new malware that was the last straw. this virus must have been brought in on a usb stick and it was an encrypting virus that took some of my music and put it in passworded rar files. argh, this really did aggravate me!
so as i use ubuntu much of the time (as i find interface with the desktop much more relaxing than xp, and i use it for fortran and mathematica under linux. i also enjoy using many linux native programs such as kile and emacs) i decided on the following strategy.
now all documents and anything that is more permanent is saved to another ntfs partition. if windows is ever infected i can just reboot to ubuntu and then use something like zcat xpimage.gz | dd - bs=100M of=/dev/hda2 which is very fast, ive timed it and specifying a large block size speed up the restore significantly reducing it from about 12min to 4min ~ 34meg/s..
so if xp ever gets infected i can restore it in 4min.. its just not necessary to have the speed of the computer constantly crippled by having everything that is executed or accessed, emulated and scanned and analysed.
if i need i will use antivir under linux to scan the secondary ntfs partition. antivir also provide an iso of a linux based virus rescue cd which is great for giving to friends with windows that keep asking for free reinstalls which can take several hours if you have download and install a sp and drivers (depending on how prepared you are and how fast the available internet happens to be)
and of course everything that should be archived is backed up
i really recommend this scheme its saved me a lot of stress and time. i hope it can be of some benefit for my fellow /.ers