can Anti-virus 2010 use linux to bork WinXP?

[gitsum]

I'm looking for some confirmation to convince my daughter linux is safe.

She dual boots PCLinuxOS 2009.2 with WinXP just like me.   I have no browser, microsoft office, java, adobe, media player, IE, in XP.  Just directX, a good video driver and sound driver to play games.  XP actually boot in 25 seconds to a usable desktop in this fashion, I use linux for everything else.

My daughter still browses in WinXP even though she knows the risks.   She now has her WinXP borked by antivirus 2010, and claims it came from linux.   She said Chromium browser in linux presented the antivirus 2010 crap, and she was forced to close out her browser page to get rid of it.

She then said that the very next time she booted WinXP antivirus 2010 was already installed on the desktop, which was pretty much useless at this point.

I told her it was more likely she got it in WinXP, and that if she kept blaming it on linux that she would make the same mistake in XP again   after going through the effort to reinstall her windows.

To make a long story short (too late!), is it possible for antivirus 2010 to use chromium browser in PCLinuxOS 2009.2 to directly download itself on to her WinXP partition?   I might be ignorant, but I don't see how this is possible since any .exe malicious program can't run in linux period.

[GuypronouncedGuynotGuy]

Is she sharing any folders on the WIN partition with her linux install?

ie. does she keep all her downloads in a folder on the windows side?

Even then, there is no way it executed in linux as you said, but if she saved something and then clicked on it while in XP that's a different story.

Does your daughter just enjoy the challenge of surfing in windows?
It's kind of like doing a bunch of tequila shots and running across a freeway....

[Crow]

After a couple of problems and seeing the amount of virus at school my kids decided to use Windows only for games and chat with friends while playing and they doesn't accept dangerous links while chatting.

If you let your kids surf the web in windows better make a disk image of C:/  sooner or later you gonna need it.

[gitsum]

She's 19 years old and 10 times smarter then me

I'm just a poor slob that knows nothing!

She does not share any folders with the WinXP partition and assured me that she didn't transfer any files downloaded on linux to windows.

I still believe that she got antivirus 2010 exclusively from something she did in windows, in spite of her trying to convince me it couldn't have happened that way.

Usually we keep an Acronis back up handy.   Bit since I upgraded her to a Intel quad-core for Christmas which required a new motherboard and fresh install of the OS, she never got around to making a new ghost.  Too late now!

[Crow]

Ssshhhh    19 years... don't let her believe for a minute she is smarter than you, she may have higher intelligence or better education but you have years of experience about things that nobody teaches at school, you show the difference here:  "I still believe that she got antivirus 2010 exclusively from something she did in windows, in spite of her trying to convince me it couldn't have happened that way."  as my mother said to me when I was 15 : "Don Felipe cuando usted va yo ya vengo"  Something like: "when you go I returned already"

Anyway, I have tried to install some virus using wine with mixed results, some didn't work and one or two trashed Wine but none made it to put in danger my Linux or windows install. I guess the only thing left is backup with a live CD and make a reinstall

[YouCanToo]

She's 19 years old and 10 times smarter then me

Yeah, and then they wake up and find out they are not as smart as they though.

I'm just a poor slob that knows nothing!

You know enough that didn't happen by using Linux!

She does not share any folders with the WinXP partition and assured me that she didn't transfer any files downloaded on linux to windows.

Perhaps she is having a memory lapse here.  Oh wait that is something that happens to us older folks

I still believe that she got antivirus 2010 exclusively from something she did in windows, in spite of her trying to convince me it couldn't have happened that way.

I would bet my last dollar you hit the nail on the head.

Usually we keep an Acronis back up handy.   Bit since I upgraded her to a Intel quad-core for Christmas which required a new motherboard and fresh install of the OS, she never got around to making a new ghost.  Too late now!

Yeah, and because of not doing it look where she is. She must not be as smart as she thinks she is.  Must not be as smart as you after all

[kjpetrie]

How long was it before she booted into Windows?

It is just possible the problem occurred like this:

Chrome (which I believe is still a beta product) insisted on downloading AV2010. She had to close the browser. That means the product was still requested for her computer, and the server tried to deliver it. As the browser was now closed it was cached somewhere on the web to be delivered when her IP address became available again. She then booted into Windows, but with inadequate firewall settings, and the server rammed the install file onto her system.

It sounds far-fetched, but I can't think of any other way her story could stand up.

[Cydell]

Not that you need to hear again but it is impossible that antivirus 2010 was installed from linux. It simple doesn't work like that.

[gitsum]

Of course you guys are just confirming what I already knew, but I appreciate the support.  

Without much searching I was able to find a website that had av2010 lurking around.   Using PCLinux I was able to have a little fun, even going as far actively downloading a .exe file it was trying to force on me.  After closing Chromium I then tried to execute the file, which of course linux was not able to open.

I deleted the .exe, rebooted into WinXP, and everything ran perfectly normal.  No av2010.  But the best part was my daughter was watching all this and now admits that it was impossible to infect WinXP with av2010 while browsing in linux.

Mission accomplished!   I think it was important to lead her to this conclusion, because now she has to face the fact that it was something she did in Windows and possibly try to avoid repeating her mistakes in the future (like not browsing with windows when you have a dual boot with linux!).

[Crow]

Kudos for you gitsum, my father died when I was 5 years old, if he had been alive maybe I'd would have make less mistakes, experience is key but when you have it it's too late.

[gitsum]

Kudos for you gitsum, my father died when I was 5 years old, if he had been alive maybe I'd would have make less mistakes, experience is key but when you have it it's too late.

I'm sorry to hear you lost your father at such an early age.  But if it helps you any I can tell you how that usually works.  Just like my daughter (probably worse), at her age I also "knew everything".  My father tried to give me some good advice, but I had to find out most things for myself.  It wasn't until quite a few years later that I realized if I would have done everything my father suggested, my life would have been much easier.

Thankfully my father is still around and we can laugh about such things today.  He is getting his revenge though, as we watch my kids grow up.

[menotu]

borked by antivirus 2010

I deleted the .exe, rebooted into WinXP, and everything ran perfectly normal.  No av2010.

Firstly, I concur with all the others....

When you say No av2010, do you mean you have uninstalled the Antivirus programme that was running in Win XP? or was it a single file named av2010?

If her Antivirus programme was uninstalled you may want to reconsider that as she'll most definitely be at risk (even more than normal)

What antivirus 2010 software was it? (There are loads of programmes with 2010 in the title (even PCLinux 2010   )

For some peace of mind you may want to give Win XP a thorough scan for nasties!

[smileeb]

To make sure it is all gone follow  the instructions below and after you download suggested programs do the cleaning
disconnected from the net so invasion cannot call home for reinfection.

How do I get rid of Antivirus Vista 2010



http://www.revouninstaller.com/revo_uninstaller_free_download.html

http://www.ccleaner.com/

Use Revo to remove programs, better than add & remove, use ccleaner weekly if not more.

http://social.answers.microsoft.com/Forums/en-US/InternetExplorer/thread/e416f5a6-8ddb-4564-8aa3-f0ae6cdfe5f6

http://www.spywarevoid.com/remove-anti-virus-live-2010-antivirus-live-2010-removal-help.html

[Linuxera]

Wow does this thread ever make me happy I don't do windows!!!   

[Neal ManBear]

gitsum,
There are quite a few fake "anti" programs on the web. These anti-malware programs are themselves malware. They are usually simple to install to your win system for the bad guy. Here's how:
You open a page your browser - either a page made to counterfeit a legitimate page or a page that is put up bu the bad guy; there's a 'special' link on this page. This link is scripted to download and install whatever malware is presented. The link appears to be to another page on the same site or a page elsewhere. The link may even direct your browser to a legitimate page, but when the link is clicked, the malware is downloaded for installation as the page is loaded. Usually there's a pop-up when the page loads. This could be a "we've detected x amount of malware on your computer. do you want it removed," or a request to take a survey or about anything. The message itself is not the 'important' bit. The 'links' on the pop-up are what the bad guy wants used. That is, click anything on it - even just the close button - and you'l start the installation process. How? The pop-up is actually the program's installation wizard. These things are especially designed to appear to be popped up from a web page. And a hard reboot, to avoid clicking does not prevent installation. That will be done on boot up without user intervention.

This is a simple installation process designed especially for win systems. Many times these appear as legitimate anti-virus or anti-spyware applications offered as trial or free versions. An unaware user can be tricked into installing it.

Around 5 years ago, a friend of mine got one of these baddies on her XP box. It took 5 days of work to search out and remove all traces of that program and another 2 days to repair the damage done. She was quite shaken; all she had done was to surf the web, and suddenly this thing had poped up.  She had no linux system on her computer at all.

In spite of any FUD, malware can not become installed to your win system simply because you dual boot with linux, nor can a baddie get installed to win because you're using linux.