A tale of Windows ransomware, Linux and boot integrity

[jeronimov]

Act 1: The long explanation.
I installed a ransomware virus on my main Windows partition. I lost everything. Hundreds of Gigabytes of information encrypted beyond recognition and repair and it was all my fault. It was karma for an elevated praise to the Windows operating system and its unparalleled compatibility. In that text, I present myself as an experienced Windows, OSX and Linux user by skillfully editing out the bits that reveal my true self: an old loser who would infect his own computer. Disclosure: I do not, I repeat, I do not live in my mother’s basement. 
I, of course, use the “I lost everything” statement rather lightly since -as most users of this forum- I backup frequently, dance awkwardly and repel females with phrases such as: “I love Star Wars” or “I backup frequently”. 

 

Act 2: The questions
Here is my current predicament (see image): Will i lose my Fedora boot if I install windows in a new sda2? I will delete the infected partition, create it again, format it with NTFS and install windows 7. Will that erase references to my current boot partition?
I know an installation disk or a Windows 7 recovery disk can fix a broken Windows boot record. How do you fix the MBR for a Fedora 28 boot in case it’s overwritten?

 

Act 3: Your turn

 

[Tabs]

If you manually create a partition and point windows to it, it will install everything - including files normally reserved for the MSR - on that partition. If your current bootloader is designed to point to the windows bootloader on that partition and you've already set it up like that, then there should be no issues.

 

From your layout, you're running either an older system or a modern system with CSM enabled, which means you might have some issues with the master boot record. If that happens, you can boot any Linux-based boot media and rebuild your boot menu, and chainload the BCD for the windows install.

[WereCatf]

It doesn't look like you are using UEFI, but just to verify: you're using plain, old MBR-boot with GRUB, yes? It is possible to recover a broken GRUB-installation, and http://www.system-rescue-cd.org/disk-partitioning/Repairing-a-damaged-Grub/ would probably get you along.

[rcmaehl]

As someone who's reinstalled Windows and Linux on top of each other several times here's what you need to do and what you can expect:
 

1. Install Windows using the CUSTOM install options, delete ONLY the NTFS partitions and select the Unallocated space created by them. Do NOT delete the partitions listed as UNKNOWN
   - Windows will override the Boot Sector and you'll lose the option to boot to Fedora, but won't lose the boot partition, unless you deleted it for some reason...
    
2. Boot from a Linux Live CD or USB
    
3. Use THIS TOOL to set back up your Grub Bootloader

[jeronimov]

9 minutes ago, WereCatf said:

It doesn't look like you are using UEFI, but just to verify: you're using plain, old MBR-boot with GRUB, yes?

Yes, it is an old Core Duo from 2007ish so no UEFI. So yes to Tabs: it is an older system.

And Thanks rcmaehl, I will follow that guide from a Fedora 28 live DVD.

[jeronimov]

Boot repair CD failed: http://paste.ubuntu.com/p/hwjwmNYsM3/

I am now downloading System Rescue CD.

[jeronimov]

My mistake. Boot Repair CD did work after some tweaks. I had to disable the "purge Grub2 before reinstalling" and it worked. I have a new windows install and my Fedora 28 is back. Thank you guys you rock! specially rcmaehl.