Hello LQ security nerds. I've got a couple of questions regarding a heavily infected drive. As if Win XP weren't enough to qualify as a disease, this poor drive is also so riddled with malware as to make it unusable.
The original owner was ready to buy a new computer anyway (and "upgrade" to Vista!) and so decided to replace rather than repair. The upshot is that the owner gave me the old system and asked that I recover a few documents for her.
So I unplugged all the drives in my comp to avoid infection and put Mepis 7 on a blank drive (rather than using the live CD) and I copied all of her Office documents, her Firefox bookmarks and a few images and burned them to a CD. I scanned the CD with an up to date copy of AVG Linux and it found nothing. Now I plan to wipe this infected drive and use it to play with other linux distros

--So my first question is:
Is there any chance of the original owner infecting her new comp from the the backups I burned?

---Next question has to do with reformatting:
Should I wipe this Mepis install before plugging my other drives back in (one of them has XP on it)? Also...The infected drive has a MBR virus. Will GParted wipe the boot sector as well? Is a reformat with GParted enough to make this drive "clean" or do I need to run Dban on it?

I appreciate your advice, thanks in advance.

You say the machine had malware on it and a MBR-resident virus; neither of those are going to replicate through individual files on the machine (malware doesn't generally replicate, and a MBR virus is spread through removable storage devices). Combined with the clean bill of health from the AVG scan, I would say there is little chance of passing the infection along.

As for the drive, you don't need to run dban on it just to clear the MBR. You can wipe the MBR with dd from a live CD or the installed Mepis with the command:

Replacing "/dev/hda" with the device in question if necessary (such as if it was in an external enclosure or is a SATA drive).

Microsoft Office documents can have viruses in macros. I presume that AVG scanned them for that. The images are *probably* safe...depending on where the images came from

There was some issue of malware that could get onto a Windows system through an image due to something or other - I forget the details and am too lazy to look it up now - but Windows permitted and used some sort of active content in images that could become infected. IIRC there was a stink/scandal about the same time as many of these active picture frame viewers that you can buy were coming out infected with a virus because of this capability.

Again, though, I presume that AVG checks for that.

You might wanna do that to the whole drive.