[ARC5] Off Topic - looking for a virus on my PC

Kenneth G. Gordon kgordon2006 at frontier.com
Sat Aug 15 18:41:57 EDT 2015 

FYI, Unix clones can be very useful. I wrote a version of Ubuntu onto a 
bootable flash drive, then used that to rescue 35 GB (yes GB) of data for my 
wife's nephew from a HD which had crashed and was unreachable by any 
other method.

Out of 35 GB of files, two files, both .JPGs, less than 400 kB, were the only 
ones he lost.

I LOVE Unix...

Ken W7EKB

On 16 Aug 2015 at 8:32, Leslie Smith wrote:

>   Hello Roy,
>   What I found:
>   Adware-cleaner alone didn't fix the problem.  Moreover the problem is
>   made more difficult by some "good guys" actually being "baddies".
>   Some software (masquerading as sheep) but purveys malware (or worse).
> 
>   Thanks for sending this info.  In the end AVG identified Adware
>   (various sub-types) and other "baddies" on my machine.
>   It seems to me the source (path into my PC) was some of the "junk"
>   news-pages that float around ("Wild condor takes baby, bassinet and
>   all." etc)
>   The interesting thing is that the virus found it's way into the
>   system32 restoration file directory - a directory not visible to the
>   "non-system" eye.
>   One virus I found was called svhost.exe.  After removing this I
>   examined I examined my system restoration setup.
>    (See Start > All programs > accessories > system tools > system
>    restore)
>   I found permission given to remote access.  Hmmm.
> 
>   The virii world is both malicious and clever.
>   Maybe it's inhabited by humans?
> 
>   My Insurance Strategy:
>   As insurance against completely losing my PC, (and the internet), I
>   keep a copy of Puppy Linux on CD to hand.
>   Puppy Linux will boot most older PCs (I'm speaking only from
>   experience, don't know about any Windows newer than "XP") from a CD.
>   Since it boots only into RAM, and has no need for the hard drive (and
>   will ignore the HDD until you mount the drive on your system) you can
>   regain the use of the web (and your PC hardware with the certain
>   knowledge that the Linux-based "puppy" is virus free.  (I assume the
>   CD itself is virus-free, as supplied.)
>    I have "rescued" several PCs using "the puppy".  This included one HP
>    laptop, just out of warranty (at that time) that the shop techs
>    couldn't fix.  They simply 'Gave up' and said, "too bad.  Out of
>    warranty."    In another case a colleague completely "lost" his PC. 
>    Again, the hardware itself was good.  He "recovered" his most
>    valuable files from the "broken" HDD, using Puppy.  The cost to him
>    was (I think) about $5 or $10 for the disk.  (Puppy itself is free,
>    if you down-load it, but getting a pre-loaded CD is worth the low
>    price.  I always give them twice their asking price.  Hell, it takes
>    time and effort to keep something as valuable as The Puppy running.)
> 
>   Again, thank for your advice, much appreciated.
> 
> 
>   73 de Les Smith
>   formerly vk2bcu 
>   still vk2bcu at operamail.com
> 
> 
> On Mon, Jul 13, 2015, at 13:59, Roy Morgan wrote:
> > 
> > On Jul 12, 2015, at 3:48 AM, Leslie Smith <vk2bcu at operamail.com> wrote:
> > 
> > >  G'day all,
> > >  About 1-2 months ago I found a mischievous/malicious "thingy" on my
> > >  PC.
> > >  Asking here,  I got some answers that solved the problem to a large
> > >  degree.
> > 
> > Les,
> > 
> > Here are some notes I made a while ago.  They may help.  It´s your
> > interchange with the fellow who gave advice in April.
> > 
> > Soon, I will set up a Windows computer I have acquired and need to know
> > about this stuff.
> > 
> > Roy
> > 
> > 
> > 
> > Roy Morgan
> > k1lky68 at gmail.com
> > K1LKY Since 1958
> > 
> > Email had 1 attachment:
> > + Malware.txt
> >   6k (text/plain)
> 
> -- 
> http://www.fastmail.com - Same, same, but different...
> 
> ______________________________________________________________
> ARC5 mailing list
> Home: http://mailman.qth.net/mailman/listinfo/arc5
> Help: http://mailman.qth.net/mmfaq.htm
> Post: mailto:ARC5 at mailman.qth.net
> 
> This list hosted by: http://www.qsl.net
> Please help support this email list: http://www.qsl.net/donate.html



Kenneth G. Gordon W7EKB

"Courage is being scared to death but saddling up anyway."--- John   Wayne

More information about the ARC5 mailing list