OT "United Postal Service" e-mail virus going around

[John Doe]

Apparently since July, there is a new virus going around from
"United Postal Service...UPS". It claims that a package was
undeliverable and you must pick it up. My neighbor's e-mail said
there would be a $36 per day charge, but apparently some don't have
that text. Unfortunately here the attachment was opened and the
computer was infected.

The solution was a time-consuming but straightforward procedure...
make a current copy of important files, delete the Windows
partition, restore a known good Windows partition into its place,
and then put the just copied current important files back in place
(and add anything useful, Windows updates for example, since the
known good copy was made, and then consider making a fresh copy of
the Windows partition).

Good luck and have fun.

 

[Peter]

Apparently since July, there is a new virus going around from
"United Postal Service...UPS". It claims that a package was
undeliverable and you must pick it up. My neighbor's e-mail said
there would be a $36 per day charge, but apparently some don't have
that text. Unfortunately here the attachment was opened and the
computer was infected.

The solution was a time-consuming but straightforward procedure...
make a current copy of important files, delete the Windows
partition, restore a known good Windows partition into its place,
and then put the just copied current important files back in place
(and add anything useful, Windows updates for example, since the
known good copy was made, and then consider making a fresh copy of
the Windows partition).

Good luck and have fun.

That's all fine if the user has had the sense to make a backup windows
partition. Are you suggesting that the only solution would be to
completely wipe the current Windows install and start again. Seems a
bit extreme.

 

[~AlicGinnis~]

Is he talking about using a clone of your widows partition?
I tried that with Aconis but it didn't work. (winxp system)

 

[John Doe]

I tried that with Aconis but it didn't work. (winxp system)

Oh well. Getting program updates from the Aconis website is
problematic here.

You can post screenshots someplace, that might help.

Here's where Disk Director 10 looks like with two hidden copies of
Windows.

http://www.flickr.com/photos/27532210@N04/3049715617/

I've made a hidden backup copy of Windows since Windows 95, using
various disk managers. Following is the procedure for Aconis Disk
Director 10. Using Windows XP SP3. Let him know if anything in the
following procedure needs further explanation, clarification, or
maybe correction.

By the way. Since Windows XP, I started having trouble with booting
to a partition that's not in the first position on the hard drive,
so I don't do that anymore. The first primary partition is always
the active Windows partition I'm currently using. I probably
shouldn't be booting to backup copies anyway, so it's nothing lost.

The following are things you don't necessarily have to do every time
you want to make a fresh copy of Windows.

.... open My Computer and rename your current partition to
"Firefox12" or whatever you feel like your current partition should
be described as (doing a clean install of Windows, it might be
something like "new01" or "hardware01")... this step is optional,
but you will want to have different drive names when you have two
copies in order to know which is the most recent copy

.... use your disk manager to free up hard drive space between your
Windows partition and the first visible partition... the amount of
free space should be enough to make two compressed copies of the
Windows partition... to be safe, free up two times the current size
of your Windows partition

These are things you have to do every time you make a copy. Assuming
you know how to use the Disk Director 10 interface.

.... open your disk manager

.... if you already have copies, delete the oldest copy

.... copy your Windows drive C to unallocated space... Copy as
Primary Partition

.... right click on the copy and use the Advanced menu to change that
partition from "Pri" to "Pri,Hid"... in other words, hide the copy
so that it's drive letter disappears

.... Commit all changes... this last step requires a reboot

These are things you have to do every time to restore a copy.
Assuming you know how to use the Disk Director 10 interface.

.... copy important files from your hard drive to removable media
(this step is critical... for some users, it might be easy as
copying the contents of My Documents and maybe an e-mail folder)...
I use both a USB flash drive (for the critical removable media copy)
and a visible extended logical partition separate from Windows
positioned at the end of the hard drive

.... delete your primary active Windows partition drive C

.... choose and copy a hidden Windows partition into the unallocated
first space you just made on your hard drive... Copy as Primary
Partition

.... right click on that destination copy and use the Advanced menu
to change that partition from "Pri,Hid" to "Pri"... also set that
first partition (your to-be Windows partition, the destination copy)
active so it changes from "Pri" to "Pri,Act"... in other words,
Unhide and Set Active that copy of Windows you will be using after
the reboot

If you have two hidden copies, your three first partitions on the
hard drive should be colored orange and described like this (as in
the link I posted above).

"Pri,Act"
"Pri,Hid"
"Pri,Hid"

Make sure it's that way before you reboot to execute changes. You
must have a primary active partition or you will be doing some
troubleshooting from boot disks. I have had no problems with Disk
Director 10, but I have years of experience and always keep copies
of important files to removable media.

Good luck and have fun.

 

[Peter]

Or if someone has done that for them.


If you want to wrestle with viruses, you can do that too.


It's radical and extremely effective. It requires important files be
copied to removable media, that should be done anyway. It rolls back
everything that various users have done to the PC over time. Then it
gives you the opportunity to update the computer with things that
have worked well since the last time you made a copy of Windows (at
that moment, or maybe days later after the user mentions something).
Then, if the new good stuff you just added took significant effort,
you can make a fresh copy of Windows. I've been doing it since
Windows 95. Making hidden copies of Windows has various uses.
Another is for making incremental backups during an installation.
Long ago, after starting to use the process, I remember the "oh
shit" when something started to go wrong slowly fade away. Now it's
bulletproof.

I'm not disagreeing that your system would work and that it's very
robust. I was just thinking of the scenario when someone comes to you
with their computer and says that they were foolish enough to open a UPS
email attachment and now their computer is misbehaving.

Personally, I do backup now and again, but I'm also rather sensible
about what I run on my computer in the first place and have been virus
and spyware free for most, if not all, of my computing life.

However, some people just can't be told and it's only a matter of time
before they're back again with a messed up computer.

 

[John Doe]

I was just thinking of the scenario when someone comes to you with
their computer and says that they were foolish enough to open a
UPS email attachment and now their computer is misbehaving.

If they had not been told repeatedly that their system is bulletproof,
yes. They let anyone use it, and they've got lots of kids too.

Personally, I do backup now and again,

However, some people just can't be told and it's only a matter of
time before they're back again with a messed up computer.

They come here from time to time. It's good reinforcement IMO.