Virus warning!!!

[Nautibusiness]

Please can mods move this to wherever it will be seen by most people.
I almost only ever come in here so...

This has just happened here at Parkstone Bay.
A colleague at work just had an email to one of our work email addresses.

It purports to be from UPS and states they tried to deliver a parcel on "X" date. "Click here to view details and print off a note to take to your nearest UPS depot".

...Or words to that effect.

Don't click it!!!! Her computer is now dead as a dodo and the "System Fix" files that come up afterwards are actually from the people who sent the virus.

 

[elton]

There's one born every minute

 

[jimg]

Yes,

That sort of email has been floating around for quite a while, I guess she had no anti virus software?

 

[Nautibusiness]

Yes,

That sort of email has been floating around for quite a while, I guess she had no anti virus software?

No, she does have.
Part of our network and via one of our info@ addresses.

All managed by a very expensive per hour IT firm...

She didn't suspect anything, especially at the time of year with parcels not only arriving all through the day for work, but with staff getting pressies delivered here etc too.

I didn't see it, but apparently it looked very real.

 

[elton]

No, she does have.
Part of our network and via one of our info@ addresses.

All managed by a very expensive per hour IT firm...

She didn't suspect anything, especially at the time of year with parcels not only arriving all through the day for work, but with staff getting pressies delivered here etc too.

I didn't see it, but apparently it looked very real.

Didn't she get a message like this when she opened the email or clicked on the link?

 

[Nautibusiness]

Didn't she get a message like this when she opened the email or clicked on the link?

No
Apparently it looked more like a zip file and suggested it was a PDF not an .exe file.
...her words not mine.

 

[elton]

No
Apparently it looked more like a zip file and suggested it was a PDF not an .exe file.
...her words not mine.

As far as I'm aware, you can't get a virus from a PDF, but executables are sometimes attached to emails with a name such as document.pdf.exe and (depending on how Windows is configured), the exe extension is invisible.

However, if the pc has user access control sensibly configured, a dialogue such as the one above would always be displayed if an attempt to execute an attachment is made.

 

[VicS]

Google UPS virus

You will find out how to remove it. It is apparently very simple.

 

[Cymrogwyllt]

http://www.howtogeek.com/howto/9207/fix-the-fake-ups-tracking-number-virus-rebooting-your-machine/

any help?

 

[Hurricane]

Didn't she get a message like this when she opened the email or clicked on the link?

Thats the UAC
I think it's Windows Vista onwards but definately in Windows 7 and not XP
The UAC can be disabled and as I say not much help if you are using XP and before.
However, I agree that virus software should trap these kinds of things.

 

[Nautibusiness]

http://www.howtogeek.com/howto/9207/fix-the-fake-ups-tracking-number-virus-rebooting-your-machine/

any help?

Thanks very much... I've forwarded it on to the lady in question whi is currently working on a different machine.

 

[Bandit]

I have had the same thing at work from Courier companies and now supposedly American Airlines

 

[oceanfroggie]

Assuming her pc was backed up the day before, just pop bootable recovery DVD in, reboot and restore most recent disk image backup (ie this wipes disk completely before restoring disk partitions and boot sector)

• Make daily/nightly backup image of PC disk
• Keep AV upto date daily
• Never open attachment from untrusted source
• Never click a link in an email from any source
• Dont open email from unknowns - just delete

70% of office PCs are not fully backed up regularly (ie only servers are)
95% of home PCs are not fully backup up regularly by users

Most home users only have limited file backups which means many hours or even days to get a pc back as it was. Disk image backups mean 100% recovery within an hour, everything back, no need to reinstall and configure a gazillion apps never mind find the stuff and lost license keys.

 

[Robin]

Assuming her pc was backed up the day before, just pop bootable recovery DVD in, reboot and restore most recent disk image backup (ie this wipes disk completely before restoring disk partitions and boot sector)

• Make daily/nightly backup image of PC disk
• Keep AV upto date daily
• Never open attachment from untrusted source
• Never click a link in an email from any source
• Dont open email from unknowns - just delete

70% of office PCs are not fully backed up regularly (ie only servers are)
95% of home PCs are not fully backup up regularly by users

Most home users only have limited file backups which means many hours or even days to get a pc back as it was. Disk image backups mean 100% recovery within an hour, everything back, no need to reinstall and configure a gazillion apps never mind find the stuff and lost license keys.

That covers my case for sure but I've been careful and lucky so far. Presumably you mean a disk image backed up on a separate device, if so can you suggest something affordable that a numptie can use? My fear is not so much for the data files which I do back up, but as you say for the hassle of having to reload every program let alone those where the original disks have vanished, licence keys lost or whatever.

 

[oceanfroggie]

That covers my case for sure but I've been careful and lucky so far. Presumably you mean a disk image backed up on a separate device, if so can you suggest something affordable that a numptie can use? My fear is not so much for the data files which I do back up, but as you say for the hassle of having to reload every program let alone those where the original disks have vanished, licence keys lost or whatever.

Use an external USB disk drive with something like 'Acronis True Image Home'

 

[grumpy_o_g]

That covers my case for sure but I've been careful and lucky so far. Presumably you mean a disk image backed up on a separate device, if so can you suggest something affordable that a numptie can use? My fear is not so much for the data files which I do back up, but as you say for the hassle of having to reload every program let alone those where the original disks have vanished, licence keys lost or whatever.

The free version of EaseUS Backup http://www.todo-backup.com/products/home/free-backup-software.htm works absolutely fine for me. I shoved an extra drive in the PC and then put two partitions on it; one for data and one for the OS and apps. I back up the data externally to a NAS drive and the OS I copy the entire partition to the other internal drive. I keep the originals all my apps on DVD - if I download one then I burn the download on to a DVD and keep those offsite (in my desk drawer at work to be precise). Licence keys are written on the DVD and also on a text file (but I'm not very good at keeping that up to date).

 

[Robin]

Thanks Oceanfoggie and Grumpy_o_g.

I think I need to do some research on getting an external drive set up. I have burnt backup program disks of some downloaded software, but not all especially where it is easily available on line or gets updated regularly (like OpenCPN for example) and that would mean a lot of time and trouble to set up again from scratch.

 

[oceanfroggie]

Thanks Oceanfoggie and Grumpy_o_g.

I think I need to do some research on getting an external drive set up. I have burnt backup program disks of some downloaded software, but not all especially where it is easily available on line or gets updated regularly (like OpenCPN for example) and that would mean a lot of time and trouble to set up again from scratch.

Backup software such as Acronis and others take raw image backups of disk partitions. You make a once off boot DVD for your pc and if you ever loose the disk, or have corruption, or a bad virus, just pop the bootable DVD and USB disk in and it will put all the partitions back including boot sector in under an hour. Also useful if you want to upgrade to a bigger hard disk. The whole migration takes only an hour instead of days reinstalling and reconfiguring everything. There are also 'cloud' versions if your broadband upload speed is fast enough.

 

[Robin]

I thought I was a numptie, now I know for sure!

I have a Toshiba laptop with what I think started with a HD capacity of 250GB split between 'C' loaded with Vista (51GB free space) and 'E' data (104GB free space). I made a bootable DVD set when I bought it as per Toshiba instructions and IIRC there is also an XP Recovery Disk setup hidden away somewhere that I didn't use.

It seems that pretty well everything is on 'C', including all my documents, pictures etc, with just the HDDRecovery Disk on drive 'E', which may be, or include, the Win XP one at 4.87GB.

All of which means very little to me other than to confirm my numpty qualifications.

 

[grumpy_o_g]

I have a Toshiba laptop with what I think started with a HD capacity of 250GB split between 'C' loaded with Vista (51GB free space) and 'E' data (104GB free space). I made a bootable DVD set when I bought it as per Toshiba instructions and IIRC there is also an XP Recovery Disk setup hidden away somewhere that I didn't use.

It seems that pretty well everything is on 'C', including all my documents, pictures etc, with just the HDDRecovery Disk on drive 'E', which may be, or include, the Win XP one at 4.87GB.

OK, you should have a very small partition/drive (usually 'D:') which just has the 4.87GB recovery partition and also a C: partition which will get everything on it unless you specifically set things up so it puts data somewhere else. If you have a DVD drive on it that is usually E: by default. It could have been changed quite easily though.

Follow these instructions here to open the disk management utility if you're not using it already. You'll something like this shot below which shows the Physical drives with their numbers and the Drive letters they are partitioned into. If you want any help setting things up pm me and I can easily pop over - I'm in Eastcliffe so not exactly a long haul...