Advertise with us

Moonlight meanderer

Heads up, look out for the Evil Updator Virus. Sandy's PC Watch #1

sandy
sandy
status:
offline
posts:
199
joined:
01/05/2006
Posted at

Okay, so now there's this virus that pops up on the screen saying that you should update your files on your computer. But wait, this thing does more than just put updates on your PC, it literally, freezes everything on your computer, your antivirus software, everything. I haven't actually gotten this popup, because I have Norton Internet Security which destroys popups, and that's set at a relatively high level of security. But my friend from New Jersey got it, and he clicked on the popup, and now his entire computer is completely unresponsive. This is not the only incident of this evil updater either. My mom's friend's brother got the same popup and it fried his PC also. *apparently this thing really disguises itself well as a legitimate update.* Anyway, if this pops up on your computer, X out of it right away, and no matter how many times you get it, close the damn thing and ignore it. I know everyone here is very well versed with computers, and PC behavior, but I thought I'd give you heads up because this virus is a tricky one.

If I hear of any more malicious bugs crawling around on the net I'll be sure to give you word on them. That's it from Sandy's PC Watch, stay tunned.

bongotezz
bongotezz
status:
offline
posts:
199
joined:
02/13/2007
Posted at

are you sure about the name of this virus cause norton has no info on this which makes me think this is a hoax.

here's norton's recent threat list

http://www.symantec.com/norton/security_response/threatexplorer/index.jsp

here's the E section of the list of known viruses

http://www.symantec.com/norton/security_response/threatexplorer/azlisting.jsp?azid=E

the only thing close to evil updater is evil the cat hoax which is quite old. while it is possible for viruses to destroy hardware such viruses are rather rare. if you got an email about this virus warning it's most likely a hoax. if you can't find it on norton's site it's also most likely a hoax.

lefarce
lefarce
status:
offline
posts:
199
joined:
02/09/2006
Posted at

Why would you ever click a random pop-up… ever?


I could probably find out exactly what it is, but my mate isn't picking up his phone (unrelated). But really it doesn't sound new. It does sound entirely avoidable.

Posted at

Just use a Mac.

No… wait… don't!
If more people use Macs, scumbags might try writing viruses for them!

Keep using Microsoft everybody!

Posted at

Dear CartoonProfessor,

Ahem! Morning Edition, December 17, 2007 · A report from a computer security firm shows hackers are increasingly targeting Macintosh computers. It's an unhappy change for Apple, since the Mac has long been touted as more secure than Windows PCs.

http://www.npr.org/templates/story/story.php?storyId=17307584

Actually I recall hearing this week about some uber nasty trojan or worm that actually protects itself and is very nearly AI smart about adapting to counter measures.

lefarce
lefarce
status:
offline
posts:
199
joined:
02/09/2006
Posted at

To the two posts above me…

When ever you mass market a product as indestructible, of course there will be droves of people trying to find out just how to break it. Mac dug it's own grave that way. Never tell a massive group of people that something is unhackable. Because the hackers in that massive group of people are going to take that as a challenge.

And that's why we DO have viruses for macs. :P

Ozoneocean
Ozoneocean
status:
offline
posts:
199
joined:
01/02/2004
Posted at

most viruses want to get money from people somehow these days… The idea is to get you to buy a program that'll get rid of the virus and free your data (kidnap/blackmail style), or they steal identity info, or turn your comp into a spambot… Or maybe just infest you with advertising popups.

I foolishly got the last kind a while ago… All antivirus programs were useless at protection or getting rid of it, especially Norton which was my main program… It WAS good in that it'd detect and block instances and attempted new downloads of it, but it couldn't remove the things that kept respawing the virus every time windows restarted.

I killed it off myself by doing a search for all files created around the virus infection time, working out which were the virus spawners, then putting the drive in another machine so it wouldn't load at the login (it was strongly tied to windows login), navigating to it and wiping it for good. -I knew it wouldn't run on or affect the other machine.

Posted at

Yes, apparently we are discussing the Storm Worm virus/trojan/worm which has grown so adaptable that it can mutate from one form of evil to another depending upon the counter measures used against it. The latest kicker is particularly evil in that it can now detect attempts at analysis and knock professional computer virus researchers off the internet for several days while they figure out how to cleanse their own infected computer.

None of this matters in that knowing about its latest ultra-adaptable version will protect anyone from getting their computer infected with it as it now can establish itself via a host of seemingly unrelated methods. Open the wrong e-mail and its got you. Open the wrong you-tube link and its got you, and I believe there are about at least five other ways it can infect your system.

I recall the one a few years ago that got you if you were merely surfing the internet itself. That's all you had to do. That one got me and shut me down for several days until I could rid my system of it.

The point I am making here is to counter lefarce's first reply. It's NOT entirely avoidable because it has learned to come at people in such a large variety of methods that all you have to do is be a bit more adventurous than usual or just slightly off your security conscious game that day and it's nailed you to the wall.

At the moment the best way to avoid contracting the latest mutated form of the Storm Worm virus/trojan/worm is to stop using the Internet period. Failing that then don't open anything that isn't from someone you personally know, not e-mail, not a link, not an account from a seemingly reputable company [because the beastie has learned how to fake such links as well to some extent].

Now I'm not going to do this. I am simply going to keep using the Internet like I've always done, remain very alert, and have the best attitude about it as possible when the inevitable happens again one day and my system gets an infection.

In reality the best preventative is to exercise a modicum of common sense [which may or may not help much anymore with these new generations of viruses] and keep everything backed up on a regular basis, BUT keep it backed up about one week before your typical recognition time.

In other words if it takes you between three days and a full week to finally acknowledge that you MUST have gotten a damn infection then routinely schedule your back ups for a trifle longer than a full week so that you do not back up the infection as well.

Aside from that keep on keeping on and hope for the very best. You see it can happen to anyone and nowadays vigilance and precaution are not necessarily going to prevent it from happening.

Posted at

You are welcome Sandy. It might or might not be the Storm Worm virus, but it's likely, yes.

sandy
sandy
status:
offline
posts:
199
joined:
01/05/2006
Posted at

Ahh, Thank you again Charliehorse, someone said it could be a hoax but you've proven that theory wrong. I'll be sure to keep all my security programs up to date. So far nothing's come over on my machine, and I hope it doesn't. Now I just got word that my friend, Kathryn is also having trouble with her PC, and that when she clicks on her Drunk Duck link, it takes her to an entirely different website all together. In fact she can't even access any of her normal sites. This is the third person I know who's having computer trouble. You're right, it's scary, and the thing us none of us know exactly how to combat it.

Posted at

I heard it last week on an NPR business segment update. I have tried since then to find the article segment in the NPR archives. I do recall hearing though that it is this old virus/worm/trojan and that it has adapted to the extent described. Now, I was hearing this while doing something else and therefore the fellow might have been describing a different virus that acted like the Storm Worm and in my mind I just lumped the two together. I do that sometimes.

Anyway, there was a warning about a major virus that had learned to adapt to anti-virus programs and was very dangerous indeed. I hope that someone can find what it was really all about because I am curious myself.

Posted at

In fact she can't even access any of her normal sites. This is the third person I know who's having computer trouble. You're right, it's scary, and the thing us none of us know exactly how to combat it.

Sounds like it might have hijacked the hosts file. I had something once which wouldn't let me reach google.com. However that was quite a while ago and I forget the fix for it.

sandy
sandy
status:
offline
posts:
199
joined:
01/05/2006
Posted at

Ouch. That's bad. She's a member here at Drunk Duck and she says that when she tries to access this site, it takes her to an entirely different website. She does not have a firewall up nor has she been able to upgrade her antivirus software. As far as I know she does not have Norton or Mackafee. I've had Norton Internet Security for a while and so far so good. *fingers crossed.* It even alerts me when things get switched to a DNS server so I quickly close that and refresh my screen.

bongotezz
bongotezz
status:
offline
posts:
199
joined:
02/13/2007
Posted at

I heard it last week on an NPR business segment update. I have tried since then to find the article segment in the NPR archives. I do recall hearing though that it is this old virus/worm/trojan and that it has adapted to the extent described. Now, I was hearing this while doing something else and therefore the fellow might have been describing a different virus that acted like the Storm Worm and in my mind I just lumped the two together. I do that sometimes.

Anyway, there was a warning about a major virus that had learned to adapt to anti-virus programs and was very dangerous indeed. I hope that someone can find what it was really all about because I am curious myself.

well, since norton doesn't list anything like what the OP posted about on it's recent threat list it's either some old virus, not a virus but possibly malware or adware, or a hoax.

lefarce
lefarce
status:
offline
posts:
199
joined:
02/09/2006
Posted at

I wouldn't worry about it too much. If it's as high profile as people say it is, it's only a matter of time before there is a clean up for it. Remeber Acebot? Now that was a cluster fuck trojan from hell, but almost all anti-viruses block it like nothing, at least now.

Now, the trojan the military uses is something else. It infects to the CPU. Try getting that off.

I know of countless viruses that bypass any known form of detection that are entirely private. The point is, if it's known there will be a fix in due time. The best prvention is knowledge. Know how things work and know how to avoid it.

bongotezz
bongotezz
status:
offline
posts:
199
joined:
02/13/2007
Posted at

Now, the trojan the military uses is something else. It infects to the CPU. Try getting that off.

this seems like a hoax to me too because i don't think that a CPU can store data after it loses power. the virus might be able to be loaded into the L1 cache since they are much larger now but once the power is off all the data is wiped. it's essentially ram used only by the CPU.

here's a link to a really evil virus http://en.wikipedia.org/wiki/CIH_virus
i ran into this one while working at a computer repair shop. it can destroy your mainboard by flashing the BIOS and erase the boot sector of your hard drive.

the Melissa virus http://en.wikipedia.org/wiki/Melissa_%28computer_worm%29 deletes files from your computer that are needed to run windows. it can also email your private data to other people.

lefarce
lefarce
status:
offline
posts:
199
joined:
02/09/2006
Posted at

I was told that was the level of infection. Not sure if that's true, but I trust the guy who told me.

On the other hand, I've seen it in action. Fucker won't let you reformat, there is no foreseeable way to remove it, and it loves to make your computer beep really fucking loud when it boots up. Not your standard error beeps either. Just really loud erratic ones that signal nothing besides your computer being massively fucked. My friend has been trying to get it off for months now, but may just be stuck buying a new computer. I'll ask for the name of it. All I remember being told was "it's infected down to the CPU" (maybe he meant L1, I dunno) and "it's a trojan the military uses, but some hackers have got ahold of it too".

My computer knowledge has been severely slipping though. I went and got and got certified, but thanks to my location I couldn't get a job with it. Now it's all just going to shit. What I'm posting mostly is stuff I've been told. Well, minus the prevention parts. That just comes from experience. I reformatted four months ago and so far all I got was a single trojan that I just removed in a matter of minutes. I don't use anti-virus tools.

OutofLine
OutofLine
status:
offline
posts:
199
joined:
09/09/2006
Posted at

Getting a good firewall helps too. My computer got infected by a virus (I think, not sure if it was Storm though) and I only noticed when my antivirus detected something and my firewall put up an alert telling me that a program I never heard of tried to connect to the Internet.

Instead of just clicking "Allow", I just let the alert stay on screen and googled the filename. It turned out to be some sort of virus which turns off the task manager (ctrl-alt-delete) and downloads malware. Thankfully, I managed to find instructions on how to restore the task manager and delete the virus manually.

If it wasn't for my firewall (I use Comodo, but any firewall would work too), I wouldn't have noticed it and would probably end up in a worse situation.

Croi Dhubh
Croi Dhubh
status:
offline
posts:
199
joined:
11/16/2007
Posted at

Now, the trojan the military uses is something else. It infects to the CPU. Try getting that off.
"Blast from the past" *eyes around nervously and walks off whistling nonchalantly*

Advertise with us

Moonlight meanderer

DDComics is community owned.

The following patrons help keep the lights on. You can support DDComics on Patreon.