[Bards] Hoaxes? We don' need no stinkin' hoaxes!

Samuel E Orton iainmacc at juno.com
Sun Dec 7 09:00:04 PST 2003 

        Good My Friends,

        Upon receiving a virus warning on this list this morning, I got
online and went to the McAfee and Symantec websites, as bitter experience
has taught me to do. Rest easy folks, this one was a hoax. The following
is quoted from Symantec.com's security response section:

-------------------------------------------------------------------------
--------------------------------
Symantec Security Response - Jdbgmgr.exe file hoax
  Jdbgmgr.exe file hoax
  Reported on: April 12, 2002 
  Last Updated on: December 03, 2003 10:25:09 AM

  This hoax, like the SULFNBK.EXE Warning hoax, tries to encourage you to
delete a legitimate Windows file from your computer. Jdbgmgr.exe is the
file to which the hoax refers, and it is the Microsoft Debugger Registrar
for Java. The Jdbgmgr.exe file may be installed when you      install
Windows.

Notes: 
  Some versions of this hoax take advantage of an actual threat, the
W32.bugbear at mm worm. The Jdbgmgr.exe file mentioned in the hoax has a
bear icon. The actual W32.bugbear at mm worm file is a .exe file and does
not have a bear icon. Other versions of this hoax have slightly different

ways in which they refer to the Jdbgmgr.exe file, usually in the subject
of the email message. 

For example: 
  Subject: "jdbg" Virus: how to detect and remove.

NOTE: Recent 
  The Windows Jdbgmgr.exe file has a teddy bear icon in the hoax.

CAUTION: A virus can infect Jdbgmgr.exe. The W32.Efortune.31384 at mm virus
in particular targets this file. Norton AntiVirus has provided protection
against W32.Efortune.31384 at mm since May 11, 2001.

NOTE: If you have already deleted the Jdbgmgr.exe file, in most cases,
you do not need to re-install it. The following quote is extracted from
the Microsoft Knowledge Base article, "Virus Hoax: Microsoft Debugger
Registrar for Java (Jdbgmgr.exe) Is Not a Virus (Q322993)."

  "The Microsoft Debugger Registrar for Java (Jdbgmgr.exe) is only used
by Microsoft Visual J++ 1.1 developers.
  If you follow the e-mail message instructions and delete this file, you
do not have to recover it unless you use Microsoft Visual J++ 1.1 to
develop Java programs on Windows XP, Windows NT 4.0, Windows 98 Second
Edition, Windows 98, or Windows 95."

  If you need to restore this file, follow the instructions in "Virus
Hoax: Microsoft Debugger Registrar for Java (Jdbgmgr.exe) Is Not a Virus
(Q322993)."

Hoax messages
  This hoax has appeared in several languages. Some examples of the exact
content, which is copied from the hoax message, are:


    English, version 2

    Dear All

    I'm sorry about this; but I received this E-mail from a 
    client regarding a virus that was inadvertently passed 
    on to everyone in their address book. I followed the 
    instructions and YES, IT WAS ON MY COMPUTER. 

    Since you are in my address book, I am sending this on 
    to you as a precaution. NORTON 2002 DID NOT DETECT IT! 

    Here are the instructions on how to check for this virus 
    and delete it if you have it too. It only took a few 
    minutes, following these instructions. Be sure to notify 
    all in your address book too (which will take longer 
    than deleting the virus from your computer). 

    Since you are in our address book, there is a good 
    chance you will find it in your computer too unless you 
    have an Apple or MAC. The virus (called jdbgmgr.exe) is 
    not detected by Norton or McAfee anti-virus systems. The 
    virus sits quietly for 14 days before damaging the 
    system. It is sent automatically by messenger and by the 
    address book, whether or not you sent Emails to your 
    contacts. Here's how to check for the virus and how to 
    get rid of it:?br> 
    YOU MUST DO THIS
    1. Go to Start, Go to Find or Search option 
    2. In the File Folder option, type the name: jdbgmgr.exe
    3. Be sure you search your C: drive and all sub-folders 
    and any other drives you may have. 
    4. Click "Find Now"
    5. The Virus has a Teddy Bear icon with the name 
    jdbgmgr.exe DO NOT OPEN IT 
    6. Go to Edit (on menu bar), choose "Select All" to 
    highlight the file without opening it. 
    7. Now go to File (on the menu bar) and select Delete. 
    It will then go to the Recycle Bin. 
    8. Go to the Recycle Bin and Delete it
    IF YOU FIND THE VIRUS, YOU MUST CONTACT ALL THE PEOPLE 
    IN YOUR ADDRESS BOOK, SO THEY CAN ERADICATE IT IN THEIR 
    OWN ADDRESS BOOKS. 

    To do this:
    a) Open a new e-mail message
    b) Click the icon of the address book next to the "TO"
    c) Highlight every name and add to "BCC"
    d) Copy this message enter subject paste to e-mail
    Am very sorry about this nuisance. This age of 
    technology is not that great sometimes. We are victims! 

-------------------------------------------------------------------------
-------------------------------

        My friends, there are many strange and twisted people out there,
and some of them will delight in having people they will never meet put
themselves to trouble, only to delete legitimate files and possibly
hamstring their own computer (ala sulfnbk.exe hoax).  
        Please, when you get a virus warning, never assume anything,
either about your safety or about your danger. Go online to McAfee or
Symantec and search their security responses. You'd be amazed at the
number of things like this there are.

                                                                In Joyful
Service,

                                                                       
Iain MacCrimmon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ansteorra.org/pipermail/bards-ansteorra.org/attachments/20031207/d73d0626/attachment.htm>

More information about the Bards mailing list