[NR] virus

Beth Turner nellwynn0 at lycos.com
Thu Aug 14 09:34:57 PDT 2003


I learned when I was working as an online tech to check out all virus warnings that you get from individuals.  This is what McAfee has to say about the jdbgmgr.exe "virus"
.  
Virus Profile 
 
Virus Information 
Name: Jdbgmgr.exe hoax 
Risk Assessment   
  - Home Users: N/A 
  - Corporate Users: N/A 
Date Discovered: N/A 
Date Added: 4/8/2002 
Origin: Unknown 
Length: 0 
Type: Hoax 
SubType: - 
DAT Required: N/A 
 
  Quick Links 
Virus Characteristics 
Removal Instructions 
 
 
Buy or Update 
 New Users Get Protected Now:
Buy VirusScan Online 
 
 Update VirusScan Online 
 
 
 
Virus Characteristics  
 
AVERT HOAX Notice!!

McAfee AVERT Labs would like to inform you of a new email HOAX.

This email message is just a HOAX. Although, the JDBGMGR.EXE file may become infected by a number of valid viruses (most commonly W32/Magistr at MM), the details of this HOAX message are not based on actual events.

We are advising users who receive the email to delete the message and DO NOT pass it on as this is how an email HOAX propagates.

JDBGMGR.EXE is the Microsoft Debugger Registrar for Java. This application is only useful for Java developers and does not need to be restored on other user's systems. In the event that this file has already been deleted and you need to restore it, see the Removal Instructions for instructions. 
It uses this icon: 

 

Below is the actual text from the message that may be received via email. There are numerous variations on these messages. 

(English version)

I found the little bear in my machine because of that I am sending this message in order for you to find it in your machine.  The procedure is very simple: 

The objective of this e-mail is to warn all Hotmail users about a new virus that is spreading by MSN Messenger.  The name of this virus is jdbgmgr.exe and it is sent automatically by the Messenger and by the address book too.  The virus is not detected by McAfee or Norton and it stays quiet for 14 days before damaging the system.  

The virus can be cleaned before it deletes the files from your system.  In order to eliminate it, it is just necessary to do the following steps: 
1. Go to Start, click "Search"
2.- In the "Files or Folders option" write the name jdbgmgr.exe 
3.- Be sure that you are searching in the drive "C" 
4.- Click "find now" 
5.- If the virus is there (it has a little bear-like icon with the name of jdbgmgr.exe DO NOT OPEN IT FOR ANY REASON
6.- Right click and delete it (it will go to the Recycle bin) 
7.- Go to the recycle bin and delete it or empty the recycle bin. 

IF YOU FIND THE VIRUS IN ALL OF YOUR SYSTEMS SEND THIS MESSAGE TO ALL OF YOUR CONTACTS LOCATED IN YOUR ADDRESS BOOK BEFORE IT CAN CAUSE ANY DAMAGE.

  
And this is from Norton:

Jdbgmgr.exe file hoax  
Reported on: April 12, 2002  
Last Updated on: July 19, 2003 02:47:09 AM 

  
  

Symantec Security Response encourages you to ignore any messages regarding this hoax. It is harmless and is intended only to cause unwarranted concern.


Type: Hoax 




This hoax, like the SULFNBK.EXE Warning hoax, tries to encourage you to delete a legitimate Windows file from your computer. Jdbgmgr.exe is the file to which the hoax refers, and it is the Microsoft Debugger Registrar for Java. The Jdbgmgr.exe file may be installed when you install Windows.




--------------------------------------------------------------------------------
Notes: 
Some versions of this hoax take advantage of an actual threat, the W32.bugbear at mm worm. The Jdbgmgr.exe file mentioned in the hoax has a bear icon. The actual W32.bugbear at mm worm file is a .exe file and does not have a bear icon. 
Other versions of this hoax have slightly different ways in which they refer to the Jdbgmgr.exe file, usually in the subject of the email message. 
For example: 

Subject: "jdbg" Virus: how to detect and remove.


--------------------------------------------------------------------------------



NOTE: Recent 

The Windows Jdbgmgr.exe file has a teddy bear icon in the hoax, as illustrated below:





CAUTION: A virus can infect Jdbgmgr.exe. The W32.Efortune.31384 at mm virus in particular targets this file. Norton AntiVirus has provided protection against W32.Efortune.31384 at mm since May 11, 2001.

NOTE: If you have already deleted the Jdbgmgr.exe file, in most cases, you do not need to re-install it. The following quote is extracted from the Microsoft Knowledge Base article, "Virus Hoax: Microsoft Debugger Registrar for Java (Jdbgmgr.exe) Is Not a Virus (Q322993)."

"The Microsoft Debugger Registrar for Java (Jdbgmgr.exe) is only used by Microsoft Visual J++ 1.1 developers.

If you follow the e-mail message instructions and delete this file, you do not have to recover it unless you use Microsoft Visual J++ 1.1 to develop Java programs on Windows XP, Windows NT 4.0, Windows 98 Second Edition, Windows 98, or Windows 95."

If you need to restore this file, follow the instructions in "Virus Hoax: Microsoft Debugger Registrar for Java (Jdbgmgr.exe) Is Not a Virus (Q322993)."


Hoax messages
This hoax has appeared in several languages. Some examples of the exact content, which is copied from the hoax message, are:

English, version 1

I found the little bear in my machine because of that I am sending this message in order for you to find it in your machine. The procedure is very simple:

The objective of this e-mail is to warn all Hotmail users about a new virus that is spreading by MSN Messenger. The name of this virus is jdbgmgr.exe and it is sent automatically by the Messenger and by the address book too. The virus is not detected by McAfee or Norton and it stays quiet for 14 days before damaging the system.

The virus can be cleaned before it deletes the files from your system. In order to eliminate it, it is just necessary to do the following steps:
1. Go to Start, click "Search"
2.- In the "Files or Folders option" write the name jdbgmgr.exe
3.- Be sure that you are searching in the drive "C"
4.- Click "find now"
5.- If the virus is there (it has a little bear-like icon with the name of jdbgmgr.exe DO NOT OPEN IT FOR ANY REASON
6.- Right click and delete it (it will go to the Recycle bin)
7.- Go to the recycle bin and delete it or empty the recycle bin.

IF YOU FIND THE VIRUS IN ALL OF YOUR SYSTEMS SEND THIS MESSAGE TO ALL OF YOUR CONTACTS LOCATED IN YOUR ADDRESS BOOK BEFORE IT CAN CAUSE ANY DAMAGE.


I hope both companies will forgive me for the copy and paste but it is important and it let me do it.

Nell

 
 




____________________________________________________________
Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail!
http://login.mail.lycos.com/r/referral?aid=27005



More information about the Northern mailing list