|
13 Jun 02 - 09:22 PM (#729619) Subject: Teddy Bear Virus? From: wysiwyg I received the following in e-mail today. Is this a real one or a hoax one? I do have the file and icon mentioned. ~Susan ================================================== I received this from a person on one of out lists. It got past our Norton Anti Virus. I did a scan and found it on my system. Do check it out ON ALL YOUR DRIVES.!! PLEASE CHECK YOUR SYSTEM FOR THIS VIRUS and DELETE IT. The virus is called jdbgmgr.exe and IS NOT detected by Norton or McAfee anti-virus systems. The virus sits quietly for 14 days before damaging the system. It is sent automatically by the messenger and by the Address Book, whether or not you sent emails to your contacts. I have checked, and found it, and deleted it. here's how to check for the virus and get rid of it. DO THIS TO DELETE VIRUS: >1. Go to Start, Find, or Search option. >2. In the files/folder option, write the name jdbgmgr.exe >3. Be sure you search your C-Drive >4. Click "find now" >5. The virus has a teddy bear icon with the name jdbgmgr.exe. > DO NOT OPEN IT!!!!!!!!!!!!!! >6. RIGHT CLICK AND DELETE IT. >7. Go to the Recycle Bin and delete it there as well. >IMPORTANT - >IF YOU FIND THE VIRUS, YOU MUST CONTACT ALL THE PEOPLE IN YOUR ADDRESS BOOK SO THEY CAN ERADICATE IT IN THEIR OWN ADDRESS BOOKS. ============================================= |
|
13 Jun 02 - 09:24 PM (#729621) Subject: RE: Help: Teddy Bear Virus? From: wysiwyg Oh-- wait-- can I rely on the following? ~S~ ================================================ VB's comment The file jdbgmgr.exe is the Microsoft Debugger Registrar for Java, which will be present on most modern Windows Operating Systems. The application has a teddy-bear as its icon, and executing it is unlikely to have any visible effect. As such, the application in the vast majority of cases does not contain any viral code. Deleting it, as is suggested by some versions of the hoax, will not have a major impact on most computer users but is inadvisable. If you have deleteted this file there are methods built into most Windows versions to enable file recovery. It is worth noting that jdbmgr.exe could become infected by any number of common viruses. Several of these (for example W32/Magister) will infect standard Windows files and email them to other users. It is thought that a worried recipient of one of these infected files was the origin of the jdbmgr.exe hoax. Were you to be sent this file by email, it would be extremely inadvisable to run it, even if it were from someone you know and trust. This hoax has been seen in numerous languages. ==================================================== |
|
13 Jun 02 - 09:34 PM (#729623) Subject: RE: Help: Teddy Bear Virus? From: catspaw49 I alwyas rely on the Symantec/Norton site and you can CLICK HERE for the details on this hoax. Spaw |
|
13 Jun 02 - 09:52 PM (#729634) Subject: RE: Help: Teddy Bear Virus? From: Joe Offer Usually, even a Google search will give you enough to know if a virus warning is a hoax. Actually, I find that most virus warnings I receive are hoaxes, often sent to me by very well-intentioned people. It's usually not necessary to post or forward virus warnings - and you certainly shouldn't forward a warning until you've personally checked it out at a reputable antivirus site. People should rely on virus checkers, I think. Speaking of that, I do think it's wise for everybody to use a virus checker and keep it up to date. The klez32 worms seem to be very active. I get them at least a couple of times a day, but my antivirus software intercepts them. -Joe Offer- |
|
14 Jun 02 - 12:01 AM (#729693) Subject: RE: Help: Teddy Bear Virus? From: Stilly River Sage Joe, I assume that I'm receiving that klez worm a couple of times a day, but Norton does't get a chance to catch it because I delete any mail with attachments from anyone I don't know, and I question large files from folks I do know who didn't tell me they were sending anything. Yesterday klez made it appear that I mailed a file to myself (the worm picked up my address in someone else's address book and put me in as sender before sending it to me). You can visit the symantec and McAfee sites even if you aren't a subscriber to find out about viruses and hoaxes also. I use Norton Antivirus and have been updating almost daily ever since SirCam nailed my computer last year. http://www.symantec.com. They often provide free helpful files to eliminate or isolate the virus if you already have one of the particularly virulent ones that makes the rounds. SRS
|
|
14 Jun 02 - 12:12 AM (#729697) Subject: RE: Help: Teddy Bear Virus? From: Joe Offer Well, SRS, Norton Antivirus 2002 should catch it before you open e-mail. There are other worms that do their damage without your opening the e-mail message - so be careful. -Joe Offer- |
|
14 Jun 02 - 12:52 AM (#729709) Subject: RE: Help: Teddy Bear Virus? From: Escamillo Outlook Express Version 6 (downloadable from Microsoft)will at least tell you that a file is to be downloaded to your PC, and ask you for a confirmation. I usually disable absolutely all downloads using I.Explorer Tools. When I want to specifically download something, I enable downloads and later go back to downloads disabled. Before I got O.Express 6, many times I got the message "Your configuration does not allow to donwload this file" when I was not expecting any download. I suggest to never ever have the slightest doubt when receiveing a message recommending you to delete a file. I can imagine how the hackers lough at seeing us destroying our systems without them writing a single line of viral code. Un abrazo - Andrés
|
|
14 Jun 02 - 01:03 AM (#729716) Subject: RE: Help: Teddy Bear Virus? From: GUEST,DW at work These hoaxes actually take up more space and do more damage than the viruses they're supposed to warn you about. Running a major Statewide system, I get to see a lot of these, and believe me, there is someone out there writing these hoax warnings without a single qualm or twinge of conscience just to piss people off. If there really is a destructive virus going around, it will normally be a server generated message or else it'll be on local TV, radio, press whatever. DW |
|
14 Jun 02 - 01:18 AM (#729719) Subject: RE: Help: Teddy Bear Virus? From: GUEST,.gargoyle YOU are a frickin idiot!
This has been around for YEARS |
|
14 Jun 02 - 06:39 AM (#729805) Subject: RE: Help: Teddy Bear Virus? From: alanabit I don't see any evidence that WYSIWYG is an idiot on this thread. However, I can see some pretty convincing evidence that her manners are a lot nicer than yours "Gargoyle". |
|
14 Jun 02 - 07:42 AM (#729835) Subject: RE: Help: Teddy Bear Virus? From: Mr Red this is definitely "Poop in the Woods" |
|
14 Jun 02 - 08:38 AM (#729856) Subject: RE: Help: Teddy Bear Virus? From: aussiebloke For years eh? Norton/Symantec list it as being known since April 12, 2002. Datafellows list it as being known since April 2002, with a real virus using that same name (jdbgmgr.exe) known since May 2002. Gargoyle, would you please provide us with your citation/source for your assertion that it has been known 'for years' please? Oh, you cannot? I see. Maybe it is time you switched off your computer and went outside to play little boy... The moral of the story? Always check with one or both of these sites before forwarding a virus message, and most definately check before deleting any files. The hallmarks of a virus are: Reference to an authority you will recognize; "Microsoft released this yesterday"; "Just announced on CNN", that sort of thing. They usually contain dire warnings of imminent disaster; "Will destroy sector zero", "This virus will make your ice-cream squishy", or worse... Probably the most diagnostic sign of a hoax is the exhortation to "Send this to everyone on your list!" Always a dead giveaway. That, and fourteen exclamation marks!!!!!!!!!!!!!! - how can you take something seriously that has that? aussiebloke |
|
14 Jun 02 - 09:06 AM (#729869) Subject: RE: Help: Teddy Bear Virus? From: GUEST,Davetnova Perhaps Gargoyle thinks it has been around for years because similar hoaxes have been around for years. But not knowing that does not make someone an idiot. It can be worrying to receive an email describing a virus and then discover on checking that the file is on your computer. Checking Symantec or McAfee may put your mind at rest if they are aware of it, which usually they are fairly quickly, but to me the giveaway is usually the warning that Nortons/McAfee do not detect it. If a virus has been about long enough for emails about it to be circulating amongst Joe Public then both Nortons and McAfee WILL know about it. |
|
14 Jun 02 - 09:23 AM (#729879) Subject: RE: Help: Teddy Bear Virus? From: wysiwyg Of course I'm an idiot, we all are in some respect, but in this case I had a good reason for asking here. The forwards that went through our mail list had conflicting information about what the Symantec and other sites' information signified-- some messages indicated this was a new thing the others hadn't caught up with, some said it was a hoax, and there was everything in between. I knew our Catters would know what was up, so I came here to ask-- and as usual, found the smartest, most helpful people on the Net. Thanks for the kind comments, BTW, but no need to poke Gargoyle back, on my account, you know, really. ~Susan |
|
14 Jun 02 - 09:54 AM (#729897) Subject: RE: Help: Teddy Bear Virus? From: Mrrzy This is a new type of "virus" - instead of including code to tell your computer to destroy a needed file, it includes language to tell the USER to destroy a needed file. Now that is smart, and you don't even need to know any programming. Scary! |
|
14 Jun 02 - 12:51 PM (#729994) Subject: RE: Help: Teddy Bear Virus? From: Stilly River Sage WYSIWYG, There are several strategies to avoid worms and viruses. I don't open files that give Norton a chance to catch them, because though I trust Norton, I figure "why put it to the test" if I can spot these things first. If my email seems to be taking a long time to download, I'll stop it and switch over to my browser and go to the web version of the same mailbox. That tells me who is the sender and if there are attachments, but doesn't download unless I tell it to, and then, one at a time. If it is the stuff I would delete anyway, I just eliminate it there, deleting it directly from the server, and it never touches my computer. If you're having a lot of virus problems, you could set up an email account with Yahoo, which has Norton Antivirus set up to scan any files you ask it to. Again, it does it on their server, not your computer, helping you keep your machine clean. Finally, you couldn't pay me enough to consider using Microsoft Outlook or any of it's forms. I'm stuck with it at work, but at home I use Pegasus Mail and Netscape Communicator. Neither one is set in a preview mode (and I turned off the preview mode at work). When I picked up SirCam the Communicator was set up in it's default preview mode, so Netscape isn't imune, but I learn fast. Other emails are out there, like Eudora, that people really like and that don't seem to pick up as many viruses. I favor tucows for my downloads, but there are many others. Tucows ranks them, and has shareware, freeware, and full-bodied fee-based programs to choose from. SRS |
|
14 Jun 02 - 01:15 PM (#730017) Subject: RE: Help: Teddy Bear Virus? From: Mr Red FWIW I got a second hit from Klez32 as reported by Norton. Then I noticed a failed delivery and even though it said it was from the postmaster@cresby.com (I AM post, web and bottlewashing master) I went looking for the "original" message in the attachment. Me dumb? I survived a year by being careful and this one would have got me were it not for Norton. Yes me dumb!!! I phoned the real sender (as opposed to the declared one) and he was on the case immediately, with new firewall and A/V software. OK, OK, he knows now!!! Dumb? We all act dumb somedays - I got the divorce to prove it!!! |