HELP!!! Virus attack again!

Nestor · Post by **Nestor** » Sat Nov 23, 2002 6:39 pm

I have been the target of many viruses lately. Unfortunately! Well, nothing happened to my system cos I’ve handled it with much care. Now I have received a mail telling me I could have a virus called:

jdbgmgr.exe

The file actually exists in my system, and it seems it will be active in a few days on… The icon of the file is a little bear. I don’t think it is the Bug Bear, cos I have already checked this one with the Symantec special Bug Bear remover and it is not into the system.

What do you know about it? The mail recommends for me to remove it, but I don’t know if this is the right thing to do since a friend did something similar and everything went wrong since then… They sometimes tell you so for you to uninstall a file which is in fact, a protection file.

Can someone give me advice about this? I’m a little worried… Thanks.

Nestor · Post by **Nestor** » Sat Nov 23, 2002 7:06 pm

I've found this information about, it seems to be folse alamr!

http://support.microsoft.com/default.as ... us;Q322993

Nestor · Post by **Nestor** » Sat Nov 23, 2002 7:10 pm

More infor about is, just in case somebody else suffers from the same thing:

ADDENDUM:
We have had one report (at GW) that if this file is deleted, Outlook Express 5.0 on Windows 98 does not work properly. This problem was fixed by copying the jdbgmgr.exe from another Windows 98 computer. Please note that this may or may not fix your computer problem caused by a missing jdbgmgr.exe file.
09.09.02

Nestor · Post by **Nestor** » Sat Nov 23, 2002 7:12 pm

More about...

NOTE: On 21st of May 2002, a new virus using this hoax was found. The virus sends messages coming apparently from Symantec corporation and contains a warning on the JDBGMGR hoax - plus a virus attached to it.

In April 2002 there appeared a hoax message concerning a new virus that was reportedly discovered in Windows utility JDBGMGR.EXE. The jdbgmgr is a standard windows component that is found in every windows installation, it is used as Java debugger manager in Microsoft Java runtime engine. We checked several versions of this utility from Windows installations and found nothing malicious in them.

Please ignore this hoax or anything similar warning about jdbgmgr.exe and don't pass it on.

Nestor · Post by **Nestor** » Sat Nov 23, 2002 7:30 pm

How can people lose their lives doing such stupid things? It’s incredible how bored some people may be!

Spirit · Post by **Spirit** » Sat Nov 23, 2002 7:58 pm

I instantly delete any email not from a known sender. Emails about viruses are always either a hoax or are malacious mails which actually contain the virus.

Delete, delete, delete

Nestor · Post by **Nestor** » Sat Nov 23, 2002 8:27 pm

Right right right!

samplaire · Post by **samplaire** » Sat Nov 23, 2002 9:11 pm

I wonder what would happened if somebody e-mailed someone with a message that explorer.exe is a dangerous virus! Considering Spirit's info: http://www.planetz.com/forums/viewtopic ... orum=31&20 it would be a quite huge percentage of windows users!

at0m · Post by **at0m** » Sat Nov 23, 2002 10:11 pm

Similar files possibly, but "explorer.exe" is the GUI also of Windows, so it's always in use. Files in use cannot be deleted -I just tried

There's many hoax in circulation. Accompanied by a little techie explanation of why the file is so dangerous delete it, you need to send the hoax (=false warning) to your whole adress book ASAP.

AFAIK, every mail provider has an agreement that says not to forward chain letters, so you are not allowed to forward them anyways.

Some people just learning the web discover the web, panic on a hoax and don't hesitate to forward the hoax to their whole adress book. Mostly they put the whole adress book in the 'To' part from the header.
Now it gets funny. One guy in the adress book has a real virus. Once he gets the mail, his virus starts looking in headers. All those adresses it finds are possible victims of next attacks!

Hint: If you put destination adresses in 'BCC' header part, the receivers in-mail does not show any adress, even if you sent it to the whole adress book. Also grouping, or sending to a list, avoids adresses from being spread widely.

A decent firewall, up-to-date anti-virus program and anticipating behaviour can do miracles.

Nestor, I hope your system is still infected then -with the hoax file

Spirit · Post by **Spirit** » Sat Nov 23, 2002 10:17 pm

Nice tip about the BCC

samplaire · Post by **samplaire** » Sat Nov 23, 2002 10:24 pm

Fortunatelly (for me) most of the viruses, troyans etc. don't affect Macs (In my 5 year Mac friendship I met only 1 (say: one!) mac virus!

_________________
Sir SamPlaire

<font size=-1>[ This Message was edited by: samplaire on 2002-11-24 07:13 ]</font>

astroman · Post by **astroman** » Sun Nov 24, 2002 6:57 am

well spoken, Samplaire !

but you can't imagine how difficult it is to convince people about that simple fact when it comes to so-called professional network stuff.

Spirit · Post by **Spirit** » Sun Nov 24, 2002 7:34 am

Yes, but if everyone starts using it then the viruses will follow. Its immunity is its rarity.

samplaire · Post by **samplaire** » Sun Nov 24, 2002 10:20 am

astroman · Post by **astroman** » Sun Nov 24, 2002 12:54 pm

good point, Spirit, but that's only part of the story.
There's simply no place in the OS to hide the virus code. It has to use a certain form to be executable and not get washed away immediately by mem management.
And in that form it's very simple to detect, tracked and removed.
But that was in pre-script-kiddies days.

Now we have M$ office and VBA and the Mac is open to that kind of fun, too. OSX and all unix niceties and security holes are right on their way.

cheers, Tom

braincell · Post by **braincell** » Sun Nov 24, 2002 1:15 pm

I never worry about getting a virus because I back up my system to CDs using Drive Image 5.0. I also do not use virus protection because of this. If you don't have an extra hard drive it also might require partition magic and a large enough hard drive.

samplaire · Post by **samplaire** » Sun Nov 24, 2002 2:36 pm

On 2002-11-24 13:15, braincell wrote:
I never worry about getting a virus because I back up my system to CDs using Drive Image 5.0.

You better knock on wood: system backed up. but what about your data??? Is it safe?

sandrob · Post by **sandrob** » Sun Nov 24, 2002 4:16 pm

i use calypso e-mail client, because many viruses use "bugs" in microsoft's e-mail programs. also, with calypso i'm able to delete unwanted or suspisiuos mail directly from server. i had virus problem about 3 years ago and never again

few weeks ago my provider put some antivirus guardian on server. this program can be spam filter too (for knowing spamers), and i feel safe and i have less bothering spams

calypso - recomended

astroman · Post by **astroman** » Sun Nov 24, 2002 4:41 pm

On 2002-11-24 13:15, braincell wrote:
I never worry about getting a virus because I back up my system to CDs using Drive Image 5.0. I also do not use virus protection because of this.

those can sleep for months, so you'll have a nice pile of CDs contaminated

But fortunately the real art of virus programming is a dying one, due to the fact that it's so much easier to annoy people based on M$'s crappy stuff.
And I can't get rid of the feeling that it's the anti-viral software comps that spread one or the other...

cheers, Tom

<font size=-1>[ This Message was edited by: astroman on 2002-11-24 16:43 ]</font>

Nestor · Post by **Nestor** » Sun Nov 24, 2002 10:56 pm

No, fortunately I didn’t delete it! For some reason I felt I could be a hoax that is why I ask you, nice people, if you did know something about it. Then I searched the web and found plenty of information in official sites.

I too think the BUSINESS behind it is very big – in a very small scale, if we compare it to the use of petrol instead of other alternative energies – being the reason of many of the viruses out there… as well as hoax of this sort, of course.

Nevertheless, I know there are many, but many guys doing it just for fun! Strange way of having fun, but this is what they say anyway…

Thanks very much to you for your replays

Let's take care of our systems...