|
"Virus Hoax:
Malicious Code Example"
Virus Hoax Warnings: Page 37
of 39
The Jdbgmgr Hoax/Worm
April 2002/June 2003
There are now two jdbmgr messagess; a hoax and a real worm. Some
miscreant has decided to make a hoax real so you need to be careful
what you do. The jdbgmgr.exe program is a real part of the Windows
operating system. It should normally not be removed though doing so
will not inconvenience most people. The miscreant has created a
computer worm called Recory that overwrites the jdbgmgr.exe program
with the worm code. In either case, do not run the jdbgmgr.exe
program if it is sent to you in an e-mail. In most cases, you do not
need to run the real jdbgmgr.exe program.
The easiest way to recognize the difference between the hoax and the
real version of jdbgmgr.exe is to look at the icon. The program with
the bear icon is the good one and the one with the tools icon is the
bad one.
The real jdbgmgr program. The recory worm.
Jump to the hoax or the worm.
The Jdbgmgr Hoax The jdbgmgr hoax is almost the same as the sulfnbk
hoax in that it tells you to delete a program that was installed
with Windows. jdbmgr.exe is the Java Debugger Manager and does have
an icon that looks like a Teddy Bear. It is not, normally, a virus.
As with all executables, it is not impossible to have a copy of
jdbmgr.exe that is infected by a virus but that virus will be
detected by your antivirus software.
Microsoft has posted the article Q322993 with information on how to
replace jdbgmgr.exe if you have deleted it. Subject: IMPORTANT-VIRUS
ALERT!!! Date: Thu, 18 Apr 2002 04:01:21 +0000
Hi everybody, I just wanted to let you know you should check your
computers by following the procedure that's next....I don't remember
getting an email with that file attachment, but I found it in my
system. Since I found the dumb little bear in my computer, I'm
sending you the info.
The virus is called jdbgmgr.exe and it transfers automatically
through Messenger and also through your address book and since I
have all of you in my address book I have to send everyone this
info. I'm sorry if this causes any problems. It certainly wasn't
intentional.
The virus isn't detected by McAfee or Norton and it remains in the
folder for 14 days before activating and harming the system. It can
be erased before it eliminates the files in your computer. To do
so, follow these steps:
1.- Click on "Start" 2.- Go to find "files and folders" and write
the name of jdbgmgr.exe 3.- Make sure it's looking in "C" drive. 4.-
Click on "Find now" 5.- If the virus appears (the icon is a little
bear that has the name of (jdbgmgr.exe) DO NOT OPEN IT FOR ANY
REASON 6.- Right click on it and delete it (it will go to the
recycle bin) 7.- Go to the recycle bin and either delete everything
in the folder, or right click on the little bear and delete.
If you find this virus in your computer, please send this message to
all the people in your address book before it causes any damage.
And a Spanish Version. me llego este mail y pues me parece
importante que lo lean y lo lleven a cabo porque yo encontre este
virus en mi computador. El motivo de este e-mail es advertir a todos
los usuarios de hotmail sobre un nuevo virus que circula por medio
del MSN Messenger. El virus se llama jdbgmgr.exe y se transmite
autom�ticamente por medio del Messenger y tambien por la libreta de
direcciones. El virus no es detectado por McAfee o Norton y
permanence en letargo durante 14 d�as antes de da�ar el sistema
entero. Puede ser borrado antes de que elimine los archivos de tu
computadora. Para eliminarlo, solo hay que hacer los pasos
siguientes:
1. Ir a Inicio, pulsar "buscar" 2.- En b�squeda "archivos o
carpetas" escribir el nombre jdbgmgr.exe 3.- Asegurarse de que este
buscando en disco "C" 4.- Pulsar en "buscar ahora" 5.- Si aparece el
virus (el icono es un osito) que tendr� el nombre de jdbgmgr.exe NO
ABRIR POR NINGUN MOTIVO. 6.- Pulsar en el bot�n derecho del rat�n y
eliminarlo (ira a la papelera de reciclaje). 7.- Ir a la papelera de
reciclaje y borrarlo definitivamente o bien vaciar la papelera
entera. SI ENCUENTRAN EN VIRUS EN SUS EQUIPOS MANDAR ESTE MENSAJE A
LAS PERSONAS QUE TENGAN EN SU LIBRETA DE DIRECCIONES ANTES DE QUE
CAUSE ALGUN DA�O
And now a German Version. All these nice people spending their time
to save you from something that does not exist. Subject:
Virus-Warnung
Auf jeden Fall durchlesen!!!
DRINGEND!!!
Nach einer Virus-Warnung von einem Freund habe ich den Virus
tats�chlich auch bei mir gefunden. Dieser breitet sich �ber mein
Adressbuch aus. Und Sie/Ihr steht auch alle in meinem Adressbuch. Es
ist wirklich ein Ernstfall! Bitte schaut umgehend nach!!!
Ausschnitt aus der bei mir eingetroffenen Warnung:
Das Virus verbreitet sich von Adressbuch zu Adressbuch, also bitte
gleich nachschauen. Es ist in der Tat von Norton und McAfee (und
AntiVir 9x) nicht auffindbar. Es schlummert etwa 14 Tage auf dem
Rechner, aktiviert sich dann selbst und l�scht s�mtliche Daten auf
der Festplatte.
Die Anweisung zu seiner Entfernung ist recht einfach: 1. Auf "Start"
klicken, dann auf "Suchen", dann auf Dateien/Ordner. 2. In der
Suchmaske "jdbgmgr.exe" eintippen - so heisst die Virusdatein 3. Bei
"Suchen in" muss die Festplatte drin stehen, in der Regel C: 4.
Suche starten 5. Wenn diese Datei auftaucht (sie hat einen kleinen
Teddyb�r)
AUF KEINEN FALL �FFNEN
6. Mit der rechten Maustaste den Dateinamen anklicken, dann l�schen
dr�cken 7. Bei der R�ckfrage ob die Anwendung tats�chlich in den
Papierkorb verschoben werden soll, Ja dr�cken 8. Auf den Desktop
gehen und den Papierkorb �ffnen 9. Die Datei "jdbgmgr.exe" im
Papierkorb suchen und mit der rechten Maustaste l�chen.
Wenn Du/Sie die Datei auf dem Rechner gefunden hast/haben, bitte
diese e-Mail an alle Kontakte im Adressbuch versenden, weil der
Virus �ber das Adressbuch verbreitet wird. Danke!
And now an Italian version for those of you who couldn't get it
wrong in the other languages. Potreste avere ricevuto da noi o da
altri vostri contatti, un virus che anche noi abbiamo a nostra volta
ricevuto. Esso spedisce automaticamente il virus ad ogni nominativo
presente nella rubrica indirizzi. Ci suono buone possibilit?che il
virus sia anche nel vostro computer dato che voi siete nel nostro
indirizzario. Il virus si chiama jdbgmgr.exe ed esso non viene
individuato dai programmi antivirus Norton o McAfee. Il virus rimane
inattivo per 14 giorni prima di danneggiare il sistema. Esso si
spedisce automaticamente a tutti i vostri contatti,
indipendentemente che voi spediate o no e-mail agli stessi Il virus
non si mostra come una e-mail e quindi dovete verificare il vostro
sistema seguendo le seguenti istruzioni per sbarazzarsi del virus:
1. Cliccare Start e poi TROVA quindi FILE o CARTELLE
2. scrivere il nome del file jdbgmgr
3. Accertatevi di cercare nel disco C: ed in tutte le sub-cartelle o
altri dischi drives che potreste avere (Risorse del computer).
4. Cliccate TROVA 5. Il virus ha come icona un orsetto Teddy bear
con il nome jdbgmgr.exe. NON APRITE ASSOLUTAMENTE IL FILE!!!
6. Se il file del virus ?presente nel vostro computer, evidenziatelo
cliccandoci sopra con il tasto destro del mouse e selezionate
ELIMINA.
7. Aprite il CESTINO, evidenziate il file ed eliminate il file anche
da qui!
SE AVETE TROVATO IL VIRUS, DOVETE CONTATTARE TUTTE LE PERSONE NEL
VOSTRO INDIRIZZIARIO, AFFINCHE' ANCHE LORO POSSANO CANCELLARE IL
VIRUS DAL LORO COMPUTER E RUBRICA.
Per fare questo:
1. Aprite una nuova e-mail
2. Cliccate sul simbolo della rubrica a fianco di A: (DESTINATARIO)
3. Evidenziate ogni contatto ed aggiungetelo alla sezione CCN
4. Copiate questo messaggio, incollate e spedite.
Ci scusiamo per il disagio causato che purtroppo ?indipendente dalla
nostra volont? Nonostante i sistemi fire-wall e antivirus qualche
hacker ogni tanto riesce nel suo intento
Copyright 2004 by Jay Jennings
|