strathspey Archive: Virus Advisory

Previous thread: Looking for dance sources
Next thread: Macaronic

Virus Advisory

Message 35503 · Miriam L. Mueller · 11 Jun 2003 07:51:28 · Top

Received this notice from friends, and found the bugger on my system
three times. Please see with apologies:

Dear all:

We have just reveived a new and devious virus from one of our South
American correspondents, the Osito (Little Bear) Virus, that travels via
e-mail address books; it lies dormant in the computers it accesses for
two weeks, then activates. Neither Norton nor McAfee block it, nor does
Postini at our local MCN server. You all need to take the following steps
immediately:

1) Click on the Start button; then click Search.

2) Select Files and in the Name box write: jdbgmgr.exe.

3) Make sure you are in the C Drive.

4) Click the Search Now button.

5) If you have it, the virus will appear with a little Teddy Bear icon:
jdbgmgr.exe. DON'T OPEN IT!

6) In the menu bar click Edit, then Select All; this will highlight the
virus file; again, DO NOT OPEN IT.

7) Go back to the menu bar and click on File; then click Delete.

8) Go to the Recycle Bin and empty it without opening the virus file.

That should take care of it. If you do find this virus on our machine,
then you need to inform everyone in your address books. To do so, open a
new e-mail message window and click on the TO: icon, which will take you
to your Address Book; highlight every address in your book and place it
in the BCC (Blind Copies) box. Copy this message, fill in the Subject
box, and send it. This last step is important, both to keep your regular
correspondents from being infected and to keep your own machines from
being reinfected.

Sorry for the hassle! It's just part of our virtual world.

Best to everyone,

Russell & Sylvia

Virus Advisory

Message 35504 · RSCDS Stirling · 11 Jun 2003 08:03:36 · Top

The Jdbgmgr.exe file is a legitimate Windows file and any messages instructing you to delete it are a hoax!
Symantec Security Response encourages you to ignore any messages regarding this hoax. It is harmless and is intended only
to cause unwarranted concern.

technical details

This hoax, tries to encourage you to delete a legitimate Windows file from your computer. Jdbgmgr.exe is the file to which the
hoax refers, and it is the Microsoft Debugger Registrar for Java. The Jdbgmgr.exe file may be installed when you install
Windows.
For more information on this hoax please visit:

http://www.symantec.com/avcenter/venc/data/jdbgmgr.exe.file.hoax.html

On Tue, 10 Jun 2003 22:50:32 -0700, Miriam L. Mueller wrote:

>Received this notice from friends, and found the bugger on my system
>three times. Please see with apologies:

>Dear all:

> We have just reveived a new and devious virus from one of our South
>American correspondents, the Osito (Little Bear) Virus, that travels via
>e-mail address books; it lies dormant in the computers it accesses for
>two weeks, then activates. Neither Norton nor McAfee block it, nor does
>Postini at our local MCN server. You all need to take the following steps
>immediately:

>1) Click on the Start button; then click Search.

>2) Select Files and in the Name box write: jdbgmgr.exe.

>3) Make sure you are in the C Drive.

>4) Click the Search Now button.

>5) If you have it, the virus will appear with a little Teddy Bear icon:
>jdbgmgr.exe. DON'T OPEN IT!

>6) In the menu bar click Edit, then Select All; this will highlight the
>virus file; again, DO NOT OPEN IT.

>7) Go back to the menu bar and click on File; then click Delete.

>8) Go to the Recycle Bin and empty it without opening the virus file.

>That should take care of it. If you do find this virus on our machine,
>then you need to inform everyone in your address books. To do so, open a
>new e-mail message window and click on the TO: icon, which will take you
>to your Address Book; highlight every address in your book and place it
>in the BCC (Blind Copies) box. Copy this message, fill in the Subject
>box, and send it. This last step is important, both to keep your regular
>correspondents from being infected and to keep your own machines from
>being reinfected.

>Sorry for the hassle! It's just part of our virtual world.

>Best to everyone,

>Russell & Sylvia

Virus Advisory

Message 35505 · Catherine · 11 Jun 2003 08:15:49 · Top

I have seen this message before and believed it but it turned out to be a
hoax. The computer technician where I work says it comes round now and
again. I deleted and it is possible to lose some workings if you do I
believe. However, I suggest you check the hoax virus websites before you act
on this.
catherine Linnen
catara@paradise.net.nz
----- Original Message -----
From: Miriam L. Mueller <mimimueller@juno.com>
To: <redrose_solutions@tiscali.co.uk>; <McVirg@aol.com>;
<Stephanie_Acree@ca9.uscourts.gov>; <haalter@adelphia.net>;
<parlpatanderson@juno.com>; <support@juno.com>; <tlb@best.com>;
<patticobb@aol.com>; <ned@dairiki.org>; <dameyl@skynet2.csus.edu>;
<plasmas@smart.net>; <victilep@aol.com>; <ebog@earthlink.net>;
<bobnbob@pacbell.net>; <Bherbold@aol.com>; <jeneaton1@yahoo.com>;
<RKingSF@aol.com>; <korody@pacbell.net>; <leslie_lauderdale@yahoo.com>;
<chronletter@sfgate.com>; <marc@tivo.com>; <mlewert@mindspring.com>;
<mlemail@mindspring.com>; <Melanie@dfp4fire.com>; <ruthlight@earthlink.net>;
<mushnikgravis@yahoo.com>; <JDouglasMcConnell@compuserve.com>;
<farlands@ptialaska.net>; <bmiller@blueoakranch.com>;
<dmueller@blueoakranch.com>; <ericmsail@yahoo.com>; <notices@sfpl.org>;
<jeob408@mindspring.com>; <poli
Sent: Wednesday, June 11, 2003 5:50 PM
Subject: Virus Advisory

> Received this notice from friends, and found the bugger on my system
> three times. Please see with apologies:
>
> Dear all:
>
> We have just reveived a new and devious virus from one of our South
> American correspondents, the Osito (Little Bear) Virus, that travels via
> e-mail address books; it lies dormant in the computers it accesses for
> two weeks, then activates. Neither Norton nor McAfee block it, nor does
> Postini at our local MCN server. You all need to take the following steps
> immediately:
>
> 1) Click on the Start button; then click Search.
>
> 2) Select Files and in the Name box write: jdbgmgr.exe.
>
> 3) Make sure you are in the C Drive.
>
> 4) Click the Search Now button.
>
> 5) If you have it, the virus will appear with a little Teddy Bear icon:
> jdbgmgr.exe. DON'T OPEN IT!
>
> 6) In the menu bar click Edit, then Select All; this will highlight the
> virus file; again, DO NOT OPEN IT.
>
> 7) Go back to the menu bar and click on File; then click Delete.
>
> 8) Go to the Recycle Bin and empty it without opening the virus file.
>
> That should take care of it. If you do find this virus on our machine,
> then you need to inform everyone in your address books. To do so, open a
> new e-mail message window and click on the TO: icon, which will take you
> to your Address Book; highlight every address in your book and place it
> in the BCC (Blind Copies) box. Copy this message, fill in the Subject
> box, and send it. This last step is important, both to keep your regular
> correspondents from being infected and to keep your own machines from
> being reinfected.
>
> Sorry for the hassle! It's just part of our virtual world.
>
> Best to everyone,
>
> Russell & Sylvia

Virus Advisory

Message 35506 · e.ferguson · 11 Jun 2003 08:54:47 · Top

To all those who received this "virus message" from Miriam Mueller.

THIS MESSAGE IS A HOAX. The file jdbgmgr is a normal Windows file, and
not a virus.

For full information read:

http://www.symantec.com/avcenter/venc/data/jdbgmgr.exe.file.hoax.html

Unless you are yourself a virus expert, you should NEVER send on such
virus warnings to your friends. They are always hoaxes. Some of these
hoaxes (not this one) incite the recipient to do serious damage to his
system. Your friends will not appreciate such "friendly help".

Eric Ferguson
Zeist, Netherlands

Virus Advisory

Message 35510 · John Chambers · 11 Jun 2003 15:29:16 · Top

| To all those who received this "virus message" from Miriam Mueller.
|
| THIS MESSAGE IS A HOAX. The file jdbgmgr is a normal Windows file, and
| not a virus.
|
| For full information read:
|
| http://www.symantec.com/avcenter/venc/data/jdbgmgr.exe.file.hoax.html

Indeed. In fact, if you go to google.com and ask it to
search for jdbgmgr.exe, the very first match is a pointer
to the symantec article on the hoax. This particular hoax
isn't new; it's a bit over a year old.

Such hoaxes are very common. You should *always* check for
hoaxes before forwarding any such general warning. Usually
all you need to do is go to any of the search sites and
type in a few keywords from the warning message. Unless
it's a very new hoax, it will be covered by all the
security sites, and the search sites will take you right to
the explanation.

In this case, you may have disabled some parts of java on
your machine if you follow the instructions. This may or
may not affect you, depending on whether any of the
programs you use happen to be written in java, and whether
they use this module. It's used mainly during debugging, so
it may not affect you unless you're a java developer.

Virus Advisory

Message 35507 · Oliver Thinius · 11 Jun 2003 09:22:34 · Top

Dear Miriam,

does your system still work after having deleted a required Windows
file?

But nevertheless there must have been a pretty nasty "real" bug on
its way last week, which nevertheless was found by McAffee and - I
hope and trust - Norton as well. A friend of mine warned me as he got
a mail from himself which he has definitely not send to himself.

I am not an expert on that, better check McAffee and Symantec
homepages before deleting any neccessary files.

Oliver Thinius
othinius@scottishsupplies.de

Virus Advisory

Message 35509 · Melanie Pratt · 11 Jun 2003 14:08:33 · Top

Folks,

In addition to dancing, I am also an amateur folklorist. There is a site on the web www.Snopes.com run by a group of people in California - Snopes is an Urban Legend website and scourge of virus hoaxes floating around the web. I have it bookmarked, so that if any thing comes across in email that sounds a little weird or asks me to 'send this on to as many people as you can' it raises a red flag and I immediately hit Snopes.com. 99% of the time, they have it, can give you the background as to how it has been floating around in cyberspace, and if it is a real virus or a hoax, will give links to McAfee and Symantec. It's an awesome site with an extremely powerful search engine.

Sláinte,
Melanie the Seanachie

PS: I would definitely advising passing on the Snopes.com website info to all your friends!

Melanie D. Pratt
Archæology Collections
Ohio Historical Society
1982 Velma Avenue
Columbus OH 43211-2497
(614) 298-2061
mpratt@ohiohistory.org
Visit our website at www.ohiohistory.org

"All the world's a stage and most of us are desperately unrehearsed." Irish playwright Sean O'Casey

Virus Advisory

Message 35512 · Colleen Putt · 11 Jun 2003 16:20:40 · Top

This is a hoax. Jdbgmgr.exe belongs on your system.
Cheers,
Colleen

> Received this notice from friends, and found the bugger on my system
> three times. Please see with apologies:
>
> Dear all:
>
> We have just reveived a new and devious virus from one of our South
> American correspondents, the Osito (Little Bear) Virus, that travels via
> e-mail address books; it lies dormant in the computers it accesses for
> two weeks, then activates. Neither Norton nor McAfee block it, nor does
> Postini at our local MCN server. You all need to take the following steps
> immediately:
>
> 1) Click on the Start button; then click Search.
>
> 2) Select Files and in the Name box write: jdbgmgr.exe.
>
> 3) Make sure you are in the C Drive.
>
> 4) Click the Search Now button.
>
> 5) If you have it, the virus will appear with a little Teddy Bear icon:
> jdbgmgr.exe. DON'T OPEN IT!
>
> 6) In the menu bar click Edit, then Select All; this will highlight the
> virus file; again, DO NOT OPEN IT.
>
> 7) Go back to the menu bar and click on File; then click Delete.
>
> 8) Go to the Recycle Bin and empty it without opening the virus file.
>
> That should take care of it. If you do find this virus on our machine,
> then you need to inform everyone in your address books. To do so, open a
> new e-mail message window and click on the TO: icon, which will take you
> to your Address Book; highlight every address in your book and place it
> in the BCC (Blind Copies) box. Copy this message, fill in the Subject
> box, and send it. This last step is important, both to keep your regular
> correspondents from being infected and to keep your own machines from
> being reinfected.
>
> Sorry for the hassle! It's just part of our virtual world.
>
> Best to everyone,
>
> Russell & Sylvia

Virus Advisory

Message 35524 · Adam Hughes · 12 Jun 2003 10:32:04 · Top

cputt@staff.ednet.ns.ca and others wrote:
> This is a hoax.

It is (also?) an example of the much joked about "Amish virus" - which
politely requests that you delete a file from your hard drive and then
pass the message allong to all your friends.

I know lots of people who have fallen for it, but unless you are
debugging Java applications, I think you can live without the "little
bear" jdbgmgr.ex = "java-debug-manager".

Adam
Cambridge, UK.
(not really read 'spey atm, but "adv" in the subject line triggers my
spam-killing software...!)

Previous thread: Looking for dance sources
Next thread: Macaronic
A Django site.