LISTSERV - CANCHID Archives - LISTSERV.YORKU.CA

CANCHID Archives

Canadian Network on Health in Development

CANCHID@YORKU.CA

	LISTSERV Archives
	CANCHID Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: FW: Computer Virus Hoax
From:	"Nick Birkett (x8289)" <[log in to unmask]>
Reply To:	Canadian Network on Health in Development <[log in to unmask]>
Date:	Sat, 12 Oct 2002 14:56:01 -0400
Content-Type:	TEXT/PLAIN
Parts/Attachments:	TEXT/PLAIN (107 lines)

> AVERT HOAX Notice!!

I am not sure if you are saying that the warning about the BugBear virus
is a hoax or if you are refering to something else.  In any event, BugBear
is most definitely NOT a hoax.  It is a real nasty virus which spreads
through e-mail and through Microsoft LAN connections.  Our university
firewall filters out messages with viruses.  They are currently getting
between 10 and 20 'hits' PER SECOND for the bugbear virus.

BugBear is devious enough that it disables your viral checking software.
It also passes itself on through legitimate looking messages.  The fact
that I got Rob's original message through our firewall means that it does
not contain the virus.

The information about deleting 'jdbgmgr.exe' seems rather
bizzare.  However, the virus does put itself into the directory
Wint/system32 which is the home directory for the jdbgmgr.exe file.  The
virus names itself ?????.exe.  So it is possible that it might appear to
be the jdbgmgr.exe file.  However, in most cases simply deleting that file
will not remove the virus but will mess up your system.  So, I agree that
you should not treat the proposed solution as valid.

Bugbear also starts working immediately (my parents were infected
and, within 20 minutes, the bugbear virus was blocking the virus checking
software).

If people want to check for the virus, go to the Symantec site
(www.symantec.com), click on the Expanded Threat list and search
for Bugbear.  This will give most details, plus give a link from
which you can download the programme on that web site for detecting and
removing bugbear.

>
> McAfee AVERT Labs would like to inform you of a new email HOAX.
>
> This email message is just a HOAX. Although, the JDBGMGR.EXE file may become infected by
> a number of valid viruses (most commonly W32/Magistr@MM), the details of this HOAX
> message are not based on actual events.
>
> We are advising users who receive the email to delete the message and DO NOT pass it on
> as this is how an email HOAX propagates.
>
> JDBGMGR.EXE is the Microsoft Debugger Registrar for Java. In the event that this file has
> already been deleted, see the Removal Instructions on how to restore this file.
> It uses this icon:
>
>
>
> Below is the actual text from the message that may be received via email. There are
> numerous variations on these messages.
>
>
> On Oct 12, Rob Stevens <[log in to unmask]> wrote:
> >
> > Subject:        Computer Virus
> >
> > I regret that I may have passed to you a computer virus called
> > "bugbear". To check for this and
> > to remedy it is easy. The virus is called jdbgmgr.exe is not detected by
> > Norton or McAfee
> > anti-virus systems. The virus sits dormant for 14 days before damaging
> > the systems. It's sent
> > automatically by messenger and by the address book whether or not you
> > sent e-mails to your
> > contacts.
> >
> > I found it on my hard-drive, and checked a "Virus Hoax" site to see that
> > it wasn't bogus.
> >
> > Here is how to check for the virus and to get rid of it.
> >
> > Go to Start, click on Find or Search option.
> > In the Files/Folders option, type the name jdbgmgr.exe
> > Be sure to search your C:\ drive and any others you use
> > Click on "Find Now"
> > The virus has a teddy bear icon with the name jdbgmgr.exe
> > DO NOT OPEN IT
> > Go to the file and select  "delete". It will then go to the recycle bin.
> > Go to the Recycle Bin and delete it there as well.
> >
> > If you find this virus you must contact all the people in your address
> > book so they can also
> > eradicate it in their address books.
> >
> > To unsubscribe from CANCHID send: unsubscribe CANCHID to: [log in to unmask]  -  for
> help see <a href='http://listserv.yorku.ca'>http://listserv.yorku.ca</a>
> >
>         ___________________________________________
> Interagency Coalition on AIDS and Development (ICAD)
> Coalition interagence sida et développement (CISD)
> 1 rue Nicholas Street, Suite 726 Ottawa Ontario, Canada, K1N 7B7
> Telephone/Fax: (613) 233-7440
>
> To unsubscribe from CANCHID send: unsubscribe CANCHID to: [log in to unmask]  -  for help see http://listserv.yorku.ca
>

 =======================================================================
Nicholas Birkett, M.D., M.Sc.
Epidemiology and Community Medicine
University of Ottawa                        [log in to unmask]
451 Smyth Rd.,                              (613)-562-5800 x 8289 (voice)
Ottawa, Ontario,                            (613)-562-5465          (fax)
Canada.   K1H 8M5
 ========================================================================

To unsubscribe from CANCHID send: unsubscribe CANCHID to: [log in to unmask]  -  for help see http://listserv.yorku.ca

ATOM RSS1 RSS2

LISTSERV.YORKU.CA