I have just been a victim of the virus "jdbgmgr.exe" hoax
which caused me to delete the jdbgmgr file and warn all people on my
addresss list to do the same ---only to be told by one of my addressees that
it was a hoax and refered me to a McAfee site which explained the hoax.
(Acopy of the e-mail message I received is given below in Appendix 1-
I received it from a friend who was also a victim)
I took the above action quickly to protect myself and my friends however I
feel that if I had understood a little more about the way files are handled
in the windows environment I would have had the confidence to to do some
investigation on the file in my computer before I reacted as I did.
Therefore I would be obliged if anyone would take time to answer in some detail
the following queries.
1. Is an infected file harmless until it is opened and therefore is
it safe to look at its "properties" ?
2. I assume that when I receive a file via the internet , whether it
be in an e-mail or a web page or whether it be the e-mail or the web page
itself , it initialy only resides in the active memmory but on shut down or
by my conscious action will be stored on the hard disc. Is this correct?
3 What is the difference between a file that is opened and one that
is not ?( I would have
thought that the actual data comprising the file is exactly the same.)
What happens to the file data when it is opened ?
How does "opening" allow the virus to become active?
Thanking you in anticipation
Appendix 1 Copy of text of message I received
I'm so sorry, but I've been infected by the Bugbear virus which is not
picked up by anti-virus systems. It sends itself to everyone in your
book and because I've been infected it's very likely that you will have
too. The instructions to delete the virus are below:
The virus (called jdbgmgr.exe) is not detected by Norton or McAfee
anti-virus systems. The virus sits quietly for 14 days before damaging
system. It is sent automatically by messenger and by the address book,
whether or not you sent e-mails to everyone.
YOU MUST DO THIS:
1. Go to Start, then Find or Search option.
2. In the files/folders option, write the name jdbgmgr.exe
3. Be sure you search your C drive and any other drives you may have.
4. Click "find now".
5. The virus has a teddy bear icon with the name jdbgmgr.exe DO NOT OPEN
6. Go to Edit. Choose "Select All" to highlight the file without opening
7. Now go to File and select Delete. It will then go into the recycle
8. Go to the recycle bin and delete it there as well. Select All,
permanently delete, etc.
IF YOU FIND THE VIRUS, YOU MUST CONTACT ALL THE PEOPLE IN YOUR ADDRESS
SO THEY CAN ERADICATE IT IN THEIR OWN ADDRESS BOOKS.