Security > Viruses, Spyware & Malware
Using Your Computer > Safe & Responsible Computer Use

Virus Hoax Alert

By Lasa Information Systems Team

Virus hoaxes can cause mayhem and confusion. They often encourage recipients to delete important system files. This article gives examples of past hoaxes and tips on how to spot hoaxes so you can avoid spreading them.

Does any of this sound familiar?

Subject: Virus detected - instructions to delete it from your computer.

I found the little bear in my machine because of that I am sending this message in order for you to find it in your machine.

The procedure is very simple: The objective of this e-mail is to warn all Hotmail users about a new virus that is spreading by MSN Messenger. The name of this virus is jdbgmgr.exe and it is sent automatically by the Messenger and by the address book too. The virus is not detected by McAfee or Norton and it stays quiet for 14 days before damaging the system. The virus can be cleaned before it deletes the files from your system. In order to eliminate it, it is just necessary to do the following steps:

1. Go to Start, click "Search"
2. In the "Files or Folders option" write the name jdbgmgr.exe
3. Be sure that you are searching in the drive "C"
4. Click "find now"
5. If the virus is there (it has a little bear-like icon with the name of jdbgmgr.exe)
DO NOT OPEN IT FOR ANY REASON
6. Right click and delete it (it will go to the Recycle bin)
7. Go to the recycle bin and delete it or empty the recycle bin. IF YOU FIND THE VIRUS IN ALL OF YOUR SYSTEMS SEND THIS MESSAGE TO ALL OF YOUR CONTACTS LOCATED IN YOUR ADDRESS BOOK BEFORE IT CAN CAUSE ANY DAMAGE.

If you've received a message like this, relax - IT'S A HOAX!

The JDBGMGR.EXE hoax is one of the more recent email hoaxes and has been circulating since around April 2002.

There have been many other similar hoaxes including SULFNBK.EXE in 2001, the Budweiser Frogs screensaver (aka BUDSAVER.EXE) circulating since at least 1999 (with variations as recently as 2005), and BUDDYLST.ZIP in 1998.

This type of hoax, really a variation on the old chain letter, is recognised as being as disruptive as real viruses. Hoax virus emails spread rapidly, causing alarm and confusion as they go, and may even cause loss of data if anyone is panicked into over-reacting.

For example both JDBGMGR.EXE and SULFNBK.EXE are valid Windows system files which many people deleted as a result of email hoaxes. Like any file, JDBGMGR.EXE can become infected by a virus so if you receive it as an attachment to an email (rather than just an email telling you to delete it from your computer), don't open the attachment.

Virus Hoaxes - the signs

Virus hoaxes have a number of tell tale signs including:

• The email alert does not come directly from a reputable service provider or security company such as your Antivirus software vendor - but hoaxes will often refer to well known companies such as Hotmail, McAfee, Norton, Microsoft
• Wild claims about what damage the virus will do, often using technical-sounding language
• Use of overly emphatic language including use of UPPERCASE LETTERS AND LOTS OF EXCLAMATION MARKS!!!!!
• Grammatically incorrect language
• Claims that the message contains extremely important information without any reference to legitimate sources that can be checked
• Claims that the message is not a hoax
• The tone of the message is to try and convince you of the threat rather than inform you
• Recipients are urged to forward the email alert to everyone they know - genuine virus alerts will not ask you to do this
• Giving a lot of detail about how to deal with the virus - a genuine alert will summarize the danger and link directly to more detailed information on a respected computer security website

What to do if you get a hoax email

If you get an email alerting you to a virus:

• Do check the website of a reputable Antivirus or computer security company such as McAfee, Symantec, Sophos, Panda software. All the main Antivirus software vendors have information about the latest viruses and virus hoaxes on their websites.
• Don't forward a copy to everyone you know - this merely spreads the hoax further

Another site worth checking include Snopes.com which has useful information on both real and hoax viruses. If you do fall victim to a hoax virus, one or more of the above sites may also have information about what to do (for example instructions on how to restore JDBGMGR.EXE if you deleted it).

Viruses are commonly spread by email and do present a real risk to data stored on computers, however e mail hoaxes can lead to a more cynical attitude toward computer viruses. The wide use of the Internet means that more data is being copied from one computer to another, and this increases the risk of virus infection. The only sensible precaution is to install reliable Antivirus software on all your machines and keep it up to date. You're living dangerously if you don't.