Re: jdbg.exe- virus or not?
From: Sadie (anonymous_at_discussions.microsoft.com)
Date: 05/16/04
- Next message: Sadie: "RE: Should I disable port 137?"
- Previous message: Sadie: "Sasser question"
- In reply to: Trafton: "Re: jdbg.exe- virus or not?"
- Next in thread: Trafton: "Re: jdbg.exe- virus or not?"
- Reply: Trafton: "Re: jdbg.exe- virus or not?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 16 May 2004 12:42:26 -0700
Thanks for the info,Trafton.I'm slowly reading up on all
the 90 thousand plus...I get ever so mixed up at times.
I'd actually read about Magistr.-it frightened the life
out of me.
That's the one written entirely in basic assembly
language,isn't it?
Did they ever catch who wrote it?I always thought perhaps
he was a disgruntled Lawyer....
Boy,are we in trouble if he ever decides to go P2P!
Sadie
>-----Original Message-----
>It's actually not even a matter of time at all.
W32/Magistr.B-mm used
>Jdbmgr.exe as one of its file names while mass-mailing,
and the following
>other worms have also used it:
>
>Backdoor/Omed.B
>Troj/Poldo
>VBS/Slip-mm
>W32/Dormin-mm
>W32/Efortune.31384-mm
>W32/Naco-mm
>W32/Naco.B-mm
>W32/Naco.C-mm
>W32/Naco.D-mm
>W32/Recory-mm
>
>Fortunately, of these all, only Magistr.B ever became
very common (a few
>variants of Naco and Efortune found their ways into the
wild in small
>amounts.)
>
>This is why it is important to note that if Jdbmgr.exe
is on your hard
>drive, it is probably OK. However, if it is coming in
from an email, serious
>warning bells should be set off.
>
>Sincerely,
>Benjamin "Trafton" Johnstone-Anderson
>Microsoft MVP - Windows Security
>Remove "SPAM" from email address to reply!
>Security Manifest: www.msmvps.com/trafton/
>
>"Sadie" <anonymous@discussions.microsoft.com> wrote in
message
>news:dbc201c43b6d$e8899020$a001280a@phx.gbl...
>> Yes,but Fakemail,
>>
>> It's only a matter of time before someone takes
advantage
>> of the fact that everyone thinks "oh..not that old
>> chestnut" and actually DOES write a virus named
>> jdbgmgr.exe.
>>
>> It'll appear on hundreds of systems,and we'll be
>> saying:"Ah,forget it.It's the oldest hoax out".
>>
>> Sadie
>>>-----Original Message-----
>>>
>>><schismtp@hotmail.com> schreef in bericht
>>>news:d9f401c43b5d$72b8d690$a401280a@phx.gbl...
>>>> I recently got an e-mail from a reliable source (with
>>>> confirmation of it actually coming from that person)
>> that
>>>> stated that a file that may or may not be on my
>> computer
>>>> could contain a virus. THe host file name was
>>>> jdbgmgr.exe. Now I found two files of that name. In
>> the
>>>> message, the person stated that the virus had a Teddy
>>>> Bear icon, which I did find. My question is, is this
>> an
>>>> actual virus or someone playing a prank?
>>>> Thank you for any help.
>>>
>>>Do we keep te get this question forever?
>>>http://www.symantec.com/avcenter/hoax.html
>>>Look for the file in the list.
>>>
>>>
>>>.
>>>
>
>
>.
>
- Next message: Sadie: "RE: Should I disable port 137?"
- Previous message: Sadie: "Sasser question"
- In reply to: Trafton: "Re: jdbg.exe- virus or not?"
- Next in thread: Trafton: "Re: jdbg.exe- virus or not?"
- Reply: Trafton: "Re: jdbg.exe- virus or not?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
