Thursday, 5th May 2005Teddy Bear Virus Hoax (jdbgmgr.exe removal hoax)
Email hoax tricking users in to deleted a legitmate windows file ( jdbgmgr.exe ) by saying its a hoax
SORRY - but as you're on my address list this virus has probably forwarded itself on to you.
It is easily removed if you don't open the file (jdbgmgr.exe) It has a teddy bear icon and is not detectable by norton or mcafee.
First go to Start then the find or search option. In the files or folders option type jdbgmgr.exe. Search C drive and tick the 'include subfolders' and any other drives you may have. Click 'find now' - the virus has a grey teddy icon. DO NOT OPEN IT. Go to edit (on the menu bar) and 'select all'. Now go to file (on the menu bar) and DELETE. This will send it to the recycle bin so then go and delet or empty it there as well.
If you find the virus (as I did!) you must contact everyone in your address book and send them these instructions. ASAP.
Another common version of the teddy bear hoax:
I received this message below and DID have the jdbgm virus file in my C drive, I followed the instructions below and deleted it. I suggest you also check by following the instructions below. Kindest regards, [Removed]
To all parties in our address book:
We received this message from someone else today...
On January 15th or there about we received a virus that automatically is past through e-mail address books. We found it in our c-drive. Since you are in our address book, you will probably find it in your computer too. The virus called jdbe.exe is not detected by Norton or McAfee anti-virus systems. The virus sits quietly for 14 days before damaging the system. It is sent automatically by "messenger" and by address book whether or not you sent e-mail to your contacts. Here is how to check for the virus and how to get rid of it.
PLEASE DO THE FOLLOWING ASAP:
1 Go to the Start, then click your "find" or "search" option.
2. In the folder option, type the name jdbgm
3. Be sure to search your C drive (this is where I found it) and all the sub folders and other drives you may have
4. Click "find now"
5. the virus has a teddy bear icon! with the name jdbgmgr.exe. DO NOT OPEN IT!
6. Go to Edit (on the menu bar) and choose "select all" to highlight the file without opening it.
7. Now go to the File (on your menu bar) and select delete. The virus will then go to the recycle bin.
*** If you find the virus, you must contact all the people in your address book so that they may eradicate the virus from their own address books
To do this:
1. Open a new e-mail message
2. Click the icon address book (contacts) next to "To"
3. Highlight every name and add to "BCC"
4. Copy the message and paste to e-mail
SORRY ABOUT THIS
How to Restore the File Once Deleted
Windows XP
1) Click START - RUN, type MSCONFIG and hit ENTER
2) Click the Expand File... button
3) In the "File to restore" field, type %WinDir%\SYSTEM32\JDBGMGR.EXE and hit ENTER
4) In the RESTORE FROM field, type in the path to your WINDOWS CAB files. This may vary from machine to machine. It may be on a local drive, network drive, or CD-ROM
(ie. C:\WINDOWS\OPTIONS\INSTALL)
5) In the Save File in field, type in %WinDir%\SYSTEM32.
6) Click OK and continue with the restore function
Windows 2000
1) Click START - RUN, type expand d:\i386\jdbgmgr.ex_ %windir%\system32 and hit ENTER
Note: this assumes that D: is your CD-ROM drive, and that you have the Windows2000 CD-ROM in the drive. If this is not the case, d:\i386 should be replaced with the path to your i386 directory.
Windows ME
1) Click START - RUN, type MSCONFIG and hit ENTER
2) Click the Extract Files button
3) In the "Specify the system file you would like to restore" field, type C:\WINDOWS\SYSTEM\JDBGMGR.EXE and hit ENTER
4) In the RESTORE FROM field, type in the path to your WINDOWS CAB files
(ie. C:\WINDOWS\OPTIONS\INSTALL)
5) Click OK and continue with the restore function
Windows 98
1) Click START - RUN, type SFC and hit ENTER
2) In the "Specify the system file you would like to restore" field, type C:\WINDOWS\SYSTEM\JDBGMGR.EXE and hit ENTER
3) In the RESTORE FROM field, type in the path to your WINDOWS CAB files
(ie. C:\WINDOWS\OPTIONS\CABS)
(ie. D:\WIN98 where D is the drive letter assigned to your CD-ROM)
4) Click OK and continue with the restore function