I don't usually do bulletins about viruses, but this one is particularly annoying and seems to continue to show up amongst my client base. It is known as the Teddy Bear virus. The reason it's such a pain is that the whole thing is a hoax, designed to convince you to delete a perfectly valid Windows file!
That's right, some jerk noticed that Microsoft had used a Teddy Bear for an icon for one of its Windows files. Figuring that no one would believe that Microsoft would do that, this jerk took advantage of that and started a hoax around it. At the bottom of this bulletin is the text of the hoax message you receive. It sounds convincing. My hope is that if you have read about it now, when your time comes you will remember, and not fall for the trick.
About the hoax -
The hoax tells you that you have been the victim of a virus, sent inadvertently from a friend to infect your computer. Why hasn't it messed up your computer? Well, the email reads, it has a time delay! Act fast and you can get rid if it before it ruins your system!
The way you "prove" that you are infected is by looking to see if you have a file on your system with a Teddy Bear for an icon, called "jdbgmgr.exe". Sure enough, you look and there it is! The author goes on to tell you that none of the anti-virus programs will detect this problem and that it's up to you to notify everyone on your email list to delete the file BEFORE it does any damage.
It's all baloney -
None of it is true. If you stop right now, there's nothing to fix.
What it tells you to do to remove the supposed threat IS the damage -
The hoax next tells you to do three things. First, notify your entire address book. Second, find the "jdbgmgr.exe" file and delete it. Lastly, delete it a second time from the recycle bin. This last step is designed to prevent you from restoring your perfectly good file from the recycle bin. NOW, you HAVE done some damage.
What to do if you fell for the hoax -
First, email everyone in your address book ASAP with your apology, telling them that it's a hoax. Include the following link in your email so they (and you) can read the instructions for getting the file back. Then, follow the instructions to restore the file to your own computer.
Sounds embarrassing and time consuming and really annoying, huh? The best thing is to remember the Teddy Bear and never fall for it in the first place!
The text of the hoax message follows -
(Your friend may have typed in a personal note to open the email.)
IMPORTANT FOR EVERYONE! PLEASE FOLLOW THE INSTRUCTIONS BELOW!
Please check and verify if you have this virus. It was sent to me (accidentally) and it is said that it is passed on to everyone on my address list. It is very probable that you have it. If you do have it, contact all the people in YOUR ADDRESS BOOK because the program AUTOMATICALLY sends everyone in your address book a message with the virus.
The virus' name is jdbgmgr.exe and it is not detected with McAfee nor Norton. It remains in your computer's system for 14 days before it (possibly) erases all you files. To delete and eliminate it completely, please do the following immediately:
1. Go to START -- FIND --FILES OR FOLDERS
2. Under NAMED, type jdbgmgr.exe and click FIND NOW. Make sure you are looking under Drive (C)
******DO NOT CLICK ON IT IF IT APPEARS********
3. If the virus appears *(the icon next to it will be a small teddy bear), the name will be jdbgmgr.exe
4. *****DO NOT OPEN IT************ Just right click on it and DELETE it. it will be sent to the Recycle Bin.
5. After you see it disappear, go to the RECYCLE BIN and DELETE it from there as well. If at all possible, EMPTY the Recycle Bin under FILE.
If you find this virus in your system, please send this message to everyone in your address list ASAP.