Bits & P.C.s: How to give a cat a colonic
By Richard Heller
Recently, I have been receiving notifications of a new virus that can probably be found on your computer. The named of the file is jdbgmgr.exe, and it just has to be infected because the file icon is of a teddy bear.
The only problem is, the file is a normal Windows file and some Java programs will not run correctly if the file is deleted.
Another virus that is probably on your computer is the file Sulfnbk.exe. This file is used by Windows to restore long filenames if they become corrupted.
Both of these viruses are hoaxes. According to Symantec, a hoax is Usually an e-mail that gets mailed in chain letter fashion describing some devastating highly unlikely type of virus. You can usually spot a hoax because theres no file attachment, no reference to a third party who can validate the claim and the general tone of the message.
The problem with a hoax is that eventually someone will get around to writing a virus or Trojan that will infect the file that is named in the hoax. People receive notification about the real virus and ignore it, thinking that it is still a hoax.
When you receive an e-mail telling you of a new virus, and the list of people who are also receiving the same e-mail looks like Santas gift list, you should be skeptical about the virus. Symantec offers a Virus Encyclopedia at http://securityresponse.symantec.com/avcenter/vinfodb.html that will give you information on any virus as soon as it is identified.
The information will include a list of the infected files, what the payload is, that is, what harms the virus will do to your computer, as well as instructions on how to remove the virus. Quite often, they will offer a free removal tool program to eliminate the infection. The other anti-virus companies also offer a similar reference base and removal tools.
Right now, the W32.Bugbear@mm virus is a major threat. It is a mass-mailing worm that can also spread through network shares. It has keystroke-logging and backdoor capabilities, and it also attempts to terminate the processes of various anti-virus and firewall programs.
The worm was discovered on September 30th and has gone from a category 2 to a category 4 virus in just two days. This means that the number of infections that have been reported is quite high and indicates how rapidly the infection is being spread. Symantec had a removal tool available on October 1st, the day after the virus was discovered.
I know that I stress the importance of an up-to-date anti-virus program quite often in this column. Many people believe that they are immune because they only use the Internet for e-mail. Guess what? You are the
people whom the hackers have targeted. The virus gets installed on your computer, and the next time that you send e-mail to your daughter, you send her the virus. Now her computer is infected, and she then sends it to
someone else. Please get an anti-virus program and keep it updated.
Richard Heller is an independent computer specialist who specializes in repairs, installation, upgrades, technical support, Internet sharing, data recovery and diagnostics. If you have any computer or service-related questions, please send them to The Rock River Times or e-mail firstname.lastname@example.org.