Linfield College

Navigation

Integrated Technology Services

Linfield Home » Arts & Sciences » ... » ITS Help Desk » Security & Viruses » Virus Information

Virus Information

Not sure what kind of virus you have or what to do with it? Search Symantec's Virus Dictionary or McAfee's Virus Dictionary.

Information on Virus Hoaxes:

Information on Misc. Deceptive Software

Symantec virus hoax page
McAfee virus hoax page

Microsoft Spyware Information

Linfield has in place antiviral protection on its email system. This software will warn the receiver of the presence of a virus, advise them of procedures to remedy the problem and disinfect the message. Linfield's virus protection covers users with Linfield email accounts (Outlook and WebMail). There is no virus protection for those using an external email system (i.e. Hotmail, Yahoo, MSN, etc.) except for personal anti-virus software downloaded to your local computer.

Recently, viruses have starting using the network and open ports to directly infect computers. Consequently the spread is very rapid. In response to this, ITS re-evaluated the virus defense strategy and devised improvements.

The ITS Department strongly supports anti-virus protection at the personal user level. Virus protection will be installed on Linfield faculty, staff, and lab computers by the ITS department.

Virus Warnings

Most emailings that are propagated for the purpose of warning people about potential catastrophic viruses are hoaxes. These hoax emails can sometimes be as bad as an actual virus, taking up valuable email server space and causing undo stress. Don’t forward any email you are unsure of.

KLEZ

Two of the 120 possible subject lines are "returned mail" and "undeliverable mail" sometimes leading the recipient to believe the attachment is returned email when it is actually the virus. The virus also tries to make the recipient believe it is a patch or virus removal tool. No reputable organization will send such a program via unsolicited email.

Information

The Klez virus infects computers in three major ways:

  1. If you click an attachment in a message sent by the virus and your anti-virus software is not up to date. * Treat email attachments and other unknown software with care * Keep your anti-virus software up to date
  2. If you read an infected email message using Outlook or Outlook Express and you are running an out of date copy of Internet Explorer. You do not have to click anything to get infected if Internet Explorer is out of date. * Keep your operating software up to date . * In particular, make sure Internet Explorer is up to date.
  3. If you share writeable Windows folders, Klez will find them and drop infected files into your computer. If you click on an infected file in a Windows share, someone else's or your own, and you're running out of date anti-virus software, you'll get infected.

Prevention
* Nullify unneeded risk by neither providing nor using shares that are writeable by anonymous persons (or viruses).
* Treat email attachments and other unknown software with care
* Keep your anti-virus software up to date

To remove the virus, visit your antivirus software's website and download the tool they post to work with their software. (ex: symantec.com for Norton Antivirus)

Nimda

Removal Antivirus software companies are still analyzing this worm and are in the process of updating their signature files to include Nimda. For more information on removing Nimda from your system, see McAfee, Sophos, and Symantec.

Prevention
Follow these steps to contain this worm:

  1. Windows PC users: If you haven't already installed it, download the Outlook 98 Security Patch or the Outlook 2000 Security Patch. Please note that these patches do not include Outlook Express.
  2. Don't open attachments! One of the best ways to prevent virus infections is not to open attachments, especially when viruses such as this one are actively circulating. Even if the e-mail message is from a known source, be careful. A few viruses take mailing lists from an infected computer and send out new messages with its destructive payload attached. Always scan any attached files for viruses, and unless the attachment is a file or an image you are expecting, delete it.
  3. Stay informed. Did you know that there are virus and security alerts almost every day? Keep up-to-date on breaking viruses and solutions by checking your anti virus software page.
  4. Get protection. If you don't already have virus-protection software on your machine, you should. If you're a home or individual user, it's as easy as downloading any of these top-rated programs and following the installation instructions. If you're on a network, check with your network administrator first.
  5. Scan your system regularly. If you're loading anti virus software for the first time, let it scan your entire system. It's better to start with your PC clean and free of virus problems. Many anti virus programs can be set to scan on periodically or each time the computer is rebooted. Some will scan in the background while you are connected to the Internet. Make it a regular habit to scan for viruses.
  6. Update your anti virus software. Now that you have virus protection software installed, make sure it's up-to-date. Some anti virus protection programs have a feature that will automatically link to the Internet and add virus detection code whenever the software vendor discovers a new threat. You can also scan your system for the latest security updates.

jdbgmgr.exe "virus"

This is a hoax that tries to persuade you to delete a legitimate Windows file from your computer. The file that the hoax refers to, Jdbgmgr.exe, is a Java Debugger Manager. It is a Microsoft file that is installed when you install Windows.

If you have already deleted the Jdbgmgr.exe file, some Java applets may not run correctly. This is not a critical system file. The file version may vary with your operating system and version of Internet Explorer. However, if you notice certain web pages acting strange, you can download a new version of Java Virtual Machine.