Information on Virus Hoaxes:
Information on Misc. Deceptive Software
Linfield has in place antiviral protection on its email system. This
software will warn the receiver of the presence of a virus, advise them
of procedures to remedy the problem and disinfect the message. Linfield's
virus protection covers users with Linfield email accounts (Entourage,
Outlook, and WebMail). There is no virus protection for those using an
external email system (i.e. Hotmail, Yahoo, MSN, etc.) except for personal
anti-virus software downloaded to your local computer.
Recently viruses have starting using the network and open ports to directly infect computers. Consequently the spread is very rapid. This was apparent with the August 2003 assault by the MSBlaster and other viruses. In response to this, ITS re-evaluated the virus defense strategy and devised improvements.
With improved methods of gathering information from network traffic logs to identify pathological network traffic associated with infected computers there has recently been developed an automated system that requires computer owners to identify themselves and authenticate that they are members of the Linfield community by a registration process. This registration will enable ITS to quickly identify infected computers so that we can contain the spread by helping owners disinfect their computers.
ITS Department strongly supports anti-virus protection at the personal user level. With this in mind, McAffee desktop virus protection for student owned PC computers connected to the Linfield network, is available free of charge with the registering of computers for residential students on the Linfield campus. Virus protection will be installed on Linfield faculty, staff, and lab computers by the ITS department.
Most emailings that are propagated for the purpose of warning people about potential catastrophic viruses are hoaxes. These hoax emails can sometimes be as bad as an actual virus, taking up valuable email server space and causing undo stress. Don’t forward any email you are unsure of.
Two of the 120 possible subject lines are "returned mail" and "undeliverable
mail" sometimes leading the recipient to believe the attachment is returned
email when it is actually the virus. The virus also tries to make the
recipient believe it is a patch or virus removal tool. No reputable organization
will send such a program via unsolicited email.
The Klez virus infects computers in three major ways:
- If you click an attachment in a message sent by the virus and your anti-virus software is not up to date. * Treat email attachments and other unknown software with care * Keep your anti-virus software up to date
- If you read an infected email message using Outlook or Outlook Express and you are running an out of date copy of Internet Explorer. You do not have to click anything to get infected if Internet Explorer is out of date. * Keep your operating software up to date . * In particular, make sure Internet Explorer is up to date.
- If you share writeable Windows folders, Klez will find them and drop infected files into your computer. If you click on an infected file in a Windows share, someone else's or your own, and you're running out of date anti-virus software, you'll get infected.
* Nullify unneeded risk by neither providing nor using shares that are writeable by anonymous persons (or viruses).
* Treat email attachments and other unknown software with care
* Keep your anti-virus software up to date
To remove the virus, visit your antivirus software's website and download the tool they post to work with their software. (ex: symantec.com for Norton Antivirus)
Removal Antivirus software companies are still analyzing this worm and are in the process of updating their signature files to include Nimda. For more information on removing Nimda from your system, see McAfee, Sophos, and Symantec.
Follow these steps to contain this worm:
- Windows PC users: If you haven't already installed it, download the Outlook 98 Security Patch or the Outlook 2000 Security Patch. Please note that these patches do not include Outlook Express.
- Don't open attachments! One of the best ways to prevent virus infections is not to open attachments, especially when viruses such as this one are actively circulating. Even if the e-mail message is from a known source, be careful. A few viruses take mailing lists from an infected computer and send out new messages with its destructive payload attached. Always scan any attached files for viruses, and unless the attachment is a file or an image you are expecting, delete it.
- Stay informed. Did you know that there are virus and security alerts almost every day? Keep up-to-date on breaking viruses and solutions by checking your anti virus software page.
- Get protection. If you don't already have virus-protection software on your machine, you should. If you're a home or individual user, it's as easy as downloading any of these top-rated programs and following the installation instructions. If you're on a network, check with your network administrator first.
- Scan your system regularly. If you're loading anti virus software for the first time, let it scan your entire system. It's better to start with your PC clean and free of virus problems. Many anti virus programs can be set to scan on periodically or each time the computer is rebooted. Some will scan in the background while you are connected to the Internet. Make it a regular habit to scan for viruses.
- Update your anti virus software. Now that you have virus protection software installed, make sure it's up-to-date. Some anti virus protection programs have a feature that will automatically link to the Internet and add virus detection code whenever the software vendor discovers a new threat. You can also scan your system for the latest security updates.
This is a hoax that tries to persuade you to delete a legitimate Windows file from your computer. The file that the hoax refers to, Jdbgmgr.exe, is a Java Debugger Manager. It is a Microsoft file that is installed when you install Windows.
If you have already deleted the Jdbgmgr.exe file, some Java applets may not run correctly. This is not a critical system file. The file version may vary with your operating system and version of Internet Explorer. However, if you notice certain web pages acting strange, you can download a new version of Java Virtual Machine.