Virus HOAX

From: Doc Scheffler (roughdoc@earthlink.net)
Date: Wed May 15 2002 - 17:12:00 PDT


This is one of those virus hoax. You won't destroy your system if you
delete the file, but you will disable your ability to read Java.

jdbgmgr.exe virus

(Not to be confused with the Honor System virus...)
A hysterical urban legend -- nearly identical to the sulfnbk.exe mass
hysteria of 2001. The JDBGMGR.EXE file is a legit Windows operating system
file, just like sulfnbk.exe. Some rules of thumb: JDBGMGR.EXE is a legit
Windows operating system file, just like SULFNBK.EXE. Well-meaning users
fall prey to False Authority Syndrome when they use their eyeballs to
"detect" viruses.

if you merely find JDBGMGR.EXE on your computer, then it's probably not
infected; but
if you receive JDBGMGR.EXE as an email attachment, then it probably is
infected.
This urban legend started in early April 2002 among Spanish-speaking
computer users. The hysteria spilled over to the English-speaking community
by mid-April 2002. Well-meaning users fall prey to False Authority Syndrome
when they use their eyeballs to "detect" viruses.

Vmyths surmises a clueless, well-meaning user (not a hoaxster) adapted an
old sulfnbk.exe alert by simply changing one instruction to look for
JDBGMGR.EXE.

History suggests many clueless people will rewrite the alert in various
forms & languages & dialects. Historically, users don't seem content to
just forward the original warning if they think they "found" the virus on
their own computer. Vmyths predicts this urban legend will someday turn
into mass hysteria for the following reasons:

The basic chain letter identifies an obscure file found on tens of millions
of PCs -- and it offers simple instructions on how to find the file in
question.

The file uses a teddy bear as its associated icon, giving the impression an
immature hacker drew it.
Gullible users will assume they found a dangerous virus -- simply because
they found a file on their PC. They will then fell victim to False
Authority Syndrome when they rewrite the chain letter before sending it to
their friends.
We also believe another set of reasons will contribute to the hysteria.
Consider the following:
Antivirus software regularly fails to detect newly discovered viruses.
Examples include Melissa, ExploreZip, MiniZip, BubbleBoy, ILoveYou,
NewLove, KillerResume, Kournikova, and NakedWife.

When antivirus software fails, it fails spectacularly. Examples include all
the end-of-the-world stories about Melissa, ILoveYou, and Kournikova.

Customers buy antivirus software knowing it will fail spectacularly.

So you're staring at a file on your PC. It's JDBGMGR.EXE, just like your
podiatrist's secretary warned. Your antivirus software says "no viruses
found," but it said the same thing when Melissa & ILoveYou struck. What
would you do in this situation? Vmyths believes gullible users will trust
their eyeballs over their antivirus software.
How many more files can gullible users delete before they finally
self-crash their own computers?
Okay, let's say you deleted the file before you learned of this web page.
How much self-inflicted damage did you bring on yourself? Vmyths posed this
very question to Microsoft. Their answer:

If a user has Visual J++ 1.x installed but JDBGMGR.EXE is missing, the net
result would be that some Java programs wouldn't run. In all other cases,
there would be no effect from deleting the file.
Microsoft's response raises two philosophical questions:
How many more files will gullible users delete before they finally
self-crash their own computers?
Will gullible people blame themselves for self-crashing their own
computers?
We repeat -- the basic JDBGMGR.EXE alert shows the markers of an urban
legend, not a "hoax." We've seen this type of mass hysteria before and
we'll probably see it again.
Obtain expert virus advice directly from virus experts. Stay calm. Stay
reasoned. And stay tuned to Vmyths.

--04/23/02

Related Links

McAfee dispels jdbgmgr virus alert
Symantec dispels jdbgmgr virus alert
About.com dispels jdbgmgr virus alert

McAfee AVERT Labs would like to inform you of a new email HOAX.

This email message is just a HOAX. Although, the JDBGMGR.EXE file may
become infected by a number of valid viruses (most commonly
W32/Magistr@MM), the details of this HOAX message are not based on actual
events.

We are advising users who receive the email to delete the message and DO
NOT pass it on as this is how an email HOAX propagates.

JDBGMGR.EXE is the Microsoft Debugger Registrar for Java.
It uses this icon:

 

--- Doc Scheffler
--- roughdoc@earthlink.net
--- EarthLink: The #1 provider of the Real Internet.



This archive was generated by hypermail 2.1.4 : Fri Aug 16 2002 - 11:21:05 PDT