JDBGMGR.EXE Virus Hoax      
Written by zhaotingting   
February 21, 2008 10:21

File with teddy bear icon wrongly accused

<p>How does an innocent file, jdbgmgr.exe, with a teddy bear icon end up accused of being a virus? JDBGMGR.EXE is suffering the same fate as its predecessor hoax victim, SULFNBK.EXE. In May 2001, the SULFNBK.EXE hoax caused thousands of gullible users to delete a perfectly legitimate system file. Now the same hoax is circulating, this time targeting the equally benign JDBGMGR.EXE.

As with the SULFNBK.EXE hoax, it is likely a result of confusion caused by the Magistr virus. While the hoax mail urges users to search for and delete the JDBGMGR.EXE file, in reality JDBGMGR.EXE should be on the system - it is a standard windows component included with Internet Explorer (at least as far back as version 3.02).

 

For those hapless folks who've deleted the file, there is good news. Unless you are a Java developer, the file is not essential to normal operation and its absence should not create any adverse affects. If you do encounter problems with Java applications, you will need to either contact the vendor of the application for a new copy of Microsoft Virtual Machine or you can download Sun Java Virtual Machine instead.

Unless you are a Windows XP user, Microsoft VM is no longer available directly from Microsoft (this is due to a licensing disagreement with Sun). XP users can obtain the Microsoft VM via XP's Service Pack 1 by visiting the Windows Update site. If you use XP and had already installed Service Pack 1 before deleting the file, the Windows Update site will no longer list SP1 for your system. You can obtain another copy of SP1 here.

The email hoax urging users to delete this necessary file may be preceded with the dire sounding "National Virus Alert". It may also make reference to a Teddy Bear icon, which is the standard icon for that file. Following is a sample of the original hoax:

    Hi, everybody:
    I just received a message today from one of my friends in my Address Book. Their Address Book had been infected by a virus and it was passed on to my computer. My Address Book, in turn, has been infected. The virus is called jdbgmgr.exe and it propagates automatically through Messenger and through the address book. The virus is not detected by McAfee or Norton and it stays dormant for 14 days before wipe out the whole system. It can be deleted before it erase your computer files. To delete it, you just have to do the following:

    1) Go to Start, click on "Find"

    2) At "files or folders" write the name jdbgmgr.exe

    3) Be sure to search drive "C"

    4) Click on "find now"

    5) If you find the virus (the icon is a little bear with the name jdbgmgr.exe) DO NOT OPEN IT FOR ANY REASON

    6) Right click on it and delete the file (it will go to the recycle bin)

    7) Go to the recycle bin and delete the file definitivelly or empty the recycle bin.

If you did fall victim to the hoax, you likely will not experience any ill effects as a result of the deleted file. However, you might not be as lucky when the next hoax rolls around, so be sure to check the facts before acting on unsolicited advice and warnings received via email.

The Hoax Encyclopedia provides descriptions of common hoaxes. If you've received something not listed there and want to verify its authenticity, post a message in the help forums for assistance.