The Register® — Biting the hand that feeds IT

Feeds

Hoax virus alert could cripple Windows Java

'jdbgmgr.exe' causing net confusion

By John Leyden, 15th May 2002
  • print
  • alert

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

Antivirus experts are warning of a hoax virus alert which might trick users into deleting an important file on their Windows machines.

The fake warning tells users to search their hard drives and delete a file called jdbgmgr.exe, a filename used by Microsoft's Debugger Registrar for Java, which may be present quite legitimately on many computers.

But the Magistr-A virus is capable of sending infected copies of jdbgmgr.exe, and this seems to have spawned the misplaced warning, which is gaining ground.

Deleting Microsoft's Debugger Registrar for Java may result in Java programmes failing to run after the user has deleted legitimate copies of jdbgmgr.exe.

Rob Rosenberger’s Virus Myths first reported on the jdbgmgr.exe hoax alert (which he says should more properly be called an urban myth) last month. Anti-virus vendor Sophos backed up his analysis today, by warning that it has "received enquiries from thousands of concerned computer users about the subject".

The rule of thumb here is if you find a copy of jdbgmgr.exe on your computer, then it's probably not infected; but if you receive jdbgmgr.exe as an email attachment, then it probably is infected. If you receive an unsolicited executable file in your email, delete the email.

One other source of reassurance is that most AV packages have been able to detect Magistr-A for over a year, so if your anti-virus software is up to date, you will be protected from the Magistr virus anyway.

The panic caused by messages about jdbgmgr.exe is similar in many ways to the sulfnbk.exe hoax alert last year, which like the latest panic is believed to have been caused by a clueless - but well-meaning - user.

Users should avoid passing on virus warnings to friends, instead checking out the facts on an anti-virus Web site (or Vmyths.com). Alternatively they could forward the warning whoever in their company is responsible for virus protection, so that they can decide if it is valid. ®

External Links

Analysis of Magistr-A
Vmyths.com

Related Stories

Joker demands $1 million over hoax virus alert
Hoax virus alert targets MP3
Hoax alert mimics real virus threat
Jungle falls for obvious virus hoax
Budweiser Frogs eat HSBC

Agentless Backup is Not a Myth

Send Corrections

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
135
breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
60
Internet fraud still stings suckers
Australians twice as gullible as Americans
36
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
breaking news
Yahoo! joins! rivals! in! PRISM! data! request! admission!
Keep calm and carry on using American tech firms, folks
41
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17