Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

Jump To: Example    Detailed Analysis   Comments   References

Teddy Bear Virus Hoax - jdbgmgr.exe


Outline

Email warns that a file on your computer called jdbgmgr.exe is a virus and provides instructions on how to delete jdbgmgr.exe (Full commentary below).

Brief Analysis

False (jdbgmgr.exe is not a virus)

Example


SORRY - but as you're on my address list this virus has probably forwarded itself on to you.

It is easily removed if you don't open the file (jdbgmgr.exe) It has a teddy bear icon and is not detectable by norton or mcafee.

First go to Start then the find or search option. In the files or folders option type jdbgmgr.exe. Search C drive and tick the 'include subfolders' and any other drives you may have. Click 'find now' - the virus has a grey teddy icon. DO NOT OPEN IT. Go to edit (on the menu bar) and 'select all'. Now go to file (on the menu bar) and DELETE. This will send it to the recycle bin so then go and delet or empty it there as well.

If you find the virus (as I did!) you must contact everyone in your address book and send them these instructions. ASAP.


Detailed Analysis

The so-called "Teddy Bear" virus hoax is not one of the latest email hoaxes but, as email hoaxes go, this one is proving to be quite resilient. It regularly pops up on forums and news groups and still finds its way to my inbox. Unfortunately, this one is a little more harmful than your average email hoax in that it can trick unwary computer users into deleting "jdbgmgr.exe", a legitimate Windows file. One of the reasons that this email hoax has been so successfully is that the file in question (jdbgmgr.exe) really does have a cute little teddy bear icon. Such an icon may look out of place for a Windows file, so people are perhaps that little bit more willing to believe the warning in the email. Of course, if nothing else, the teddy bear icon proves that computer programmers actually do have a sense of humor (grin).

jdbgmgr.exe Icon
Teddy bear icon for jdbgmgr.exe

Luckily, deleting jdbgmgr.exe will not cause problems for the average end user. The file is the Microsoft Debugger Registrar for Java, which is used only by Microsoft Visual J++ 1.1 developers. However, email hoaxes like this and the sulfnbk.exe email hoax set up a dangerous precedent. Given the amount of computer users that have already deleted "jdbgmgr.exe", an email hoax that advised people to delete a crucial Windows file could cause as much damage as a real virus.

An important rule of thumb here is to never delete a file on the strength of a forwarded email message alone. Always check the veracity of an email-borne virus warning by checking a legitimate Anti-Virus site even if the warning was sent to you by Uncle Boris who "knows all about computers".

If you have already deleted jdbgmgr.exe you can get detailed information by reading this Microsoft Knowledge Base article.

Another recent version of the hoax runs as follows:
I received this message below and DID have the jdbgm virus file in my C drive, I followed the instructions below and deleted it. I suggest you also check by following the instructions below. Kindest regards, [Removed]

To all parties in our address book:

We received this message from someone else today...

On January 15th or there about we received a virus that automatically is past through e-mail address books. We found it in our c-drive. Since you are in our address book, you will probably find it in your computer too. The virus called jdbe.exe is not detected by Norton or McAfee anti-virus systems. The virus sits quietly for 14 days before damaging the system. It is sent automatically by "messenger" and by address book whether or not you sent e-mail to your contacts. Here is how to check for the virus and how to get rid of it.

PLEASE DO THE FOLLOWING ASAP:

1 Go to the Start, then click your "find" or "search" option.
2. In the folder option, type the name jdbgm
3. Be sure to search your C drive (this is where I found it) and all the sub folders and other drives you may have
4. Click "find now"
5. the virus has a teddy bear icon! with the name jdbgmgr.exe. DO NOT OPEN IT!
6. Go to Edit (on the menu bar) and choose "select all" to highlight the file without opening it.
7. Now go to the File (on your menu bar) and select delete. The virus will then go to the recycle bin.
*** If you find the virus, you must contact all the people in your address book so that they may eradicate the virus from their own address books
To do this:
1. Open a new e-mail message
2. Click the icon address book (contacts) next to "To"
3. Highlight every name and add to "BCC"
4. Copy the message and paste to e-mail
SORRY ABOUT THIS


Write-up by Brett M. Christensen










Latest Hoax-Slayer Articles