Jdbgmgr.exe virus hoax

Last updated

The jdbgmgr.exe virus hoax involved an e-mail spam in 2002 that advised computer users to delete a file named jdbgmgr.exe because it was a computer virus. jdbgmgr.exe, which had a little teddy bear like icon (The Microsoft Bear), was actually a valid Microsoft Windows file, the Debugger Registrar for Java (also known as Java DebugManager, hence jdbgmgr).

Contents

The email has taken many forms, including saying its purpose was to warn Hotmail users of a virus spreading via MSN Messenger, or to alert about a possible virus in the orkut web community. The message (to right) went on to say that it was not detected by McAfee or Norton AntiVirus, which was obviously true. A further variant related the file with the "Bugbear" virus, which was a genuine virus, prevalent at the time. [1] [2]

The effect of deleting the file was restricted to Java developers who used Microsoft Visual J++ v1.1. [1] It had little to no effect on most users because it was simply a developer tool.

Microsoft Bear


The icon for jdbgmgr.exe, Microsoft Bear, was the mascot for the Microsoft Windows 3.1 development team, alongside 16-bit Bunny and 32-bit Bunny, which represented the transition to 32-bit computing with the release of Windows 95.

The unusual icon was similar to that of some viruses at the time, such as Parrot, making the virus hoax more believable.

Microsoft Bear was featured in several easter eggs within Windows 3.1, including a hidden credits screen where the email addresses of the developers could be found. In 2002, Microsoft stopped including these easter eggs in their software as part of the Trustworthy Computing Initiative, due to the risk of exploits and security flaws that could be introduced by these features which most users were unaware of.

See also

Related Research Articles

VBScript is a deprecated Active Scripting language developed by Microsoft that is modeled on Visual Basic. It allows Microsoft Windows system administrators to generate powerful tools for managing computers without error handling and with subroutines and other advanced programming constructs. It can give the user complete control over many aspects of their computing environment.

<span class="mw-page-title-main">Windows API</span> Microsofts core set of application programming interfaces on Windows

The Windows API, informally WinAPI, is the foundational application programming interface (API) that allows a computer program to access the features of the Microsoft Windows operating system in which the program is running.

A filename extension, file name extension or file extension is a suffix to the name of a computer file. The extension indicates a characteristic of the file contents or its intended use. A filename extension is typically delimited from the rest of the filename with a period, but in some systems it is separated with spaces.

NTLDR is the boot loader for all releases of Windows NT operating system from 1993 with the release of Windows NT 3.1 up until Windows XP and Windows Server 2003. From Windows Vista onwards it was replaced by the BOOTMGR bootloader. NTLDR is typically run from the primary storage device, but it can also run from portable storage devices such as a CD-ROM, USB flash drive, or floppy disk. NTLDR can also load a non NT-based operating system given the appropriate boot sector in a file.

<span class="mw-page-title-main">Windows Registry</span> Database for Microsoft Windows

The Windows Registry is a hierarchical database that stores low-level settings for the Microsoft Windows operating system and for applications that opt to use the registry. The kernel, device drivers, services, Security Accounts Manager, and user interfaces can all use the registry. The registry also allows access to counters for profiling system performance.

SULFNBK.EXE is an internal component of the Microsoft Windows operating system for restoring long file names.

<span class="mw-page-title-main">Windows File Manager</span> File manager bundled with Microsoft Windows in the 1990s

File Manager is a file manager program bundled with releases of OS/2 and Microsoft Windows between 1988 and 1999 and available from 6 April 2018 as an optional download for all modern releases of Windows, including Windows 10.

In computing, SUBST is a command on the DOS, IBM OS/2, Microsoft Windows and ReactOS operating systems used for substituting paths on physical and logical drives as virtual drives.

As the next version of Windows NT after Windows 2000, as well as the successor to Windows Me, Windows XP introduced many new features but it also removed some others.

The Vundo Trojan is either a Trojan horse or a computer worm that is known to cause popups and advertising for rogue antispyware programs, and sporadically other misbehavior including performance degradation and denial of service with some websites including Google and Facebook. It also is used to deliver other malware to its host computers. Later versions include rootkits and ransomware.

<span class="mw-page-title-main">Debug (command)</span> Line-oriented debug utility in DOS

The line-oriented debugger DEBUG.EXE is an external command in operating systems such as DOS, OS/2 and Windows.

<span class="mw-page-title-main">Task Manager (Windows)</span> Task manager application included with the Windows NT family of operating systems

Task Manager, previously known as Windows Task Manager, is a task manager, system monitor, and startup manager included with Microsoft Windows systems. It provides information about computer performance and running software, including name of running processes, CPU and GPU load, commit charge, I/O details, logged-in users, and Windows services. Task Manager can also be used to set process priorities, processor affinity, start and stop services, and forcibly terminate processes.

<span class="mw-page-title-main">Virus hoax</span> Message warning of a non-existent computer virus

A computer virus hoax is a message warning the recipients of a non-existent computer virus threat. The message is usually a chain e-mail that tells the recipients to forward it to everyone they know, but it can also be in the form of a pop-up window.

W32.Navidad is a mass-mailing worm program or virus, discovered in December 2000 that ran on Windows 95, Windows 98, Windows NT, and Windows 2000 systems. It was designed to spread through email clients such as Microsoft Outlook while masquerading as an executable electronic Christmas card. Infected computers can be identified by blue eye icons which appear in the Windows system tray.

<span class="mw-page-title-main">Windows 1.0</span> First major release of Microsoft Windows

Windows 1.0 is the first major release of Microsoft Windows, a family of graphical operating systems for personal computers developed by Microsoft. It was first released to manufacturing in the United States on November 20, 1985, while the European version was released as Windows 1.02 in May 1986.

The Pikachu virus, also referred to as Pokey or the Pokémon virus, was a computer worm believed to be the first malware geared at children, due to its incorporation of Pikachu, a creature from the Pokémon media franchise. It was considered similar to the Love Bug, albeit slower in its spread and less dangerous.

The Fun.Exe virus is of the w32.Assarm family of computer viruses. According to Symantec it registers itself as a Windows system process then periodically sends mail with spreading attachments as a response to any unopened emails in Outlook Express. This virus first appeared in early 2008 and is now recognized by most anti virus programs.

Swen is a mass mailing computer worm written in C++. It sends an email which contains the installer for the virus, disguised as a Microsoft Windows update, although it also works on P2P filesharing networks, IRC and newsgroups' websites. It was first analyzed on September 18, 2003, however, it might have infected computers before then. It disables firewalls and antivirus programs.

References

  1. 1 2 "F-Secure Hoax Information Pages: jdbgmgr.exe virus hoax". Archived from the original on March 5, 2009. Retrieved 2008-09-11.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  2. Robert Vamosi. "Bugbear.b is on the prowl". CNET. Archived from the original on 2005-03-30. Retrieved 2018-08-17.