Truth About Computer Security Hysteria
CATEGORY: Myths & urban legends
(Not to be confused with the Honor System virus...)
A hysterical urban legend — nearly identical to the sulfnbk.exe mass hysteria of 2001. The JDBGMGR.EXE file is a legit Windows operating system file, just like sulfnbk.exe. Some rules of thumb:
JDBGMGR.EXE is a legit Windows operating system file, just like SULFNBK.EXE. Well-meaning users fall prey to False Authority Syndrome when they use their eyeballs to "detect" viruses.
This urban legend started in early April 2002 among Spanish-speaking computer users. The hysteria spilled over to the English-speaking community by mid-April 2002. Well-meaning users fall prey to False Authority Syndrome when they use their eyeballs to "detect" viruses.
- if you merely find JDBGMGR.EXE on your computer, then it's probably not infected; but
- if you receive JDBGMGR.EXE as an email attachment, then it probably is infected.
Vmyths surmises a clueless, well-meaning user (not a hoaxster) adapted an old sulfnbk.exe alert by simply changing one instruction to look for JDBGMGR.EXE.
All is not lost if you got duped and you self-damaged your PC. See the related links (below) for instructions to replace the file you deleted.
History suggests many clueless people will rewrite the alert in various forms & languages & dialects. Historically, users don't seem content to just forward the original warning if they think they "found" the virus on their own computer. Vmyths predicts this urban legend will someday turn into mass hysteria for the following reasons:
We also believe another set of reasons will contribute to the hysteria. Consider the following:
- The basic chain letter identifies an obscure file found on tens of millions of PCs — and it offers simple instructions on how to find the file in question.
- The file uses a teddy bear as its associated icon, giving the impression an immature hacker drew it.
- Gullible users will assume they found a dangerous virus — simply because they found a file on their PC. They will then fell victim to False Authority Syndrome when they rewrite the chain letter before sending it to their friends.
So you're staring at a file on your PC. It's JDBGMGR.EXE, just like your podiatrist's secretary warned. Your antivirus software says "no viruses found," but it said the same thing when Melissa & ILoveYou struck. What would you do in this situation? Vmyths believes gullible users will trust their eyeballs over their antivirus software.
- Antivirus software regularly fails to detect newly discovered viruses. Examples include Melissa, ExploreZip, MiniZip, BubbleBoy, ILoveYou, NewLove, KillerResume, Kournikova, and NakedWife.
- When antivirus software fails, it fails spectacularly. Examples include all the end-of-the-world stories about Melissa, ILoveYou, and Kournikova.
- Customers buy antivirus software knowing it will fail spectacularly.
Okay, let's say you deleted the file before you learned of this web page. How much self-inflicted damage did you bring on yourself? Vmyths posed this very question to Microsoft. Their answer:
How many more files can gullible users delete before they finally self-crash their own computers?
If a user has Visual J++ 1.x installed but JDBGMGR.EXE is missing, the net result would be that some Java programs wouldn't run. In all other cases, there would be no effect from deleting the file.
Microsoft's response raises two philosophical questions:
We repeat — the basic JDBGMGR.EXE alert shows the markers of an urban legend, not a "hoax." We've seen this type of mass hysteria before and we'll probably see it again.
- How many more files will gullible users delete before they finally self-crash their own computers?
- Will gullible people blame themselves for self-crashing their own computers?
Obtain expert virus advice directly from virus experts. Stay calm. Stay reasoned. And stay tuned to Vmyths.