Sophos has received a large number of calls in recent weeks from
users concerned about a virus known as JDBGMGR or JDBGMGR.EXE.
There is a warning message being distributed around the net (in
various languages) telling users to search their hard drives for a
file called JDBGMGR.EXE. If they find it - the warning tells them -
delete it because it is infected by a virus which may trigger after
Sophos advises users to treat the warning with scepticism.
JDBGMGR.EXE is the Microsoft Debugger Registrar for Java and may
be present quite legitimately on many computers.
The confusion is compounded, however, by the W32/Magistr-A virus which is
capable of emailing infected copies of JDBGMGR.EXE to innocent
users. This is probably how the scare started. It should be noted
that Sophos Anti-Virus has been capable of detecting W32/Magistr-A
since March 2001.
Sophos offers users confused by the hoax warning and the virus,
the following advice:
- If you receive an unsolicited executable file in your email
(such as JDBGMGR.EXE), simply delete the email. You should never
launch or open unsolicited executable code on your computer.
- Existence of a file called JDBGMGR.EXE on your hard drive is
not evidence in itself of a virus infection. The best way to check
for a virus infection is with anti-virus software.
- Run a quality anti-virus product and keep it updated to protect
against the latest threats.
- Do not pass on virus warnings to all of your friends. Instead,
check the facts at an anti-virus website, or forward the warning to
the person in your company who is responsible for virus protection
so they can decide if it is valid.
- Consider adding Sophos's free
hoax information feed to your website and intranet to keep your
users informed about the latest virus hoaxes spreading across the