Supposedly this is a virus/worm with trigger date of June 1, 2001 - deletes files and directories.
Anybody else heard of this? To me it seems to have all the classic signs of yet another hoax. .

This is the email I just received today (6/29/01) I read it found the SULFNBK file in my Win ME command folder. I did not delete it and because the date on the file was the same as all my other Win ME installation files I guessed it was a hoax. Thus, I did not email all in my address book about it. I send an inquiry to Norton as that is what I use for AV, but no answer as of this post. I am copying the email in full below just so you or others will get the "feel" of the message.
EMAIL I RECEIVED 6/29/01:

Subject: VIRUS!!!!!!!!!!!!!!!!!!!!!!!
Received the following from a friend. Please follow the directions to find
and delete the file. I did find this virus on my hard drive.

I have received this e-mail and have found the virus on three computers!

Virus software can not detect it. It will not become active until June
1, 2001, at that point it will become active and will be too late. It
wipes
out all files and folders on the hard drive. This virus travels through
e-mail and migrates to the C:\windows\command folder. To find it and
delete
it off your computer, do the following:

Go to the START button. Go to FIND or SEARCH Go to FILES & FOLDERS Make
sure
the find box is searching the C drive. Type in: SULFNBK.EXE Begin search.
If
it finds it, highlight it and press the Del key on your keyboard. Close the
find dialog box. open the Recycle Bin. Find the file and delete it from the
Recycle bin. You should be safe.

The bad part is: You need to contact everyone you have sent ANY e-mail to in
the past few months. I do not know how long this has been on our computers.

DO NOT RELY ON YOUR ANTI-VIRUS SOFTWARE. McAFEE NOR NORTON CAN DETECT IT
BECAUSE IT DOES NOT BECOME A VIRUS UNTIL JUNE 1ST. IT WILL BE TO LATE THEN.
WHATEVER YOU DO, DO NOT OPEN THE FILE!!!

Ya, I got one of these today, as well! IT IS A HOAX.

The details on this hoax can be found at http://www.sarc.com/avcenter/venc/data/sulfnbk.exe.warning.html

Go to http://www.sarc.com/avcenter/hoax.html to search for virus hoaxes.

Man, was the guy who sent me the message ever pi$$ed when I told him he was full of s##t! I forwarded a copy of his reply to his postmaster :D

Relax, it's a hoax!

Info here: http://vil.nai.com/vil/virusSummary.asp?virus_k=99084

What concerns me is some jerk could write a REAL virus and embed it into the sulfbnk.exe file. Then just when everyone believes it to be a hoax - bam! You get hit with the real thing.

Only if you're foolish enough to open the file that comes in via email. Otherwise it can't infect you. This is common sense we're talking about here, but then again, my grandfather says that common sense isn't that common.

Let's put it this way: if you got a strange ticking package in the mail from somebody you didn't know, would you open it? Now you'll be paranoid everytime you open your mailbox :D

LOL


If/when I become that paranoid, I will have to install some type of x-ray device in my mailbox / porch.

Right on. I'm with you. My Norton's has saved me several times. I don't open file attachments I am not expecting. I have one friend who emails those FWD attachments (dumb joke stuff) all the time. My Norton scans my email and alerted me a dozen times (Win95MTX stuff) I kept telling him he was transmitting this virus (he uses no AV) and he got super mad at me for months. After months of no email from him (and we were friends of 30 years duration) he suddenly started forwarding me again yesterday and today. Sure enough Norton flagged and sirens, bells, whistles and flares went up again from this one guy's email. I would block him, but I want some of his emails. I was just flabbergasted when he got teed off at me for trying to warn him. I even offered to clean his machine and set him up with Norton ot McAffee or anything. Burns my butt that he wouldn't let me and who knows how many people he infects who may have no AV protection. That is probably why I was sensitive to the email about sulfnbk I received today. At least I was able quarantine and delete the bigs that was sent me. What some people do to save $25.00 a year for protection!

Rule of thumb:

If it does not come from SARC (Norton) or AVERT (McAfee) it a dang HOAX!!!

I can't tell you how many of these things I get at the support center I work at. Everyone just believes them as much as the stories about the little kid in Uzbeckistanislovokiaplex that has no arms, legs and head but needs this chain letter forwarded to everyone on the planet as Microsoft is giving away 5 billion dollars per e-mail that it tracks through a special e-mail tracker they just developed and have sent out in this e-mail embedded in a way that does not attach anything or change the size of the e-mail in any way and by the way there is a spider on your shoulder. Sorry about the rant, but I have never understood how anyone believes this stuff. It's well intended that it is passed on but it would be one of the next best ways of transfering a virus with a future time payload to users without them knowing.

Don't believe anything unless it comes from a service that you have subscribed to. Ever.

The biggest tip off is if the alert is filled with exclamation points and is urging you to pass it on to everyone you know, then you know it's a hoax. Which brings up the next question...is the hoax truly a virus since it makes us alter our behavior pattern by mass forwarding and sucking up all the bandwidth...or does it need to be malicious code that alters the computers behavior?
Bah....

It damn well has to be a hoax - U wont catch me falling for a warning worded like the LOL.

Also - my email clent is set up to delete anything with fw: FWD: or similar in front of it....

Also i NEVER forward things, except funny stuf to my brother/friends, never warnings...

Whoever send these things on are real morons..

Burn.

The surest sign of a hoax is somebody who quotes AOL as being an authority on viruses!

I agree, AOL an authority - yeah right

I had so many people at work e-mail me and say is this a virus??

I try and send people a message everytime a ral virus comes out and when advertise the followign web site for HOAXs
http://www.symantec.com/avcenter/vinfodb.html

Excellent reference point..

I have had so many people send me e-mail on this, I have lost count. Excuse me while I scream: <IMG SRC="smilies/mad.gif" border="0"> <IMG SRC="smilies/mad.gif" border="0"> <IMG SRC="smilies/mad.gif" border="0"> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAARRRRRRRRRRRRRGGGGGGGGGGGHHHHHHHH! <IMG SRC="smilies/mad.gif" border="0"> <IMG SRC="smilies/mad.gif" border="0"> <IMG SRC="smilies/mad.gif" border="0">

Ahhhhh, much better! <IMG SRC="smilies/smile.gif" border="0">

I wouldn't count it out yet though.
http://www.theregister.co.uk/content/8/19310.html

Looks like this is a misinterpreted warning that could actually be true (although a good AV scanner would pick up the cirus in question).

i've had two people call today that had deleted their SULFNBK

some people are so gullible

it would be better if it said to delete all the .com files in the root directory

I spent much of yesterday walking people through reinstalling the file. Phone and ICQ went crazy!

Now that it has past us let's try this to keep us in the right frame of mind. Use AOL for two months. Yep, 2 months. Why? That way you will, by that time, have gotten enough buddies that are only on AOL to add you to their lists so that you will see a couple hoaxes a week by the end of your trial period. Oh yeah, try it for one month and then call to cancel. AOL many times gives you another month to hook you in. Really. I used to use AOL, until 5 years ago. AOL probably hasn't changed that much since then. So, after two months you will start to see where some of these hoaxes get their steam from and get an idea of the "average" user that you don't get calls from on a (fill in your fovorite) basis. Slashdotters may joke that MS is like the borg, but they are the technicly advanced faction of the borg, AOL's borg faction is populated by more than techies. Resistance is futile...... uh, not accepting them is futile.....yeh, that's it.

Originally posted by xPoseidonx:
<STRONG>What concerns me is some jerk could write a REAL virus and embed it into the sulfbnk.exe file. Then just when everyone believes it to be a hoax - bam! You get hit with the real thing.</STRONG>

This has happened, the same day I warned some corporate customers of this, there norton corporate software caught this virus coming in as that same file name of the hoax pretty scary if you ask me. The virus was the W32.Magistr.24876@mm

hmmm i know this SULFNBK.EXE was distributed with windows 95 + (cabs directory- used for backing up long filenames?¿ i think).i say get microsoft to provide a list of what files do what, filesize etc, then we can control this ourselfs.

Relax everybody......that's a file that everyone has on their computer and that file makes the short names in DOS. If you do not open any .exe attachment you'll don't have any problem! Believe me!

......Intel rules!!!!!

By the way, Norton don't detect that virus!

yer, your safe as long a user.exe, win.com, explorer.exe aren't run..
<IMG SRC="smilies/biggrin.gif" border="0"> <IMG SRC="smilies/biggrin.gif" border="0">

Originally posted by one_w/_keyboard:
<STRONG>

This has happened, the same day I warned some corporate customers of this, there norton corporate software caught this virus coming in as that same file name of the hoax pretty scary if you ask me. The virus was the W32.Magistr.24876@mm</STRONG>

Now that is scary.

BTW - My boss was receiving a variant of the Magistr virus almost daily. Which, (knock on wood), we have thus far stopped.
It has gotten to the point where he sends a reply (with a 'fake' return address) not only asking his name to be deleted from the sender's address book; but also a link to a free online virus scan from Trend Micro. It has helped somewhat, but he still receives at least three to four a week.

Originally posted by xPoseidonx:
[QB]Now that is scary.

BTW - My boss was receiving a variant of the Magistr virus almost daily...QB]

I've had a few instances of this one with the random text in French. One of the scariest ones I've seen in a while.

The SULFNBK.EXE hoax has also been a pain in the keister. One tech friend had been deleting this file on his home network when I told him it was a hoax. You'd think he'd be careful to check this with SARC first <IMG SRC="smilies/rolleyes.gif" border="0">

Another contact had sent the hoax to his entire address book after deleting it also. He is Quality Assurance Coordinator for 3 plants. Can you imagine the damage?

I actually had an "e-mail argument" with another user who insisted this was a true virus occurence, even though I sent him all the links to check it through Norton and McAfee. He even sent me a pasted article stating that it *was* a hoax as an argument to the contrary.

Is it not strange (or idiotic) to mistrust McAfee, SARC and myself (network manager) as sources of information but to blindly obey a forwarded e-mail sent out by some goofball and erase system files on a PC? <IMG SRC="smilies/mad.gif" border="0">

People, I tell ya...