Sulfnbk.exe June 1,2001 - Real or hoax?

[Poseidon]

Supposedly this is a virus/worm with trigger date of June 1, 2001 - deletes files and directories.
Anybody else heard of this? To me it seems to have all the classic signs of yet another hoax. .

[olegeezer]

This is the email I just received today (6/29/01) I read it found the SULFNBK file in my Win ME command folder. I did not delete it and because the date on the file was the same as all my other Win ME installation files I guessed it was a hoax. Thus, I did not email all in my address book about it. I send an inquiry to Norton as that is what I use for AV, but no answer as of this post. I am copying the email in full below just so you or others will get the "feel" of the message.
EMAIL I RECEIVED 6/29/01:

Subject: VIRUS!!!!!!!!!!!!!!!!!!!!!!!
Received the following from a friend. Please follow the directions to find
and delete the file. I did find this virus on my hard drive.

I have received this e-mail and have found the virus on three computers!

Virus software can not detect it. It will not become active until June
1, 2001, at that point it will become active and will be too late. It
wipes
out all files and folders on the hard drive. This virus travels through
e-mail and migrates to the C:\windows\command folder. To find it and
delete
it off your computer, do the following:

Go to the START button. Go to FIND or SEARCH Go to FILES & FOLDERS Make
sure
the find box is searching the C drive. Type in: SULFNBK.EXE Begin search.
If
it finds it, highlight it and press the Del key on your keyboard. Close the
find dialog box. open the Recycle Bin. Find the file and delete it from the
Recycle bin. You should be safe.

The bad part is: You need to contact everyone you have sent ANY e-mail to in
the past few months. I do not know how long this has been on our computers.

DO NOT RELY ON YOUR ANTI-VIRUS SOFTWARE. McAFEE NOR NORTON CAN DETECT IT
BECAUSE IT DOES NOT BECOME A VIRUS UNTIL JUNE 1ST. IT WILL BE TO LATE THEN.
WHATEVER YOU DO, DO NOT OPEN THE FILE!!!

[MacGyver]

Ya, I got one of these today, as well! IT IS A HOAX.

The details on this hoax can be found at http://www.sarc.com/avcenter/venc/da...e.warning.html

Go to http://www.sarc.com/avcenter/hoax.html to search for virus hoaxes.

Man, was the guy who sent me the message ever pi$$ed when I told him he was full of s##t! I forwarded a copy of his reply to his postmaster

[Jeff the Brit]

Relax, it's a hoax!

Info here: http://vil.nai.com/vil/virusSummary.asp?virus_k=99084

[Poseidon]

What concerns me is some jerk could write a REAL virus and embed it into the sulfbnk.exe file. Then just when everyone believes it to be a hoax - bam! You get hit with the real thing.

[MacGyver]

Only if you're foolish enough to open the file that comes in via email. Otherwise it can't infect you. This is common sense we're talking about here, but then again, my grandfather says that common sense isn't that common.

Let's put it this way: if you got a strange ticking package in the mail from somebody you didn't know, would you open it? Now you'll be paranoid everytime you open your mailbox

[Poseidon]

LOL


If/when I become that paranoid, I will have to install some type of x-ray device in my mailbox / porch.

[olegeezer]

Right on. I'm with you. My Norton's has saved me several times. I don't open file attachments I am not expecting. I have one friend who emails those FWD attachments (dumb joke stuff) all the time. My Norton scans my email and alerted me a dozen times (Win95MTX stuff) I kept telling him he was transmitting this virus (he uses no AV) and he got super mad at me for months. After months of no email from him (and we were friends of 30 years duration) he suddenly started forwarding me again yesterday and today. Sure enough Norton flagged and sirens, bells, whistles and flares went up again from this one guy's email. I would block him, but I want some of his emails. I was just flabbergasted when he got teed off at me for trying to warn him. I even offered to clean his machine and set him up with Norton ot McAffee or anything. Burns my butt that he wouldn't let me and who knows how many people he infects who may have no AV protection. That is probably why I was sensitive to the email about sulfnbk I received today. At least I was able quarantine and delete the bigs that was sent me. What some people do to save $25.00 a year for protection!

[ilovetheusers]

Rule of thumb:

If it does not come from SARC (Norton) or AVERT (McAfee) it a dang HOAX!!!

I can't tell you how many of these things I get at the support center I work at. Everyone just believes them as much as the stories about the little kid in Uzbeckistanislovokiaplex that has no arms, legs and head but needs this chain letter forwarded to everyone on the planet as Microsoft is giving away 5 billion dollars per e-mail that it tracks through a special e-mail tracker they just developed and have sent out in this e-mail embedded in a way that does not attach anything or change the size of the e-mail in any way and by the way there is a spider on your shoulder. Sorry about the rant, but I have never understood how anyone believes this stuff. It's well intended that it is passed on but it would be one of the next best ways of transfering a virus with a future time payload to users without them knowing.

Don't believe anything unless it comes from a service that you have subscribed to. Ever.

[GirlGeek]

The biggest tip off is if the alert is filled with exclamation points and is urging you to pass it on to everyone you know, then you know it's a hoax. Which brings up the next question...is the hoax truly a virus since it makes us alter our behavior pattern by mass forwarding and sucking up all the bandwidth...or does it need to be malicious code that alters the computers behavior?
Bah....

[BurnFEST]

It damn well has to be a hoax - U wont catch me falling for a warning worded like the LOL.

Also - my email clent is set up to delete anything with fw: FWD: or similar in front of it....

Also i NEVER forward things, except funny stuf to my brother/friends, never warnings...

Whoever send these things on are real morons..

Burn.

[Jeff the Brit]

The surest sign of a hoax is somebody who quotes AOL as being an authority on viruses!

[CampbellD]

I agree, AOL an authority - yeah right

I had so many people at work e-mail me and say is this a virus??

I try and send people a message everytime a ral virus comes out and when advertise the followign web site for HOAXs
http://www.symantec.com/avcenter/vinfodb.html

Excellent reference point..

[MacGyver]

I have had so many people send me e-mail on this, I have lost count. Excuse me while I scream: <IMG SRC="smilies/mad.gif" border="0"> <IMG SRC="smilies/mad.gif" border="0"> <IMG SRC="smilies/mad.gif" border="0"> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAARRRRRRRRRRRRRGGGGGGGGGGGHHHHHHHH! <IMG SRC="smilies/mad.gif" border="0"> <IMG SRC="smilies/mad.gif" border="0"> <IMG SRC="smilies/mad.gif" border="0">

Ahhhhh, much better! <IMG SRC="smilies/smile.gif" border="0">

I wouldn't count it out yet though.
http://www.theregister.co.uk/content/8/19310.html

Looks like this is a misinterpreted warning that could actually be true (although a good AV scanner would pick up the cirus in question).