rrrjr
05-30-01, 06:04 PM
ok this may be a little long but i want to make shure that those who know have all the facts that i have to give.
here is a cut and paste of the e-mail i got.
"I just received a fax from someone I work with at our Oak Brook office who
told me that they recieved an email with a virus. They sent the following
information and I followed the direction and I found the virus. I have
cleaned the virus off my computer, so I'm safe now. Hopefully, you don't
have it, but to be on the safe side, here is how I checked to see if I had
the virus.
Virus software cannot detect it. It will not become active until June 1,
2001. At that point it will become active and will be too late. It wipes
out all files and folders on the hard drive. This virus travels through
email and migrates to the C:\windows\comand folder. To find it and delete
it off your computer, do the following:
Go to the START button.
Got to FIND or SEARCH
Go to FILES AND FOLDERS
Make sure the find box is searching the C drive.
Type in: sulfnbk.exe
Begin search.
If it finds it, highlight it --- WHATEVER YOU DO, DO NOT OPEN THIS FILE
Under Files there should be an option to delete. Use it.
Open the Recycle Bin, find the file and delete it from the recycle bin. You
should be safe.
The bad part is, you need to contact everyone you have sent any emial to in
the past few months. The person I received it from does not know how long
it has been on their computers. She also stated that you should not rely on
your anti virus software because McAfee and Norton cannot detect it because
it does not become a virus until June 1st. It will be too late the."
ok, so i do this and find two instances of this EXE file on my home network.
one is in a WAREZ copy of win ME that was given to me by a friend:D. (I KNOW, I KNOW, DON'T MESS WITH WAREZ! ) this copy of winME was NEVER installed on any computer i own or have ever been hooked up to on my network. it's just stored in case i ever wanted to mess with this O.S. the date of this file is 04-25-2000
the other file was found in the C:\windows\command file on a win98se computer that was set up with a legit paid for copy of it's O.S. from uncle Bill. the date of ceation is the same as all other files in that folder(04-23-1999)
the file name is sulfnbk.exe and is 44KB in size. i've scaned it with inoculateIT and came up with no virus found.
the icon for the progie in the command file in 98 is junky lookin, "LFN" on the top half if the icon and "GK"on the bottom half of the icon. the file name is all in caps ie; SULFNBK.EXE.
the icon in the ME-warez install file has a flying windows icon with the words "microsoft windows" under it. (very poorly done compared to other windows icons). the file name is all in lower case letters.
now i know there are some of you that are wizzes with security stuff, so i ask your opinion.
1) this file is so old i would think that antivirus companies would have kown of this by now, and have a definition for it, don't you?
2) have anybody here heard of this yet? is this old old news and i should get with the times!
3)is this a legit file in these progies? and this guy who is sending out the e-mail is full of it?(mabey he's trying to screw with people who are ignorant about this kinda stuff)
your two cents would greatly be apreciated.
TIA
jr.
here is a cut and paste of the e-mail i got.
"I just received a fax from someone I work with at our Oak Brook office who
told me that they recieved an email with a virus. They sent the following
information and I followed the direction and I found the virus. I have
cleaned the virus off my computer, so I'm safe now. Hopefully, you don't
have it, but to be on the safe side, here is how I checked to see if I had
the virus.
Virus software cannot detect it. It will not become active until June 1,
2001. At that point it will become active and will be too late. It wipes
out all files and folders on the hard drive. This virus travels through
email and migrates to the C:\windows\comand folder. To find it and delete
it off your computer, do the following:
Go to the START button.
Got to FIND or SEARCH
Go to FILES AND FOLDERS
Make sure the find box is searching the C drive.
Type in: sulfnbk.exe
Begin search.
If it finds it, highlight it --- WHATEVER YOU DO, DO NOT OPEN THIS FILE
Under Files there should be an option to delete. Use it.
Open the Recycle Bin, find the file and delete it from the recycle bin. You
should be safe.
The bad part is, you need to contact everyone you have sent any emial to in
the past few months. The person I received it from does not know how long
it has been on their computers. She also stated that you should not rely on
your anti virus software because McAfee and Norton cannot detect it because
it does not become a virus until June 1st. It will be too late the."
ok, so i do this and find two instances of this EXE file on my home network.
one is in a WAREZ copy of win ME that was given to me by a friend:D. (I KNOW, I KNOW, DON'T MESS WITH WAREZ! ) this copy of winME was NEVER installed on any computer i own or have ever been hooked up to on my network. it's just stored in case i ever wanted to mess with this O.S. the date of this file is 04-25-2000
the other file was found in the C:\windows\command file on a win98se computer that was set up with a legit paid for copy of it's O.S. from uncle Bill. the date of ceation is the same as all other files in that folder(04-23-1999)
the file name is sulfnbk.exe and is 44KB in size. i've scaned it with inoculateIT and came up with no virus found.
the icon for the progie in the command file in 98 is junky lookin, "LFN" on the top half if the icon and "GK"on the bottom half of the icon. the file name is all in caps ie; SULFNBK.EXE.
the icon in the ME-warez install file has a flying windows icon with the words "microsoft windows" under it. (very poorly done compared to other windows icons). the file name is all in lower case letters.
now i know there are some of you that are wizzes with security stuff, so i ask your opinion.
1) this file is so old i would think that antivirus companies would have kown of this by now, and have a definition for it, don't you?
2) have anybody here heard of this yet? is this old old news and i should get with the times!
3)is this a legit file in these progies? and this guy who is sending out the e-mail is full of it?(mabey he's trying to screw with people who are ignorant about this kinda stuff)
your two cents would greatly be apreciated.
TIA
jr.