Dangerous virus [HOAX], en how to find it. - DISREGARD

[LastResort]

This is a serious post, not some bullshit.
Virus name is SULFNBK.EXE, and for now maybe dorment on your system. Virus scanners dont
find it. It is a selfactivating virus, that will erase all information once it is active.
It is hidden in the c:\Windows\command folder. To locate it go to "Start" --> Search-->maps or files and enter the name in capitals. If it's found delete it emediatly, then delete it from the trashcan. I suggest you start searching.

Thanks for your attention.

LastResort

[ November 20, 2001: Message edited by: DolphinLord ]

 

[TOOL]

Thanks for alerting us.I had this virus and i knew nothing about it.

 

[Robert]

Thank you

 

[LastResort]

Time is essential, so that nobody get's in trouble by this virus. Spread the word.

LastResort

 

[Caris Nautilus]

Is this for real? I just found this on my system just like you said, when I did a search for it. Wierd as hell, what is it?

How the hell do people get this?

 

[LastResort]

You can recieve this by visiting a webpage,
through mail (you dont even see an attached file) ...

Seems that virus programmers have come up with something new, and for now undetectable.


LastResort

[ November 20, 2001: Message edited by: LastResort ]

 

[Dolphin]

http://www.sophos.com/virusinfo/articles/sulfnbk.html

 

[Caris Nautilus]

I just found out the SULFNBK.EXE is accually a Microsoft Windows Utility, which is probably why we all seem to have it.

This file CAN be infected, but it's good to delete it, and restore the file, it shows you how to do it here:
http://www.symantec.com/avcenter/venc/data/sulfnbk.exe.warning.html

From the date on this page this looks to be an old virus from April.

 

[Sets]

thanks Frank <IMG SRC="smilies/smile.gif" border="0">

 

[JMKurtz]

You might want to read this first:
http://www.symantec.com/avcenter/venc/data/sulfnbk.exe.warning.html

Jeff

 

[JMKurtz]

Looks like someone else just posted the same link <IMG SRC="smilies/smile.gif" border="0">

Jeff

 

[LastResort]

damnit i dont like people emailing jokes about possible virus infections.
But restoring the file would be the best thing. If it was ever infected in the first place.

LastResort

 

[Takumaji]

The problem with this virus is twofold.

First, SULFNBK.EXE (which is a harmless Win utility to restore long filenames in non-Fat32 fs's) has been sent out as a virus hoax. It originated from Brazil.

Next, there's a very dangerous virus called Win32.Magistr.a/b/24876@mm, which happens to arrive buried in the SULFNBK.EXE. It heavily infects the host PC by sneaking into .EXE and .COM files, alters the registry, win.ini and/or system.ini to get started after a reboot, trojanizes explorer.exe, and finally copies itself via mail to all mail addresses found in your Exchange/Outlook/Netscape Messenger address books.

We had a customer's network with 25 PCs and two servers which got infected by Magistr.b, and it took us two full days to clean the client PCs, raise some anti-virus walls and create a single-ended, clean network entry point (Linux all the way!).

However, all major anti-virus companies like Symantec or Network Solutions have included this beast in their antivir signature files, so I suggest you take a look at the hp of your favourite tool.

For a start, here's a link to Symantec's security response page with more infos about some Magistr-variants.

 

[Ukyo]

It's a hoax http://groups.google.com/groups?q=SULFNBK.EXE&hl=en&rnum=2&selm=q2ibhtgt06t7u1jkcjsrcs7jlbu7kf0p44%404ax.com

Sorry that link doesnt work, my friend sent me the link that said it was a hoax. We just deleted a windows file that helps to store long file names. Some things might not work properly now.>>>

[ November 20, 2001: Message edited by: Ukyo ]

 

[John]

Also, watch out for the AOL.EXE virus. Further information can be found on this <A HREF="http://www.jokeaday.com" TARGET=_blank>Very Important Site <IMG SRC="smilies/smile.gif" border="0"></A> under "The AOL.EXE virus"

 

[Fran]

i fuckin found that exe in that folder !!

jesus !!


thanks a lot

ive just deleted the fucker

 

[Fran]

and now that ive seen the rest of the thread


i know i shouldnt have deleted it

fuckin hell


what am i to do now

 

[Ukyo]

LOL Fran! Don't worry, I don't think its anything big, I hope. >>>

 

[chimpmeister]

Originally posted by Fran:
<STRONG>i fuckin found that exe in that folder !!

jesus !!


thanks a lot

ive just deleted the fucker</STRONG>

Um, if you read the whole thread, you'd see that the SULFNBK.EXE file is a windows utility used for long file names. It is a mistake to just arbitrarily delete this file, especially if it isn't infected (as I'm sure on most systems it is not).

You just dumped your ability to store long file names, oh well.

Better to always take virus warnings with a grain of salt. In this case acting hastily can do more harm than good . . .

 

[LastResort]

You can restore the file if you follow the steps found in Jeff's link.

LastResort

 

[Dolphin]

Since this thread seems to be causing a good deal of unneeded anxiety, I've appropriately edited the title and will be locking the thread.