Sulfnbk.exe Virus Hoax

This story was first published on February 3, 2004

This email forward warns that a file on your computer called sulfnbk.exe is a virus and provides instructions on how to delete it. However, the message is a hoax.

This hoax is similar to the Teddy Bear virus hoax in that it attempts to trick recipients into deleting a legitimate windows file. In fact, Sulfnbk.exe is an MS Windows 95, 98 and Me utility program that is used to restore long file names, and should not be deleted. 

However, Sulfnbk.exe is not an important system file, and the computer should run normally even if the file is deleted. If replacement is deemed necessary, information on how to replace the file is provided in this Microsoft Knowledge Base article.

Examples of the hoax message:

Hello! I just got this letter from my friend and yes I had the virus as well please follow the directions to see if you have the virus and then follow the directions to get rid of it. Like my friend I am sorry that I passed it along as well.

Dear All: We received a virus on a message. I followed the instructions below and found that it had been spread to our computer. I followed the instructions and located the virus and was able to delete it. The bad news is that you probably have it, as you are in My Address book! More bad news is that my anti virus program did not detect this virus. The virus lies dormant for 14 days and then “kills” your hard drive.

Here is what to do. If you follow the instructions and then see that you have the virus, you need to send a similar e-mail to everyone in your address book.

Remove the virus by following these steps:
1. Go to “Start.” Then to “Find” or “Search”.
2. In the “Search for files or folders” type sulfnbk.exe — this is the name of the virus.
3. In the “Look in” section, make sure you are searching Drive C.
4. Hit “Search” or “Find”.
5. If your search finds this file, it will be an ugly blackish icon that will have the name sulfnbk.exe. DO NOT OPEN IT! If it does not show up on your first “Search”, try a “New Search.”
6. Right click on the file — go down to “Delete” and left click.
7. You will be asked if you want to send the file to the Recycling Bin — say “Yes”.
8. Go to your Desktop (where all your icons are) and right click on the Recycle Bin and either manually delete the sulfnbk.exe program or empty the entire bin.
9. If you found the virus on your system, send this or a similar e-mail to all in your address book because this is how it is transferred.

Sorry for the trouble and my apologies for having unwittingly “infected” you. You’ll want to check for this virus again for the next couple days until everyone in your address book has seen it and deleted it, otherwise, being in their address book, your PC will get infected all over again so don’t forget to check!

A VIRUS could be in your computer files now, dormant but will become active on June 1. Try not to USE your Computer on June 1st. FOLLOW DIRECTIONS BELOW TO CHECK IF YOU HAVE IT AND TO REMOVE IT NOW. No Virus software can detect it. It will become active on June 1, 2001. It might be too late by then. It wipes out all files and folders on the hard drive. This virus travels thru E-mail and migrates to the ‘C:\windows\command’ folder. To find it and get rid of it off of your computer, do the following.
Go to the “START” button.
Go to “FIND” or “SEARCH”
Go to “FILES & FOLDERS”
Make sure the find box is searching the “C:” drive.
Type in: SULFNBK.EXE
Begin search. If it finds it, highlight it. Do not double click or file will automatically open.
Go to ‘File’ and delete it.
Close the find Dialog box
Open the Recycle Bin
Find the file and delete it from the Recycle bin
You should be safe.
The bad part is: You need to contact everyone you have sent ANY E-mail to in the past few months. Many major companies have found this virus on their computers. Please help your colleagues and friends !

DO NOT RELY ON YOUR ANTI-VIRUS SOFTWARE. McAFEE and NORTON CANNOT DETECT IT BECAUSE IT DOES NOT BECOME A VIRUS UNTIL JUNE 1ST.

WHATEVER YOU DO, DO NOT OPEN THE FILE!!!