You all have a wonderful Memorial Day Wokende! --- HAVE A GREAT DAY!!! --- Jim Mahan --- jrmahan@att.net --- http://home.att.net/~jrmahan/ --- http://james.mahan.tripod.com/ --- http://worldconnect.genealogy.rootsweb.com/cgi-bin/igm.cgi?db=jrmahan ----- Original Message ----- From: "Howard Johnston" <how@micron.net> To: <PAF-5-USERS-L@rootsweb.com> Sent: Saturday, May 26, 2001 9:24 AM Subject: [PAF-5] VALID VIRUS ALERT > I rec'd this email earlier this am. Yes, I found this virus lurking on my C drive and was able to delete it. > Howard Johnston > > -------------------------------------------------------------------------- - > > Subject: > [HACKETT-L] Very Important Virus Alert > Resent-Date: > Fri, 25 May 2001 14:58:02 -0700 > Resent-From: > HACKETT-L@rootsweb.com > Date: > Fri, 25 May 2001 17:57:57 EDT > From: > Cybermomrk@aol.com > To: > HACKETT-L@rootsweb.com > > > > > My sister faxed me this alert that was sent to all the computers at the > Credit Union she works at. I am grateful because I found it on both my > computers in the Windows folder. > Therefore I am sending it to all that I can reach to warn them. It is copied > exactly as the memo was circulated to the Credit Union employees, without of > course the Systems Managers email address and extension number copied. I > only typed up the main body of the memo. > > <<<VERY IMPORTANT VIRUS ALERT!!! > > A new virus is out that is NOT detected by Norton's Antivirus!! This virus > lays on your PC and will activate on Jun 1. It is very important that each > of you follow the below steps to make sure you do not have the virus [the > virus has already been found in the Credit Union] - > > On you START button in the lower left corner....click on it ONCE with your > RIGHT mouse button. > > On the menu that will pop up, go up to FIND and click on it ONCE with your > LEFT mouse button. > > The FIND menu will come up and you need to make the following entries: > NAMED: SULFNBK.EXE > CONTAINING TEXT: leave this blank > LOOK IN: click once on the arrow to the right and then select the C: > drive. > > After these entries are made, click on the FIND NOW button. > > If the virus is on you PC, you will see an icon and name appear in the lower > box on the menu [ the file will be named sufnbk.exe or may appear simply > sufnbk without showing the .exe] If you see it DO NOT OPEN !!! Click on it > ONE TIME with your RIGHT mouse button and a menu will appear. From that > menu, select DELETE. > > After this, click on the X in the upper right corner to close the FIND > menu....BUT, if you had the virus, you are not finished yet.... > > Return to your main desktop [where you see MY COMPUTER, MY DOCUMENTS, just > like when you first log on in the mornings] and click ONCE on your Recycle > BIN with your RIGHT mouse button and a menu will appear. Click ONCE on > EMPTY THE RECYCLE BIN. NOW, you are finished. > > Please take care of this right away. >>>>>> > ------------------------------------------------------- > > > > > > > ==== PAF-5-USERS Mailing List ==== > PAF-5-USERS Mailing List Archives > http://archiver.rootsweb.com/th/index/PAF-5-USERS/ >

Before you all start deleting this file, please read what Norton has to say about this hoax. I have pasted the message below and you can go to their site at: http://www.symantec.com/avcenter/venc/data/sulfnbk.exe.warning.html and read all about it. Sorry, I know this is not genealogy related, but am answering the post to the list. Flora SULFNBK.EXE Warning Reported on: April 17, 2001 Last Updated on: May 15, 2001 at 05:28:25 PM PDT Printer-friendly version The following hoax email has been reported in Brazil. The original email is in Portuguese; it is followed by an English translation. CAUTION: This particular email message is a hoax. The file that is mentioned in the hoax, however, Sulfnbk.exe, is a Microsoft Windows utility that is used to restore long file names, and like any .exe file, it can be infected by a virus that targets .exe files. Original Portuguese version: Vocês acreditam que uma amiga da lista enviou um alerta e os procedimentos que deveriam ser tomados para a possível detecção do maledeto SULFNBK.EXE. e eu fui conferir só por desencargo de consciência. Pois é...O bichinho tava lá, escondidinho até da McAfee e do Norton, talvez esperando algum gatilho prá começar a trabalhar, né? Aí vão, moçada, as orientações que eu segui à risca e que me levaram ao tal coisinha ruím: 1 - Iniciar/Localizar Pastas. Digite o nome do "mardito": SULFNBK.EXE 2 - Se for encontrado, abra o Windows Explorer, vá até a pasta onde ele se encontra alojado e delete-o de lá ou do próprio ambiente do Localizar; - Não click com o botão esquerdo sobre ele e não abra o arquivo nem em caso de incêndio, ok? 3 - Apenas delete o bichinho. 4 - O meu estava em Windows/Command. 5 - O vírus da pessoa que passou o aviso estava em Windows/Config. Sim, o Norton e nem o McAfee não detectou. Não sabemos se ele faz algum estrago na máquina, mas acho que ninguém aqui vai querer testar para saber, né? Gente, sem brincadeiras, já tirei o meu daqui.... E nem imaginava que tivesse hóspedes no PC. Minha vacina está super-atualizada!!! Façam o mesmo, ok? Translated English version: Do you believe that a friend of mine sent me an alert and the procedure that we have to follow for the possible infection of SULFNBK.EXE. And I had checked, just to make sure. An then... the file was there, hidden even of McAfee and Norton, maybe waiting something to start work. Well, see bellow the procedure that I followed step by step, and I found the file: 1. Start/Find Folders. Type the file name: SULFNBK.EXE 2. If it find, open Windows Explorer, browse into the folder where the file is and delete it. Do not click with left button on the file and do not open it. 3. Just delete it 4. Mine was on Windows/Command 5. The virus from the person who gave the alert was on Windows/Config Yes, Norton and McAfee do not detect it. We do not know if it makes some damage on the machine, but I think that anybody will not want to test it to know, will it? Folks, this is not a fun, I delete it from my computer. And my definitions are updated. Do it the same, ok? Category: Hoax Please ignore any messages regarding this hoax and do not pass on messages. Passing on messages about the hoax only serves to further propagate it. ----- Original Message ----- From: "James Mahan" <jrmahan@worldnet.att.net> To: <ELLIOTT-L@rootsweb.com> Sent: Saturday, May 26, 2001 12:05 PM Subject: [ELLIOTT] Fw: [PAF-5] VALID VIRUS ALERT > You all have a wonderful Memorial Day Wokende! > > > --- HAVE A GREAT DAY!!! > > --- Jim Mahan > > --- jrmahan@att.net > > --- http://home.att.net/~jrmahan/ > --- http://james.mahan.tripod.com/ > --- http://worldconnect.genealogy.rootsweb.com/cgi-bin/igm.cgi?db=jrmahan > ----- Original Message ----- > From: "Howard Johnston" <how@micron.net> > To: <PAF-5-USERS-L@rootsweb.com> > Sent: Saturday, May 26, 2001 9:24 AM > Subject: [PAF-5] VALID VIRUS ALERT > > > > I rec'd this email earlier this am. Yes, I found this virus lurking on my > C drive and was able to delete it. > > Howard Johnston > > > > -------------------------------------------------------------------------- > - > > > > Subject: > > [HACKETT-L] Very Important Virus Alert > > Resent-Date: > > Fri, 25 May 2001 14:58:02 -0700 > > Resent-From: > > HACKETT-L@rootsweb.com > > Date: > > Fri, 25 May 2001 17:57:57 EDT > > From: > > Cybermomrk@aol.com > > To: > > HACKETT-L@rootsweb.com > > > > > > > > > > My sister faxed me this alert that was sent to all the computers at the > > Credit Union she works at. I am grateful because I found it on both my > > computers in the Windows folder. > > Therefore I am sending it to all that I can reach to warn them. It is > copied > > exactly as the memo was circulated to the Credit Union employees, without > of > > course the Systems Managers email address and extension number copied. I > > only typed up the main body of the memo. > > > > <<<VERY IMPORTANT VIRUS ALERT!!! > > > > A new virus is out that is NOT detected by Norton's Antivirus!! This > virus > > lays on your PC and will activate on Jun 1. It is very important that > each > > of you follow the below steps to make sure you do not have the virus [the > > virus has already been found in the Credit Union] - > > > > On you START button in the lower left corner....click on it ONCE with your > > RIGHT mouse button. > > > > On the menu that will pop up, go up to FIND and click on it ONCE with your > > LEFT mouse button. > > > > The FIND menu will come up and you need to make the following entries: > > NAMED: SULFNBK.EXE > > CONTAINING TEXT: leave this blank > > LOOK IN: click once on the arrow to the right and then select the > C: > > drive. > > > > After these entries are made, click on the FIND NOW button. > > > > If the virus is on you PC, you will see an icon and name appear in the > lower > > box on the menu [ the file will be named sufnbk.exe or may appear simply > > sufnbk without showing the .exe] If you see it DO NOT OPEN !!! Click on > it > > ONE TIME with your RIGHT mouse button and a menu will appear. From that > > menu, select DELETE. > > > > After this, click on the X in the upper right corner to close the FIND > > menu....BUT, if you had the virus, you are not finished yet.... > > > > Return to your main desktop [where you see MY COMPUTER, MY DOCUMENTS, just > > like when you first log on in the mornings] and click ONCE on your > Recycle > > BIN with your RIGHT mouse button and a menu will appear. Click ONCE on > > EMPTY THE RECYCLE BIN. NOW, you are finished. > > > > Please take care of this right away. >>>>>> > > ------------------------------------------------------- > > > > > > > > > > > > > > ==== PAF-5-USERS Mailing List ==== > > PAF-5-USERS Mailing List Archives > > http://archiver.rootsweb.com/th/index/PAF-5-USERS/ > > > > > ==== ELLIOTT Mailing List ==== > Visit the ELLIOT/ELLIOTT Most Wanted Web Site: > http://homepages.rootsweb.com/~yvonne/elliott.html >