Virus Hoax Coaxes Users to Delete Files

20 May 2001
Virus News

As Kaspersky Lab reported earlier last week, the virus hoax SULFNBK has been making the rounds as also witnessed by other anti-virus developers sending out a warning beacon. It is necessary to convince users that this type of virus does not actually exist, and we classify this as a VIRUS HOAX.

Warnings about the pseudo-virus began spreading two weeks ago, causing a real scare amongst users. As indicated in the message's text concerning the "virus," it contains a SULFNBK.EXE file that is programmed to activate the destructive payload on June 1. As is typical when a virus hoax is making the rounds, it is reported that not one anti-virus program is able to detect this "virus"; therefore, the only means of ridding a computer of this threat is to erase the SULFNBK.EXE virus-carrying file.

Contrary to this report, the SULFNBK.EXE file is absolutely safe, and moreover is a part of the operating system included in the Windows delivery. The program is a Windows application used for backup files with long file names. By deleting this file, a user causes a change in the system function as a whole, causing several operations on the computer to be rendered inoperable.

The standard icon for this file looks like

and this is not something unusual.

In addition to this, as reported by popular information center for problems regarding information safety-its experts have been able to receive the original SULFNBK.EXE file and establish the reason for this hoax appearance. It turned out that this file on the user's computer, who initiated the hoax, was really infected with the Magistr virus, currently found in the virus list of the most widespread viruses.

"What we see now is the sincere wishes of users to warn their friends and colleagues about the possibility of a dangerous virus. However, this event confirms the famous saying, -the road to hell is paved with good intentions.' The attempt to warn the world about an actual dangerous virus could cause other users to trigger a computer failure with his own hands," commented Denis Zenkin, Head of Corporate Communications for Kaspersky Lab.