If you get the following message in your in-box...

--------------------------------------------

URGENT. A VIRUS could be in your computer files now, dormant but will
become active on June 1. FOLLOW DIRECRTIONS BELOW TO CHECK IF YOU HAVE
IT
AND TO REMOVE IT NOW.

It was brought to my attention yesterday that a virus is in circulation
via
email.

Please follow the directions and remove it from yours
TODAY!!!!!!!

No Virus software can detect it. It will become active on June 1, 2001.

It might be too late by then. It wipes out all files and folders on the
hard
drive. This virus travels thru E-mail and migrates to the
'C:\windows\command' folder. To find it and get rid of it off of your
computer, do the following.

Go to the "START" button.
Go to "FIND" or "SEARCH"
Go to "FILES & FOLDERS"
Make sure the find box is searching the "C:" drive.
Type in: SULFNBK.EXE

Begin Search.
If it finds it, highlight it.
Go to 'File' and delete it.
Close the find Dialog box
Open the Recycle Bin
Find the file and delete it from the Recycle bin.
You should be safe.

The bad part is: You need to contact everyone you have sent ANY E-mail to
in
the past few months. Many major companies have found this virus on their
computers. Please help your friends !!!!!!!!

DO NOT RELY ON YOUR ANTI-VIRUS SOFTWARE. McAFEE and NORTON CANNOT DETECT
IT
BECAUSE IT DOES NOT BECOME A VIRUS UNTIL JUNE 1ST.

WHATEVER YOU DO, DO NOT OPEN THE FILE!!!

---------------------------------------

WHATEVER YOU DO DON'T FOLLOW THE ADVICE It's a HOAX warning that tells you to delete an important systems folder.

Sadly, I got the message and followed the advice. Moments later I got an email saying it was a hoax. If anyone has Windows ME, is there any way you can send me the file SULFNBK.EXE through my email address the_beatles@beatlemail.com#

Thank you. Remember. IGNORE THE WARNING. IT IS A HOAX

------------------
Containing EVERY clue ever found about this conspiracy, Paul is Dead - The Conclusive Evidence (http://www.paulisdead.net) will change your mind about this bizarre coverup.

This week, 'Beatles 1' is at No. 42 in the UK Album charts.
This week, 'Wingspan' is at No. 13 in the UK Album charts.

<BLOCKQUOTE><font size="1" face="Tahoma, Arial, Sans-Serif">Quote:</font><HR>Originally Posted By Harbidge:
Thank you. Remember. IGNORE THE WARNING. IT IS A HOAX

<HR></BLOCKQUOTE>

As long as you mean the warning within the message, and not yours. http://www.beatlelinks.net/ubb/smilies/shakehead2.gif

<BLOCKQUOTE><font size="1" face="Tahoma, Arial, Sans-Serif">Quote:</font><HR>originally posted by Harbidge:
WHATEVER YOU DO DON'T FOLLOW THE ADVICE It's a HOAX warning that tells you to delete an important systems folder.

Sadly, I got the message and followed the advice. Moments later I got an email saying it was a hoax. If anyone has Windows ME, is there any way you can send me the file SULFNBK.EXE through my email address the_beatles@beatlemail.com#

Thank you. Remember. IGNORE THE WARNING. IT IS A HOAX<HR></BLOCKQUOTE>

Harb, you should be able to reinstall the file from the install disk, or even from the cab files on your computer. Search through the help topics to find out exactly how to do it...

------------------
http://www.beatlelinks.net/ubb/smilies/sleep2.gif
In Memory Of Robby (http://inmemoryofrobby.50megs.com)
Our Lady's Psalter (http://ourladyspsalter.50megs.com)
Bearkat77's Beatlemaniac Page (http://bearkat77.www9.50megs.com)
Bearkat77's Tribute to John Lennon (http://bearkatjl.50megs.com)

NWM, the warning within the message is a hoax, not my warning. http://www.beatlelinks.net/ubb/smilies/images/icons/wink.gif

Sleepers, I found someone who had a copy of Windows ME, and did a straight copy/paste job.

------------------
Containing EVERY clue ever found about this conspiracy, Paul is Dead - The Conclusive Evidence (http://www.paulisdead.net) will change your mind about this bizarre coverup.

This week, 'Beatles 1' is at No. 42 in the UK Album charts.
This week, 'Wingspan' is at No. 13 in the UK Album charts.

Dang double posts!!!

------------------
Containing EVERY clue ever found about this conspiracy, Paul is Dead - The Conclusive Evidence (http://www.paulisdead.net) will change your mind about this bizarre coverup.

This week, 'Beatles 1' is at No. 42 in the UK Album charts.
This week, 'Wingspan' is at No. 13 in the UK Album charts.

[This Message Has Been Edited By Harbidge On May 31, 2001 11:01 AM]

Harb (and anyone else who may have deleted this file), the note below came to us from McAfee Virus Protection yesterday. There's some info on restoring the file if you have deleted it. Hope this helps.

*****************
[This message is brought to you as a subscriber to the
McAfee.com Dispatch. To unsubscribe, please follow the
instructions at the bottom of the page.]


Dear McAfee.com Dispatch Subscriber:

An email HOAX has been circulating recently that has
received a lot of press and public attention. The subject
line may contain "***Virus Alert***" or mention SULFNBK.exe.
If you receive a copy of this message, you should ignore it.
Do NOT pass it on as this is how an email hoax spreads. You
may receive a copy of this message from addresses that you
recognize.

DO NOT DELETE ANY FILES FROM YOUR COMPUTER.

There are several versions of this message circulating, in
several different languages. The email message may appear
in part as follows:

"A VIRUS could be in your computer files now, dormant but
will become active on June 1. Try not to USE your Computer
on June 1st. FOLLOW DIRECTIONS BELOW TO CHECK IF YOU HAVE IT
AND TO REMOVE IT NOW."

"No Virus software can detect it. It will become active
on June 1, 2001. It might be too late by then. It wipes out
all files and folders on the hard drive. This virus travels
thru E-mail and migrates to the C:\windows\command' folder."

The email will also instruct you to delete SULFNBK.exe and
to pass the message along to everyone you know.

SULFNBK.exe is a standard part of the Windows operating
system and SHOULD NOT BE REMOVED.

For more information about this hoax or for instructions on
how to replace SULFNBK.exe if you have already deleted it,
go to:
--&gt; http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=2274



------------------
Rooftop Sessions - The Finest In Beatles-Related Fiction. May 2001 Issue up now! About.com BEST OF THE NET, April 2001! www.rationalmagic.com/Rooftop/Rooftop.html (http://www.rationalmagic.com/Rooftop/Rooftop.html)

Thanks for that HMVNipper, my girlfriend was caught out by this hoax too so I'll pass that info on to her... I had a look myself just out of curiosity and noticed I don't have a "SULFNBK.EXE" file anywhere in my system, even though I didn't delete it. http://www.beatlelinks.net/ubb/smilies/thinker.gif

It's a program designed to help with long file names... I'm not sure which OS systems require it.

------------------
http://www.beatlelinks.net/ubb/smilies/sleep2.gif
In Memory Of Robby (http://inmemoryofrobby.50megs.com)
Our Lady's Psalter (http://ourladyspsalter.50megs.com)
Bearkat77's Beatlemaniac Page (http://bearkat77.www9.50megs.com)
Bearkat77's Tribute to John Lennon (http://bearkatjl.50megs.com)

I've got the file back from a friend who also had Windows ME. I don't think it's on older OS as I looked for the file on my brothers PC which has Windows 95 on it and it wasn't there.

------------------
Containing EVERY clue ever found about this conspiracy, Paul is Dead - The Conclusive Evidence (http://www.paulisdead.net) will change your mind about this bizarre coverup.

This week, 'Beatles 1' is at No. 42 in the UK Album charts.
This week, 'Wingspan' is at No. 13 in the UK Album charts.

Yep got that one also, and FPSHOT got it from me, http://www.beatlelinks.net/ubb/smilies/images/icons/frown.gif
Got to be more careful next time, and be sure if it's a genuine virus warning or not.
No real damage has been done,I also have the file back, but still.

HMVNipper thanks for the info.

When I received the hoax in my email, I decided to wait until McAfee came on line with my daily update. There was no such virus listed so I held on to it for another day. That's when I got word that it was a hoax and promptly deleted it from my mail.

------------------
http://www.beatlelinks.net/ubb/smilies/cat.gif

Bearkat77's Beatlemaniac Page (http://bearkat77.www9.50megs.com)

It's also in Windows 98.

------------------
Tim http://www.beatlelinks.net/ubb/smilies/churchill.gif
------------
Duchy Of Grand Fenwick

<BLOCKQUOTE><font size="1" face="Tahoma, Arial, Sans-Serif">Quote:</font><HR>Originally Posted By bearkat77:
When I received the hoax in my email, I decided to wait until McAfee came on line with my daily update. There was no such virus listed so I held on to it for another day. That's when I got word that it was a hoax and promptly deleted it from my mail.

<HR></BLOCKQUOTE>

Having been embarrassed entirely too often for comfort, I have bookmarked hoax/urban legend pages... When I get an "Urgent!" notice forwarded to me, I go there first... Most of the legit viruses/hoaxes have already been protected against by McAfee by the time I get the warning...



------------------
http://www.beatlelinks.net/ubb/smilies/sleep2.gif
In Memory Of Robby (http://inmemoryofrobby.50megs.com)
Our Lady's Psalter (http://ourladyspsalter.50megs.com)
Bearkat77's Beatlemaniac Page (http://bearkat77.www9.50megs.com)
Bearkat77's Tribute to John Lennon (http://bearkatjl.50megs.com)

I hope all you guys open your e-mail file attachments through McAfee or some other anti-virus program. That was my big mistake before the Great Computer Crash of 2000.

------------------
http://www.beatlelinks.net/ubb/smilies/king2.gif

<BLOCKQUOTE><font size="1" face="Tahoma, Arial, Sans-Serif">Quote:</font><HR>Originally Posted By Nowhere Man:
I hope all you guys open your e-mail file attachments through McAfee or some other anti-virus program. That was my big mistake before the Great Computer Crash of 2000.

<HR></BLOCKQUOTE>

What was it?
My worts was having some ISP upgrades screw up my IE5 and forcing me into 5.5



------------------
Tim http://www.beatlelinks.net/ubb/smilies/churchill.gif
------------
Duchy Of Grand Fenwick

Oh... it was PE_MTX.A - also known as MTX.A, W32/MTX, or I-Worm.MTX. Basically, It drops three hidden files, IE_PACK.EXE, WIN32.DLL and MTX_.EXE into the windows directory. Then the virus modifies the registry so that MTX_.EXE is executed in the next boot up and acts as a client application (backdoor). The Trojan creates a copy of the WSOCK32.DLL as WSOCK32.MTX and modifies this to intercept SMTP. It also patches the functions SELECT(), SEND() and SENDTO() in order to do this and modifies WININIT.INI to call WSOCK32.MTX instead whenever the original WSOCK32.DLL is called. It infects Win95 and 98 PE files (EXE and SCR) as well as DLL's and is a complete and utter nuisance, eventually leading all your programs to crash.

http://www.beatlelinks.net/ubb/smilies/afraid1.gifhttp://www.beatlelinks.net/ubb/smilies/afraid2.gif
Lucky I never received one of those....


------------------
Tim http://www.beatlelinks.net/ubb/smilies/churchill.gif
------------
Duchy Of Grand Fenwick