sulfnbk.exe ?????{freezing, spyware and startup issues}

[steaks355]

ok, i have recieved an email:
We got this virus and chances are you have it too since you are in my
address book. It lies dormant for 14 days and then kills your hard drive.
Here's how to stop it. If you've got it send this to everyone in
your,address book.

Remove it by following these steps:
1. go to "start" then to "find or search" (depending on your computer)
2.in the "search for files or folders" type, sulfnbk.exe ,this is the
virus.
3 in the "look in" make sure you're searching Drive C
4. hit "search" button (or find)
5. if this file shows up (it is an ugly blackish icon that will have the
name sulfnbk.exe) DO NOT OPEN IT!
6.right click on the file--go down to delete and left click
7. It will ask if you want to send it to the recycle bin, say yes
8. go to your desk top (where all your icons are) and
double click on the recycle bin.
9. right click on "sulfnbk.exe" and delete again or empty the bin.

If you find it send this e-mail to all in your address book because that's
how it is transferred

i have also seen that this is a hoax.
what does this sulfnbk.exe do for your computer. is it safe or harmful. seems to me, that i am getting conflicting articles from different places on the web. anyone know the truth, and what this .exe file is supposed to do, please let me know.
thanks. and most of all, MERRY CHRISTMAS to all.
steaks 355

 

[fireboy69]

The email is a hoax. If I remember correctly, this file helps Windows with the long file names. Go here to read up on this :

http://www.urbanlegends.com/ulz/virus4.html

 

[TonyKlein]

SULFNBK.EXE Warning

Description of Sulfnbk.exe and How to Replace the Program File

Cheers,

 

[steaks355]

fireboy and tony: thank you for your reply. i have done the restore thing. thereason i was so bothered by this, is my computer seems to be freezing up. does not matter if i am online or not. i am running windows '98 4.2 gig hard drive, 256 ram. for some reason, even if i am only running just one program, it will freeze .

 

[TonyKlein]

So it must be something else.

Lets take a look at your startup programs:

Go to Start/run, and type Msinfo32, followed by OK.
Go to Software Environment/Startup Programs.
Now click Edit/'Select all', and then 'copy'
Paste the contents in your post.

And do you have a regularly updated antivirus running?
Try having your computer checked on line at <A HREF="http://housecall.antivirus.com/">Trend Micro HouseCall </A>

Good luck,

 

[steaks355]

as far as anti virus is concerned, yes. i have been running norton for almost a year. here is the list of start up programs you asked for.
Internet Answering Machine Startup Group "C:\Program Files\CallWave\IAMSETUP.EXE" -start
run Win.ini hpfsched
NETZIP SMARTDOWNLOADER Registry (Per-User Run) C:\WINDOWS\SYSTEM\npnzdad.exe /t
ScanRegistry Registry (Machine Run) c:\windows\scanregw.exe /autorun
TaskMonitor Registry (Machine Run) c:\windows\taskmon.exe
SystemTray Registry (Machine Run) SysTray.Exe
LoadPowerProfile Registry (Machine Run) Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
AtiCwd32 Registry (Machine Run) Aticwd32.exe
SoundFusion Registry (Machine Run) RunDll32 cwcprops.cpl,CrystalControlWnd
SBWatchDog.EXE Registry (Machine Run) C:\WINDOWS\SYSTEM\SBUtils\SBWatchDog.EXE /l
Easykey Registry (Machine Run) C:\Program Files\Easy Keyboard\Easykey.exe
DXM6Patch_981116 Registry (Machine Run) C:\WINDOWS\p_981116.exe /Q:A
CriticalUpdate Registry (Machine Run) c:\windows\SYSTEM\wucrtupd.exe -startup
LVComs Registry (Machine Run) c:\windows\SYSTEM\LVComS.exe
NAV DefAlert Registry (Machine Run) C:\PROGRA~1\NORTON~1\DEFALERT.EXE
Norton eMail Protect Registry (Machine Run) C:\Program Files\Norton AntiVirus\POPROXY.EXE
Norton Auto-Protect Registry (Machine Run) C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
zBrowser Launcher Registry (Machine Run) C:\Program Files\Logitech\iTouch\iTouch.exe
AtiKey Registry (Machine Run) Atitask.exe
webHancer Agent Registry (Machine Run) "C:\Program Files\webHancer\Programs\whAgent.exe"
PtUDFApp Registry (Machine Run) C:\WINDOWS\SYSTEM\PtUDFApp.exe /T
New.net Startup Registry (Machine Run) rundll32 C:\WINDOWS\NEWDOT~3.DLL,NewDotNetStartup
PiDunHk Registry (Machine Run) "C:\PROGRAM FILES\PRODINET\BIN\PIDUNHK.EXE"
LoadPowerProfile Registry (Machine Service) Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent Registry (Machine Service) mstask.exe
ScriptBlocking Registry (Machine Service) "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg

thank you for your time and help.
steaks355

 

[SavvyLady]

you have spyware on your system you need to remove.
new.net
webhancer
SB Watchdog
also take the check from these in startup
DXM6Patch_981116 not needed
PiDunHK unless you use Prodigy??
LVComs Registry .... not needed

Go to start/settings/control properties/add-remove & if you see the ones listed as spyware ... remove then or uninstall them ...then
Go to start/run... type in msconfig. then click ok. go to startup & take the checks from ALL the above I listed.....then Reboot.
You need ad-aware to run on your system to find any spyware not shown here.... run & delete anything it finds.
Get ad-aware here...

Click here to download it
then go back & get Refupdate 1.2 on the left column.
Run this once a day when you run the virus scan so you don't forget.

OK ... now after you have done all this... go back to run & type msinfo32 & copy in edit & paste here what you find in syste envirement & startup

 

[TonyKlein]

Hi,

You have some serious spyware there, plus some stuff routinely responsible for causing errors, and slowing your machine down.
Let's remove all unnecessary and harmful stuff from startup.

Go to Start/run, and type msconfig.
On the Startup tab, uncheck EVERYTHING, EXCEPT for the following items

Internet Answering Machine (optional
ScanRegistry
SystemTray
LoadPowerProfile
SoundFusion
SBWatchDog.EXE
Easykey (optional)
NAV DefAlert
Norton eMail Protect R
Norton Auto-Protect
zBrowser Launcher : : Not required unless you want to use the short cut keys
PtUDFApp
PiDunHk
LoadPowerProfile
SchedulingAgent
ScriptBlocking Registry

Click OK, close Msconfig, and reboot (important!)

The items marked 'optional' aren't neccessary for Windows to run either, and you may experiment later by unchecking them as well.

Now go to Software add/remove and remove New(dot)net application and Webhancer Agent.

Reboot AGAIN.

Download and install <A HREF="http://www.lavasoftusa.net/index.html">Ad-Aware</A> . This is a program which scans your system for spyware.

After having downloaded AAW, also download the latest Signature file (Reflist.sig) : http://www.lavasoftusa.net/aaw/binary/reflist.zip
Unpack it to the Lavasoft Ad-Aware folder in Program Files, and have it overwrite the one that's there.

Then have your drives and registry scanned for spyware, check all found files and reg keys, click continue, and have them removed.
Reboot one last time.

Your computer will thank you for this, and you'll be amazed about how much more smoothly your system will run.


Good luck,

 

[SavvyLady]

oops... Tony...Im sorry I looked & didn't see you was still online.



SB Watchdog SBWatchdog.exe
Spyware utility installed by the manufacturers of some laptops (Sony) used to monitor browsing habits and send them back to whoever installed it - released by SoftBank. See here for more information. Check here or here for information about Spyware

 

[TonyKlein]

Hi Savvy,

Don't apologize, this is a forum you know
And everyone who thinks he or she has something to contribute should do so as well.

Cheers,

 

[steaks355]

Internet Answering Machine Startup Group "C:\Program Files\CallWave\IAMSETUP.EXE" -start
run Win.ini hpfsched
NETZIP SMARTDOWNLOADER Registry (Per-User Run) C:\WINDOWS\SYSTEM\npnzdad.exe /t
ScanRegistry Registry (Machine Run) c:\windows\scanregw.exe /autorun
SystemTray Registry (Machine Run) SysTray.Exe
LoadPowerProfile Registry (Machine Run) Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SoundFusion Registry (Machine Run) RunDll32 cwcprops.cpl,CrystalControlWnd
SBWatchDog.EXE Registry (Machine Run) C:\WINDOWS\SYSTEM\SBUtils\SBWatchDog.EXE /l
CriticalUpdate Registry (Machine Run) c:\windows\SYSTEM\wucrtupd.exe -startup
NAV DefAlert Registry (Machine Run) C:\PROGRA~1\NORTON~1\DEFALERT.EXE
Norton eMail Protect Registry (Machine Run) C:\Program Files\Norton AntiVirus\POPROXY.EXE
Norton Auto-Protect Registry (Machine Run) C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
zBrowser Launcher Registry (Machine Run) C:\Program Files\Logitech\iTouch\iTouch.exe
PtUDFApp Registry (Machine Run) C:\WINDOWS\SYSTEM\PtUDFApp.exe /T
PiDunHk Registry (Machine Run) "C:\PROGRAM FILES\PRODINET\BIN\PIDUNHK.EXE"
LoadPowerProfile Registry (Machine Service) Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent Registry (Machine Service) mstask.exe
ScriptBlocking Registry (Machine Service) "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg

the above is my start up list after following your instructions. i am still have freeze ups. what next? will defrag help. thank you, tony savvy for your time and help. much appreciate it.
steaks 355

 

[TonyKlein]

Netzip and Critical update are back, I see.

You need to go into the options of Netzip, and uncheck 'load Netzip as Windows Starts' or something like that.

Uninstall MS 'Critical Update Notification' in Software add-remove, for it is pretty useless, and does regularly seek Internet Access.

Also uncheck SBWatchdog.exe.

On next reboot these three entries need to be gone as well.
Tell us what happens.

Good luck,

 

[TonyKlein]

I checked some more, and it appears that PiDunHk and PiStartup are not required either:

PiDunHk (pidunhk.exe)
Launches a Orb icon from Prodigy Internet on the System Tray icon to access the various menus. Not required in startup. Can be run manually.For more information->http://www.prodigy.com/pcom/prodigy_internet/pi_index.html

PiStartup (pistartup.exe)
Launches the Prodigy Internet enrollment Connection Wizard in order to create a Internet account. Not required. Can be run manually in Start->Programs->Prodigy Internet.For more information->http://www.prodigy.com/pcom/prodigy_internet/pi_index.html

Uncheck these two as well.

Good luck,

 

[steaks355]

o.k. i am noticing somewhat of an improvement in the speed. i am just hoping for no freeze ups. if anything else happens, i'll let you know. once again, i want to thank you for your help. my wife and i use this computer all the time.
i do have another question. other than microsoft.com, are there any good sites to get updates for any files for windows '98 that my computer might be missing, causing my computer to run improperly?
thanks you much once again
steaks 355

 

[TonyKlein]

If you pay a visit to Windows Update every couple of weeks or so, and download the critical/security updates there, you'll be fine.

It's also a good idea to upgrade to the latest version of your browser, i.e Internet Explorer 5.5 SP2, if you're still running SP1 for example.

A lot of dlls will be updated to a more recent version if you do, which is a good thing, mostly.

And regular maintenance is very important, of course: clearing temps, defragging, etcetera.

Here is an article:

Clean up your hard drive

Good luck,