Oh suuuurrrrrrre You didn't send me the website ! :-) Clancy Harms, NESDA's Region 7 Director Dick's Radio & TV, Inc. 2319 West Clay St. "Aim high men" St. Charles, MO. 63301 "they're on camels" (636)-724-5055 (636)-724-5531 fax email: dickstv1@xxxxxxxxxxxxx ----- Original Message ----- From: "Tel-Tek Electronics" <teltek2@xxxxxxxxxxxx> To: <techassist@xxxxxxxxxxxxx> Sent: Sunday, October 27, 2002 2:29 PM Subject: [TechAssist] Re: security problems today > Try this site for now. There is another one on Symantec, so if this doesn't > work I'll send you the other one. > Read the instructions on this MS site, and make sure you download the patch > for the correct OS. > Make sure your other computer is not networked at the time you do this. > > -Ed- > Tel-Tek Electronics > Ontario-Canada > teltek2@xxxxxxxxxxxx > ----- Original Message ----- > From: "Clancy Harms" <dickstv1@xxxxxxxxxxxxx> > To: <techassist@xxxxxxxxxxxxx> > Sent: Sunday, October 27, 2002 3:28 PM > Subject: [TechAssist] Re: security problems today > > > > > > Windows 98SE > > > > Clancy Harms, NESDA's Region 7 Director > > Dick's Radio & TV, Inc. > > 2319 West Clay St. "Aim high men" > > St. Charles, MO. 63301 "they're on camels" > > (636)-724-5055 > > (636)-724-5531 fax > > email: dickstv1@xxxxxxxxxxxxx > > ----- Original Message ----- > > From: "Tel-Tek Electronics" <teltek2@xxxxxxxxxxxx> > > To: <techassist@xxxxxxxxxxxxx> > > Sent: Sunday, October 27, 2002 2:20 PM > > Subject: [TechAssist] Re: security problems today > > > > > > > > > > What version of Windows are you using? > > > > > > -Ed- > > > Tel-Tek Electronics > > > Ontario-Canada > > > teltek2@xxxxxxxxxxxx > > > ----- Original Message ----- > > > From: "Clancy Harms" <dickstv1@xxxxxxxxxxxxx> > > > To: <techassist@xxxxxxxxxxxxx> > > > Sent: Sunday, October 27, 2002 2:50 PM > > > Subject: [TechAssist] Re: security problems today > > > > > > > > > > > > > > Ed > > > > Are you saying (Re: The first sentence in your reply) that > > > > I should reinstall the 'Brasil.exe' file? > > > > By the way...Norton has found the 'Opaserv' virus twice since our > > > > conversation started just now! > > > > > > > > Clancy Harms, > > > > Dick's Radio & TV, Inc. > > > > 2319 West Clay St. "Aim high men" > > > > St. Charles, MO. 63301 "they're on camels" > > > > (636)-724-5055 > > > > (636)-724-5531 fax > > > > email: dickstv1@xxxxxxxxxxxxx > > > > ----- Original Message ----- > > > > From: "Tel-Tek Electronics" <teltek2@xxxxxxxxxxxx> > > > > To: <techassist@xxxxxxxxxxxxx> > > > > Sent: Sunday, October 27, 2002 1:33 PM > > > > Subject: [TechAssist] Re: security problems today > > > > > > > > > > > > > > > > > > Check your start up folder...they are all in there, and add > > > "brasil.exe". > > > > > I just went thru 3 days of getting rid of it. > > > > > Finally had to format my "boot" drive, and re-installing Windows ME. > > > > > > > > > > Clancy...this is very important, make sure you stop all Networking, > or > > > > while > > > > > you are erradicating it on one computer, it hides on the other one, > > then > > > > > cpmes right back. Actually physically remove the the plug from the > > > > > networking card. My Norton 2000 did a lousy job on repairing it, so > I > > > had > > > > to > > > > > update to 2003. > > > > > > > > > > Good luck. > > > > > > > > > > -Ed- > > > > > Tel-Tek Electronics > > > > > Ontario-Canada > > > > > teltek2@xxxxxxxxxxxx > > > > > ----- Original Message ----- > > > > > From: "Clancy Harms" <dickstv1@xxxxxxxxxxxxx> > > > > > To: <techassist@xxxxxxxxxxxxx> > > > > > Sent: Sunday, October 27, 2002 1:51 PM > > > > > Subject: [TechAssist] Re: security problems today > > > > > > > > > > > > > > > > > > > > > > Hi all; > > > > > > I'm also fighting this crap! > > > > > > Check for 'ALEVIR.EXE', 'MSSG.EXE', & 'SCRSVR.EXE', > > > > > > They've hit me yesterday and today (Sunday) > > > > > > > > > > > > Clancy Harms, Dick's Radio & TV, Inc. > > > > > > 2319 West Clay St. "Aim high men" > > > > > > St. Charles, MO. 63301 "they're on camels" > > > > > > (636)-724-5055 > > > > > > (636)-724-5531 fax > > > > > > email: dickstv1@xxxxxxxxxxxxx > > > > > > ----- Original Message ----- > > > > > > From: "Tel-Tek Electronics" <teltek2@xxxxxxxxxxxx> > > > > > > To: <techassist@xxxxxxxxxxxxx> > > > > > > Sent: Sunday, October 27, 2002 12:22 PM > > > > > > Subject: [TechAssist] Re: security problems today > > > > > > > > > > > > > > > > > > > > > > > > > > Gary....I know how you feel, I just went thru 3 days getting my > > > system > > > > > > > staightened out. > > > > > > > Do search for brasil.exe..on your system.also known by other > > names, > > > > but > > > > > > > that's a bad one. > > > > > > > > > > > > > > -Ed- > > > > > > > Tel-Tek Electronic. > > > > > > > Ontario-Canada > > > > > > > teltek2@xxxxxxxxxxxx > > > > > > > ----- Original Message ----- > > > > > > > From: "Gary McCartney" <number63@xxxxxxxxxxxxx> > > > > > > > To: <techassist@xxxxxxxxxxxxx> > > > > > > > Sent: Saturday, October 26, 2002 11:16 PM > > > > > > > Subject: [TechAssist] security problems today > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I've had a busy day keeping my computer safe. > > > > > > > > > > > > > > > > First, I received several klez32 vir. and Norton AV 2002 > picked > > > them > > > > > all > > > > > > > > up no problem, except after quaranteening it one time, my > inbox > > > > froze > > > > > > > > (Netscape 4.79). I restarted Netscape and it wouldn't allow me > > to > > > > > access > > > > > > > > my inbox at all. Then I scanned my whole system for vir. > > > > > > > > but Norton found nothing. I was lucky in finding what was > > causing > > > > the > > > > > > > > problem. After pressing "Control/Alt/Delete" to go into the > Win > > > 2000 > > > > > > > > task manager, in the processes tab, Netscape was shown as > still > > > > > running > > > > > > > > even though I had closed it down. I clicked on the line and > > closed > > > > > > > > Netscape from there, then I could get my mail again. What a > > > relief. > > > > > > > > > > > > > > > > Second, I noticed an ICON on my desktop that didn't belong > > there. > > > It > > > > > > > > said, "GO IN.EXE" > > > > > > > > I did not click on it, fearing an uninvited guest placed it > > there. > > > I > > > > > did > > > > > > > > a search on Google and found out that it was an uninvited > > dial-up > > > > > > > > connection installed in Dial-up Networking. If I would have > > > clicked > > > > on > > > > > > > > the icon, I think it would have dialed up an overseas 1-900 > > number > > > > and > > > > > > > > I'd been charged hundreds of bucks for the call. > > > > > > > > > > > > > > > > I deleted everything from my files relating to "go in.exe" > plus > > I > > > > > > > > scanned my registry for any keys, plus I did a Norton Win > Doctor > > > on > > > > my > > > > > > > > hard drive. This removes obsolete or bad keys from your > > registry. > > > > Then > > > > > I > > > > > > > > deleted temp internet files from IE and cleared all my > Netscape > > > > cache. > > > > > > > > > > > > > > > > Then I rebooted and the dial-up connection is gone, but the > > > warning > > > > is > > > > > > > > that it could come back, maybe days later. I searched > Symantec's > > > > site > > > > > > > > but they don't seem to know about it. I will be forwarding > this > > > > email > > > > > to > > > > > > > > them. > > > > > > > > > > > > > > > > I didn't find a lot of info on the net regarding this, but > here > > is > > > > > what > > > > > > > > another person had to say about it: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > SECURITY ALERT FOR PERSONAL COMPUTER USERS: I just learned > today > > > of > > > > a > > > > > > > > program call "go in.exe" that will be surreptiously installed > on > > > > your > > > > > > > > computer from surfing > > > > > > > > the web, usually there will be an invisible java program on a > > > > website > > > > > of > > > > > > > > the type that collect stats on browser hits, that installs > this > > on > > > > > your > > > > > > > > harddrive. What it does is Change > > > > > > > > the Default for your dialup connection and redirect it to > their > > > > > system. > > > > > > > > Then when you dialup, instead of your common carrier for > $19.95 > > a > > > > > month > > > > > > > > or whatever you are paying > > > > > > > > for internet connection, they are using overseas long distance > > > lines > > > > > and > > > > > > > > you may then get a bill for thousands of dollars. I didn't get > > the > > > > > > > > details on how they would attempt to > > > > > > > > collect the money from you, but it would come under the > auspices > > > of > > > > > > > > "computer crime." However, the crime occurs in your area, and > my > > > > > finding > > > > > > > > so far is that local law > > > > > > > > enforcement officers as a rule do not have "the first clue!" > > > > > > > > > > > > > > > > Everyone should check their .exe files on the computer, and > take > > > > note > > > > > of > > > > > > > > any that look suspicious. You can do this by going to your > START > > > > MENU, > > > > > > > > select FIND, then type > > > > > > > > ASTERISK DOT EXE in this format *.exe and then click FIND, it > > will > > > > > LIST > > > > > > > > every program and you can then find out the nature of it by > > > > selecting > > > > > > > > FILE then PROPERTIES. Don't > > > > > > > > remove anything before you make sure that it is not an > operating > > > > > system > > > > > > > > file, or check with a computer expert, but you can temporarily > > > > disable > > > > > > > > it by changing the file to > > > > > > > > "READ ONLY." > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Gary McCartney > > > > > > > > > > > > > > > > McCartney Electronics > > > > > > > > 7134 Fife Rd, RR 7 > > > > > > > > Guelph Ontario Canada N1H 6J4 > > > > > > > > Fax: (519)821-1530 > > > > > > > > email: number63 (at) inetsonic.com > > > > > > > > > > > > > > > > ------------------------------------------ > > > > > > > > To REMOVE your email address, click here: > > > > > > > > http://www.tech-assist.org/unsubb.html > > > > > > > > To CHANGE your email address, click here: > > > > > > > > http://www.techassist.net/forms/change.html > > > > > > > > ------------------------------------------ > > > > > > > > ***NEW*** Tips Added Instantly!!!*** > > > > > > > > Submit Repair Tips here: > > > > > > > > http://www.tech-assist.org/secure/tip/ > > > > > > > > > > > > > > > > > > > > > ------------------------------------------ > > > > > > > To REMOVE your email address, click here: > > > > > > > http://www.tech-assist.org/unsubb.html > > > > > > > To CHANGE your email address, click here: > > > > > > > http://www.techassist.net/forms/change.html > > > > > > > ------------------------------------------ > > > > > > > ***NEW*** Tips Added Instantly!!!*** > > > > > > > Submit Repair Tips here: > > > > > > > http://www.tech-assist.org/secure/tip/ > > > > > > > > > > > > ------------------------------------------ > > > > > > To REMOVE your email address, click here: > > > > > > http://www.tech-assist.org/unsubb.html > > > > > > To CHANGE your email address, click here: > > > > > > http://www.techassist.net/forms/change.html > > > > > > ------------------------------------------ > > > > > > ***NEW*** Tips Added Instantly!!!*** > > > > > > Submit Repair Tips here: > > > > > > http://www.tech-assist.org/secure/tip/ > > > > > > > > > > > > > > > ------------------------------------------ > > > > > To REMOVE your email address, click here: > > > > > http://www.tech-assist.org/unsubb.html > > > > > To CHANGE your email address, click here: > > > > > http://www.techassist.net/forms/change.html > > > > > ------------------------------------------ > > > > > ***NEW*** Tips Added Instantly!!!*** > > > > > Submit Repair Tips here: > > > > > http://www.tech-assist.org/secure/tip/ > > > > > > > > ------------------------------------------ > > > > To REMOVE your email address, click here: > > > > http://www.tech-assist.org/unsubb.html > > > > To CHANGE your email address, click here: > > > > http://www.techassist.net/forms/change.html > > > > ------------------------------------------ > > > > ***NEW*** Tips Added Instantly!!!*** > > > > Submit Repair Tips here: > > > > http://www.tech-assist.org/secure/tip/ > > > > > > > > > ------------------------------------------ > > > To REMOVE your email address, click here: > > > http://www.tech-assist.org/unsubb.html > > > To CHANGE your email address, click here: > > > http://www.techassist.net/forms/change.html > > > ------------------------------------------ > > > ***NEW*** Tips Added Instantly!!!*** > > > Submit Repair Tips here: > > > http://www.tech-assist.org/secure/tip/ > > > > ------------------------------------------ > > To REMOVE your email address, click here: > > http://www.tech-assist.org/unsubb.html > > To CHANGE your email address, click here: > > http://www.techassist.net/forms/change.html > > ------------------------------------------ > > ***NEW*** Tips Added Instantly!!!*** > > Submit Repair Tips here: > > http://www.tech-assist.org/secure/tip/ > > > > > > ------------------------------------------ > To REMOVE your email address, click here: > http://www.tech-assist.org/unsubb.html > To CHANGE your email address, click here: > http://www.techassist.net/forms/change.html > ------------------------------------------ > ***NEW*** Tips Added Instantly!!!*** > Submit Repair Tips here: > http://www.tech-assist.org/secure/tip/ ------------------------------------------ To REMOVE your email address, click here: http://www.tech-assist.org/unsubb.html To CHANGE your email address, click here: http://www.techassist.net/forms/change.html ------------------------------------------ ***NEW*** Tips Added Instantly!!!*** Submit Repair Tips here: http://www.tech-assist.org/secure/tip/