[TechAssist] Re: security problems today
- From: "Tel-Tek Electronics" <teltek2@xxxxxxxxxxxx>
- To: <techassist@xxxxxxxxxxxxx>
- Date: Sun, 27 Oct 2002 13:22:50 -0500
Gary....I know how you feel, I just went thru 3 days getting my system
staightened out.
Do search for brasil.exe..on your system.also known by other names, but
that's a bad one.
-Ed-
Tel-Tek Electronic.
Ontario-Canada
teltek2@xxxxxxxxxxxx
----- Original Message -----
From: "Gary McCartney" <number63@xxxxxxxxxxxxx>
To: <techassist@xxxxxxxxxxxxx>
Sent: Saturday, October 26, 2002 11:16 PM
Subject: [TechAssist] security problems today
>
> I've had a busy day keeping my computer safe.
>
> First, I received several klez32 vir. and Norton AV 2002 picked them all
> up no problem, except after quaranteening it one time, my inbox froze
> (Netscape 4.79). I restarted Netscape and it wouldn't allow me to access
> my inbox at all. Then I scanned my whole system for vir.
> but Norton found nothing. I was lucky in finding what was causing the
> problem. After pressing "Control/Alt/Delete" to go into the Win 2000
> task manager, in the processes tab, Netscape was shown as still running
> even though I had closed it down. I clicked on the line and closed
> Netscape from there, then I could get my mail again. What a relief.
>
> Second, I noticed an ICON on my desktop that didn't belong there. It
> said, "GO IN.EXE"
> I did not click on it, fearing an uninvited guest placed it there. I did
> a search on Google and found out that it was an uninvited dial-up
> connection installed in Dial-up Networking. If I would have clicked on
> the icon, I think it would have dialed up an overseas 1-900 number and
> I'd been charged hundreds of bucks for the call.
>
> I deleted everything from my files relating to "go in.exe" plus I
> scanned my registry for any keys, plus I did a Norton Win Doctor on my
> hard drive. This removes obsolete or bad keys from your registry. Then I
> deleted temp internet files from IE and cleared all my Netscape cache.
>
> Then I rebooted and the dial-up connection is gone, but the warning is
> that it could come back, maybe days later. I searched Symantec's site
> but they don't seem to know about it. I will be forwarding this email to
> them.
>
> I didn't find a lot of info on the net regarding this, but here is what
> another person had to say about it:
>
>
>
>
>
> SECURITY ALERT FOR PERSONAL COMPUTER USERS: I just learned today of a
> program call "go in.exe" that will be surreptiously installed on your
> computer from surfing
> the web, usually there will be an invisible java program on a website of
> the type that collect stats on browser hits, that installs this on your
> harddrive. What it does is Change
> the Default for your dialup connection and redirect it to their system.
> Then when you dialup, instead of your common carrier for $19.95 a month
> or whatever you are paying
> for internet connection, they are using overseas long distance lines and
> you may then get a bill for thousands of dollars. I didn't get the
> details on how they would attempt to
> collect the money from you, but it would come under the auspices of
> "computer crime." However, the crime occurs in your area, and my finding
> so far is that local law
> enforcement officers as a rule do not have "the first clue!"
>
> Everyone should check their .exe files on the computer, and take note of
> any that look suspicious. You can do this by going to your START MENU,
> select FIND, then type
> ASTERISK DOT EXE in this format *.exe and then click FIND, it will LIST
> every program and you can then find out the nature of it by selecting
> FILE then PROPERTIES. Don't
> remove anything before you make sure that it is not an operating system
> file, or check with a computer expert, but you can temporarily disable
> it by changing the file to
> "READ ONLY."
>
>
>
> --
>
>
>
> Gary McCartney
>
> McCartney Electronics
> 7134 Fife Rd, RR 7
> Guelph Ontario Canada N1H 6J4
> Fax: (519)821-1530
> email: number63 (at) inetsonic.com
>
> ------------------------------------------
> To REMOVE your email address, click here:
> http://www.tech-assist.org/unsubb.html
> To CHANGE your email address, click here:
> http://www.techassist.net/forms/change.html
> ------------------------------------------
> ***NEW*** Tips Added Instantly!!!***
> Submit Repair Tips here:
> http://www.tech-assist.org/secure/tip/
------------------------------------------
To REMOVE your email address, click here:
http://www.tech-assist.org/unsubb.html
To CHANGE your email address, click here:
http://www.techassist.net/forms/change.html
------------------------------------------
***NEW*** Tips Added Instantly!!!***
Submit Repair Tips here:
http://www.tech-assist.org/secure/tip/
Other related posts:
