TonyKlein
join:2001-07-02
Netherlands
3 edits | reply to Smokey Bear
Re: Intelinet Internet Security: what the heck is it?
Virustotal results for the setup file:
»www.virustotal.com/analisis/6a8a···05bf3883
And apparently MBAM detects it:
quote:
Malwarebytes' Anti-Malware 1.30
Database version: 1427
Windows 5.1.2600 Service Pack 3
11/26/2008 7:08:44 PM
mbam-log-2008-11-26 (19-08-44).txt
Scan type: Full Scan (C:\|)
Objects scanned: 260311
Time elapsed: 2 hour(s), 9 minute(s), 4 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 5
Files Infected: 58
Memory Processes Infected:
C:\Program Files\Intelinet\intelin2.exe (Rogue.Intelinet) -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\intelinetsecure (Rogue.Intelinet) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\intelinetsecure (Rogue.Intelinet) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelinetsecure (Rogue.Intelinet) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Intelinet_is1 (Rogue.Intelinet) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Intelinet (Rogue.Intelinet) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\intelinet (Rogue.Intelinet) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\Intelinet (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Backup (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Database (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Intelinet (Rogue.Intelinet) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\Intelinet\intelin2.exe (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Intelinet.exe (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP908\A0320160.exe (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP908\A0320167.exe (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\BCKManager.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\CheckRegistry.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\hashes.md5 (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\ListLogs.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\ManageRegistry.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\MFC71.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\msvcp71.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\msvcr71.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\SpywareGuard.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Spywarehandler.dll (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\unins000.dat (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\unins000.exe (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Backup\{093A90A7-B13F-4313-A6F5-AE6C90814FEF}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Backup\{237264C1-9B03-479E-98C3-EBFB5B636587}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Backup\{2699C183-858F-45CC-9754-DFCE7365088C}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Backup\{4F30ACE4-B904-4B12-9F65-105EDCD0FA20}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Backup\{57D3E3AA-E29E-46CF-9788-C12D63E67C03}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Backup\{82FE6BCB-CD7C-4A2A-985E-B8E253F9B06D}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Backup\{9816C857-C27B-4FD6-A2BD-CDD8A9A5FDD8}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Backup\{A0479FED-59B7-49B3-B546-6512070066AF}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Backup\{AB25CEBE-D765-49D7-9D88-91A3A0F14AFB}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Backup\{E277414C-FE4F-456F-B7BE-274FA729F7FC}.rbk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Database\Immunizer.db (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Database\Spyware.db (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_10_29.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_10_30.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_10_31.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_01.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_02.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_04.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_05.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_06.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_07.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_08.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_09.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_10.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_11.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_12.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_13.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_14.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_15.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_17.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_18.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_19.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_20.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_21.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_23.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_24.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_25.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Program Files\Intelinet\Logs\2008_11_26.log (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Intelinet\Intelinet.lnk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Intelinet\Uninstall Intelinet.lnk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Documents and Settings\****\Desktop\Intelinet.lnk (Rogue.Intelinet) -> Quarantined and deleted successfully.
C:\Documents and Settings\****\Application Data\Microsoft\Internet Explorer\Quick Launch\Intelinet.lnk (Rogue.Intelinet) -> Quarantined and deleted successfully.
|
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
| Well Tony, thanks for the follow up! When anybody had doubts about my "kind" words concerning the crap we are talking about all the time they should be convinced at least now.... 
--
Smokey's Security Forums »www.smokey-services.eu/forum/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals |
|
TonyKlein
join:2001-07-02
Netherlands
| said by Smokey Bear  :Well Tony, thanks for the follow up! When anybody had doubts about my "kind" words concerning the crap we are talking about all the time they should be convinced at least now.... np, you're very welcome, Smokey 
In the light of those findings I don't think there's any need to investigate further... |
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
| said by TonyKlein :In the light of those findings I don't think there's any need to investigate further... My inquiry about "Intelinet Internet Security" was a satisfying experience, my gratitude to all contributors.
In accordance with all findings I have changed thread title. 
--
Smokey's Security Forums »www.smokey-services.eu/forum/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals |
|
Rampage
@sbcglobal.net
| reply to Smokey Bear
Re: Intelinet Internet Security: definitive malware
I'm glad I came across this site...I fell for Intelinet & downloaded the program on to my computer...soon after I started experiencing plenty of issues. Whether I was infected prior to the download or not is hard to tell but I've since allowed Malwarebytes to remove it from my computer. Thanks to all its been a learning experience. |
|
TonyKlein
join:2001-07-02
Netherlands
1 edit | reply to Smokey Bear
CNET is still branding it 'spyware free'...
»www.download.com/Intelinet-Spywa···927.html |
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
| said by TonyKlein :CNET is still branding it 'spyware free'... Don't sound good, many people rely on downloadsites like CNET... |
|
Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
 ·AT&T U-Verse
1 edit | reply to TonyKlein
What really gets me about this is the number of positive reviews (3 or more stars) given for this POS crapware. I think shills for the company have been trying to manipulate CNET's rating for this program by submitting bogus positive reviews.
And I wouldn't doubt that before too long, they will show up in this topic to try and defend this rogue as being legitimate security software.
Don't believe the positive comments given on Download.com for this program. They all seem to be lies spread by Intelinet shills.
Edit: after reading Smokey Bear 's latest post below mine, it seems download.com can no longer be trusted as a source of inbiased information on files that they have available, or even as a download site, period. I may still use them for well known, popular files that are known to be clean, but anything unknown can no longer be trusted.
--
"The trouble with computers, of course, is that they are very sophisticated idiots." - Doctor Who (from Robot)
|
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
| reply to TonyKlein
I am done with CNET, Intelinet download still available on download.com: now I have blogged about the issue. Hope CNET will understand the message, however it was loud, clear and straight so there can be no reason for confusion or "we didn't know".
--
Smokey's Security Forums »www.smokey-services.eu/forum/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals |
|
Roger57
| reply to Smokey Bear
Yes, this Intelinet is malware of some sort. I downloaded the 'free test', & now, I cannot get rid of this software from my computer. Every time I boot up the computer, this Intelinet software window appears, telling me to register now. There are all the function buttons, but no uninstall button. When I mailed them on their helpsite, there was a reply to my inbox that they would reply within 24 hours, yet they have never replied about how to uninstall it. Stay away from downloading this software. |
|
Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
·AT&T U-Verse
| reply to Smokey Bear
I have a subscription with a premium NZB site called Newzbin (which indexes content posted to binary Usenet newsgroups), and happened to see this listed on one page of the software section.
I posted a comment warning users not to download it, and also linked back to this topic.
--
"The trouble with computers, of course, is that they are very sophisticated idiots." - Doctor Who (from Robot)
|
|
Rod57
| reply to TonyKlein
Re: Intelinet Internet Security: what the heck is it?
Thanks for the info Tony, I used Malwarebytes to finally clean my computer of this awful Intelinet software. Your comments are much appreciated. Thanks to Malwarebytes too. |
|
InteliScam
@cox.net
| reply to Smokey Bear
Re: Intelinet Internet Security: definitive malware
I became suspicious of Intelinet when all references of it were removed from Cnet and there were no other mention of the program among top review sites.
Thank you for your research it just confirmed my suspicions, how can a #1 program be so uknown.
Andrew |
|
