getting popups from http://www.intelliton.com/ **reward for fixing**

Discussion in 'OT Technology' started by 6516969, Jun 12, 2006.

  1. 6516969

    6516969 no av no care BAAAA

    Joined:
    Jan 14, 2004
    Messages:
    4,586
    Likes Received:
    0
    hijack this has failed me, google has very little on it, just people like me that have done everything to get rid of this. I have spyware thats the equivalent to SUPER AIDS.


    already done all of this:

    http://forums.techguy.org/security/4...on-popups.html

    this guy is in the same boat with me, done everything and no resolution, I'm telling you, we are the unlucky guinea pigs of a new trojan or spyware.

    if anyone can help I would give a invite to oink & bitmetv.
     
  2. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    perhaps you need to use those fileshares a little less and you'll avoid these problems?
     
  3. 6516969

    6516969 no av no care BAAAA

    Joined:
    Jan 14, 2004
    Messages:
    4,586
    Likes Received:
    0
    :ugh: what are you talking about?

    I use ng's and private torrent sites exclusively
     
  4. 6516969

    6516969 no av no care BAAAA

    Joined:
    Jan 14, 2004
    Messages:
    4,586
    Likes Received:
    0
    yea thanks......
     
  5. samm

    samm Next in Line

    Joined:
    Dec 22, 2000
    Messages:
    2,630
    Likes Received:
    0
    Location:
    San Jose, CA
  6. 6516969

    6516969 no av no care BAAAA

    Joined:
    Jan 14, 2004
    Messages:
    4,586
    Likes Received:
    0
    tried that over a year ago, couldntt get it to work with my usb nic


    nice try
     
  7. RyanL

    RyanL OT Supporter

    Joined:
    Nov 30, 2004
    Messages:
    4,584
    Likes Received:
    0
    Location:
    St. Paul, MN
    done adaware and spyboy s&d?
     
  8. RyanL

    RyanL OT Supporter

    Joined:
    Nov 30, 2004
    Messages:
    4,584
    Likes Received:
    0
    Location:
    St. Paul, MN
    are these popups when you are browsing the web or are they at any time (like you come back after not using your computer with nothing open when you left and there are pop ups)?
     
  9. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    Have you managed to isolate the name of the process that's spawning the popups?
     
  10. 6516969

    6516969 no av no care BAAAA

    Joined:
    Jan 14, 2004
    Messages:
    4,586
    Likes Received:
    0
    no they come and go, mostly when browsing
     
  11. 6516969

    6516969 no av no care BAAAA

    Joined:
    Jan 14, 2004
    Messages:
    4,586
    Likes Received:
    0
    no hijack this is clean, along with spybot S&D adaware and M$ anti spyware

    all done in safe mode along with current AV's, scanned with AVG, avast, nod32 and housecall's online scanner, again all in safe mode, all fully updated

    I'm not a noob to this shit, I'm the one everyone calls when they have computer problems, but I'll be damed if I can't find out what the problem is

    if you look at the link I provided, that guy is in the same boat, pretty sure this is some kind of brand new trojan or spyware

    lucky me (and him) I guess....
     
  12. RyanL

    RyanL OT Supporter

    Joined:
    Nov 30, 2004
    Messages:
    4,584
    Likes Received:
    0
    Location:
    St. Paul, MN
    have you tried ditching IE for firefox/opera?

    unless you already have :noes:
     
    Last edited: Jun 12, 2006
  13. 6516969

    6516969 no av no care BAAAA

    Joined:
    Jan 14, 2004
    Messages:
    4,586
    Likes Received:
    0
    dude

    I only use firefox, sometimes I have to use myie2 but FF is default


    the pop up's are in ie, IIRC you really can't get rid of IE

    I blocked it in host files, so now its just a blank page, I would hate to reinstall over some bull shit like this
     
  14. DAN513

    DAN513 OT Supporter

    Joined:
    Mar 10, 2003
    Messages:
    10,089
    Likes Received:
    2
    Location:
    204
    have you checked to see in the IE addons (this is assuming you have SP2). There should be a dll or something listed in addons that you can disable.
     
  15. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    Try installing the IE7 beta and wiping the add-on list before actually opening the browser. There's a chance it could help to have a new version of the program override the older one.
     
  16. Doc Brown

    Doc Brown Don't make me make you my hobby

    Joined:
    Mar 31, 2006
    Messages:
    16,404
    Likes Received:
    0
    Location:
    Ohio
    Have you scanned for rootkits yet?

    If not, try Sysinternals rootkit revealer.
    It's almost all the way down at the bottom of the page.

    http://www.sysinternals.com/Utilities/RootkitRevealer.html


    If you have a rootkit on your computer, you could have
    a multitude of malware items hidden on your computer.



    .
     
    Last edited: Jun 13, 2006
  17. JaJae

    JaJae New Member

    Joined:
    Mar 22, 2004
    Messages:
    5,987
    Likes Received:
    0
    1. Format your computer
    2. Install decent firewall
    3. Install decent antivirus
    4. Install anti-spyware
    5. Keep all said programs updated
    6. Stop downloading and installing illegitimate files

    7. Send me my reward for showing you how not to be a dumbass.
     
  18. Ebtromba

    Ebtromba Active Member

    Joined:
    Nov 22, 2005
    Messages:
    6,050
    Likes Received:
    0
    Location:
    alexandria, VA
  19. Doc Brown

    Doc Brown Don't make me make you my hobby

    Joined:
    Mar 31, 2006
    Messages:
    16,404
    Likes Received:
    0
    Location:
    Ohio
    I personally would never do a format and fresh install
    without knowing what the cause was.
    It could very well be a program that he downloaded,
    like a smilie program or something that piggy backed a
    bunch of junk with it.
    In this case, deleting the program could get rid of the bugs.
    A couple of months ago, I cleaned an infected computer for a friend.
    One of his kids had downloaded several popular "free" programs.
    One of them added a rootkit.
    The site had a rootkit remover and once I deleted the rootkit,
    I was able to clear out the rest of the crap.
    This was a couple of months ago, and his computer is still running fine.
     
  20. 6516969

    6516969 no av no care BAAAA

    Joined:
    Jan 14, 2004
    Messages:
    4,586
    Likes Received:
    0
    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg 2/17/2006 11:50 PM 0 bytes Access is denied.
    C:\Documents and Settings\pos\Local Settings\Temporary Internet Files\Content.IE5\6DGVCHWT\servicexml[1].xml 6/13/2006 6:42 AM 1.52 KB Hidden from Windows API.
    C:\Documents and Settings\pos\Local Settings\Temporary Internet Files\Content.IE5\BB53F5OW\allservices[1].xml 6/11/2006 3:52 PM 5.78 KB Visible in Windows API, but not in MFT or directory index.
    C:\Documents and Settings\pos\Local Settings\Temporary Internet Files\Content.IE5\CZUVYTQT\allservices[1].xml 6/13/2006 6:42 AM 5.78 KB Hidden from Windows API.
    C:\Documents and Settings\pos\Local Settings\Temporary Internet Files\Content.IE5\WJ9BAYBD\servicexml[1].xml 6/11/2006 3:52 PM 1.52 KB Visible in Windows API, but not in MFT or directory index.
     
  21. Doc Brown

    Doc Brown Don't make me make you my hobby

    Joined:
    Mar 31, 2006
    Messages:
    16,404
    Likes Received:
    0
    Location:
    Ohio

    That looks a little suspicious. Do you know your windows services?
    Would you recognize something that doesn't belong there?
    Type services.msc into the run menu and try to see if something in there doesn't look right. Rootkits can add a service to that list.

    Also, check your running processes in task manager for something
    that doesn't belong there.
    Shut it off. If it pops right back up, that will tell you something.

    And check your program list. See anything in there that you don't remember installing? If so, google it with the word spyware at the end of it.
    If it's malware, you'll get a lot of hits telling you so.

    In your services, the malware will try to add a windows sounding name to the list.

    In the processes, you may just have to google anything you don't recognize.

    In the program list, they like to use happy friendly names.

    Be suspicious of anything you don't recognize!
     
  22. Doc Brown

    Doc Brown Don't make me make you my hobby

    Joined:
    Mar 31, 2006
    Messages:
    16,404
    Likes Received:
    0
    Location:
    Ohio
    Oh yeah, I almost forgot.
    You ran scans for spyware, adware, viruses, correct?

    Did you make sure you had hidden files and folders showing?
    Did you turn off system restore?

    If not, you need to do all those things before proceeding any further.

    Once your system is clean, you can set a new restore point.
     

Share This Page