Not so lite?

[Peerzy]

Well thanks to eXeem Lite iv got shitloads of files and folders i cannot delete now and they look fucky. I ran hijack this and here are the results.

The folders are called:
Temp
AdStatus Service
BullsEye Network

And a few others. Anything wierd in this:

Logfile of HijackThis v1.99.0
Scan saved at 17:58:43, on 23/01/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\GEARSec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\WINDOWS\System32\vmnat.exe
C:\Program Files\Common Files\stardock\TrayServer.exe
C:\Program Files\Common Files\stardock\TrayServer.exe
C:\WINDOWS\System32\vmnetdhcp.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\AdStatus Service\AdStatServ.exe
C:\temp\salm.exe
C:\Program Files\AdStatus Service\AdStatKeep.exe
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MemTurbo30\MemTurbo.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\SiX-Steam\Steam\Steam.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\James\LOCALS~1\Temp\Rar$EX00.797\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://conditions.netfirms.com/mob/lan
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] "C:\Program Files\Common Files\stardock\TrayServer.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [AdStatus Service] C:\Program Files\AdStatus Service\AdStatServ.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [pqf] C:\WINDOWS\pqf.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [SAHBundle] C:\DOCUME~1\James\LOCALS~1\Temp\bundle.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: MemTurbo.lnk = C:\Program Files\MemTurbo30\MemTurbo.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Do.../bridge-c2.cab
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: VMware Authorization Service - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service - VMware, Inc. - C:\WINDOWS\System32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\System32\vmnat.exe
O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe

[{I}{K}{E}]

run ad aware. if its not possible to delete those files. check your startup files. disable the onces that look strange, reboot and delete the folders. run ad aware again

[peat moss]

Run a good spyware program . AdStatus Service is malware , bargain buddy I think ,and BullsEye Network is a p2p network ? But malware can be called any name . I see you have Spybot running , its not picking it up?





Edit: Spelling

[harrycary]

While I can't give you any real answers to your HijackThis log, I've got to say that eXeem(et al) is a waste of time.

What I mean is, while they are bittorrent clients you aren't very anonymous. Relatively speaking that is.

As I understand it so far, eXeem is not fully decentralized which to me sounds like it's set up with the ability to monitor traffic(and possibly other things to).

That's the inherent asset of the bittorrent method of P2P file sharing.
No centralized servers.

Anyways, sorry if I can't answer your question but the facts about eXeem that
I've read about kinda keeps me from even trying it. I'm happy using The ABC bittorrent client and IRC when needed.

good luck.

[Peerzy]

I was just testing eXeem.


@IKE - Ad Aware crashes and my whole pc freezes (meaning i have to reboot) when i gets to the Bargin.exe file.

[peat moss]

There's some info on Symantecs site .

http://securityresponse.symantec.com...gainbuddy.html

[{I}{K}{E}]

I was just testing eXeem.


@IKE - Ad Aware crashes and my whole pc freezes (meaning i have to reboot) when i gets to the Bargin.exe file.

is that file still running in the background? what if you disable it?

[peat moss]

is that file still running in the background? what if you disable it?

Can you unistall in add/remove ? Or disable it thru windows task manager? Then run adaware .

[muchspl2]

https://filesharingtalk.com/vb3/t89552-.html

[peat moss]

https://filesharingtalk.com/vb3/t89552-.html

You had to get that in . Shows even us senior members, don't read the guides . A very good one at that.