I'm not sure if it's xunlei (thunder5) or not.

but AVG has detected this psw.onlinegame trojan everytime the xunlei pop up ads comes up.

You know when you left xunlei to run on its own over night and it pops up some ads? Thats when AVG detected the trojan.

the trojan also drops various .exe and .dll file with random names into my system folder, Temporary internet file folder and temp folder.

whenever I clean them all with AVG in safe mode, it'll disable my internet connection, something about the trojan corrupted my winsocks even after it's deleted.

so I had to use winsocks fix to fix it. (not a big problem)

but after I've clean my system for a few days, AVG detected the trojan again, everytime when I'm running xunlei overnight, and it pops up some ads sponsored by xunlei.

so am I getting "re-infected" by xunlei after I removed the trojan or is the trojan hidden somehow and takes a few days to re-infect my system?

I really dont want to remove xunlei, it's the only bittorrent client that can bypass streamyx throttling.

R u using MS Internet Explorer?
If so, please stop using it, the IE will trigger the xunlei event every time u start using it.
Yet Please do turn off system restore before you start scanning and cleaning the drive.
Do use Spy bot S&D resident shield to protect your registry from being changed.
Do NOT ever or never to click on any ads popup by xunlei, i being infected before due to itchy hand and click on the ads, the virus spread so fast i have to uninstall the xunlei in safe mode and do all the cleaning in save mode. re-install back the xunlei to continue to use it.

Do correct me if i'm wrong.

it do not bypass screwmyx throttle

please remove xunlei and try other client

so I have to uninstall IE 6?

and the pop up ads will die?

I never click on the ads. It just pops up overnight after I left xunlei running.

I saw the AVG virus warning in the morning, together with the pop up ads.

so after you did what you said, it did not re-infect your system or pop up any xunlei ads anymore?

No need to uninstall IE, juz dun use it, cauze xunlei hav some plugin in IE that will cause chaos, start using other explorer such as FireFox or Opera, unless u disable all the plugin and ActiveX control wich is the most headache part of IE.



-----------Added----------
You can get some info from here

This post has been edited by penguin_ex: Oct 17 2007, 10:05 AM

Weird, my friend's using it, with Avira on the system, and it didn't rang a bell. Maybe a FP?

this coming from a person who frequently use the "format your computer", "it's a virus" and "must be a virus" for every single post in technical section.

thanks but no thanks, excuse me for not trusting you.

be advised that the MOD are watching you, stop the idiocy.

Imo, not offending but I changed from xunlei to utorrent.

Reason?
-Much more stable than xunlei.
-Less memory consumption.
-No Ads on utorrent of course.

I like xunlei too, but because of it, I need to reformat my computer each time because of xunlei bringing some "good" trojan to my computer.

LN,

http://www.castlecops.com/tk32082-IEobj_Class.html

http://www.castlecops.com/tk32264-Thunder_...ser_Helper.html

The other CLSIDs are fine, you might want to check that out.

so is xunlei "really" infecting my system with trojan/virus from their ads partner?

how come I havent heard about it from other xunlei users? Surely I'm not the first one right?

it will be very good if mod really looking on what I said
and also yours

and I really recommend you to use other bt client because Xunlei have many ads... and as I said, it DO NOT bypass the throttle

I never trusted xunlei....

Honestly, my friends are using it without much hassle. From what I'd heard here there are users who got infected, perhaps a modded installer?

Anyway. Do check out the links, remove them if any, and see that if problem still persists.

*Anything bought by google shouldn't create much problems lawl*

ʍʇq ıǝlunx ɟo %ʎʇxıs zuʍo ǝlƃooƃ

use firewall to block it...it may help

i've been using xunlei for a few months now and i never got any trojan,virus or whatsoever from it. am downloading heroes at 140 kbps.

I have a feeling it's not xunlei's fault.

but I am running out of idea as to where I got this trojan from.

How to completely remove it?

where is it hiding?

google turns up with little to no info of this.

btw, there's an IEXPLORE.EXE running as a "system" process in my task manager, right after I start up my computer, I have not opened any IE windows.

This happened right after I got the AVG warning, not before.

is this one of the trojan or something else?

Hmm...
I am using xunlei also... The speeds are good...
So far no problem for me...
Maybe you got the trojan from a file that your downloading??
I am not really sure though...
How bout changing to the no ad version of xunlei

use xunlei without ads hahahha ... i hate those china ads. those stupid stuff sometimes infect my pc.

Perhaps the one that's triggering AVG was 'something' in your IE not xunlei.

I've mentioned in previous post that the event is trigger by IE where it start when you startup the IE ni the post below>>

and eXPeri3nc3 hav the link to the information on post #9 and the link to the psw.trojan information in symantec has been put in my previous post also ^