Ask Leo! by Leo A. Notenboom

What's 'BullsEye Network'?

Search First! Then browse: Categories | Full Archive | By Date | Newsletter

Home » Viruses and Malware

Comments

All Comments on: What's 'BullsEye Network'?

Read the article that everyone's commenting on.
RSS feed Subscribe to the RSS Feed for comments on this article.

Comment Page:  1  |  2  |  3  |  4  |  5  |  6  |  7  |  8 

thank you for the helpful comments. i downloaded and installed ms anti-spyware beta. it removed 25 different spyware threats that were making it impossible for me to get any work done. it's like having a new computer. thanks again.

Posted by: lorna at March 26, 2005 10:02 AM

Thanks for explaining to me what Bulls eye is, i would have left it there forever not knowing what it was if it wasnt for this website. The adverts were coming up all the time and i really wasnt sure why! there is prob alot more on here which i havent gotta clue about.

Posted by: Yazz at March 31, 2005 9:41 AM

The company or the perpertraters that makes Bullseye Network and Bargainbuddy components is eXact Advertising. Bargainbuddy updates the software from a server to make matters worse. I used Ms Antispyware beta and it worked

Posted by: Chris K at March 31, 2005 2:24 PM

I removed the "eXact Advertising"/Bullseye crap in the most convoluted way. It appears to create at least three executables in three locations, each of which is capable of creating and monitoring the other two. So if you delete one, one of the other two will recreate it before you can delete the other two. That's how it stays alive no matter what you do (I think).

On my system, the three files I deleted were:

C:\windows\nail.exe
C:\windows\system32\vpllmm.exe
C:\Documents and Settings/All Users/Desktop/Start Menu/nkcc.exe

I used Hijack This's "Delete on Reboot" feature to enter all three filenames before rebooting, and did the whole process twice in a row. Don't worry that you can't "see" the filenames in the directory listing. They're still there. I didn't even bother with "fix" and "kill process" in HJT, since you can't do it fast enough (and they are hidden, read-only anyway). Delete-on-Reboot waits until the system is almost shut down, when the programs are released from memory, and then deletes all of them. It worked perfectly. Can't guarantee that's the real fix, or that it will work for you, but it gave me back my computer after a week of these bastards having it under seige so I couldn't use it.

More important, I traced the only downloader URL in my registry to the source. This appears to be associated with the eXact Advertising bullshit everyone is suffering from, although I can't guarantee it. What I can say is that these lowlifes at eXact have hidden their domain registration by proxy, so you can't find their address, phone #, etc. The IP address in my registry, however, traced back to another company that has a long history for hijacking systems and invading privacy, in my experience at least:

Search results for: 207.188.7.150

OrgName: RealNetworks, Inc.
OrgID: REAL
Address: 2601 Elliott Ave
City: Seattle
StateProv: WA
PostalCode: 98121
Country: US

NetRange: 207.188.0.0 - 207.188.31.255
CIDR: 207.188.0.0/19
NetName: PROGNET-REAL
NetHandle: NET-207-188-0-0-1
Parent: NET-207-0-0-0-0
NetType: Direct Allocation
NameServer: BENNY.PROGNET.COM
NameServer: RUGBUG.PROGNET.COM
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 1999-02-22
Updated: 2001-06-20

TechHandle: IR57-ARIN
TechName: RealNetworks, Inc.
TechPhone: +1-206-892-6737
TechEmail: net-admin@real.com

# ARIN WHOIS database, last updated 2005-04-27 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

If anyone can confirm that RealNetworks is really behind "eXact Advertising", I'm sure several million victims would just love to send them thank you notes. Gurus, please check it out and let us know what you find.

Regardless of who is cowering behind the curtain at "eXact Advertising", I highly recommend that you visit the Federal Trade Commission website at www.ftc.gov and file a formal complaint, with as much info about the company/products name as possible (www.exactadvertising.com for starters). Also, I recommend that you do this EVERY time you get a popup or other trouble from this garbage no one ever asked for. An eye for an eye.

Posted by: Bugged at April 28, 2005 12:24 AM

Well, here's their contact ASP if it's any help:
http://www.bullseye-network.com/contact.asp

Posted by: eggsmatter at May 5, 2005 3:40 PM

BargainBuddy downloads updates through connections to adp.Ikena.com to update the software and display its crap popups!!

Posted by: Chris at May 19, 2005 4:10 PM

I'll second MS Antispyware Beta. I've tried 'em all, and it works the best for me. It found some of the more agressive malware programs which AdAware missed.

Posted by: Eric Scheie at May 25, 2005 9:37 AM

i had bullseye an gator on my pc i downloaded spysweeper and it killed it best adware remover i ever had an i tried just about all of them

Posted by: badge at June 13, 2005 8:45 PM

i forgot to add unknown.startup.999 spysweeper got rid of all adware on my computa and found a trojan that avast and avg didnt find so i deleted avast avg and ad aware and only use spysweeper now best my pc has ever been

Posted by: badge at June 13, 2005 9:20 PM

I lucked out last night. I have Norton AntiVirus 2005; that, with Spybot and AdAware, got rid of ALL the files, or at least enough not to effect my computer's operation. I'll run HijackThis later.

The stupid thing is I wasn't loading software in my computer when I got it; all I remember is clicking on some pic while I was using a Google image find and--CRASH--my computer is suddenly loaded with this garbage and I'm playing pop up whack-a-mole while trying to shut all the programs down. It loaded up:

- 180SerachAssistant.com
- CashBack Buddy (some cute dog icon kept turning itself on five seconds after I turned it off. Why do they want me to hate dogs?)
- NaviSerach
- The BullsEye Network (I got my own name for this one)
- WeirdOnTheWeb (for irony, I guess)

Thanks for the name of the slimebags that put this crap out. eXact Advertising, according to a job post on CareerBuilder (is this a way to look legit?), is "a leading contextual marketing solutions provider"--yyyyeah! And they have a web site, too, http://www.exactadvertising.com/, that I was reluctant to go on because I was afraid they'd load that crap on again while I'm there (it didn't, but I scanned my computer, anyway).

They're based in NYC and have an office in SanFran. Here's their NYC snail addy and phone (it's the legal dep't):

Legal Department
EXACT
C/o eXact Advertising, LLC
PMB 2392
101 W. 23rd Street
New York, NY 10011
Fax: 646.223.1206
e-mail: privacy@exactadvertising.com

The CEO is Will Margiloff, who I'd like to meet one day, scoop out the contents of his butt and shove it down his throat, figuratively.

This article lists the advertisers supporting these jerks:
http://www.benedelman.org/spyware/exact-advertisers/

Posted by: mewster at June 23, 2005 8:12 AM
Comment Page:  1  |  2  |  3  |  4  |  5  |  6  |  7  |  8 
Read the article that everyone's commenting on.
RSS feed Subscribe to the RSS Feed for comments on this article.
Post a Comment

To post a comment on "What's 'BullsEye Network'?", please return to that article's main page.

Question? Ask Leo!

http://ask-leo.com/comments_002173.php
Copyright © 2003-2009 Puget Sound Software, LLC and Leo A. Notenboom

Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure