AlphaOne Technology Support Forums
Welcome, Guest. Please login or register.
January 08, 2009, 05:30:03 PM

Login with username, password and session length
Search:     Advanced search
1733 Posts in 827 Topics by 5354 Members
Latest Member: 11ronsestophith
* Home Help Search Login Register
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Adware Alerts  |  Topic: Adware.BDE 0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Adware.BDE  (Read 958 times)
TJ
Tech Team
Hero Member
********
Offline Offline

Posts: 136



View Profile
Adware.BDE
« on: August 26, 2005, 10:30:53 PM »
Adware.BDE is an Adware program that can be remotely turned on. If turned on, any computer that contains Adware.BDE can become part of a network that Brilliant Digital controls.

Symptoms
The files on the system are detected as Adware.BDE.

Transmission
This adware program must be manually installed. However, there are several known programs that have Adware.BDE within them and that can install it as the application itself is installed.

technical details
File names: Not available

Adware.BDE is an adware program that displays animated advertisements. However, this adware application contains functionality so that any computer that has it installed will become part of a large network. At the time of this writing, this functionality was not enabled, although it can be remotely enabled at any time.
Also, because this functionality is not yet enabled, we do not know what it could be used for.

When Adware.BDE is installed, it does the following:

   1. Inserts several files in the %System% folder.

      Note: %System% is a variable. The adware application locates the System folder and copies itself to that location. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
   2. Creates the folders:

          * C:\BDE
          * C:\Windows\BDE
          * C:\Program Files\BDE

   3. May add the value:

      "b3dupdate"

      to the registry subkey

      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

      so that the program starts when you start Windows.

   4. May add some of the following registry subkeys:

      HKEY_CLASSES_ROOT\s3d_auto_file
      HKEY_CLASSES_ROOT\.b3dini
      HKEY_CLASSES_ROOT\b3d_auto_file
      HKEY_CLASSES_ROOT\b3dini_auto_file
      HKEY_CLASSES_ROOT\ADM25.ADM25
      HKEY_CLASSES_ROOT\ADM25.ADM25.1
      HKEY_CLASSES_ROOT\BDEPLAYER.BDEPlayerCtrl
      HKEY_CLASSES_ROOT\BDEPLAYER.BDEPlayerCtrl.1
      HKEY_ALL_USERS\Software\Brilliant Digital Entertainment
      HKEY_CLASSES_ROOT\BDESmartInstaller.BDESmartInstaller
      HKEY_CLASSES_ROOT\BDESmartInstaller.BDESmartInstaller.1
      HKEY_CLASSES_ROOT\BDESmartInstaller25.BDESmartInstaller25.1
      HKEY_CLASSES_ROOT\BDESmartInstaller25.BDESmartInstaller25
      HKEY_LOCAL_MACHINE\SOFTWARE\Brilliant Digital Entertainment
      HKEY_CLASSES_ROOT\CLSID\{51958169-D5E3-11D1-AA42-0000E842E40A}
      HKEY_CLASSES_ROOT\CLSID\{67925165-C4B6-11D2-B9C6-0000E84F59A6}
      HKEY_CLASSES_ROOT\CLSID\{1D3BCE37-7834-4579-8169-E6781420A98}
      HKEY_CLASSES_ROOT\Interface\{51958167-D5E3-11D1-AA42-0000E842E40A}
      HKEY_CLASSES_ROOT\Interface\{51958168-D5E3-11D1-AA42-0000E842E40A}
      HKEY_CLASSES_ROOT\Interface\{258a3625-183b-4477-aee2-ea54df6d878d}
      HKEY_CLASSES_ROOT\Typelib\{51958166-D5E3-11D1-AA42-0000E842E40A}
      HKEY_CLASSES_ROOT\TypeLib\{82FC7881-AACC-11D2-B9C6-0000E842E40A}
      HKEY_CLASSES_ROOT\TypeLib\{676F6D1D-C559-42A9-860B-27C1477B7179}
      HKEY_CLASSES_ROOT\Interface\{67925164-C4B6-11D2-B9C6-0000E84F59A6}
      HKEY_CLASSES_ROOT\CLSID\{3EEC42B5-FB94-40D3-A588-BB54B383A7CB}
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bdeplayer

REMOVAL INSTRUCTIONS
Uninstalling the Adware

   1. Do one of the following:
          * On the Windows 98 taskbar:
               1. Click Start > Settings > Control Panel.
               2. In the Control Panel window, double-click Add/Remove Programs.

          * On the Windows Me taskbar:
               1. Click Start > Settings > Control Panel.
               2. In the Control Panel window, double-click Add/Remove Programs.
                  If you do not see the Add/Remove Programs icon, click "...view all Control Panel options."

          * On the Windows 2000 taskbar:
            By default, Windows 2000 is set up the same as Windows 98. In that case, follow the instructions for Windows 98. Otherwise, click Start, point to Settings, point to Control Panel, and then click Add/Remove Programs.

          * On the Windows XP taskbar:
               1. Click Start > Control Panel.
               2. In the Control Panel window, double-click Add or Remove Programs.

   2. Click B3d projector.

      Note: You may need to use the scroll bar to view the whole list.
   3. Click Add/Remove, Change/Remove, or Remove (this varies with the operating system). Follow the prompts.


3. Finding and deleting files using the Windows Find or Search utility

Follow the instructions for your operating system:

    * Windows 95/98/Me/NT/2000
         1. Click Start, point to Find or Search, and then click Files or Folders.
         2. Make sure that "Look in" is set to (C:) and that "Include subfolders" is checked.
         3. In the "Named" or "Search for..." box, type, or copy and paste, the file names:

            Bdeclean.exe Bdeclean.lgc

         4. Delete the displayed files.

    * Windows XP
         1. Click Start, and then click Search.
         2. Click All files and folders.
         3. In the "All or part of the file name" box, type, or copy and paste, the file names:

            Bdeclean.exe Bdeclean.lgc

         4. Verify that "Look in" is set to "Local Hard Drives" or to (C:).
         5. Click "More advanced options."
         6. Check "Search system folders."
         7. Check "Search subfolders."
         8. Click Search.
         9. Delete the displayed files


Deleting the keys from the registry

Note: This is done to make sure that all the keys are removed. They may not be there if the uninstaller removed them.

   1. Click Start, and then click Run. (The Run dialog box appears.)
   2. Type regedit

      Then click OK. (The Registry Editor opens.)

   3. Navigate to the following keys and delete them if present:

      HKEY_CLASSES_ROOT\s3d_auto_file
      HKEY_CLASSES_ROOT\.b3dini
      HKEY_CLASSES_ROOT\b3d_auto_file
      HKEY_CLASSES_ROOT\b3dini_auto_file
      HKEY_CLASSES_ROOT\BDEPLAYER.BDEPlayerCtrl
      HKEY_CLASSES_ROOT\BDEPLAYER.BDEPlayerCtrl.1
      HKEY_ALL_USERS\Software\Brilliant Digital Entertainment
      HKEY_CLASSES_ROOT\BDESmartInstaller.BDESmartInstaller
      HKEY_CLASSES_ROOT\BDESmartInstaller.BDESmartInstaller.1
      HKEY_CLASSES_ROOT\BDESmartInstaller25.BDESmartInstaller25.1
      HKEY_CLASSES_ROOT\BDESmartInstaller25.BDESmartInstaller25
      HKEY_LOCAL_MACHINE\SOFTWARE\Brilliant Digital Entertainment
      HKEY_CLASSES_ROOT\CLSID\{51958169-D5E3-11D1-AA42-0000E842E40A}
      HKEY_CLASSES_ROOT\CLSID\{67925165-C4B6-11D2-B9C6-0000E84F59A6}
      HKEY_CLASSES_ROOT\Interface\{51958167-D5E3-11D1-AA42-0000E842E40A}
      HKEY_CLASSES_ROOT\Interface\{51958168-D5E3-11D1-AA42-0000E842E40A}
      HKEY_CLASSES_ROOT\Typelib\{51958166-D5E3-11D1-AA42-0000E842E40A}
      HKEY_CLASSES_ROOT\TypeLib\{82FC7881-AACC-11D2-B9C6-0000E842E40A}
      HKEY_CLASSES_ROOT\Interface\{67925164-C4B6-11D2-B9C6-0000E84F59A6}
      HKEY_CLASSES_ROOT\CLSID\{3EEC42B5-FB94-40D3-A588-BB54B383A7CB}
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bdeplayer

   4. Exit the Registry Editor.
Logged
Pages: [1] Go Up Print 
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Adware Alerts  |  Topic: Adware.BDE « previous next »
Jump to:  

Powered by MySQL Powered by PHP AlphaOne Technology Support Forums | Powered by SMF 1.0.7.
© 2001-2005, Lewis Media. All Rights Reserved. 		Valid XHTML 1.0! Valid CSS!