Endpoint Protection

 View Only
Expand all | Collapse all
  • 1.  bdaremote

    Posted Apr 06, 2010 03:44 PM
    Does anyone know how to uninstall bdaremote?  Recently I noticed that my computer shows an icon in the lower right hand part of the system tray for BDARemote....I can't find aything on the web about it except that it is part of the ATI software or has something to do with watching live tv on the computer.  I do not watch tv on this computer nor am I interested in doing so.  There is no program associated with this icon in the add/remove program files list on my computer, either.  Is this some kind of spyware?  any suggestions?  Thanks


  • 2.  RE: bdaremote

    Posted Apr 06, 2010 03:50 PM
    It may be a malware.Some malware camouflage themselves as BDARemote.exe, particularly if they are located in c:\windows or c:\windows\system32 folder. Thus check the BDARemote.exe process on your pc whether it is pest.

    Run a full scan on the machine in the safe mode

    and submit  the suspected exe to symantec

    https://submit.symantec.com/websubmit/gold.cgi


  • 3.  RE: bdaremote

    Posted Apr 06, 2010 03:54 PM

    In case you do not have a valid Contract ID, you can submit the file to ThreatExpert for analysis.

    http://www.threatexpert.com/submit.aspx


  • 4.  RE: bdaremote

    Posted Apr 08, 2010 06:55 PM
    How do I run a scan in safe mode?

    How do I check the BDARemote.exe process on my pc to see whether it is a  pest or not?

    We are not a gold member so I cannot upload anything...  :(

    thanks


  • 5.  RE: bdaremote

    Posted Apr 08, 2010 11:54 PM
    Make sure you have the latest Rapid Release definitions.

    http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=rr

    To use a Safe Boot option, follow these steps:
    1. Restart your computer and start pressing the F8 key on your keyboard.
    2. When the Boot menu appears again, and the words "Safe Mode" appear in blue at the bottom, select the installation that you want to start, and then press ENTER.
    3. Run a full system scan to see if this gets detected as a threat.




  • 6.  RE: bdaremote
    Best Answer

    Posted Apr 09, 2010 04:44 PM
    you can also analyze the MD5 hash of the BDARemote.exe.  Like Cycletech says if it's in Windows or System32, it may be malicious.  It's proper location appears to be c:\Program Files\USB TV\, but I do not have it myself to say for sure.  The MD5 of the one in the USB TV folder is 567A859810EC4AEDB0B10AE11B26DD73 or B0D2D80C30D30021F64AFEED590A12CE.  To check the MD5 of the file, follow this article:

    http://support.microsoft.com/kb/841290

    Or do a Google search for md5deep


  • 7.  RE: bdaremote

    Posted Apr 11, 2010 06:35 PM
    Simply replace "gold" in the url posted above by whichever type of contract you have. Or if you don't have a contract follow cycletech's guide below to submit the virus.

    Cheers
    Grant


  • 8.  RE: bdaremote

    Posted Apr 11, 2010 06:38 PM
    This is the best answer if you know the MD5 of the real BDARemote. 

    Great Answer!
    Grant


  • 9.  RE: bdaremote

    Posted May 23, 2010 01:42 PM
    BDARemote is a process executed ATI video software.  It may have been installed when you updated your video drivers. It is used by ATI for its USB TV tuner, and is installed by default when you upgrade your ATI video drivers.



  • 10.  RE: bdaremote

    Posted May 23, 2010 11:37 PM
    Hi MacKenna,

    I saw that you were new to the forums so welcome. I just wanted to let you know to be conscious of the date of the thread you are posting on. This one is old so the user is most likely not looking for an answer anymore. Also if he/she was subscribed to the thread they are getting emails and things about threads that are months old. Just for future reference : )  But thanks for pitching in anyways!

    Cheers
    Grant