Announcement

Collapse
No announcement yet.

Spyware on your Computer?

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Spyware on your Computer?

    Recently I have been having instability problems with my operating system (WinXP) that appear to be driver related, so I've been looking closely at the Services that are running.

    Anyway, I've noticed a new service called C-DillaCdaC11BA, and a suspicious driver named cdac15ba. The operating system has no other info about these guys. Even the file location is odd: \??\C:\windows\etc... I don't know that much about XP but it the only driver that has \??\ in front of the drive letter. Seem odds to me.

    I did an Internet search and came up with this website C-Dilla

    I don't know how I got it on my system. It feels like a virus! The only software I loaded in the past week has been a baseball game from 3DO (High Heat Baseball). Also, I haven't confirmed that this is what is messing up my system, but I think it is....

    I found these files on my system (which I will soon be deleting):
    CdaC13BA C:\Windows
    CdaC14BA.dll C:\Windows
    CDAC11BA.exe C:\Windows\Prefetch
    CDAC11BA C:\Windows\system32\drivers
    CDAC15BA C:\Windows\system32\drivers

    Has anyone else heard of this?
    My rig: P4 3.0GHz; Asus P4C800E; 1GB DDR 3200; AIW Radeon 9800 Pro; WD 120GB SATA; Plextor DVD burner; Liteon DVD reader; Audigy 2ZS; Logitech Z560 4.1; NEC FE991SB

    Kid's rig: AMD XP 1600+; 512MB ram; GF4 Ti4600; Maxtor 60GB; Plextor CD burner; Sony DVD reader; SB Live; Cambridge 4.1 speakers; NEC FE991SB

    Other kid's rig: Athlon 2700+; ASUS A7N8X mobo; 512MB PC3200 ram; GF4 Ti4600; Maxtor 80GB; SB Live; Cambridge 2.1; NEC FE991SB; Liteon DVD-ROM
    Tags: None
  • #2
    I had three of the files, one of them was a vxd WTF!!!! There gone!

    Oboy
    Time to make the wafers!
    Oboy Inside!

    intel P4 2.26 @ 2.957Ghz

    "Life isn't like a box of chocolates...it's more like a jar of
    jalapenos. What you do today, might burn your ass tomorrow."

    Comment

    • #3
      You're not the only one Beezer.
      I ran the file through Google and came up with a Dutch website/forum where it caused some concern http://www.beginnersweb.nl/forum/vie...?p=94236#94236

      and a link from there to a German forum on Viruses and Spyware http://board.protecus.de/showtopic.p...ime=1025551382

      (EDIT : The Germans didnt know what it was exactly either but thought the same as you. I cant find a Dutch - English translator!)

      I'm checking my Windows2000 PC as soon as I get home.
      Athlon XP-64/3200, 1gb PC3200, 512mb Radeon X1950Pro AGP, Dell 2005fwp, Logitech G5, IBM model M.

      Comment

      • #4
        Originally posted by RichL
        You're not the only one Beezer.
        I ran the file through Google and came up with a Dutch website/forum where it caused some concern http://www.beginnersweb.nl/forum/vie...?p=94236#94236
        Not much info in that dutch thread, the user (Webkabouter) removed the program c-dilla via "add remove programs". He didn't know how he got it.
        Main: Dual Xeon LV2.4Ghz@3.1Ghz | 3X21" | NVidia 6800 | 2Gb DDR | SCSI
        Second: Dual PIII 1GHz | 21" Monitor | G200MMS + Quadro 2 Pro | 512MB ECC SDRAM | SCSI
        Third: Apple G4 450Mhz | 21" Monitor | Radeon 8500 | 1,5Gb SDRAM | SCSI

        Comment

        • #5
          Macromedia is often at fault.
          Gigabyte P35-DS3L with a Q6600, 2GB Kingston HyperX (after *3* bad pairs of Crucial Ballistix 1066), Galaxy 8800GT 512MB, SB X-Fi, some drives, and a Dell 2005fpw. Running WinXP.

          Comment

          • #6
            Found a file on edonkey with this name... maybe a connection?

            Unreal.Tournament.2003.Build.927.c-dilla.working crack!!.zip
            Who is General Failiure and why is he reading my drive?
            ----------------------
            Powercolor Radeon 9700np, Asus A7N8X mobo bios ver. 1007UBER, AthlonXP2800+@3200+ (200 Mhz fsb, 2.2 Ghz) on TT Silent Storm, 2*256Mb Kingston HyperX PC3500 DDR-RAM, 19" Samsung 959NF monitor, Pioneer A04 DVD-RW, Two WD800 80 GB HDD's, IBM Deskstar 40 GB

            Comment

            • #7
              Erm, isn't C-Dilla a crappy CD protection scheme/spyware combo?

              - Gurm
              The Internet - where men are men, women are men, and teenage girls are FBI agents!

              I'm the least you could do
              If only life were as easy as you
              I'm the least you could do, oh yeah
              If only life were as easy as you
              I would still get screwed

              Comment

              • #8
                OK, I looked into this further and I figured most of it out. c-dilla lts was bought out buy Macrovision who renamed the c-dilla ltd to Macrovision Europe. Macrovision Europe is the maker of Safedisc which is a HUGE cd proctection software used by many companies. I'm not srue yet why the software is installed on the computer though if it's just preventing me from burning a disc?

                http://www.c-dilla.com/


                Ç-Dilla Ltd has now been renamed as Macrovision Europe. Macrovision Europe is now a development company specialising in content protection, marketing tools and secure transactions for digital products. This includes copy protection for CD-ROM and DVD products; secure distribution of data products and software applications from Web sites; and clearing financial transactions across the Internet.

                http://www.macrovision.com/solutions/software/cdrom/index.php3


                How SafeDisc Works:

                Encrypt the finished product with the easy to use SafeDisc Wizard Based Toolkit.
                For additional protection, developers may want to use the SafeDisc API. The SafeDisc API has been developed to work in conjunction with the wrapper security that we provide. The publisher can use the API so that it ties the protected application closely with the SafeDisc security system.
                The encrypted master is sent to the mastering company, where a unique SafeDisc digital signature is added to the title during mastering. This requires a SafeDisc enabled encoder to be used, most major mastering houses are SafeDisc enabled. A detailed list is available here.
                When a user plays an original disc the authentication software reads the digital signature, thus allowing the program to run normally. The SafeDisc software is transparent to the end user.
                The digital signature is very difficult to copy, hence making copies useless.
                SafeDisc also includes extensive anti-hacking technology to protect it's security features

                Dave
                Ladies and gentlemen, take my advice, pull down your pants and slide on the ice.

                Comment

                • #9
                  I haven't had any system crashes or errors (in the last hour) since removing those files/drivers....
                  My rig: P4 3.0GHz; Asus P4C800E; 1GB DDR 3200; AIW Radeon 9800 Pro; WD 120GB SATA; Plextor DVD burner; Liteon DVD reader; Audigy 2ZS; Logitech Z560 4.1; NEC FE991SB

                  Kid's rig: AMD XP 1600+; 512MB ram; GF4 Ti4600; Maxtor 60GB; Plextor CD burner; Sony DVD reader; SB Live; Cambridge 4.1 speakers; NEC FE991SB

                  Other kid's rig: Athlon 2700+; ASUS A7N8X mobo; 512MB PC3200 ram; GF4 Ti4600; Maxtor 80GB; SB Live; Cambridge 2.1; NEC FE991SB; Liteon DVD-ROM

                  Comment

                  Previous template Next
                  Working...
                  X