Cws.Searchmeup

Discussion in 'privacy problems' started by Gigabyte, Jan 14, 2006.

Thread Status:
Not open for further replies.
  1. Gigabyte

    Gigabyte Registered Member

    Joined:
    Apr 28, 2004
    Posts:
    163
    Location:
    NC,USA
    My antivirus is picking up this as a virus,eventhough it's adaware. The thing is,I don't have any kind of the problems associated with these kind of adaware programs. Any ideas? Thanks
     
  2. Snowie

    Snowie Guest

  3. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
  4. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Please only use the Scan Only option of CWShredder.
    If it finds anything post back with the results before letting it remove anything.

    Regards,

    Pieter
     
  5. Gigabyte

    Gigabyte Registered Member

    Joined:
    Apr 28, 2004
    Posts:
    163
    Location:
    NC,USA
    Already had run CWS shredder.:D Nothing was found. I am using Panda Internet Security.
     
  6. Gigabyte

    Gigabyte Registered Member

    Joined:
    Apr 28, 2004
    Posts:
    163
    Location:
    NC,USA
    Here's what I get when I do a scan...

    Adaware/cws.searchmeup
    location: c:\recycler\s-1-5-21-3728851586-282846505-3676742289-1009\dc2.exe
     
  7. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Does your anti-virus scan result show a file or registry location ?
     
  8. Gigabyte

    Gigabyte Registered Member

    Joined:
    Apr 28, 2004
    Posts:
    163
    Location:
    NC,USA
    No. Just what I posted above.
     
  9. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    lol....sorry....I posted soon after you did :blink:

    It does appear those entries are in the recycle bin :doubt:
     
  10. Gigabyte

    Gigabyte Registered Member

    Joined:
    Apr 28, 2004
    Posts:
    163
    Location:
    NC,USA
    The only other thing that it tells me is that it couldn't delete the file(which it usually does) and to make sure it's not in use or protected. I don't see it running in my apps. It also comes up as vbstub.exe
     
  11. Snowie

    Snowie Guest

  12. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
  13. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    From snowbounds link...."vbstub.exe is a process which is registered as the Agent-EN Trojan."

    From Sophos concerning Troj/Agent-EN...."Troj/Agent-EN may create files named system16.exe, system.exe, systemup.exe and vbstub.exe.
     
  14. Snowie

    Snowie Guest

    *****Use Device Path Exerciser
    The Device Path Exerciser (dc2.exe) utility provided with the Windows DDK is an expanded version of the Device Path Exerciser that is part of the Windows Hardware Compatibility Tests (HCT). *****



    http://www.microsoft.com/whdc/driver/security/code-cover.mspx



    Regards To All

    Snowie The Snowman
     
  15. Gigabyte

    Gigabyte Registered Member

    Joined:
    Apr 28, 2004
    Posts:
    163
    Location:
    NC,USA
  16. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
  17. Gigabyte

    Gigabyte Registered Member

    Joined:
    Apr 28, 2004
    Posts:
    163
    Location:
    NC,USA
  18. metallicakid15

    metallicakid15 Registered Member

    Joined:
    Dec 6, 2005
    Posts:
    454
    you can always try a2 or ewido
     
  19. Gigabyte

    Gigabyte Registered Member

    Joined:
    Apr 28, 2004
    Posts:
    163
    Location:
    NC,USA
    ewido didn't find anything.
     
  20. controler

    controler Guest

  21. snowie

    snowie Guest

    CON

    how you doing.....nice program you suggested........got a feeling that he has a FP.........perhaps updated one or another of his programs (anti virus etc) an the update caused the FP............will wait and see.



    regards
     
  22. Gigabyte

    Gigabyte Registered Member

    Joined:
    Apr 28, 2004
    Posts:
    163
    Location:
    NC,USA
    Regrun found legetimate files. No viruses/trojans.
     
  23. dfgfg

    dfgfg Guest

    dude, go into sys36 and arrange by modified, inspect those any funny names, and remove them to recycle bin! dont delete them YET!, i'm excepting u to know some about puter.

    my fault! go into windows.. chnage view to modified remove funny, and do the same in system32 folder also check downloadprogramfiles folder remove some those to.

    Gigabyte, are u a themer.. did u do a theme for firefox?

    My guess is that it was saved by system restore. thats where they're getting em?
     
    Last edited by a moderator: Jan 15, 2006
Thread Status:
Not open for further replies.