Unsolved
This post is more than 5 years old
12 Posts
0
567145
cdasrv.exe?
Greetings. I've had a heck of a time finding any information on a suspicious (albeit only because there's no information on it) executable I've seen running on both an XP32 machine and a Win7x64 machine I have. It's very possible that it's a piece or portion of something installed via the MFP 2335dn driver/utility set, since the directory and contents on both machines have write timestamps closely associated with the installation of that software I applied to both machines last night, but I just wanted to make sure.
CDASrv.exe and the "Common Desktop Service" directory in Program Files in both XP and Win7. There is a startup reference to both I can see when I run msconfig. The version of the executable is 1.53.0 iirc (I'm at work), but there is not other indicative author information associated with the dll or executable.
I've seen vague references to cdilla (yuck) in some remedial searches online, then then a one off page that's not a dell site, but has information about that version of this file proprtedly provided by dell along with an msiconfig call on how to remove it.
Is this something to be worried about?
Thanks.
Bugbatter
20.5K Posts
0
October 6th, 2011 15:00
I cannot answer your question unless I know more about the system. Dell is currently not handling malware removal. Do any of your security programs flag this file as malware? I would suggest posting at SpywareHammer and have a volunteer helper take a look at what is running. The help is free, but you will need to register first.
jchuck
12 Posts
0
October 6th, 2011 19:00
Nothing's being flagged using Security Essentials and up to date on both machines. I'm still at a personal defcon 2 level after having had to restore the wife's XPS1210 twice in a four month period now due to severe infections. I suppose I was looking for confirmation one way or the other than this was or was not a Dell installed process, possibly from the 2335dn driver set; obviously if the Dell utility put it there, then there's nothing to worry about, but all I have to go on is the coincidence that I reinstalled the 2335dn driver software on both machines in a 2 hour window that these files appeared.
Properties of the files:
ky331
3 Apprentice
3 Apprentice
•
15.2K Posts
0
October 7th, 2011 05:00
just a tangential thought here... Jchuck said (s)he's "seen vague references to cdilla (yuck) in some remedial searches online..."
When I do a (Yahoo) search for CSASrv.exe , it decided to augment my query: "We have (also) included cdantsrv.exe results". And when I then click on some links for cdaNTsrv.exe , I see references to cdilla.
I could find no "meaningful" results associated with simply cdasrv.exe.
You might want to double check your seaching, to see if that's happening for you.
Bugbatter
20.5K Posts
0
October 7th, 2011 06:00
If you don't want to post at SpywareHammer, you could have both files analyzed at Virus Total –
http://www.virustotal.com/
At the top of the page you will see:
Select file>Browse>Send
Just follow the prompts.
The submission will then be tested against many different AV vendors’ scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.
There isn't much more I can do from here without getting a more comprehensive picture of everything that is running on that system along with some stats. You would need to post at a forum that reads logs or get help from Dell paid support.
jchuck
12 Posts
0
October 7th, 2011 11:00
Outstanding. Thanks so much, Cradz.
I was expecting that this post may eventually show up in search engine results that may help people in the future. Surprising that there's practically nothing about it at this point. I'll try to find the search result that pointed in the general direction of cdilla tonight. "cdantsrv.exe" was certainly the majority of those results, but there was one in particular that referenced the executable that I'm referring to specifically.
I won't get negative about the obscurity or lack of details for the executable, but it would probably be appreciated if someone responsible for the driver and utility exe builds to put some information in there to alleviate any confusion like this. "Copyright 2010" isn't very helpful to anyone frankly.
Cradz
1 Message
0
October 8th, 2011 21:00
No problem jchuck. Glad you had this topic as it solved the mystery for me. :)
Reposting the "good" part of my previous post so that others understand your response:
I think this is something to do with the 2335dn. I'm an IT Manager and I just ran a search looking for what this was and found your topic. The user happens to have a new 2335dn. The rest of office have older printers and this exe isn't on their machines.
Bugbatter
20.5K Posts
0
October 9th, 2011 05:00
Glad you got it sorted out. :emotion-21:
wdcs
6 Posts
0
January 14th, 2013 08:00
got this from another site:
Samsung Easy Printer manager file. Came with Samsung printer drivers CD. When I uninstalled item from program files, it dissapeared from registry and .exe file also dissapeared.
Bugbatter
20.5K Posts
0
January 14th, 2013 10:00
Thanks for your input to this outdated topic, but where do you see a connection? More info HERE
Nevertheless, the file seems to be safe: http://f.virscan.org/CDASrv.exe.html
bhensall
1 Message
0
September 1st, 2013 03:00
I found that the file is associated to Samsung. CDASrv.exe = Samsung Easy Printer manager file.
Bugbatter
20.5K Posts
0
September 1st, 2013 06:00
Also see here:
Related to CDA Software Service Management Software for the professional service business Note: Located in \%Program Files%\Common Files\Common Desktop Agent\
http://www.systemlookup.com/search.php?type=filename&search=+CDASrv.exe&s=
* Note: This topic is almost two years old. The issue has been resolved, so this thread is now closed. Everyone else who is having a similar issue, please begin a New Post at the top of the forum.