cfd.exe is a process belonging to a troubleshooting software from Motive Communications. It enables your broadband provider to offer easy installation and ongoing services to your computer.
Great replies and interesting reading. Since I have no issues (slowdown, CPU usage, etc. as were mentioned in the link) with the file on the computer I think I’ll keep it at least for now. Will move to exclusions list per Oldman’s directions.
If you can’t trust Bellsouth (now AT&T) who can you trust? ;D HAW! Yeah, sure!
Thanks much Polonus and Oldman…
As they say is some of the other forums this question is resolved!
It is the same file and location that is just the shortname notation for the same file, e.g. where the folder or file name exceeds 8 characters, it will show the first 6 characters of the folder followed by the ~1 characters (if there were two folders with the same name it would be ~2).
Is this the same malware name as the original detection ?
This is strange as avast should be able to detect that the two locations are the same shortname and longname location for the same physical location.
Using the likes of auditmypc or any other similar service is basing its decision on the file name and we all know that a) file names can be whatever they like and b) a file could be infected/injected. So the only way to confirm or deny the validity of the detection is by a physical scan of the suspect file at somewhere like virustotal and I haven’t sen anyone suggest that yet.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently over 30 different scanners.
If it is confirmed as an FP them the sample needs to be sent for analysis this is the only effective way to correct rather than simply exclude as was done for the previous detection reported in another post.
Send the sample to virus@avast.com zipped and password protected with the password in email body, a link to this topic might help and false positive in the subject.
Or you can also add the file to the User Files (File, Add) section of the avast chest where it can do no harm and send it from there (select the file, right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest. A copy of the file/s will remain in the original location, so any further action you take can remove that.
:-X
Hi all; Although I am brand new to this forum I venture to chime in. The following is an edited quote from Wilderssecurity forum.
QUOTE (edited for brevity):
The program is not only not needed, it is probably unwanted. …
. . . gleaned from AnswersThatWork :
Bjcfd BJCFD.exe
BroadJump Foundation Client from BroadJump.com, now Motive. After reading the description of this product on the BroadJump website, it is clear that some of the functions of this software are what we call adware (software which collects information on your Internet activity and sends it to your ISP so that your ISP can serve you advertisements related to the type of sites you visit). This program typically gets installed when you install software from the Comcast ISP [edit: Almost any DSL or broadband provider!] . . .
Recommendation :
We are against this type of spyware/adware software… Additionally CFD creates conflicts on Windows XP which result in users experiencing problems or lack of Internet access when logging off and logging back on as a different user. Again on XP, CFD has been seen to slowly but surely gobble up resources and memory, ending up running at 95% of CPU resources and an impossibly slow PC. … de-install “Broadjump Client Foundation” through “Add/Remove Programs” in the Control Panel, and/or disable BJCFD, or its newer incarnation, CFD, … users who have done so have reported no ill-effects whatsoever. You can also run Ad-Aware or Spybot Search & Destroy who will both rid your PC of the Broadjump software.
ALL users who HAD this, then removed it, report NO connection problems.
Bottom line, it is NOT required, and MUST be removed !
END QUOTE
I am cleaning all sorts of malware from home computers as a full-time job. None of my customers has this program anymore and NO ill effect reported.
Experience teaches: Remove.
Thanks for the feedback, unfortunately as you say there are a number of ISP that have this supposed assistance in getting you connected only for their benefit (cash from ad revenue). There are some however that really do tie you up and if removed can stop you getting connected.
That is why I would first suggest the safer option of either fixing the entry in HJT, which allows for a restoration of the fix if you experience problems. Or disabling/unchecking from msconfig, startup tab, as that too can be reversed if you experience problems.
These I would suggest rather than use add remove programs only to find you have a problem which could be an issue if you have lost your internet connection. Whilst this may not be an issue with this particular cdf.exe issue, it is safer for the user to have a period of time with the startup command for cdf.exe disabled to ensure there are no problems before taking the ultimate step for uninstalling it with add remove programs.