Hey guys, I think I may have some bugs here. Not sure, but they are new and I didnt install them on purpose. They were HIDDEN as a system file. I took note of them when I found lots of file in the PREFETCH folder (C:\WINDOWS\Prefetch) which had many many entries named "MY DOCUMENTSXLY2KR_CFDG.EXE-2BDFA463.pf". The numbers always change, but its always a My DOCUMENTSxxxxxx.cfdg.exe-xxxxxx file. Each time these original program starts, it makes a new one, with a differant number to it.
Currently in prefetch folder there are only three. I clean it out last night, so 3 today.
MY DOCUMENTSXLY2KR_CFDG.EXE-2BDFA463.pf
MY DOCUMENTSUMN8J7_CFDG.EXE-3B316A4B.pf
MY DOCUMENTSRGR41L_CFDG.EXE-0AF86652.pf
When going into CrapCleaners registry integrity part, cleans registry some. It was allowe me to clean something regarding them. Cleaned HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICashe. It was allow it to be cleaned here, calling it "Missing MUI Reference". It also gave me the path to look at the program that started it. Being C:\Documents and Settings\USERNAME\My DocumentsXly2kr-cfgd.exe and My DocumentsRgR41|_cfdg.exe. I looked, but was hidden as a system file, till I choose to unhide stuff in folder options. Once everything was unhidden, I could see two exe files there.
1) My DocumentsUmn8J7_cfdg
1.52mb size, created yesterday - 16Nov07
MD5 Hash - 2BF8CB02E4DC4CBD6A46DEB9168340D7
SHA1 Hash - 3727347DF4755B218A4D5D6A9FD375207ABE30A8
CRC 32 - 9EF55CB6
2) My DocumentsXpd8Iv_cfdg
1.52mb size, created sunday - 11Nov07
MD5 Hash - 2BF8CB02E4DC4CBD6A46DEB9168340D7
SHA1 Hash - 3727347DF4755B218A4D5D6A9FD375207ABE30A8
CRC 32 - 9EF55CB6
Not sure if these are legitimate programs or not, they appear to not be and when I run my programs that I normally run, they dont cause it to run these two. So not sure at all about them.
Running WinXP Pro, SP2, AVG Free 7.5.503 updated, Spybot 1.5.1.17 updated+beta, SpyWareBlaster 3.5.1 (database 13Nov07), Sophos Antirootkit 1.3.1(data 1.07), BugHunter 2.2d (database 08Nov07), Comodo firewall 2.4.18.184 updated
Sorry if this is legit software, but looks funny to me!
Currently in prefetch folder there are only three. I clean it out last night, so 3 today.
MY DOCUMENTSXLY2KR_CFDG.EXE-2BDFA463.pf
MY DOCUMENTSUMN8J7_CFDG.EXE-3B316A4B.pf
MY DOCUMENTSRGR41L_CFDG.EXE-0AF86652.pf
When going into CrapCleaners registry integrity part, cleans registry some. It was allowe me to clean something regarding them. Cleaned HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICashe. It was allow it to be cleaned here, calling it "Missing MUI Reference". It also gave me the path to look at the program that started it. Being C:\Documents and Settings\USERNAME\My DocumentsXly2kr-cfgd.exe and My DocumentsRgR41|_cfdg.exe. I looked, but was hidden as a system file, till I choose to unhide stuff in folder options. Once everything was unhidden, I could see two exe files there.
1) My DocumentsUmn8J7_cfdg
1.52mb size, created yesterday - 16Nov07
MD5 Hash - 2BF8CB02E4DC4CBD6A46DEB9168340D7
SHA1 Hash - 3727347DF4755B218A4D5D6A9FD375207ABE30A8
CRC 32 - 9EF55CB6
2) My DocumentsXpd8Iv_cfdg
1.52mb size, created sunday - 11Nov07
MD5 Hash - 2BF8CB02E4DC4CBD6A46DEB9168340D7
SHA1 Hash - 3727347DF4755B218A4D5D6A9FD375207ABE30A8
CRC 32 - 9EF55CB6
Not sure if these are legitimate programs or not, they appear to not be and when I run my programs that I normally run, they dont cause it to run these two. So not sure at all about them.
Running WinXP Pro, SP2, AVG Free 7.5.503 updated, Spybot 1.5.1.17 updated+beta, SpyWareBlaster 3.5.1 (database 13Nov07), Sophos Antirootkit 1.3.1(data 1.07), BugHunter 2.2d (database 08Nov07), Comodo firewall 2.4.18.184 updated
Sorry if this is legit software, but looks funny to me!
Last edited: