Avast WEBforum

Other => Viruses and worms => Topic started by: 1234ava on August 19, 2015, 11:54:50 AM

Title: SetStretch and DP45977C in Program Data folder (ASUS PC)
Post by: 1234ava on August 19, 2015, 11:54:50 AM
Today I'm going to tell you a story (with a happy ending, I think).


I noticed these files in the root of the Program Data directory on my ASUS PC.
DP45977C.lfl 0 Bytes
SetStretch.cmd 1 KB
SetStretch.exe 24KB
SetStretch.VBS 24KB

As I couldn't figure out what Windows program they belong with, I looked for more info.
Also, a filename made of numbers would seem suspicious.

The good news was that, according to Avast, MBAM and a VirusTotal scan, they were all clean.
https://www.virustotal.com/en/file/a1a0dcc0bcae48654dbd7fb6a1942e18e93a07e593715abc9b38a9b3ba2b54b3/analysis/1439975806/
https://www.virustotal.com/en/file/a84b5e69527a9f91dae964ed40022a2a77c1fe45b7a381a335202ec3927d140b/analysis/1439975727/
https://www.virustotal.com/en/file/4c8a547f870ad01b315916a9d87f8815bf6bd09b9569ee19ee4e7629af29f3e3/analysis/1439975855/

BUT, some web forums claim those files are related to malware, and "experts" recommend running several malware removal utilities to clean up the computer where such files are found.
Even on VirusTotal, "user votes" (31 reds vs. 4 greens) would suggest that .EXE file is malicious!


After reading all that, I was worried again, although I am generally cautious as a PC user.


On the other hand, I hadn't noticed any strange behavior on my computer,
and like I said all antivirus programs stated those files were probably harmless.
Also,
http://systemexplorer.net/file-database/file/dp45977c-lfl/22803607

BTW, the creation date stamp of DP45977C.lfl was same day when I upgraded from Windows 8.1 to Windows 10.




Eventually, I found this page explaining it's an ASUS utility. That's it!

https://www.reddit.com/r/techsupport/comments/34pf4h/should_i_be_worried_about_these_files_i_ran/

So, Avast and others were right after all: no "virus" on board!

All's well that ends well. :)