Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dp45977c.lfl and WB.CFG?


  • Please log in to reply
7 replies to this topic

#1 dormillie

dormillie

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 AM

Posted 19 August 2017 - 10:25 PM

When I try to delete dp45977c.lfl, it always say something like this.

 

aylaAtR.png

 

The file location is C:\ProgramData.

The file is also a hidden file which is very suspicious. Not helping I checked audiodg and it says this:

 

kIIstMC.png

 

The original filename is audioadg! I'm not even sure anymore!

 

I'm not sure about WB.CFG but I doubt it but I'm afraid of deleting these two because it might be using some services.

WB.CFG is at C:\Users\USERNAME\AppData\Roaming.

 

I'm not sure if it's a virus because I ran RKill, MBAM and KIS to find any more malware remnants but they're not detected.

I'm just really paranoid about it.



BC AdBot (Login to Remove)

 


#2 sasschary

sasschary

  • Malware Study Hall Senior
  • 853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:A galaxy far, far away...
  • Local time:09:30 PM

Posted 20 August 2017 - 05:45 PM

Hi dormillie,

 

Do you have an ASUS computer? These seem to me to be something which comes on ASUS systems. If you do have an ASUS, then this doesn't seem to me like it should be anything of concern. You can try submitting the files to VirusTotal here if you want, and that can verify that these are, indeed, legitimate files.

 

Sasschary



#3 dormillie

dormillie
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 AM

Posted 20 August 2017 - 07:47 PM

Hi dormillie,
 
Do you have an ASUS computer? These seem to me to be something which comes on ASUS systems. If you do have an ASUS, then this doesn't seem to me like it should be anything of concern. You can try submitting the files to VirusTotal here if you want, and that can verify that these are, indeed, legitimate files.
 
Sasschary

I actually have a Lenovo laptop! 😀

#4 sasschary

sasschary

  • Malware Study Hall Senior
  • 853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:A galaxy far, far away...
  • Local time:09:30 PM

Posted 20 August 2017 - 07:49 PM

Hmm, strange...

 

Well, I would try submitting the files to VirusTotal. I still don't personally think they're much to worry about.

 

Sasschary



#5 dormillie

dormillie
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 AM

Posted 23 August 2017 - 11:58 PM

Hmm, strange...

 

Well, I would try submitting the files to VirusTotal. I still don't personally think they're much to worry about.

 

Sasschary

Sorry for the late reply! The files says it's nothing wrong in VirusTotal except in the dp45977c.lfl, some report it's an adware. But it's 0 bytes? I'm not too sure to be honest.



#6 sasschary

sasschary

  • Malware Study Hall Senior
  • 853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:A galaxy far, far away...
  • Local time:09:30 PM

Posted 24 August 2017 - 06:23 AM

Could you send me the links to the VT report for the files?

#7 dormillie

dormillie
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 AM

Posted 24 August 2017 - 07:32 AM

Could you send me the links to the VT report for the files?

 

https://www.virustotal.com/#/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/details

 

This is for the dp45977c.lfl. There's so much gibberish in this file. :(

 

and WB.CFG

 

https://www.virustotal.com/#/file/b86b214d54fbf3030f2a8f1ddf2594a70274f24e2c6d5b35948e1f095709cd5c/detection



#8 sasschary

sasschary

  • Malware Study Hall Senior
  • 853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:A galaxy far, far away...
  • Local time:09:30 PM

Posted 24 August 2017 - 06:07 PM

Hi dormillie,

 

As you pointed out, the file is 0 bytes, and is an empty file. I suspect the person who said something about adware has no idea what he's talking about, since an empty file can't do anything.

 

There's nothing showing up in either VT log, and you said in your first post that MBAM didn't detect anything on your system. As such, I think it is safe to say that your system has nothing infected on it.

 

Sasschary






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users