ezsidmv.dat - Anyone know any information about this file?

File Location: C:\ProgramData\
File Attributes: HAI, Hidden
File Size: Less than 1 KB
File Name: ezsidmv.dat
Operating System: Windows 7
File Type: VCD File

Anyone know any information about this file? I've read that it's somehow related to malware in some cases but in other places I've found it to be relevant to Skype. I have noticed that when I launch Skype after deleting the file it automatically recreates itself. The exact same file is also located in C:\Users\All Users\ and recreates also when deleted/launching Skype.

Scanning comes back clean but is useless to scan the .dat since it's a bin for data, correct? And the checksums don't come up with any results.
Trying to open it in Notepad fails as well, seems to be a bunch of disfigured characters, likely due to some form of encrypting?

Any and all information will be heeded and is greatly appreciated.

If this is the wrong location to post this, I apologise in advance.

 

I don't think I'm infected, but am unsure. I have multiple layers of security and do regular scans. Nothing looks suspicious or anything of that nature. As for it being not there for you, I'm using the latest version of Skype and have had multiple friends try to find it by using the DOS commands

"cd C:\ProgramData\"
"dir /ah"
and it didn't output what I have.
The closest thing I've found for an answer was at the Skype forums but was by someone whom is Russian, stating the same things as I am. I've tried contacting the Skype support and they haven't responded to me in 4+ days. They say they will reply in 12 hours or less, so I don't know what's up.

That post is mine by the way.

May I also add, if you simply go to Google and type in "ezsidmv" it comes up with the suggestion "ezsidmv.day skype". So I'm not sure what to believe here.

 

DjK3742,

I have that file in C:\WINDOWS\system32

My OS is WinXP.

 

That's another thing I forgot to mention, it's also being found in System32. I'm amazed that you found it... And for some reason I cannot log into my accounts after the session expires. Sorry for remaking so many.
So what are the file properties on yours Brian? Look the same as mine listed above?

Not sure if it will b0rk your computer but if you want you could try deleting it with Skype closed, and relaunching Skype and seeing if it recreates it.

 

My computer is fine. No rootkits and Malwarebytes/Avast are happy with the file.

Properties are Hidden, 56 bytes size, date 04 Feb 2009. (that's all I have on it)

I checked a backup image that was created 6 months ago and it was present in the image.

 

Do you have Skype installed/was installed on the image?

 

Yes, I've had Skype for a few years.

I have an answer for you. I restored an image of a fresh WinXP install. The file wasn't present in System32. I installed Skype. The file wasn't present in System32. I restarted and the file was present in System32 and it had today's date.

It's just a Skype file.

 

I don't understand why it's in System32 for some, and ProgramData for others... very odd...

Any idea? Also, are you doing this testing in a VM or do you take a lot of backup images of your desktop?

If Skype's support wasn't horribly slow the world would be a better place.

 

This wasn't done in a VM. It was a real OS. I have around 20 different bootable partitions on this computer. I keep basic WinXP and Win7 images (without apps) so I can test situations such as this.

 

Wow, you're a hero!

I wonder why the other people I've spoken to don't have it at any of the locations though... Strange. Maybe it was new to the recent installer versions and wouldn't affect the OS through the "Update" button. Still puzzles me.

 

Did they have their OS set to show hidden files? Were they searching for hidden files? I'd expect everyone with Skype to have it. Just a guess.

 

Well, I made sure to eliminate that using the
"cd C:\ProgramData" - Changes the directory to the programdata folder
"dir /ah" - lists files/folders in the directory, however the /ah enables hidden files to be shown

This didn't work for them. So it is strange. I wish Skype would give me some form of closure on this topic as they've only sent me one general email asking for the version of Skype I was using and haven't responded in four days or so. Five now, I think.

 

Now this is confusing. I checked my netbook and the file is in System32. I checked my son's desktop (latest Skype) and the file isn't in the C: drive.

 

I checked two more WinXP computers with the latest Skype. File not present. I checked a Win7 computer and the file was in ProgramData folder.

 

How strange! Was the file in the System32 on a Windows XP computer? Your help is GREATLY appreciated by the way!

 

In the WinXP computers with the file, it was in System32.

 

Hmmm... and all of these computers had Skype installed, but only some had the file?

 

That is correct.

I booted into a Win7 I haven't used for ages. An old Skype was present (sorry, I didn't look at the version) but the file wasn't present. I installed the latest Skype and even before rebooting the file was now present in ProgramData.

 

This makes no sense, I made sure that I had my friends update Skype before and after checking their ProgramData. UGH!! So confusing!

 

I just installed Skype into a fresh Win7 VM. The file appeared in ProgramData before rebooting.

I've no idea why it isn't present in all computers with the latest Skype.

 

The fact that Skype doesn't respond to support inquiries is very frustrating.

So you are positive this is affiliated with Skype then? Not anything foreign?

 

Certainly looks that way. Whenever I install Skype it appears.

I uninstalled Skype from the Win7 OS on the HD (not the VM). Skype is gone but the file remains.

 

If you delete the file on one of the computers where it is in the System32, does it automatically recreate it when relaunching Skype?

That happens in my case in ProgramData