Hidden files?

Anyone any idea what these hidden files are?


C:\WINDOWS\SYSTEM32\7B296FB0-376B-497E-B012-9C450E1B7327-2P-0.C7483456-A289-439D-8115-601632D005A0

C:\WINDOWS\SYSTEM32\7B296FB0-376B-497E-B012-9C450E1B7327-2P-1.C7483456-A289-439D-8115-601632D005A0

 

Hi, good question ?

I found both those files in this Vista PC a few days ago. I was going to post about them, and the following info, but after my Vista RK experience, i decided not to. Anyway as you've now got these, i'll post with what i've discovered.

-

Using Winpatrol's Hidden files i found this

MSFT_USER_WPDFS_01_00_00.WDF

Looked strange, so i Googled and found lots of entries, all bad !

Decided to run ComboFix but before i did, i did a few online scans with, ESET and Symantec which found nothing.

Ran combofix, and along with ALL the System restores, the following was detected and deleted c:\windows\system32\AVSredirect.dll

Since then i've discovered this about AVSredirect.dll https://www.wilderssecurity.com/archive/index.php/t-195771.html

Part of SUPER media player i downloaded several days ago, so not connected at all. It didn't flag MSFT_USER_WPDFS_01_00_00.WDF i've now uninstalled Super.

Found that, and another in System32/Drivers

MsftWdf_Kernel_01007_Inbox_Critical.Wdf

103C_HP_CPC_KX752AA-ABU SR5501UK_YC_0Pres_Q3CR824_E83WEv3PrA1_49_IBoston_SMSI_V1.0_B5.08_T080430_WUH1_L409_M1013_J160_7Intel_8Celeron E1200_91.6_#080902_N10EC8136_Z_G808629C2_OTSSTcorp CDDVDW TS-H653Q ATA Device.MRK

And these in System32

7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

The first one looks like some PC identifier, but what the heck is it doing in in Drivers ? Ever seen a Driver with such a long name before ?

And the other two, really long names too ?

So if anyone can identify any/all the above, i would be very grateful.

 

Related to Microsoft's Product Activation, encryption container.

 

Meriadoc

What, all the ones i listed as well, or just these 2 ?

C:\WINDOWS\SYSTEM32\7B296FB0-376B-497E-B012-9C450E1B7327-2P-0.C7483456-A289-439D-8115-601632D005A0

C:\WINDOWS\SYSTEM32\7B296FB0-376B-497E-B012-9C450E1B7327-2P-1.C7483456-A289-439D-8115-601632D005A0

Thanx

 

Sorry StevieO I was replying about the same time as yourself...those 2 yes.

 

Meriadoc

Aha.

Any ideas about the others ?

 

Can you open the .mrk file in notepad? Does the contents tell you anything?

.MRK file could contain information for the hardware, or peripheral/device.
.WDF MSFT function driver?

 

Meriadoc

Yes, i made a copy and changed the extension to .txt

It lists things connected with, Processor, BIOS, ComputerSystemProduct,Vendor, VideoController,DriverVersion etc etc.

Msft_User_WpdFs_01_00_00.Wdf = Zero Bytes so nothing in there.

All that's in the 3 Byte MsftWdf_Kernel_01007_Inbox_Critical.Wdf is the letter a

Obviously nothing to worry about, but they never showed up before, and there have been no hardware/driver etc changes, so ?

Thanx for responding.