Solved What are these files?


Kol12

Well-known member
Member
VIP
Local time
1:17 AM
Posts
342
OS
Windows 11 - Release Preview channel
Would anyone know what these files are? Are they suspicious?
 

Attachments

  • Program Data.png
    Program Data.png
    23.7 KB · Views: 6

My Computer

System One

  • OS
    Windows 11 - Release Preview channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    Kol's custom ROG
    CPU
    Intel 13900K
    Motherboard
    Asus ROG Maximus Hero Z790
    Memory
    Corsair Dominator Platinum RGB 32GB DDR5 6000MHz
    Graphics Card(s)
    Gigabyte 4090 Gaming OC
    Sound Card
    SoundBlaster X-AE5
    Monitor(s) Displays
    Dell Alienware AW3821DW
    Screen Resolution
    3840x1600 144hz
    Hard Drives
    Samsung 980 Pro 500GB
    860 EVO's
    Samsung 990 Pro 2TB
    External RAID enclosure - 2x Seagate 3TB HDD
    PSU
    Seasonic Prime Ultra 1300W Platinum
    Case
    Phanteks Eclipse P600S
    Cooling
    Custom water cooling. EK Velocity (CPU), EK Quantum Vector2 (GPU), EK Quantum D5 Pump, 360mm radiator in case + 560mm external radiator
    Keyboard
    Corsair K100
    Mouse
    Logitech G502X
    Antivirus
    Windows Defender, VBS
They do look a bit odd to me.
They all appeared over the course of two days and they are all only 1 KB.
It could be from something you installed. You could go into Program & Features or Apps & Features and have a look for anything installed on those dates.

This Bleeping Computer thread refers to some of those files and recommends AdwCleaner to clean it.

If they are still there after you run AdwCleaner, if it was me, I would just delete them to the Recycle Bin and leave them in there for a few days and monitor things just to be sure.


Edit: There is more info here in another Bleeping Computer thread.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Stigg's Build
    CPU
    Intel Core i9-10900X
    Motherboard
    GIGABYTE X299X DESIGNARE 10G
    Memory
    Corsair 64 GB (4 x 16 GB) CMW64GX4M4C3000C15 Vengeance RGB Pro 3000Mhz DDR4
    Graphics Card(s)
    GIGABYTE GeForce GTX 1660 Super Mini ITX 6 GB OC
    Sound Card
    Realtek ALC1220
    Monitor(s) Displays
    Samsung 27" FHD LED FreeSync Gaming Monitor (LS27F350FHEXXY)
    Screen Resolution
    1920 x 1080
    Hard Drives
    Samsung 970 Pro Series 1TB M.2 2280 NVMe SSD
    Western Digital Red Pro WD8003FFBX-68B9AN0 8 TB, 7200 RPM, SATA-III
    Western Digital Red Pro WD8003FFBX-68B9AN0 8 TB, 7200 RPM, SATA-III
    PSU
    Corsair HX1200 1200W 80 Plus Platinum
    Case
    Fractal Design Define 7 Black Solid Case
    Cooling
    Noctua NH-D15 Chromax Black
    Keyboard
    Razer Ornata V2
    Mouse
    Razer DeathAdder Essential
    Internet Speed
    FTTN 100Mbps / 40Mbps
    Browser
    Mozilla Firefox
    Antivirus
    N/A
    Other Info
    Logitech BRIO 4k Ultra HD USB-C Webcam
  • Operating System
    Windows 10 Pro
    Computer type
    Laptop
    Manufacturer/Model
    ASUS ROG Zephyrus M GM501GS
    CPU
    Core i7-8750H
    Motherboard
    Zephyrus M GM501GS
    Memory
    SK Hynix 32 GB (2 x 16 GB) HMA82GS6CJR8N-VK 16 GB DDR4-2666 DDR4 SDRAM
    Graphics card(s)
    NVIDIA GeForce GTX 1070
    Sound Card
    Realtek ALC294
    Monitor(s) Displays
    AU Optronics B156HAN07.1 [15.6" LCD]
    Screen Resolution
    1920 x 1080
    Hard Drives
    Samsung MZVKW512HMJP-00000 512 GB, PCI-E 3.0 x4
    Samsung SSD 860 QVO 4TB 4 TB, SATA-III
    PSU
    N/A
    Case
    N/A
    Cooling
    N/A
    Mouse
    Razer DeathAdder Essential
    Keyboard
    PC/AT Enhanced PS2 Keyboard (101/102-Key)
    Internet Speed
    FTTN 100Mbps / 40Mbps
    Browser
    Mozilla Firefox
    Antivirus
    N/A
    Other Info
    USB2.0 HD UVC Webcam
Top of the list of your circled area is described as a rootkit after a quick search so not good, run the free version of Malwarebytes, see if it picks them up
 

My Computer

System One

  • OS
    Windows 11 Pro Beta, 11 Dev, W11 Canary
    Computer type
    Laptop
    Manufacturer/Model
    Dell Alienware M15 Ryzen Edition R6
    CPU
    AMD Ryzen™ 9 5900HX
    Memory
    32GB
    Graphics Card(s)
    NVIDIA® GeForce RTX™ 3070 8GB GDDR6
    Hard Drives
    1 x Samsung 980 Pro 1TB
    1 x Samsung 970 Evo Plus 1TB
Suggest you post on a security forum such as Bleeping Computer for individual instructions and not just follow instructions given to another individual. They always caution against that. Running AdwCleaner or Malwarebytes should not be an issue however

A Guy
 

My Computers

System One System Two

  • OS
    Windows 10 Home x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    INTEL Core i5-11400
    Motherboard
    ASUS PRIME H570-PLUS
    Memory
    KINGSTON HyperX Fury Black DDR4 16GB (2 x 8GB) 3200MHz, CL16
    Graphics Card(s)
    EVGA GeForce GTX 750 Superclocked 1GB 128-Bit GDDR5
    Monitor(s) Displays
    LG 32MA68HY 32" IPS
    Screen Resolution
    1920 x 1080
    Hard Drives
    SAMSUNG 250GB 970 EVO Plus NVMe, M.2 SSD, Crucial 250GB MX500, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
    PSU
    CORSAIR RM550x 80 PLUS Gold 550W
    Case
    ANTEC P10 FLUX
    Cooling
    be quiet! Pure Rock 2, 5 x 120 mm Case Fans
    Internet Speed
    480 + Mbps Up/ 12+ Mbps Down
    Browser
    Vivaldi Snapshot
    Antivirus
    Avast
  • Operating System
    Windows 10 Home x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    Intel Core i5-750
    Motherboard
    ASUS P7P55D
    Memory
    Kingston HyperX Fury Black 8GB (2x4GB) DDR3-1600MHz CL8
    Graphics card(s)
    MSI GeForce GT 240 N240GT-MD1G/D5 1 GB DDR5
    Monitor(s) Displays
    LG 32MA68HY 32" IPS
    Screen Resolution
    1980x1040
    Hard Drives
    Samsung Electronics 840 EVO 120GB, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
    PSU
    Antec TruePower New TP-550 550W
    Case
    Antec 300
    Cooling
    Cooler Master Hyper 212+, 4 Noctua NF-P12 120mm, 1 Noctua NF-P14 FLX
    Internet Speed
    480+ Mbps Down/12+Mbps Up
    Browser
    Vivaldi Snapshot
    Antivirus
    Avast
If it was a rootkit why would it get past Windows Defender?
 

My Computer

System One

  • OS
    Windows 11 - Release Preview channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    Kol's custom ROG
    CPU
    Intel 13900K
    Motherboard
    Asus ROG Maximus Hero Z790
    Memory
    Corsair Dominator Platinum RGB 32GB DDR5 6000MHz
    Graphics Card(s)
    Gigabyte 4090 Gaming OC
    Sound Card
    SoundBlaster X-AE5
    Monitor(s) Displays
    Dell Alienware AW3821DW
    Screen Resolution
    3840x1600 144hz
    Hard Drives
    Samsung 980 Pro 500GB
    860 EVO's
    Samsung 990 Pro 2TB
    External RAID enclosure - 2x Seagate 3TB HDD
    PSU
    Seasonic Prime Ultra 1300W Platinum
    Case
    Phanteks Eclipse P600S
    Cooling
    Custom water cooling. EK Velocity (CPU), EK Quantum Vector2 (GPU), EK Quantum D5 Pump, 360mm radiator in case + 560mm external radiator
    Keyboard
    Corsair K100
    Mouse
    Logitech G502X
    Antivirus
    Windows Defender, VBS
Rootkits are made to evade detection, I don't have 11, but in 10 there was a Scan Offline option for Defender, worth a shot

windows-defender-scan-offline-settings.jpg

A Guy
 

My Computers

System One System Two

  • OS
    Windows 10 Home x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    INTEL Core i5-11400
    Motherboard
    ASUS PRIME H570-PLUS
    Memory
    KINGSTON HyperX Fury Black DDR4 16GB (2 x 8GB) 3200MHz, CL16
    Graphics Card(s)
    EVGA GeForce GTX 750 Superclocked 1GB 128-Bit GDDR5
    Monitor(s) Displays
    LG 32MA68HY 32" IPS
    Screen Resolution
    1920 x 1080
    Hard Drives
    SAMSUNG 250GB 970 EVO Plus NVMe, M.2 SSD, Crucial 250GB MX500, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
    PSU
    CORSAIR RM550x 80 PLUS Gold 550W
    Case
    ANTEC P10 FLUX
    Cooling
    be quiet! Pure Rock 2, 5 x 120 mm Case Fans
    Internet Speed
    480 + Mbps Up/ 12+ Mbps Down
    Browser
    Vivaldi Snapshot
    Antivirus
    Avast
  • Operating System
    Windows 10 Home x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    Intel Core i5-750
    Motherboard
    ASUS P7P55D
    Memory
    Kingston HyperX Fury Black 8GB (2x4GB) DDR3-1600MHz CL8
    Graphics card(s)
    MSI GeForce GT 240 N240GT-MD1G/D5 1 GB DDR5
    Monitor(s) Displays
    LG 32MA68HY 32" IPS
    Screen Resolution
    1980x1040
    Hard Drives
    Samsung Electronics 840 EVO 120GB, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
    PSU
    Antec TruePower New TP-550 550W
    Case
    Antec 300
    Cooling
    Cooler Master Hyper 212+, 4 Noctua NF-P12 120mm, 1 Noctua NF-P14 FLX
    Internet Speed
    480+ Mbps Down/12+Mbps Up
    Browser
    Vivaldi Snapshot
    Antivirus
    Avast
Does MB not scan for Rootkits by default? When I ran a custom scan the Rootkit checkbox was not checked. MB detected no Rootkits...
 

My Computer

System One

  • OS
    Windows 11 - Release Preview channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    Kol's custom ROG
    CPU
    Intel 13900K
    Motherboard
    Asus ROG Maximus Hero Z790
    Memory
    Corsair Dominator Platinum RGB 32GB DDR5 6000MHz
    Graphics Card(s)
    Gigabyte 4090 Gaming OC
    Sound Card
    SoundBlaster X-AE5
    Monitor(s) Displays
    Dell Alienware AW3821DW
    Screen Resolution
    3840x1600 144hz
    Hard Drives
    Samsung 980 Pro 500GB
    860 EVO's
    Samsung 990 Pro 2TB
    External RAID enclosure - 2x Seagate 3TB HDD
    PSU
    Seasonic Prime Ultra 1300W Platinum
    Case
    Phanteks Eclipse P600S
    Cooling
    Custom water cooling. EK Velocity (CPU), EK Quantum Vector2 (GPU), EK Quantum D5 Pump, 360mm radiator in case + 560mm external radiator
    Keyboard
    Corsair K100
    Mouse
    Logitech G502X
    Antivirus
    Windows Defender, VBS
MB does not scan for Rootkits by default, you have to check the box. If you want to be sure you are clean, post on a security centered forum, and provide logs and apply exact scans and fixes they suggest. I am not sure if any security experts are active here

A Guy
 

My Computers

System One System Two

  • OS
    Windows 10 Home x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    INTEL Core i5-11400
    Motherboard
    ASUS PRIME H570-PLUS
    Memory
    KINGSTON HyperX Fury Black DDR4 16GB (2 x 8GB) 3200MHz, CL16
    Graphics Card(s)
    EVGA GeForce GTX 750 Superclocked 1GB 128-Bit GDDR5
    Monitor(s) Displays
    LG 32MA68HY 32" IPS
    Screen Resolution
    1920 x 1080
    Hard Drives
    SAMSUNG 250GB 970 EVO Plus NVMe, M.2 SSD, Crucial 250GB MX500, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
    PSU
    CORSAIR RM550x 80 PLUS Gold 550W
    Case
    ANTEC P10 FLUX
    Cooling
    be quiet! Pure Rock 2, 5 x 120 mm Case Fans
    Internet Speed
    480 + Mbps Up/ 12+ Mbps Down
    Browser
    Vivaldi Snapshot
    Antivirus
    Avast
  • Operating System
    Windows 10 Home x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    Intel Core i5-750
    Motherboard
    ASUS P7P55D
    Memory
    Kingston HyperX Fury Black 8GB (2x4GB) DDR3-1600MHz CL8
    Graphics card(s)
    MSI GeForce GT 240 N240GT-MD1G/D5 1 GB DDR5
    Monitor(s) Displays
    LG 32MA68HY 32" IPS
    Screen Resolution
    1980x1040
    Hard Drives
    Samsung Electronics 840 EVO 120GB, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
    PSU
    Antec TruePower New TP-550 550W
    Case
    Antec 300
    Cooling
    Cooler Master Hyper 212+, 4 Noctua NF-P12 120mm, 1 Noctua NF-P14 FLX
    Internet Speed
    480+ Mbps Down/12+Mbps Up
    Browser
    Vivaldi Snapshot
    Antivirus
    Avast
They do look a bit odd to me.
They all appeared over the course of two days and they are all only 1 KB.
It could be from something you installed. You could go into Program & Features or Apps & Features and have a look for anything installed on those dates.

This Bleeping Computer thread refers to some of those files and recommends AdwCleaner to clean it.

If they are still there after you run AdwCleaner, if it was me, I would just delete them to the Recycle Bin and leave them in there for a few days and monitor things just to be sure.


Edit: There is more info here in another Bleeping Computer thread.
All of the same files I have but they give no indication as to where they think they might have came from or even why they suspect a Rootkit. :unsure:
 

My Computer

System One

  • OS
    Windows 11 - Release Preview channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    Kol's custom ROG
    CPU
    Intel 13900K
    Motherboard
    Asus ROG Maximus Hero Z790
    Memory
    Corsair Dominator Platinum RGB 32GB DDR5 6000MHz
    Graphics Card(s)
    Gigabyte 4090 Gaming OC
    Sound Card
    SoundBlaster X-AE5
    Monitor(s) Displays
    Dell Alienware AW3821DW
    Screen Resolution
    3840x1600 144hz
    Hard Drives
    Samsung 980 Pro 500GB
    860 EVO's
    Samsung 990 Pro 2TB
    External RAID enclosure - 2x Seagate 3TB HDD
    PSU
    Seasonic Prime Ultra 1300W Platinum
    Case
    Phanteks Eclipse P600S
    Cooling
    Custom water cooling. EK Velocity (CPU), EK Quantum Vector2 (GPU), EK Quantum D5 Pump, 360mm radiator in case + 560mm external radiator
    Keyboard
    Corsair K100
    Mouse
    Logitech G502X
    Antivirus
    Windows Defender, VBS
Rootkits are made to evade detection, I don't have 11, but in 10 there was a Scan Offline option for Defender, worth a shot
I do, and there is.....

1633768957272.png
 

My Computers

System One System Two

  • OS
    Windows 11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Acer Aspire 3 A315-23
    CPU
    AMD Athlon Silver 3050U
    Memory
    8GB
    Graphics Card(s)
    Radeon Graphics
    Monitor(s) Displays
    laptop screen
    Screen Resolution
    1366x768 native resolution, up to 2560x1440 with Radeon Virtual Super Resolution
    Hard Drives
    1TB Samsung EVO 870 SSD
    Internet Speed
    50 Mbps
    Browser
    Edge, Firefox
    Antivirus
    Defender
    Other Info
    fully 'Windows 11 ready' laptop. Windows 10 C: partition migrated from my old unsupported 'main machine' then upgraded to 11. A test migration ran Insider builds for 2 months. When 11 was released on 5th October it was re-imaged back to 10 and was offered the upgrade in Windows Update on 20th October. Windows Update offered the 22H2 Feature Update on 20th September 2022. It got the 23H2 Feature Update on 4th November 2023 through Windows Update.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, Canary, and Release Preview builds as a native boot .vhdx.
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell Lattitude E4310
    CPU
    Intel® Core™ i5-520M
    Motherboard
    0T6M8G
    Memory
    8GB
    Graphics card(s)
    (integrated graphics) Intel HD Graphics
    Screen Resolution
    1366x768
    Hard Drives
    500GB Crucial MX500 SSD
    Browser
    Firefox, Edge
    Antivirus
    Defender
    Other Info
    unsupported machine: Legacy bios, MBR, TPM 1.2, upgraded from W10 to W11 using W10/W11 hybrid install media workaround. In-place upgrade to 22H2 using ISO and a workaround. Feature Update to 23H2 by manually installing the Enablement Package. In-place upgrade to 24H2 using hybrid 23H2/24H2 install media. Also running Insider Beta, Dev, and Canary builds as a native boot .vhdx.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, Canary, and Release Preview builds as a native boot .vhdx.
I ran the Defender Offline scan but can't find the results.
 

My Computer

System One

  • OS
    Windows 11 - Release Preview channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    Kol's custom ROG
    CPU
    Intel 13900K
    Motherboard
    Asus ROG Maximus Hero Z790
    Memory
    Corsair Dominator Platinum RGB 32GB DDR5 6000MHz
    Graphics Card(s)
    Gigabyte 4090 Gaming OC
    Sound Card
    SoundBlaster X-AE5
    Monitor(s) Displays
    Dell Alienware AW3821DW
    Screen Resolution
    3840x1600 144hz
    Hard Drives
    Samsung 980 Pro 500GB
    860 EVO's
    Samsung 990 Pro 2TB
    External RAID enclosure - 2x Seagate 3TB HDD
    PSU
    Seasonic Prime Ultra 1300W Platinum
    Case
    Phanteks Eclipse P600S
    Cooling
    Custom water cooling. EK Velocity (CPU), EK Quantum Vector2 (GPU), EK Quantum D5 Pump, 360mm radiator in case + 560mm external radiator
    Keyboard
    Corsair K100
    Mouse
    Logitech G502X
    Antivirus
    Windows Defender, VBS
Have a look at Protection History to see if any latest malware infection actions.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    HP Pavilion
    CPU
    AMD Ryzen 7 5700G
    Motherboard
    Erica6
    Memory
    Micron Technology DDR4-3200 16GB
    Graphics Card(s)
    NVIDIA GeForce RTX 3060
    Sound Card
    Realtek ALC671
    Monitor(s) Displays
    Samsung SyncMaster U28E590
    Screen Resolution
    3840 x 2160
    Hard Drives
    SAMSUNG MZVLQ1T0HALB-000H1
I did a quick test of some of the file types and some came back as various use audio files, have you recently installed or started using an audio editor (a lot of systems with discrete Sound cards will come with a bespoke application or tool)

this may clarify what any files you cannot recognise may be List of file formats - Wikipedia

Of course malware could also use these files purposely to hide their data files

You could try sending the files individually to some online checker like Virus Total
 

My Computers

System One System Two

  • OS
    Windows 11 Pro x64 [Latest Release Preview] [Win11 PRO HighEnd MUP-00005 DD]
    Computer type
    PC/Desktop
    Manufacturer/Model
    Scan 3XS to my design
    CPU
    AMD RYZEN 9 7950X OEM
    Motherboard
    *3XS*ASUS TUF B650 PLUS WIFI
    Memory
    64GB [2x32GB Corsair Vengeance 560 AMD DDR5]
    Graphics Card(s)
    3XS* ASUS DUAL RTX 4060 OC 8G
    Sound Card
    On motherboard Feeding SPDiF 5.1 system [plus local sound to each monitor]
    Monitor(s) Displays
    32" UHD 32 Bit HDR Monitor + 43" UHD 4K 32Bit HDR TV
    Screen Resolution
    2 x 3840 x 2160
    Hard Drives
    3XS Samsung 980Pro 2TB M.2 PCIe4 4 x 8TB Data + Various Externals from 1TB to 8TB, 10TB NAS
    PSU
    3XS Corsair RM850x 850w Fully Modular
    Case
    FDesign Define 7 XL BK TGL Case - Black
    Cooling
    3XS iCUE H150i ELITE Liquid Cool, Quiet Case fans
    Keyboard
    Wireless Logitec MX Keys + K830 [Depending on where I'm Sat]
    Mouse
    Wireless Logitec - MX Master 3S +
    Internet Speed
    950 MB Down 55 MB Up
    Browser
    Latest Chrome
    Antivirus
    BitDefender Total Security [Latest]
    Other Info
    Also run...
    Dell XPS 17 Laptop
    HP Laptop 8GB - Windows 10 Pro x64 HP 15.2"
    Nexus 7 Android tablet [x2]
    Samsung 10.2" tablet
    Blackview 10.2 Tablet
    Sony Z3 Android Smartphone
    Samsung S9 Plus Smartphone
    Wacom Pro Medium Pen Pad
    Wacom Pro Small Pen Pad
    Wacom ExpressKey Remote
    Loopdeck+ Graphics Controller
    Shuttle Pro v2 Control Pad
  • Operating System
    Windows 11 Pro x64 [Latest release]
    Computer type
    Laptop
    Manufacturer/Model
    Dell XPS 17 9700
    CPU
    i7 10750H
    Motherboard
    Stock
    Memory
    32 GB
    Graphics card(s)
    Stock Intel + GTX 1650 Ti
    Sound Card
    Stock 4 speaker
    Monitor(s) Displays
    Stock 17" + 32" 4K 3840 x 2160 HDR-10
    Screen Resolution
    3840 x 2400 HDR touchscreen
    Hard Drives
    2TB M2 NVMe
    PSU
    Stock
    Case
    Stock Aluminium / Carbon Fibre
    Cooling
    Stock + 2 fan cooling pad
    Mouse
    Stock Trackpad +Logi Mx Master 3 or MX Ergo Trackball
    Keyboard
    Stock Illuminated + Logi - MX Keys
    Internet Speed
    950 MB Down 55 MB Up
    Browser
    Latest Chrome
    Antivirus
    BitDefender Total Security 2021
    Other Info
    Also use an Adjustable Support for Laptop and Adjustable stand for monitor
I ran the Defender Offline scan but can't find the results.
They should be in the same place as they were in Windows 10

Microsoft Defender Offline Scan log files are stored as a MPLog-YYYYMMDD-HHMMSS.log file located in the C:\Windows\Microsoft Antimalware\Support folder.
 

My Computers

System One System Two

  • OS
    Windows 11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Acer Aspire 3 A315-23
    CPU
    AMD Athlon Silver 3050U
    Memory
    8GB
    Graphics Card(s)
    Radeon Graphics
    Monitor(s) Displays
    laptop screen
    Screen Resolution
    1366x768 native resolution, up to 2560x1440 with Radeon Virtual Super Resolution
    Hard Drives
    1TB Samsung EVO 870 SSD
    Internet Speed
    50 Mbps
    Browser
    Edge, Firefox
    Antivirus
    Defender
    Other Info
    fully 'Windows 11 ready' laptop. Windows 10 C: partition migrated from my old unsupported 'main machine' then upgraded to 11. A test migration ran Insider builds for 2 months. When 11 was released on 5th October it was re-imaged back to 10 and was offered the upgrade in Windows Update on 20th October. Windows Update offered the 22H2 Feature Update on 20th September 2022. It got the 23H2 Feature Update on 4th November 2023 through Windows Update.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, Canary, and Release Preview builds as a native boot .vhdx.
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell Lattitude E4310
    CPU
    Intel® Core™ i5-520M
    Motherboard
    0T6M8G
    Memory
    8GB
    Graphics card(s)
    (integrated graphics) Intel HD Graphics
    Screen Resolution
    1366x768
    Hard Drives
    500GB Crucial MX500 SSD
    Browser
    Firefox, Edge
    Antivirus
    Defender
    Other Info
    unsupported machine: Legacy bios, MBR, TPM 1.2, upgraded from W10 to W11 using W10/W11 hybrid install media workaround. In-place upgrade to 22H2 using ISO and a workaround. Feature Update to 23H2 by manually installing the Enablement Package. In-place upgrade to 24H2 using hybrid 23H2/24H2 install media. Also running Insider Beta, Dev, and Canary builds as a native boot .vhdx.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, Canary, and Release Preview builds as a native boot .vhdx.
I did a quick test of some of the file types and some came back as various use audio files, have you recently installed or started using an audio editor (a lot of systems with discrete Sound cards will come with a bespoke application or tool)

this may clarify what any files you cannot recognise may be List of file formats - Wikipedia

Of course malware could also use these files purposely to hide their data files

You could try sending the files individually to some online checker like Virus Total
You found info on the file types I circled related to audio? I do use a SoundBlaster Sound Card with Sound Blaster Command software.

I just ran each of the files through Virus Total and each came back fully undetected.
 

My Computer

System One

  • OS
    Windows 11 - Release Preview channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    Kol's custom ROG
    CPU
    Intel 13900K
    Motherboard
    Asus ROG Maximus Hero Z790
    Memory
    Corsair Dominator Platinum RGB 32GB DDR5 6000MHz
    Graphics Card(s)
    Gigabyte 4090 Gaming OC
    Sound Card
    SoundBlaster X-AE5
    Monitor(s) Displays
    Dell Alienware AW3821DW
    Screen Resolution
    3840x1600 144hz
    Hard Drives
    Samsung 980 Pro 500GB
    860 EVO's
    Samsung 990 Pro 2TB
    External RAID enclosure - 2x Seagate 3TB HDD
    PSU
    Seasonic Prime Ultra 1300W Platinum
    Case
    Phanteks Eclipse P600S
    Cooling
    Custom water cooling. EK Velocity (CPU), EK Quantum Vector2 (GPU), EK Quantum D5 Pump, 360mm radiator in case + 560mm external radiator
    Keyboard
    Corsair K100
    Mouse
    Logitech G502X
    Antivirus
    Windows Defender, VBS
Hmm.... Maybe I think they are related to OSArmor:


 

My Computer

System One

  • OS
    Windows 11 - Release Preview channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    Kol's custom ROG
    CPU
    Intel 13900K
    Motherboard
    Asus ROG Maximus Hero Z790
    Memory
    Corsair Dominator Platinum RGB 32GB DDR5 6000MHz
    Graphics Card(s)
    Gigabyte 4090 Gaming OC
    Sound Card
    SoundBlaster X-AE5
    Monitor(s) Displays
    Dell Alienware AW3821DW
    Screen Resolution
    3840x1600 144hz
    Hard Drives
    Samsung 980 Pro 500GB
    860 EVO's
    Samsung 990 Pro 2TB
    External RAID enclosure - 2x Seagate 3TB HDD
    PSU
    Seasonic Prime Ultra 1300W Platinum
    Case
    Phanteks Eclipse P600S
    Cooling
    Custom water cooling. EK Velocity (CPU), EK Quantum Vector2 (GPU), EK Quantum D5 Pump, 360mm radiator in case + 560mm external radiator
    Keyboard
    Corsair K100
    Mouse
    Logitech G502X
    Antivirus
    Windows Defender, VBS
a basic online search will provide a probable use for the file extension the format I use is ".aaa file type" in google (no commas and replace aaa with the extension - eg- jpg file type
 

My Computers

System One System Two

  • OS
    Windows 11 Pro x64 [Latest Release Preview] [Win11 PRO HighEnd MUP-00005 DD]
    Computer type
    PC/Desktop
    Manufacturer/Model
    Scan 3XS to my design
    CPU
    AMD RYZEN 9 7950X OEM
    Motherboard
    *3XS*ASUS TUF B650 PLUS WIFI
    Memory
    64GB [2x32GB Corsair Vengeance 560 AMD DDR5]
    Graphics Card(s)
    3XS* ASUS DUAL RTX 4060 OC 8G
    Sound Card
    On motherboard Feeding SPDiF 5.1 system [plus local sound to each monitor]
    Monitor(s) Displays
    32" UHD 32 Bit HDR Monitor + 43" UHD 4K 32Bit HDR TV
    Screen Resolution
    2 x 3840 x 2160
    Hard Drives
    3XS Samsung 980Pro 2TB M.2 PCIe4 4 x 8TB Data + Various Externals from 1TB to 8TB, 10TB NAS
    PSU
    3XS Corsair RM850x 850w Fully Modular
    Case
    FDesign Define 7 XL BK TGL Case - Black
    Cooling
    3XS iCUE H150i ELITE Liquid Cool, Quiet Case fans
    Keyboard
    Wireless Logitec MX Keys + K830 [Depending on where I'm Sat]
    Mouse
    Wireless Logitec - MX Master 3S +
    Internet Speed
    950 MB Down 55 MB Up
    Browser
    Latest Chrome
    Antivirus
    BitDefender Total Security [Latest]
    Other Info
    Also run...
    Dell XPS 17 Laptop
    HP Laptop 8GB - Windows 10 Pro x64 HP 15.2"
    Nexus 7 Android tablet [x2]
    Samsung 10.2" tablet
    Blackview 10.2 Tablet
    Sony Z3 Android Smartphone
    Samsung S9 Plus Smartphone
    Wacom Pro Medium Pen Pad
    Wacom Pro Small Pen Pad
    Wacom ExpressKey Remote
    Loopdeck+ Graphics Controller
    Shuttle Pro v2 Control Pad
  • Operating System
    Windows 11 Pro x64 [Latest release]
    Computer type
    Laptop
    Manufacturer/Model
    Dell XPS 17 9700
    CPU
    i7 10750H
    Motherboard
    Stock
    Memory
    32 GB
    Graphics card(s)
    Stock Intel + GTX 1650 Ti
    Sound Card
    Stock 4 speaker
    Monitor(s) Displays
    Stock 17" + 32" 4K 3840 x 2160 HDR-10
    Screen Resolution
    3840 x 2400 HDR touchscreen
    Hard Drives
    2TB M2 NVMe
    PSU
    Stock
    Case
    Stock Aluminium / Carbon Fibre
    Cooling
    Stock + 2 fan cooling pad
    Mouse
    Stock Trackpad +Logi Mx Master 3 or MX Ergo Trackball
    Keyboard
    Stock Illuminated + Logi - MX Keys
    Internet Speed
    950 MB Down 55 MB Up
    Browser
    Latest Chrome
    Antivirus
    BitDefender Total Security 2021
    Other Info
    Also use an Adjustable Support for Laptop and Adjustable stand for monitor
a basic online search will provide a probable use for the file extension the format I use is ".aaa file type" in google (no commas and replace aaa with the extension - eg- jpg file type
It was a Google search for rtmeslt that lead to the above links. The users there all have these files in Program Data with OSArmor installed. I do wonder why the Bleeping Computer helpers suggest to delete these files. :unsure:
 

My Computer

System One

  • OS
    Windows 11 - Release Preview channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    Kol's custom ROG
    CPU
    Intel 13900K
    Motherboard
    Asus ROG Maximus Hero Z790
    Memory
    Corsair Dominator Platinum RGB 32GB DDR5 6000MHz
    Graphics Card(s)
    Gigabyte 4090 Gaming OC
    Sound Card
    SoundBlaster X-AE5
    Monitor(s) Displays
    Dell Alienware AW3821DW
    Screen Resolution
    3840x1600 144hz
    Hard Drives
    Samsung 980 Pro 500GB
    860 EVO's
    Samsung 990 Pro 2TB
    External RAID enclosure - 2x Seagate 3TB HDD
    PSU
    Seasonic Prime Ultra 1300W Platinum
    Case
    Phanteks Eclipse P600S
    Cooling
    Custom water cooling. EK Velocity (CPU), EK Quantum Vector2 (GPU), EK Quantum D5 Pump, 360mm radiator in case + 560mm external radiator
    Keyboard
    Corsair K100
    Mouse
    Logitech G502X
    Antivirus
    Windows Defender, VBS
Thanks for the help everyone. :sleep:
 

My Computer

System One

  • OS
    Windows 11 - Release Preview channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    Kol's custom ROG
    CPU
    Intel 13900K
    Motherboard
    Asus ROG Maximus Hero Z790
    Memory
    Corsair Dominator Platinum RGB 32GB DDR5 6000MHz
    Graphics Card(s)
    Gigabyte 4090 Gaming OC
    Sound Card
    SoundBlaster X-AE5
    Monitor(s) Displays
    Dell Alienware AW3821DW
    Screen Resolution
    3840x1600 144hz
    Hard Drives
    Samsung 980 Pro 500GB
    860 EVO's
    Samsung 990 Pro 2TB
    External RAID enclosure - 2x Seagate 3TB HDD
    PSU
    Seasonic Prime Ultra 1300W Platinum
    Case
    Phanteks Eclipse P600S
    Cooling
    Custom water cooling. EK Velocity (CPU), EK Quantum Vector2 (GPU), EK Quantum D5 Pump, 360mm radiator in case + 560mm external radiator
    Keyboard
    Corsair K100
    Mouse
    Logitech G502X
    Antivirus
    Windows Defender, VBS
I do not know ONArmor so cannot comment, I personally use the pro version of BitDefender and have done for a number of years .

It's fully possible that they use these files extensions internally, and as they are shown as clean on VirusTotal (a site that I and many other members here use as they are usually very fast to find malware files often before the big names in Malware prevention). so as an Addon to check any files that appear and you are not sure what they are I would recommend it
 

My Computers

System One System Two

  • OS
    Windows 11 Pro x64 [Latest Release Preview] [Win11 PRO HighEnd MUP-00005 DD]
    Computer type
    PC/Desktop
    Manufacturer/Model
    Scan 3XS to my design
    CPU
    AMD RYZEN 9 7950X OEM
    Motherboard
    *3XS*ASUS TUF B650 PLUS WIFI
    Memory
    64GB [2x32GB Corsair Vengeance 560 AMD DDR5]
    Graphics Card(s)
    3XS* ASUS DUAL RTX 4060 OC 8G
    Sound Card
    On motherboard Feeding SPDiF 5.1 system [plus local sound to each monitor]
    Monitor(s) Displays
    32" UHD 32 Bit HDR Monitor + 43" UHD 4K 32Bit HDR TV
    Screen Resolution
    2 x 3840 x 2160
    Hard Drives
    3XS Samsung 980Pro 2TB M.2 PCIe4 4 x 8TB Data + Various Externals from 1TB to 8TB, 10TB NAS
    PSU
    3XS Corsair RM850x 850w Fully Modular
    Case
    FDesign Define 7 XL BK TGL Case - Black
    Cooling
    3XS iCUE H150i ELITE Liquid Cool, Quiet Case fans
    Keyboard
    Wireless Logitec MX Keys + K830 [Depending on where I'm Sat]
    Mouse
    Wireless Logitec - MX Master 3S +
    Internet Speed
    950 MB Down 55 MB Up
    Browser
    Latest Chrome
    Antivirus
    BitDefender Total Security [Latest]
    Other Info
    Also run...
    Dell XPS 17 Laptop
    HP Laptop 8GB - Windows 10 Pro x64 HP 15.2"
    Nexus 7 Android tablet [x2]
    Samsung 10.2" tablet
    Blackview 10.2 Tablet
    Sony Z3 Android Smartphone
    Samsung S9 Plus Smartphone
    Wacom Pro Medium Pen Pad
    Wacom Pro Small Pen Pad
    Wacom ExpressKey Remote
    Loopdeck+ Graphics Controller
    Shuttle Pro v2 Control Pad
  • Operating System
    Windows 11 Pro x64 [Latest release]
    Computer type
    Laptop
    Manufacturer/Model
    Dell XPS 17 9700
    CPU
    i7 10750H
    Motherboard
    Stock
    Memory
    32 GB
    Graphics card(s)
    Stock Intel + GTX 1650 Ti
    Sound Card
    Stock 4 speaker
    Monitor(s) Displays
    Stock 17" + 32" 4K 3840 x 2160 HDR-10
    Screen Resolution
    3840 x 2400 HDR touchscreen
    Hard Drives
    2TB M2 NVMe
    PSU
    Stock
    Case
    Stock Aluminium / Carbon Fibre
    Cooling
    Stock + 2 fan cooling pad
    Mouse
    Stock Trackpad +Logi Mx Master 3 or MX Ergo Trackball
    Keyboard
    Stock Illuminated + Logi - MX Keys
    Internet Speed
    950 MB Down 55 MB Up
    Browser
    Latest Chrome
    Antivirus
    BitDefender Total Security 2021
    Other Info
    Also use an Adjustable Support for Laptop and Adjustable stand for monitor
Back
Top Bottom