Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious Alcxwdm.sys File


  • Please log in to reply
3 replies to this topic

#1 Jeancf

Jeancf

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:48 PM

Posted 26 October 2007 - 09:43 AM

Hi all,

Since yesterday my sound card is not working anymore (after years of flawless operation). It is a RealTek ALC655 chipset on an ASUS P4G8X motherboard. I am running Windows XP Pro SP2 fully patched.

To try to fix the problem I downloaded the latest driver from Realtek and ran setup. It showed the "begin to install/update AC'97 drivers..." progress bar, froze for ~2 mins half way then exits without notice"

Then I went to the device manager and saw the "Multimedia Audio Controller" marked with the yellow exclamation mark. I right clicked and selected "Update driver..." and pointed to the WDM folder of the driver package I downloaded. The file copying started, froze on ALCXWDM.SYS for a long time then continued until the end Where I got the message "Cannot install this hardware" "Driver not intended for this platform".

I went to check under C:\WINDOWS\system32\drivers. When I right click on ALCXWDM.SYS, the window freezes for ~45s and the right clik menu does not appear. If I right click on other files in this folder I get a menu as expected. The ALCXWDM.SYS file details are 652K 05-sep-02 22:41.

The one that I had supposedly installed is alcxwdm.sys (lower case) 3.91MB 07-Oct-07 17:45.

If I try to delete ALCXWDM.SYS the window freezes again and after a while I get the error message "Cannot delete ALCXWDM Data Error (Cyclic Redundancy Check)."

Now I happen to run Linux on a separate HD on the same PC (Under Linux the sound interface works perfectly). I wanted to delete C:\WINDOWS\system32\drivers\ALCXWDM.SYS from Linux while Windows is not running but to my surprise the file is not there when Windows is not running.

When I reboot and restart Windows, ALCXWDM.SYS is there again...

I ran Ad-Aware, Spybot and AVG anti-virus scans but none of them found anything. The only 2 relevant hits on Google are:
PrevX
file.net

At this stage I ran out of options to try and I would appreciate some help or suggestions.

Thanks,

/~jc

BC AdBot (Login to Remove)

 


m

#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,579 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:48 AM

Posted 26 October 2007 - 10:24 AM

As your second link indicates ALCXWDM.SYS could be a sound card driver from Avance Logic, Inc for Realtek AC'97 Audio.

More of the same here:
http://www.runscanner.net/getMD5.aspx?MD5=...ess=alcxwdm.sys
http://www.soundcard-drivers.com/drivers/80/80131.htm

You don't want to delete that file unless you confirm its bad. If you think its suspicious then get a second opinion and submit the file to jotti's virusscan or virustotal.com. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
Post back with the results of the file analysis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Jeancf

Jeancf
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:48 PM

Posted 27 October 2007 - 08:37 AM

Thanks Quiteman7.

I tried to follow your advice but when I tried to upload the file to the sites you mentioned the transfer failed. Then I tried to copy the file to the desktop but it failed giving me another CRC error. That's when I thought it could be a file system corruption. This turned out to be the correct assumption. After 2 rounds of "chkdsk /F" the file had disappeared. I then reinstalled the driver without problem.

I guess the answer is "no, I am not infected!". :thumbsup:

Thanks,

/~jc

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,579 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:48 AM

Posted 27 October 2007 - 10:29 AM

Your welcome and glad to hear the issue has been resolved. :thumbsup:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users