Configuration: Windows XP Firefox 2.0.0.16
Just figured the solution to this!
The file that is doing this is macidwe.exe, and is starting either ceswxfst.sys or tcexfst.sys or cfexfst.sys. And They all play audio snippets off the web. If you right click on My Computer, select Manage, go to services and applications, services, and then find the Macidwe Service. Right Click on that, select properties and change the startup type to "Disabled" Press Ctrl+Alt+Delete and kill all processes you know are associated with this. Macidwe.exe and all the .sys files will be in the Windows/system32 folder, so just find the ones you see pop up when sounds play and delete them. You should no longer have the problem. I think i just posted the first solution to this on the web :D
|
So far i have seen little evidence to indicate a privacy breach, and it is probably most likely that the software was made to cause irritation, but i have no idea who made it, or alternatively what other risks it poses. I think i got it from a duff keygen or crack for Photoshop CS3 (Serves me right)
I also found other files that are responsible - Wserving.exe, Sobicyt.exe Nobicyt and Perfs.exe, known as Perfmons. All off these should be deleted from the system32 folder, as well as blocked in service management. I have a suspicion that Perfs.exe or Wserving may be the key file that keeps making these processes.
|
Oh and Afinding.exe, wow this is some evil malware! |
and routing.exe
Im pretty sure thats the last of it. Hopefully no more will be created when i start up again tommorow. |
I had to remove all of these (although it's possible this is more than one infection/problem):
afinding.exe edtxfst.sys macidwe.exe Nobicyt.exe perfs.exe routing.exe sobicyt.exe tdxdowkc.exe wserving.exe I heard a woman giggling. Also, at one point I sneezed and I could have sworn a text-to-speech voice said "gesundheit".
|
These files also appear in c/windows/prefetch, might wanna delete from there too |
Thankyou Ehsan and everyone else that posted on this topic, I have disabled and removed all of the files mentioned. Lets hope they do not come back. |
Thank you all guys for your assistance. My laptop kept playing random sound clips at random times. I read all your posts and disabled and deleted all suspected files. So far my computer hasn't played these clips at all so it has appeared to work. This is my work computer and my IT guy lives and swears by Symantec, which did not catch any of these files at all. I keep hounding him about not using Symantec, but obviously that has gotten me nowhere. One thing I did notice though. On the icon for the sobicyt.exe file, I had to squint to read it, but it read TS Online. I googled TS Online and it pulled up various links to "gaming" sites among a few sites regarding online learning. One of these sites might be a mirror site that keeps planting these files on our PC's. Anyway, thanks for the help guys. |
cfexfst.sys
atsxyzd.sys routing.exe wserving.exe tcexfst.sys tdxdowkc.exe Nobicyt.exe macidwe.exe msudks.exe dxtxfst.sys afinding.exe edtxfst.sys perfs.exe sobicyt.exe there are all the files i had and the mcafee cleaned 6 trojans that originated from the perfs.exe application it seems that my infection is more sericous because i have more files then you guys stated earlier but i am going to all the things you suggested to rid my computer of these horrible files because they were not picked up on any of my scanners except the trojans but most of the files returned to my comp after a few days i will try the new methods and get back to you |
All the sys files are generated and run by the applications made by perfs.exe. the exe's are the ones that are making the problems so dont worry if you have all these sys files going at you. |
I hate to bust your bubbles, but I have the same problem of radio and other snippets playing at random; I tried what was suggested and found NONE of those files!
So what's my problem?
|
|
Thanks for this! I had all them files but the only one that seemed to create sound for me was edtxfst.sys. And this one keeps appearing back in the processes. I kill the process then delete the file and have followed what Ehsan said to do :/
EDIT - actually its edbvfct.sys that keeps appearing for me now D: |
I too followed the suggestions and found and deleted all the files. My Norton anti virus program keeps picking up however the following exe files with different ending and beginning numbers. A0090039.exe. Norton is putting them in quarntine. I'm not sure of the source. Any suggestions? Can I delete the source once I find out what it is? |
i think i figured it out guys
when you get into the computer management, disable all files that have ______ corporation. I.E afinding service or wserving... E.X you should see ''wsering corperation'' in the discription. |
After you delete the exe files in safe mode
delete the services causing the problems by typing sc delete ______ Service Careful you don't delete the wrong service! |
regrun worked for me when the trojan came back |
I am having the same problem. The only thing is that I have looked every where for the files that you all have listed on the page and I can't find them. I still keep getting the music, radio station and other non sense on the speakers. I press F5 and it refreshes the screen and goes away. It will periodically reappear and I have to hit F5 to get rid of it again. There must be something that we can do or it will come back over and over and over again. I have been going through this for the last 4 months now. It sucks. I leave my speakers off just so I don't hear it. Also from time to time I get a pop up with a broken link. Pretty sure that comes with whats going on. I run Spybot non stop but that doesn't work, then Regcure and doesn't work and the virus systems that I have don't pick up crap. I used Norton 360 and Avast. Need some serious help.
|
Now I am having trouble getting rid of another malicious file that surfs the internet on hidden web pages 6LN0dYGS.exe, I delete the file from my system32 folder and it continues to come back. Any suggestions? |
J - Has the random sound issue been solved ? I see no postings in September. My son's DEll laptop has this problem.
I had to clear over 100 Trojaan viruses from its hard drive. But the random sound still remains an issue. I will try the things mentioned in this forum. tks |
Results for
Results for
Results for
Results for
Results for