ewgmfxd.dll

  • Thread starter Thread starter Northern Pike
  • Start date Start date
N

Northern Pike

Guest
For the longest time, booting up my system has always given me a warning
popup indicating the ewgmfxd.dll could not be found. I would simply click OK
and continue.
I decided to investigate and did a search. The results gave me one file
named ewgmfxd.dll.{a whole bunch of numbers here}.
So, I simply renamed it by removing the .{842833282988489342389whatever} so
it was back to its original name. I then did a virus scan on the file which
indicated it was fine. So I rebooted my system hoping all would be fine and I
would never see that popup warning again. No such luck. It now says something
about the file not being a proper windows driver file. I click the OK button
and continue.
Can you tell me what to do?
Should I just kill the file?
Can I get a good file to replace it with?
I have Windows XP with Service Pack 3 hoping that would fix it but it
didn't. I have no idea what this file does or is required for but my system
seems to run fine even though Windows doesn't load it. I would really like to
get this fixed. Getting tired of the issue. And please don't tell me to get
Vista. I like XP very much and have no reason to upgrade.
FYI-The system is an HP laptop Pavilion ze2000 with 1.256GB of ram purchased
in 2005 and has been a real nice computer.
 
RE: ewgmfxd.dll



"Northern Pike" wrote:

> For the longest time, booting up my system has always given me a warning
> popup indicating the ewgmfxd.dll could not be found. I would simply click OK
> and continue.
> I decided to investigate and did a search. The results gave me one file
> named ewgmfxd.dll.{a whole bunch of numbers here}.
> So, I simply renamed it by removing the .{842833282988489342389whatever} so
> it was back to its original name. I then did a virus scan on the file which
> indicated it was fine. So I rebooted my system hoping all would be fine and I
> would never see that popup warning again. No such luck. It now says something
> about the file not being a proper windows driver file. I click the OK button
> and continue.
> Can you tell me what to do?
> Should I just kill the file?
> Can I get a good file to replace it with?
> I have Windows XP with Service Pack 3 hoping that would fix it but it
> didn't. I have no idea what this file does or is required for but my system
> seems to run fine even though Windows doesn't load it. I would really like to
> get this fixed. Getting tired of the issue. And please don't tell me to get
> Vista. I like XP very much and have no reason to upgrade.
> FYI-The system is an HP laptop Pavilion ze2000 with 1.256GB of ram purchased
> in 2005 and has been a real nice computer.

Your machine infected with Virtumonde/Zlob/Vundo variant and you need to run
a thorough scan for both malware and viruses.

Run a thorough scan by doing the following steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
http://onecare.live.com/site/en-gb/default.htm?s_cid=sah
http://onecare.live.com/standard/en-gb/default.htm
You can download this tool "AutoRuns for Windows"
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
And remove the entry from here:

Locate this key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run = look in
the right pane/window and remove the entry for it
"C:\Windows\System32\ewgmfxd.dll "

If you wish to send me your Hijackthis log I will be happy to help you
further or send to one of many forums on the internet!
Download Hijackthis and send me the log.
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)
my address is : to_you_ross(at remove this and repalce with the
obvious)yahoo.co.uk ( _ is underscore)

The entry in Hijackthis will look like this:
O4 - HKLM\..\Run: [ewgmfxd.dll] C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ewgmfxd.dll,hrbtoqb,...etc

Run disk clean up on your Drive.

HTH,
nass
---
http://www.nasstec.co.uk
 
Re: ewgmfxd.dll

nass is correct, follow his advise.


"nass" <nass@discussions.microsoft.com> wrote in message news:C51FEE5F-6CDF-405C-9DF5-F4D4CB0B0BB4@microsoft.com...
>
>
> "Northern Pike" wrote:
>
>> For the longest time, booting up my system has always given me a warning
>> popup indicating the ewgmfxd.dll could not be found. I would simply click OK
>> and continue.
>> I decided to investigate and did a search. The results gave me one file
>> named ewgmfxd.dll.{a whole bunch of numbers here}.
>> So, I simply renamed it by removing the .{842833282988489342389whatever} so
>> it was back to its original name. I then did a virus scan on the file which
>> indicated it was fine. So I rebooted my system hoping all would be fine and I
>> would never see that popup warning again. No such luck. It now says something
>> about the file not being a proper windows driver file. I click the OK button
>> and continue.
>> Can you tell me what to do?
>> Should I just kill the file?
>> Can I get a good file to replace it with?
>> I have Windows XP with Service Pack 3 hoping that would fix it but it
>> didn't. I have no idea what this file does or is required for but my system
>> seems to run fine even though Windows doesn't load it. I would really like to
>> get this fixed. Getting tired of the issue. And please don't tell me to get
>> Vista. I like XP very much and have no reason to upgrade.
>> FYI-The system is an HP laptop Pavilion ze2000 with 1.256GB of ram purchased
>> in 2005 and has been a real nice computer.
>
> Your machine infected with Virtumonde/Zlob/Vundo variant and you need to run
> a thorough scan for both malware and viruses.
>
> Run a thorough scan by doing the following steps:
> 1... First, try to clean up your caches, Internet files and delete cookies
> by doing this:
> Click Start >> Control Panel >> Double click Network and Internet
> Connections >> Double click Internet Options.
> On the IE properties windows you will see these Tabs:
> General | Security | Privacy | Content | Connections | Programs |
> Advanced
> Under General Tab clear your History, Internet Files and Cookies.
> Then click on Advanced tab and scroll down to under the Browsing Option:
> [&] Browsing
> [ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
> Then click on Programs Tab and click Manage Add-Ons and Disable all non
> Verified Add-Ons (You should Renable them later one-by-one and see the
> culprit and update it or remove it.
> How to manage Add-Ons:
> http://support.microsoft.com/kb/883256
> Scan for malware from here:
> http://onecare.live.com/site/en-gb/default.htm?s_cid=sah
> http://onecare.live.com/standard/en-gb/default.htm
> You can download this tool "AutoRuns for Windows"
> http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
> And remove the entry from here:
>
> Locate this key:
> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run = look in
> the right pane/window and remove the entry for it
> "C:\Windows\System32\ewgmfxd.dll "
>
> If you wish to send me your Hijackthis log I will be happy to help you
> further or send to one of many forums on the internet!
> Download Hijackthis and send me the log.
> (http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)
> my address is : to_you_ross(at remove this and repalce with the
> obvious)yahoo.co.uk ( _ is underscore)
>
> The entry in Hijackthis will look like this:
> O4 - HKLM\..\Run: [ewgmfxd.dll] C:\WINDOWS\system32\rundll32.exe
> C:\WINDOWS\system32\ewgmfxd.dll,hrbtoqb,...etc
>
> Run disk clean up on your Drive.
>
> HTH,
> nass
> ---
> http://www.nasstec.co.uk
 
Back
Top