Guest Northern Pike Posted October 16, 2008 Posted October 16, 2008 For the longest time, booting up my system has always given me a warning popup indicating the ewgmfxd.dll could not be found. I would simply click OK and continue. I decided to investigate and did a search. The results gave me one file named ewgmfxd.dll.{a whole bunch of numbers here}. So, I simply renamed it by removing the .{842833282988489342389whatever} so it was back to its original name. I then did a virus scan on the file which indicated it was fine. So I rebooted my system hoping all would be fine and I would never see that popup warning again. No such luck. It now says something about the file not being a proper windows driver file. I click the OK button and continue. Can you tell me what to do? Should I just kill the file? Can I get a good file to replace it with? I have Windows XP with Service Pack 3 hoping that would fix it but it didn't. I have no idea what this file does or is required for but my system seems to run fine even though Windows doesn't load it. I would really like to get this fixed. Getting tired of the issue. And please don't tell me to get Vista. I like XP very much and have no reason to upgrade. FYI-The system is an HP laptop Pavilion ze2000 with 1.256GB of ram purchased in 2005 and has been a real nice computer.
Guest nass Posted October 16, 2008 Posted October 16, 2008 RE: ewgmfxd.dll "Northern Pike" wrote: > For the longest time, booting up my system has always given me a warning > popup indicating the ewgmfxd.dll could not be found. I would simply click OK > and continue. > I decided to investigate and did a search. The results gave me one file > named ewgmfxd.dll.{a whole bunch of numbers here}. > So, I simply renamed it by removing the .{842833282988489342389whatever} so > it was back to its original name. I then did a virus scan on the file which > indicated it was fine. So I rebooted my system hoping all would be fine and I > would never see that popup warning again. No such luck. It now says something > about the file not being a proper windows driver file. I click the OK button > and continue. > Can you tell me what to do? > Should I just kill the file? > Can I get a good file to replace it with? > I have Windows XP with Service Pack 3 hoping that would fix it but it > didn't. I have no idea what this file does or is required for but my system > seems to run fine even though Windows doesn't load it. I would really like to > get this fixed. Getting tired of the issue. And please don't tell me to get > Vista. I like XP very much and have no reason to upgrade. > FYI-The system is an HP laptop Pavilion ze2000 with 1.256GB of ram purchased > in 2005 and has been a real nice computer. Your machine infected with Virtumonde/Zlob/Vundo variant and you need to run a thorough scan for both malware and viruses. Run a thorough scan by doing the following steps: 1... First, try to clean up your caches, Internet files and delete cookies by doing this: Click Start >> Control Panel >> Double click Network and Internet Connections >> Double click Internet Options. On the IE properties windows you will see these Tabs: General | Security | Privacy | Content | Connections | Programs | Advanced Under General Tab clear your History, Internet Files and Cookies. Then click on Advanced tab and scroll down to under the Browsing Option: [&] Browsing [ ] Enable Third-Party browser extensions (Req Rest) uncheck this box. Then click on Programs Tab and click Manage Add-Ons and Disable all non Verified Add-Ons (You should Renable them later one-by-one and see the culprit and update it or remove it. How to manage Add-Ons: http://support.microsoft.com/kb/883256 Scan for malware from here: http://onecare.live.com/site/en-gb/default.htm?s_cid=sah http://onecare.live.com/standard/en-gb/default.htm You can download this tool "AutoRuns for Windows" http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx And remove the entry from here: Locate this key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run = look in the right pane/window and remove the entry for it "C:\Windows\System32\ewgmfxd.dll " If you wish to send me your Hijackthis log I will be happy to help you further or send to one of many forums on the internet! Download Hijackthis and send me the log. (http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php) my address is : to_you_ross(at remove this and repalce with the obvious)yahoo.co.uk ( _ is underscore) The entry in Hijackthis will look like this: O4 - HKLM\..\Run: [ewgmfxd.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ewgmfxd.dll,hrbtoqb,...etc Run disk clean up on your Drive. HTH, nass --- http://www.nasstec.co.uk
Guest ju.c Posted October 16, 2008 Posted October 16, 2008 Re: ewgmfxd.dll nass is correct, follow his advise. "nass" <nass@discussions.microsoft.com> wrote in message news:C51FEE5F-6CDF-405C-9DF5-F4D4CB0B0BB4@microsoft.com... > > > "Northern Pike" wrote: > >> For the longest time, booting up my system has always given me a warning >> popup indicating the ewgmfxd.dll could not be found. I would simply click OK >> and continue. >> I decided to investigate and did a search. The results gave me one file >> named ewgmfxd.dll.{a whole bunch of numbers here}. >> So, I simply renamed it by removing the .{842833282988489342389whatever} so >> it was back to its original name. I then did a virus scan on the file which >> indicated it was fine. So I rebooted my system hoping all would be fine and I >> would never see that popup warning again. No such luck. It now says something >> about the file not being a proper windows driver file. I click the OK button >> and continue. >> Can you tell me what to do? >> Should I just kill the file? >> Can I get a good file to replace it with? >> I have Windows XP with Service Pack 3 hoping that would fix it but it >> didn't. I have no idea what this file does or is required for but my system >> seems to run fine even though Windows doesn't load it. I would really like to >> get this fixed. Getting tired of the issue. And please don't tell me to get >> Vista. I like XP very much and have no reason to upgrade. >> FYI-The system is an HP laptop Pavilion ze2000 with 1.256GB of ram purchased >> in 2005 and has been a real nice computer. > > Your machine infected with Virtumonde/Zlob/Vundo variant and you need to run > a thorough scan for both malware and viruses. > > Run a thorough scan by doing the following steps: > 1... First, try to clean up your caches, Internet files and delete cookies > by doing this: > Click Start >> Control Panel >> Double click Network and Internet > Connections >> Double click Internet Options. > On the IE properties windows you will see these Tabs: > General | Security | Privacy | Content | Connections | Programs | > Advanced > Under General Tab clear your History, Internet Files and Cookies. > Then click on Advanced tab and scroll down to under the Browsing Option: > [&] Browsing > [ ] Enable Third-Party browser extensions (Req Rest) uncheck this box. > Then click on Programs Tab and click Manage Add-Ons and Disable all non > Verified Add-Ons (You should Renable them later one-by-one and see the > culprit and update it or remove it. > How to manage Add-Ons: > http://support.microsoft.com/kb/883256 > Scan for malware from here: > http://onecare.live.com/site/en-gb/default.htm?s_cid=sah > http://onecare.live.com/standard/en-gb/default.htm > You can download this tool "AutoRuns for Windows" > http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx > And remove the entry from here: > > Locate this key: > HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run = look in > the right pane/window and remove the entry for it > "C:\Windows\System32\ewgmfxd.dll " > > If you wish to send me your Hijackthis log I will be happy to help you > further or send to one of many forums on the internet! > Download Hijackthis and send me the log. > (http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php) > my address is : to_you_ross(at remove this and repalce with the > obvious)yahoo.co.uk ( _ is underscore) > > The entry in Hijackthis will look like this: > O4 - HKLM\..\Run: [ewgmfxd.dll] C:\WINDOWS\system32\rundll32.exe > C:\WINDOWS\system32\ewgmfxd.dll,hrbtoqb,...etc > > Run disk clean up on your Drive. > > HTH, > nass > --- > http://www.nasstec.co.uk
Recommended Posts