ewgmfxd.dll

[Northern Pike]

For the longest time, booting up my system has always given me a warning
popup indicating the ewgmfxd.dll could not be found. I would simply click OK
and continue.
I decided to investigate and did a search. The results gave me one file
named ewgmfxd.dll.{a whole bunch of numbers here}.
So, I simply renamed it by removing the .{842833282988489342389whatever} so
it was back to its original name. I then did a virus scan on the file which
indicated it was fine. So I rebooted my system hoping all would be fine and I
would never see that popup warning again. No such luck. It now says something
about the file not being a proper windows driver file. I click the OK button
and continue.
Can you tell me what to do?
Should I just kill the file?
Can I get a good file to replace it with?
I have Windows XP with Service Pack 3 hoping that would fix it but it
didn't. I have no idea what this file does or is required for but my system
seems to run fine even though Windows doesn't load it. I would really like to
get this fixed. Getting tired of the issue. And please don't tell me to get
Vista. I like XP very much and have no reason to upgrade.
FYI-The system is an HP laptop Pavilion ze2000 with 1.256GB of ram purchased
in 2005 and has been a real nice computer.

 

[nass]

For the longest time, booting up my system has always given me a warning
popup indicating the ewgmfxd.dll could not be found. I would simply click OK
and continue.
I decided to investigate and did a search. The results gave me one file
named ewgmfxd.dll.{a whole bunch of numbers here}.
So, I simply renamed it by removing the .{842833282988489342389whatever} so
it was back to its original name. I then did a virus scan on the file which
indicated it was fine. So I rebooted my system hoping all would be fine and I
would never see that popup warning again. No such luck. It now says something
about the file not being a proper windows driver file. I click the OK button
and continue.
Can you tell me what to do?
Should I just kill the file?
Can I get a good file to replace it with?
I have Windows XP with Service Pack 3 hoping that would fix it but it
didn't. I have no idea what this file does or is required for but my system
seems to run fine even though Windows doesn't load it. I would really like to
get this fixed. Getting tired of the issue. And please don't tell me to get
Vista. I like XP very much and have no reason to upgrade.
FYI-The system is an HP laptop Pavilion ze2000 with 1.256GB of ram purchased
in 2005 and has been a real nice computer.

Your machine infected with Virtumonde/Zlob/Vundo variant and you need to run
a thorough scan for both malware and viruses.

Run a thorough scan by doing the following steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
http://onecare.live.com/site/en-gb/default.htm?s_cid=sah
http://onecare.live.com/standard/en-gb/default.htm
You can download this tool "AutoRuns for Windows"
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
And remove the entry from here:

Locate this key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run = look in
the right pane/window and remove the entry for it
"C:\Windows\System32\ewgmfxd.dll "

If you wish to send me your Hijackthis log I will be happy to help you
further or send to one of many forums on the internet!
Download Hijackthis and send me the log.
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)
my address is : to_you_ross(at remove this and repalce with the
obvious)yahoo.co.uk ( _ is underscore)

The entry in Hijackthis will look like this:
O4 - HKLM\..\Run: [ewgmfxd.dll] C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ewgmfxd.dll,hrbtoqb,...etc

Run disk clean up on your Drive.

HTH,
nass

 

[ju.c]

nass is correct, follow his advise.

For the longest time, booting up my system has always given me a warning
popup indicating the ewgmfxd.dll could not be found. I would simply click OK
and continue.
I decided to investigate and did a search. The results gave me one file
named ewgmfxd.dll.{a whole bunch of numbers here}.
So, I simply renamed it by removing the .{842833282988489342389whatever} so
it was back to its original name. I then did a virus scan on the file which
indicated it was fine. So I rebooted my system hoping all would be fine and I
would never see that popup warning again. No such luck. It now says something
about the file not being a proper windows driver file. I click the OK button
and continue.
Can you tell me what to do?
Should I just kill the file?
Can I get a good file to replace it with?
I have Windows XP with Service Pack 3 hoping that would fix it but it
didn't. I have no idea what this file does or is required for but my system
seems to run fine even though Windows doesn't load it. I would really like to
get this fixed. Getting tired of the issue. And please don't tell me to get
Vista. I like XP very much and have no reason to upgrade.
FYI-The system is an HP laptop Pavilion ze2000 with 1.256GB of ram purchased
in 2005 and has been a real nice computer.

Your machine infected with Virtumonde/Zlob/Vundo variant and you need to run
a thorough scan for both malware and viruses.

Run a thorough scan by doing the following steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
http://onecare.live.com/site/en-gb/default.htm?s_cid=sah
http://onecare.live.com/standard/en-gb/default.htm
You can download this tool "AutoRuns for Windows"
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
And remove the entry from here:

Locate this key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run = look in
the right pane/window and remove the entry for it
"C:\Windows\System32\ewgmfxd.dll "

If you wish to send me your Hijackthis log I will be happy to help you
further or send to one of many forums on the internet!
Download Hijackthis and send me the log.
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)
my address is : to_you_ross(at remove this and repalce with the
obvious)yahoo.co.uk ( _ is underscore)

The entry in Hijackthis will look like this:
O4 - HKLM\..\Run: [ewgmfxd.dll] C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ewgmfxd.dll,hrbtoqb,...etc

Run disk clean up on your Drive.

HTH,
nass