I can't delete zmg4.exe

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by tk322, Jul 1, 2004.

  1. tk322

    tk322 Private E-2

    I had some scumware. I ran spybot s&d v1.3 updated. I ran ad-ware v6.0 updated. I ran cwshredder which would not update and it found nothing, although spybot said I had coolwwwsearch. I ran aida32(a sysinfo program) and saw there were some programs running I didn't recognize. So I tried to manually delete them from the registry.

    I went to HKLM...CurrentVersion/run and tried to delete the offending program. And this is where I got confused. There was a key there that read

    2N@@NRK5D2WQ3E c:\windows\system\zmg4.exe

    When I try to delete this key, I can. But if I look in another folder and then go back to HKLM...\run, there it is again. CAN'T DELETE, RENAME OR MODIFY this SOB. And smg4.exe does not exist by that name anywhere on the hard drive.

    Other than that, the problems seems to be gone ... for a while. Then, of course, a myriad of programs are showing up in various places (ie, ...\run, install programs on the desktop, reinstalled programs on the hard drive.) Programs such as:
    BXXS.EXE
    CoolSearch
    Lycos Side Search
    Spawner.exe
    Opidogtz
    CS4P028.EXE

    Any thoughts???

    TK322
     
    tk322, Jul 1, 2004
    #1
  2. tk322

    tk322 Private E-2

    Correction
    zmg4.exe and 83 other files of dubious name all dated recently modified (dated 6-27-04 or later) are located in c:\windows\system
     
    tk322, Jul 1, 2004
    #2
  3. Kodo

    Kodo SNATCHSQUATCH

    Kodo, Jul 1, 2004
    #3
  4. Midknite

    Midknite Private E-2

    I have a similar problem with random file names. I know the culprit is coolwebsearch and I have tried everything, Adaware, Spybot 1.3, Aboutbuster, Hijackthis, Shredder, CWSkiller (you get the picture) They will find CWS and remove it, the minute I reboot it is back with file names like apprw.exe but they change every time. I have searched and the only two things i find are to run Shredder (done that) and an updated VJM (which I have). I would appreciate ANY suggestions.
     
    Midknite, Jul 1, 2004
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Jul 1, 2004
    #5
  6. Midknite

    Midknite Private E-2

    I followed the directions (THANK YOU!) and everything seems fine. Apparently these steps disable third party cookies (?) because pretty much everything is blocked however I am still able to access where I need to go on the web. Nevertheless, I have untied the knot at the end of my rope and will move on to the next repair. Does anyone else feel like hunting these people and causing bodily pain to them?


    Thanks for the help
     
    Midknite, Jul 2, 2004
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds