i have a hard one, 95% of anti viruses do not detect this. suggestions?

[Tarq57]

Please post the MBAM scan report when complete. And have it "remove selected". (Select everything found.)

[fpsgameridrc]

pretty much nothing, I'm going to do another scan with prevx last time it had like 24-27 malware, ill see what iti says and im going to do another full scan with MBAM


prevx is alot faster then MBAM so im guessing thisll take an hour or two, but i have a feeling mbam wont pick up  the files im trying to get rid of.

[Tarq57]

Did you update MBAM before scanning? can't tell without the scan report. (It's a text file rather than a screenshot.)

You might have to find the stuff with Prevx, and then try to manually remove it. You'll possibly need a program capable of deleting a file on reboot, unless you know how to write a .bat file for that. (I don't, so don't ask.)

[pinnacle]

you can also run SUPERAntispyware  http://www.superantispyware.com ,  and  Vipre rescue  http://live.sunbeltsoftware.com/ both are free and get rid of zango and shopper report

[fpsgameridrc]

you can also run SUPERAntispyware  http://www.superantispyware.com ,  and  Vipre rescue  http://live.sunbeltsoftware.com/ both are free and get rid of zango and shopper report

thanks but i got rid of those lol, trying to figure out how to get rid of these other things, gonna be back in a bit i guess

[fpsgameridrc]

Malwarebytes' Anti-Malware 1.42
Database version: 3396
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

12/19/2009 9:50:53 PM
mbam-log-2009-12-19 (21-50-53).txt

Scan type: Quick Scan
Objects scanned: 95914
Time elapsed: 7 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 14
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\randy\downloads\Head Shot.exe (Trojan.Agent) -> Quarantined and deleted successfully.




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


alright i got that, but apparently after all that prevx still lists 25 problems...

[Tarq57]

You are probably going to have to manually research the files Prevx flags, and delete them, and the associated reg entries. (Carefully. You can do damage with the registry.) You're in for quite a learning experience. I can't help with this from afar, sorry.If it was my computer, and I could see what was happening, I'd have a go, but it's yours, I can't, and it would be irresponsible to try.
Someone else here with a bit more expertise may be able to help, especially if you post the Prevx scan report.

[Tarq57]

Here's another idea for you, Hitman Pro has favourable user reviews, and I think the trial version is full-featured for 30days. Might do the trick.

[fpsgameridrc]

Here's another idea for you, Hitman Pro has favourable user reviews, and I think the trial version is full-featured for 30days. Might do the trick.

[capslock]i love you man, seriously saved my life[/capslock]

[Tarq57]

It worked?
Superb.

[fpsgameridrc]

yes, better then expected too, got rid of two REALLY OLD ones i had too apparently.

[Tarq57]

Cool. A bit lucky, there.
No more cracks/warez/keygens, please.
Apart from the moral and legal implications, they are often loaded with malware.