Unable to remove zango.com and virtual bouncer

I am having problems removing a couple of programs off my computer. I have Adaware, Spybot, Spywareblaster, and Spyware Doctor. Spyware doctor keeps finding zango.com when I run quick scan. When I run full scan it finds zango and virtual bouncer everytime. How can I get this out of my comp? Getting frustrated about this. Really would appreciate any help you can give me. Thank You.

 

Did you try looking in Add/Remove Programs? Perhaps in Program Files Folder as well?

Generally, when dealing with pesky Adware/Malware, it is a good idea to start with the Cleanup Tutorial HERE:

READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan and Virus Removal

There are only a few of us Volunteers who regularly offer advice in this forum. Running through the above Tutorial will remove a lot of stuff that would otherwise clog a HijackThis Log and save us valuable time.

Please let us know the steps that you are able to complete and the ones that give you problems. Note that you need to be in Safe Mode with System Restore OFF (if you have it - you didn't give OS) and have the Viewing of Hidden Files ENABLED as per the instructions in the link. Make sure to do the Online Scans.

Post back and let us know how you fared. Also, send us a HijackThis Log. Please be sure to follow the instructions below:

Note that your HijackThis should be up-to-date (v1.99) and MUST be extracted to its own safe folder – C:\Program Files\HijackThis!

Should you need a Fresh Download of HJT, get it HERE: HijackThis v1.99

Also note that, before you scan, you MUST close all running programs including your web browser, e-mail and items in the system tray.

Please save your HJT Log as a .txt File and attach it via the "Manage Attachments" tool in the Additional Options section when you post.

I’m not around this forum too often these days, but somebody will try to take a look when they get a chance.

Best luck
PP

 

Hi, I have done everything in the 'Read me first' tutorial, with system restore off and hidden files viewed. There was nothing in add/remove programs or program file folders that said anything about zango or virtual bouncer. I even emptied temp folder and temp internet files. I do have a question about my temp folders tho. They are showing different FDR files(msn200,msn1008,etc.). What are they and why are they in that folder? Also there are desktop configuration settings files in the folder. I did not delete them and I ran ccleaner before I looked in temp & temp internet folders. I am including a HJT log taken after all steps were done. Please help me to figure this out. Thanks.

 

Hi, I am still waiting to hear what my hijackthis log says....is it ok? Would really appreciate something, PLEASE!?

 

Sorry for your wait - There are only a couple of us volunteers who offer advice in this forum and lately there have been a lot of threads and little free time after work and family obligations.

I gave your log a quick glance and nothing particularly harmful jumps out at me. I do not see Zango or Virtual Bouncer in your log. Could be a false positive. That's why we recommend more than one anti-spware scanner.

Do you actually see any manifestations of these, or is this strictly a case of a scanner triggering on them?

It could also be that there are remnants (Reg. entries) remaining from a previous cleaning of the malware and this is the cause of the alarm.

PP

 

Thank You--sorry if I sounded impatient.

I haven't had any manifestations on my comp. It just always popped up when I ran Spyware Doctor(which was the only program that would find them) and it kept SpywareBlaster from guarding against them. I have since uninstalled spywareDr and spywareblaster hasn't had problems since. Not sure I like spywareDr cuz it caused me problems before that the other programs didn't find. And as soon as I uninstalled it everything was fine.

If there are possibly any remnants how would I find out and fix them? Would appreciate any advice.

Again Thank You for your time helping me
Bttrflydaisys

 

I've seen conflicts like this before where the Spyware Blaster setting was triggering another scanner - Which, in turn, would disable the Spyware Blaster setting for the item. Spyware Dr. is a good proggy, but, as I say, you really need a couple. You may notice that this will be corrected with further updates of definition files.
In fact, this may not have anything to do with remnants at all! However, if you are so inclined, you should be able to use regedit to look in the registry for orphaned entries. Personally, I would not worry too much about it!

Anyhoo, have a peek at How to protect your computer from Icky Malware - By Chaslang

PP

 

Thank You...I did what was said in the link provided except the firewall cuz I am that well informed on how to use one. Are those ones easy to understand and figure out what to allow? Everything else I have on my comp.

When I looked in my security settings I saw some things that I have a question about....as to what the settings should be...
1)User Authentication Logon---mine says 'Auto Logon in Intranet Zone'
2)Auto Prompt for file downloads--Disable or Enable?--mine's marked disable
3)Run components not signed with authenticode--disable, enable, prompt--mine's marked enable
4)Allow scripting of IE Webbrowser controls--disable or enable--mine's marked disable

Hopefully these are the last except for how to run a firewall....
bttrflydaisys

 

Hi Bttrflydaisys,

As far as firewalls go, many in the Software Forum like the simplicity of ZoneAlarm. Also, you should note that SP2 has its own easy-to-use firewall built in (Start > Control Panel > Security Center). If you choose to go with ZoneAlarm (A good idea!), then be sure to Disable the Windows Firewall.

As for this one:
3)Run components not signed with authenticode--disable, enable, prompt--mine's marked enable ---> You should DISABLE it.

The others should be OK.
As long as you keep your Anti-spyware tools and AV updated and surf wisely, you ought to be pretty safe from most malware.

PP

 

Thank You PhilliePhan!!!! I greatly appreciate all the help you have given me..I have changed the authenticode to disable and I do have SP2 firewall.
Again THANK YOU!! bttrflydaisys.

 

You're welcome!

SP2 firewall should be OK as long as you are a safe surfer. I still suggest you try ZoneAlarm - It will monitor inbound AND OUTBOUND traffic. That way, if you get a piece of malware on your machine and it tries to "Phone home," you'll be notified for your approval first! The Windows firewall does not address this!

If you have any questions about the various firewalls or other safety issues, ask the Software Forum. The regulars there are always happy to show off their considerable knowledge!

PP