PDA

View Full Version : Spybot won't remove Yontoo



Mokey
2013-01-14, 01:55
When i do a scan Yontoo.Pagerage shows up. When I try to fix it, I get message saying "Some problems couldn't be fixed; the reason could be that the associated files are still in use (in memory). This could be fixed after a restart. May Spybot S&&D run on your next system startup?" I click Yes and restart and nothing. Anyone have any ideas? i did a search here and saw the files to delete. Should I try that and hope for the best?

Zenobia
2013-01-14, 06:45
Could you do this?

Open SpyBot.
Check for problems.
When the scan completes, right click on the results list, select "Copy results to clipboard".
Paste (Ctrl+V) those results here.


Also,you could go to Start,Control Panel,Uninstall a Program,or Add/Remove programs,look to see if Yontoo is listed there,and uninstall it.

What operating system do you have?

Mokey
2013-01-15, 03:29
Here it is Zenobia. I'll have to post it in sections because it's too long. How much of it do you need to see? I'm using Win7. When I go to Control Panel, Uninstall, Yontoo isn't an option to delete.


--- Search result list ---
Yontoo.Pagerage: [SBI $7EA79EE0] Settings (Registry key, fixing failed)
HKEY_CLASSES_ROOT\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}

Yontoo.Pagerage: [SBI $2ADF7DD5] Settings (Registry key, fixing failed)
HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Yontoo.Pagerage: [SBI $61D90200] Settings (Registry key, fixing failed)
HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2012-10-12 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2012-12-18 Includes\Adware.sbi (*)
2013-01-08 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2012-11-21 Includes\Malware.sbi (*)
2013-01-08 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2012-12-21 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2012-11-14 Includes\Spyware.sbi (*)
2012-11-14 Includes\SpywareC.sbi (*)
2012-11-19 Includes\Tracks.uti
2012-12-11 Includes\Trojans.sbi (*)
2013-01-09 Includes\TrojansC-02.sbi (*)
2013-01-08 Includes\TrojansC-03.sbi (*)
2012-12-21 Includes\TrojansC-04.sbi (*)
2012-11-14 Includes\TrojansC-05.sbi (*)
2012-12-03 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Unknown Windows version 6.1 (Build: 7601) Service Pack 1 (6.1.7601)


--- Startup entries list ---
Located: HK_LM:Run, Adobe ARM
command: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
file: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
size: 919008
MD5: B63E5C7807334A3A8F731062F15462CC

Located: HK_LM:Run, APSDaemon
command: "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
file: C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
size: 59280
MD5: 82CC8F77E9EC61C6B4D48DD4D5CA78E7

Located: HK_LM:Run, ArcadeMovieService
command: "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
file: C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
size: 185640
MD5: 1AA5CE8A101B34121A50173F8A115D88

Located: HK_LM:Run, AVG_UI
command: "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
file: C:\Program Files (x86)\AVG\AVG2013\avgui.exe
size: 3147384
MD5: 9DADF1A809ECEC86F04BDE35190D59FE

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
file: C:\Program Files (x86)\iTunes\iTunesHelper.exe
size: 421776
MD5: 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
file: C:\Program Files (x86)\QuickTime\QTTask.exe
size: 421888
MD5: 916A2C4EB028604783FD5EA169236C1D

Located: HK_LM:Run, StartCCC
command: "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
file: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
size: 343168
MD5: 9C4F97EDC7AFD26D67EC73A5E2118ADA

Located: HK_LM:Run, SuiteTray
command: "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
file: C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
size: 341360
MD5: 4A80B3C030178E65CF0BECFF1BB20905

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
file: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
size: 252848
MD5: 12916E0642E92561C98B18A2A2D01B14

Located: HK_CU:RunOnce, IsMyWinLockerReboot
where: .DEFAULT...
command: msiexec.exe /qn /x{voidguid}
file: C:\Windows\system32\msiexec.exe
size: 73216
MD5: EEE470F2A771FC0B543BDEEF74FCECA0

Located: HK_CU:Run, DW7
where: S-1-5-21-4119433721-1152571648-1210579340-1000...
command: "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
file: C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, IsMyWinLockerReboot
where: S-1-5-18...
command: msiexec.exe /qn /x{voidguid}
file: C:\Windows\system32\msiexec.exe
size: 73216
MD5: EEE470F2A771FC0B543BDEEF74FCECA0

Located: Startup (common), hpoddt01.exe.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
file: C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
size: 28672
MD5: A564A22308A3F55235BA2478EE82992D

spybotsandra
2013-01-15, 13:12
Hello,

Did you open Spybot with a right click and choose "run as administrator/take ownership" (www.safer-networking.org/faq/how-can-i-get-administrator-rights-under-windows-vista-or-windows-7/)?

Best regards
Sandra
Team Spybot

Mokey
2013-01-20, 15:20
spybotsandra, that took care of it! Thank you very much. :thanks:

Zenobia
2013-01-21, 05:50
Glad it worked. :)

eyches
2013-05-10, 09:02
spybot found yontoo in search/scan, but said blah blah something is using the files, same as for the win7 in the previous part of this thread. also i cant find yontoo in the program files; cant find it in firefox addons or extensions. what do i do now? thank you.
this is sounding suspiciously like spybot has been hijacked as well. also, cant find n the spybot in the start menu, when righ t clicking, where it says to run as an admin.

spybotsandra
2013-05-10, 12:15
Hello,

What does the complete error message say?
Which version of Spybot do you run?
Did you open Spybot with admin rights?
Did you close the browser while performing the scan with Spybot?

Best regards
Sandra
Team Spybot