Elitum Toolbar - possible FP.

[Noviciate]

The first post in the thread can be found here

The Spybot entry is:

-- Search result list ---
Elitum.EliteBar: Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\JM5289

The lines in the HJT log that I think are related to this are:

O4 - HKLM\..\Run: [ALi5289] C:\Program Files\ULI5289\ALi5289.exe
O4 - HKLM\..\Run: [JMAP5289] C:\Program Files\ULI5289\JMAP5289.exe

Google tells me next to nada abvout the files although they have paid a visit to Jotti's on more than one ocassion. E.G.: http://forums.spybot.info/showthread.php?t=3129&page=2

The information I got from the poster is:

"ALi5289.exe Looks to me to be an application for joining two harddrives together. I went to the computer shop who made it up for me to ask them what it was but it was closed.

Jmap5289.exe It said SATA Configuration. ALi Sata controller 1 (M5289)
I have a Maxtor 6L200MO harddrive"

That's about it.

[LonnyRJones]

Hi

Can you get copies of those files ? send to the team and myself
C:\Program Files\ULI5289 < contents
and whatever file the registry points to if its not in the folder above
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\JM5289

detectionsATspybot.info
and
submitlonnyATsubratam.org

Replace AT with @

Thanks

[Noviciate]

I've posted accordingly but the thread had worked itself up so you may not get the files requested - I can but try.

[LonnyRJones]

Posting to let you know i received and forwarded the files and brought it up.
I Did not receive responses yet.

Thanks for having them sent.

[Noviciate]

Always a pleasure, never an imposition.

[Yodama]

sorry for the late reply, this false positive has been removed, the correction should have been active with the update from 2006-07-07.

[Noviciate]

Don't you just love a happy ending!