Hello. Whenever I run Ad-Aware, it stops on something called "Toolband.toolbandObj.1," and won't go past it. Now, when I ran AntiVir Guard it didn't find it, but it DOES pop-up saying "What do you want to do about this virus" when Ad-Aware stops on it. I have tried "Move to quarantine folder" "Delete/Wipe file" "Deny access" and all that good stuff, but nothing gets rid of it. I did a google search and it said it was some kind of toolbar thingy for IE, but I just want to get rid of it. Does anyone know how to delete this thing? Here is my hijackthis logfile (whoa lots of stuff) Logfile of HijackThis v1.97.7 Scan saved at 5:18:51 AM, on 1/28/2004 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\Ati2evxx.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\msdtc.exe C:\Program Files\AVPersonal\AVGUARD.exe C:\Program Files\AVPersonal\AVWUPSRV.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\tcpsvcs.exe C:\WINNT\System32\snmp.exe C:\WINNT\wanmpsvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\inetsrv\inetinfo.exe C:\WINNT\System32\mqsvc.exe C:\WINNT\system32\Ati2evxx.exe C:\WINNT\Explorer.exe C:\WINNT\system32\sstray.exe C:\Program Files\ABIT\ABIT uGuru\uGuru.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\program files\powerstrip\pstrip.exe C:\Program Files\AVPersonal\AVGNT.exe C:\Program Files\allSnap\allSnap.exe C:\WINNT\NCLAUNCH.exe C:\Program Files\BitTorrent\btdownloadgui.exe C:\Program Files\AIM\aim.exe C:\Program Files\Internet Explorer\IEXPLORE.exe C:\Documents and Settings\Administrator\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://my.search/sp.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.alfa-search.com/start.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.alfa-search.com/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.alfa-search.com/search.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netscape.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.alfa-search.com/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.alfa-search.com/start.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alfa-search.com/start.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.alfa-search.com/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.alfa-search.com/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.alfa-search.com/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.alfa-search.com/search.html O1 - Hosts: 64.237.53.4 ad.doubleclick.net O1 - Hosts: 64.237.53.4 aff.weatherbug.com O1 - Hosts: 209.87.155.230 date.com O1 - Hosts: 64.237.53.4 doubleclick.net O1 - Hosts: 64.237.53.4 my.search O1 - Hosts: 64.124.222.169 google.com O1 - Hosts: 64.124.222.169 altavista.com O1 - Hosts: 64.124.222.169 yahoo.com O1 - Hosts: 64.124.222.169 lycos.com O1 - Hosts: 64.124.222.169 dogpile.com O1 - Hosts: 64.124.222.169 excite.com O1 - Hosts: 64.124.222.169 metacrawler.com O1 - Hosts: 64.124.222.169 search.com O1 - Hosts: 64.124.222.169 google.com O1 - Hosts: 64.124.222.169 altavista.com O1 - Hosts: 64.124.222.169 yahoo.com O1 - Hosts: 64.124.222.169 lycos.com O1 - Hosts: 64.124.222.169 dogpile.com O1 - Hosts: 64.124.222.169 excite.com O1 - Hosts: 64.124.222.169 metacrawler.com O1 - Hosts: 64.124.222.169 search.com O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [ABIT uGuru] C:\Program Files\ABIT\ABIT uGuru\uGuru.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe O4 - HKLM\..\Run: [Windows Security Assistant] C:\WINNT\system32\rundll32.vbe O4 - HKLM\..\Run: [Soundmx] \soundmx.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.exe /min O4 - HKLM\..\RunServices: [Windows Security Assistant] C:\WINNT\system32\rundll32.vbe O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\LaunchPd.exe" O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [editpad] C:\WINNT\editpad.exe O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent O4 - HKCU\..\Run: [Windows Security Assistant] C:\WINNT\system32\rundll32.vbe O4 - HKCU\..\Run: [NCLaunch] C:\WINNT\NCLAUNCH.exe O4 - Global Startup: allSnap (2).lnk = C:\Program Files\allSnap\allSnap.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: ATI TV (HKLM) O9 - Extra button: AIM (HKLM) O9 - Extra button: Real.com (HKLM) O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {78960E0E-0B0C-11D4-8997-00104BD12D94} (AV Class) - http://www.pcpitstop.com/antivirus/PCPAV.CAB O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O19 - User stylesheet: C:\WINNT\system32\readme.txt

If you don't get an answer here you might want to post this in the Security and Virus forum.

I could be wrong. I think the toolband.toolbandobj.1 is a permission issue. Check your permissions and see if you have admin rights. If not, asking Adaware to read the file is the issue. You may not have rights to read it and if you do, you definitely don't have rights to alter it.