iBryte Desktop??

I have been seaching for information for “Ibryte Desktop”. what i have found is that it is a “Malware” through posting on other forums.

I currently have a icon on my task bar for this program. i am unaware what it is or what it does. when you right click on it it gives you two options,“pause slider” & Exit.

Other forums are telling me that it is a malware that copies passwords and user names. Used a full scan with avast and found nothing. looked in control panel-remove programs (win 7) and could not find program. Dis find a exe file in regestery and deleted file. However Icon is still present.

Can you guys verify if this is indeed a malware and advise how to remove it?

Try a quick scan with malwarebytes

You may post the scan log here

downloaded malwarebytes and scaned …

/23/2012 3:59:12 PM
mbam-log-2012-04-23 (16-02-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215797
Time elapsed: 2 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Users\larry\AppData\LocalLow\iBryte\Implementations\browseforchange\Assemblies\1\BrowserObjects.dll (Adware.IBryte) → No action taken.

Registry Keys Detected: 31
HKCR\CLSID{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) → No action taken.
HKCR\funmoods.funmoodsHlpr.1 (PUP.Funmoods) → No action taken.
HKCR\funmoods.funmoodsHlpr (PUP.Funmoods) → No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) → No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) → No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) → No action taken.
HKCR\CLSID{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) → No action taken.
HKCR\TypeLib{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) → No action taken.
HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) → No action taken.
HKCR\esrv.funmoodsESrvc (PUP.Funmoods) → No action taken.
HKCR\CLSID{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) → No action taken.
HKCR\escort.escortIEPane.1 (PUP.Funmoods) → No action taken.
HKCR\escort.escortIEPane (PUP.Funmoods) → No action taken.
HKCR\CLSID{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) → No action taken.
HKCR\TypeLib{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Funmoods) → No action taken.
HKCR\funmoods.dskBnd.1 (PUP.Funmoods) → No action taken.
HKCR\funmoods.dskBnd (PUP.Funmoods) → No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) → No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) → No action taken.
HKCR\CLSID{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) → No action taken.
HKCR\TypeLib{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) → No action taken.
HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) → No action taken.
HKCR\funmoodsApp.appCore (PUP.Funmoods) → No action taken.
HKCR\CLSID{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) → No action taken.
HKCR\f (PUP.Funmoods) → No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) → No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) → No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) → No action taken.
HKCU\SOFTWARE\FUNMOODS\FUNMOODS (PUP.Funmoods) → No action taken.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) → No action taken.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FUNMOODS (PUP.Funmoods) → No action taken.

Registry Values Detected: 5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|iBryte browseforchange Desktop (Adware.IBryte) → Data: C:\Program Files (x86)\iBryte\browseforchange\ibrytedesktop.exe → No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) → Data: Funmoods Toolbar → No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) → Data: → No action taken.
HKCU\Software\Funmoods\funmoods|tlbrSrchUrl (PUP.Funmoods) → Data: http://start.funmoods.com/results.php?f=3&a=ironto&q= → No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\funmoods|UninstallString (PUP.Funmoods) → Data: “C:\Program Files (x86)\Funmoods\funmoods\1.5.19.3\uninstall.exe” → No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\Program Files (x86)\Funmoods\funmoods\1.5.19.3 (PUP.Funmoods) → No action taken.
C:\Program Files (x86)\Funmoods\funmoods\1.5.19.3\bh (PUP.Funmoods) → No action taken.

Files Detected: 14
C:\Users\larry\AppData\LocalLow\iBryte\Implementations\browseforchange\Assemblies\1\BrowserObjects.dll (Adware.IBryte) → No action taken.
C:\Program Files (x86)\iBryte\browseforchange\iBryteDesktop.exe (Adware.IBryte) → No action taken.
C:\Program Files (x86)\Funmoods\funmoods\1.5.19.3\bh\funmoods.dll (PUP.Funmoods) → No action taken.
C:\Program Files (x86)\Funmoods\funmoods\1.5.19.3\funmoodssrv.exe (PUP.Funmoods) → No action taken.
C:\Program Files (x86)\Funmoods\funmoods\1.5.19.3\funmoodsTlbr.dll (PUP.Funmoods) → No action taken.
C:\Program Files (x86)\Funmoods\funmoods\1.5.19.3\funmoodsApp.dll (PUP.Funmoods) → No action taken.
C:\Program Files (x86)\Funmoods\funmoods\1.5.19.3\funmoodsEng.dll (PUP.Funmoods) → No action taken.
C:\Users\larry\AppData\Local\Temp\is1373634743\IWantThis_US.exe (Adware.GamePlayLabs) → No action taken.
C:\Users\larry\AppData\Local\Temp\is1566002423\IWantThis.exe (Adware.GamePlayLabs) → No action taken.
C:\Users\larry\AppData\Local\Temp~nsu.tmp\Au_.exe (Adware.GamePlayLabs) → No action taken.
C:\Users\larry\Local Settings\Temporary Internet Files\Content.IE5\HHT8HP3Z\FLVPlayerSetup (1).exe (PUP.Adware.InstallCore) → No action taken.
C:\Program Files (x86)\Funmoods\funmoods\1.5.19.3\escortShld.dll (PUP.Funmoods) → No action taken.
C:\Program Files (x86)\Funmoods\funmoods\1.5.19.3\funmoodsOEM.crx (PUP.Funmoods) → No action taken.
C:\Program Files (x86)\Funmoods\funmoods\1.5.19.3\uninstall.exe (PUP.Funmoods) → No action taken.

(end)

I saved this before i deleted the reference’s to IBryte i believe there was around 6

now the Icon no longer comes up on restart thank you.

Why did Avast not find it or protect from it?

Why did Avast not find it or protect from it?
No security program have 100% detection....

most of the detections are detected as PUP = Possible Unwanted Program
PUP scan is turned off in default avast settings…