There has already been a topic posted on this, but i am still suspicious after following the steps that i may still have it. I am also suspicious about two registries called “Anchor Free” and “Troll Tech”, plus minor suspicions for “AWWD”, “lllfonic” and “kde.org”. Anyway the virus is called Next Live-B, from the infected file nengine.dll, and i have had a root kit in the past, I currently have used Avast Full System Scan, Boot Scan, Root Kit Detection, FRST64 and ComboFix.
The log files to FRST64 are attached below, forgot to collect the others!
You have been disabled ‘ApnUpdater’ for Ask toolbar. Enable that…
MSCONFIG\startupreg: ApnUpdater => “C:\Program Files (x86)\Ask.com\Updater\Updater.exe”
2. Uninstall the bad PUP software
Start > Control Panel > Add and Remove programs
From there uninstall/remove the following:
Ask Toolbar
YTD Toolbar v8.6
3. Removal via FRST’s FixList
1. Open notepad and copy/paste the text present inside the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
2. Save notepad as fixlist.txt to your Desktop. NOTE: => It’s important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
3. Run FRST/FRST64 and press the Fix button just once and wait. If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply. Note: If the tool warned you about the outdated version please download and run the updated version.
Re-check:
Re-run FRST, just hit the Scan button and post me fresh created FRST.txt button
Magna‚ the second log is there‚ aka Ubuntu rocks‚ aka windows sucks plus Microsoft took the convenience to disable my backup features after I accidently deleted a file!