I have AVG free and that picked up and removed backdoor.bifrose.exe I have no idea if it ran as nothing apparent happened over the next few days.
To complicate matters, I recently switched from ADSL to fibre and in the process there seems to have been a muck up as my ISP (even though they arranged the install) claim they don't know about my move to fibre. Anyway, short story is that my internet has been on and off and connecting has been slow/fine, so that has made it really hard to tell whether I actually have issues that are not to do with my ISP.
As part of that, before I knew that my ISP didn't transfer me over to fibre, I decided I should uninstall Chrome and reinstall it, and then do the same for Firefox. When I reinstalled Chrome, the NCH toolbar had attached itself and was busy sending me to sites I didn't want. Some time back I had actually acquired this toolbar via some free cd software and it was a combination of hand deleting things out of the registry and Revo that seemed to get rid of it. Back them NCH seemed to have attached itself to both Firefox and Chrome (but not MSIE...) but Firefox is not showing the NCH toolbar this time.
So now I'm also not sure if this is a legacy - that NCH was hiding out somewhere, waiting for the right moment. Or whether its a new infiltration.
I tried deleting any NCH/Conduit entries from both registry and files shown in Explorer. But either I miss some or they come back. Revo won't work (I think I used it the max time for free, now it needs a key).
I guess to summarise:
1. Need to get rid of NCH
2. need someone who can check if I have bifrose.
I've run Malware Bytes and AVG several times, both say I am in the clear. I guess neither of them see NCH as a problem, as I found articles about getting NCH removed dating back to 2010?
Edited by teacuppansy, 07 April 2012 - 10:21 PM.