Sign in to follow this  
bambooZLD

bambooZLD - Cloudscout etc.

Recommended Posts

Hello kind people. I am have a problem similar to that experienced by Alterechoes, only i am using google chrome on windows 7. Many of the web pages I visit are plastered with unwanted ads by Ads by Cloudscout, Ad Choices, and Offers4U. Often when I click on a legitimate link within these pages, I will be redirected to a whole range of pop up websites. It makes browsing very slow and frustrating.

 

I have attached the FRST and addition txt files from the scan as required.

 

Any help would be much appreciated.

Addition.txt

FRST.txt

Share this post


Link to post
Share on other sites

Hi bambooZLD,

 

It's possible that the computer is infected with a rootkit and since it might be difficult to remove and has changed Windows files, it's probably faster and safer to reinstall Windows and all programs than to clean the computer. But we can try to clean it, but I don't promise that it's possible.

 

1. Please uninstall:

RelayDouble, since it's adware

Microsoft Security Essentials, since having more than one active antivirus program can give conflicts, crashes and makes it harder to remove the infection. If you haven't installed Ad-Aware in compatible mode, you have to uninstall AVG too.

Restart the computer.

 

 

2. Please, start Notepad.

Copy all text that is in the box:

File: C:\Windows\SysWow64\Drivers\ASPI32.sys
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_au_15] => [X]
HKU\S-1-5-21-1985921260-2862718565-1384548183-1000\...\Policies\Explorer: [] 
FF Plugin: @microsoft.com/GENUINE -> disabled No File
S2 4dd8d474; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\RelayDouble\RelayDouble.dll",serv
2014-12-22 16:30 - 2015-01-13 16:57 - 00001684 _____ () C:\Windows\Tasks\BFDWSDT.job
Task: {4A48A0A3-92EF-4A10-B57A-8FD2390FB343} - \BFDWSDT No Task File <==== ATTENTION
Task: {8865D9A8-A63D-40E9-B518-6E7BDA0505DA} - System32\Tasks\{67BBF58B-C5B8-4A81-93F2-E6FE4900010D} => pcalua.exe -a C:\Users\Chris\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=tugs <==== ATTENTION
C:\Users\Chris\AppData\Roaming\omiga-plus
Task: C:\Windows\Tasks\BFDWSDT.job => C:\Users\Chris\AppData\Roaming\BFDWSDT.exe <==== ATTENTION
C:\Users\Chris\AppData\Roaming\BFDWSDT.exe
and paste in Notepad. Check that no files have been split on two lines.

Save the file as fixlist.txt on the desktop.

 

Exit all programs.

Start FRST, please.

Click the Fix button.

Wait until the tool has finished.

 

Restart the computer.

 

FRST creates a log file, called Fixlog.txt, on the desktop.

Please, paste the content of that file in your answer.

 

 

3. Please, save RougueKiller on the Desktop: http://www.adlice.com/softs/roguekiller/RogueKillerX64.exe

 

Turn off all running programs, including antivirus programs, and remove any external drives and other devices connected with USB etc. except mouse and keyboard.

 

Start RougueKiller (in Vista and Windows 7 right-click the program and select "Run as administrator"). If it won't start, try several times. If you still are unsuccessful, rename the file to winlogon.exe.

 

Wait until "Prescan" has finished.

Click on "Scan" button in upper right corner.

Wait until the scan has finished.

 

A report with a name similar to RKreport.txt should have been created on the desktop.

Please, post it in your answer.

Share this post


Link to post
Share on other sites

Due to lack of feedback, this topic has been closed.

 

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

 

Everyone else please begin a New Topic.

 

Thank You !

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this