Avast not removing eDeals Malware

Hello All,
Just wondering if anyone can shed some light onto why, when I do a full system scan, my Avast (home version) does not pick up or remove the eDeals malware.

Many thanks

Stuie

https://forum.avast.com/index.php?topic=53253.0

eDeals is not malware, it is a PUP = not malware / Possible Unwanted Program … crap that comes bundled with other downloads

avast PUP detection is default off except for boot scan, so if you want PUP detection, turn it on

follow instructions in the guide Valinorum gave link to and attach the requested logs
when done, he will help you remove any crap / infections found

Great. Thank you.
It may take me a couple of days to get to it, but I’ll get to it.

Cheers

Hi,
Here are two logs that I have done after running a scan in MBAM.
Next up is the FRST.

Cheers

Stuart

Annnnndddd, here’s a problem…
Downloaded FRST and it’s just stuck on the attached screen, just saying its backing up registry.
Should I the aswMBR.exe step??

Cheers

Stuart

we need Malwarebytes scan log … not protection log

if problems just move to next tool … Valinorum will be back later and assist you

Move on to the next tool. By the way, how long did FRST stalled? Re-do the step, if it stalls for more than thirty minutes, I will instruct you another tool. Make sure that you run the tool as administrator.

Many thanks for such a swift reply.

I have gone through the instructions again and have attached all the logs that have been generated by MBAM and aswMBR. Please note that I couldn’t get FRST to work, it stalled for over half an hour.

Hopefully I have everything right this time. :o

Cheers

Stuart

Whoa. I just don’t get it.

After my last post with attachments, I turned the computer off, back on and tried FRST and stuff me, it worked.

So here’s the attached log.

Thanks heaps

Stuart

I require the FRST.txt file as well. It is located in the place with FRST.exe.

Do you mean this one?

It’s the only one that I have.

Oooo! :o
Found some more.

Hey! An Aussie!

Utorrent is a very bad idea! I’ve had a few encounters, the last one, did not go over well, and I’m usually security Cautious. I would very uch so, recommend you remove it ASAP

ProxyServer: http=127.0.0.1:33668
Did you set this proxy server?
  • Step #1 Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    [li]Open Notepad.exe. Do not use any other text editor software;
    - Copy and Paste the contents inside the code-box to your Notepad
    [/li]
Start
Closeprocesses:
Emptytemp:
HKU\S-1-5-21-2457115571-3965115341-3941088439-1000\...\MountPoints2: {1e86bc5e-5e5d-11df-be5b-002219f61cf1} - y.exe
HKU\S-1-5-21-2457115571-3965115341-3941088439-1000\...\MountPoints2: {236119a0-7073-11df-a465-002219f61cf1} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2457115571-3965115341-3941088439-1000\...\MountPoints2: {e7e3757d-2c2e-11e0-b43a-000a3a526641} - F:\setup.exe -a
2014-10-15 19:00 - 2013-09-18 09:21 - 00000000 ____D () C:\BigFishCache
C:\Users\Belinda\AppData\Local\Temp\tempmessage.bfg
C:\Users\Stuie\AppData\Local\Temp\0pvpxtm8.dll
C:\Users\Stuie\AppData\Local\Temp\SHSetup.exe
End
  •   [li]Click on [b]File[/b] > [b]Save as...[/b]
    

[list]
[li]Inside the File Name box type fixlist.txt;
- From the Save as type drop down list, choose All Files
[/li]
- Save the file to your Desktop;
- Re-run FRST.exe and click Fix;
Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
[/list][/li]
- After the completion, a log will be produced;
- Copy and Paste the contents of the log in your next reply.


  • Step #2 Fix with AdwCleaner

      [li]Download [b]AdwCleaner[/b] by [i][b]Xplode[/b][/i] to your [i]Desktop[/i] from the following link.
    

[list]
[li]Download Link #1
- Download Link #2
[/li]
- Right-click on AdwCleaner.exe and choose Run as administrator;
- Click on Scan and let the program run unhindered;
- When done, click on Clean and allow the system to reboot after it is done;
- A log will be opened automatically after the restart;
- Attach the log in your reply.
[/list][/li]


  • Step #3 Fix with Junkware Removal Tool
    Download Junkware Removal Tool by thisisu to your Desktop from the link below.
    Download Link 1
    Download Link 2

      [li]Disable your anti-virus to avoid potential conflicts. For more information please acknowledge yourself [url=http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/]this[/url] article;
      - Run the program either by double-clicking(Windows XP) or Right-clicking and choosing [i]Run as administrator[/i](Windows Vista and above);
      - Please be patient as the tool cleans your system;
      - After completion of the process a log named [b]JRT.txt[/b] will automatically open and is save to your Desktop;
      - Attach the log in your next reply.
    

    [/li]


  • Required Log(s):

      [li]FRST Fix Log
      - AdwCleaner Log
      - Junwkare Removal Tool Log
    

    [/li]
    Regards,
    Valinorum

And the next round of logs.
Have I forgotten anything?

Cheers

Stuart

How is your PC?

It seems the same.
eDeals is still popping up all over the place as is FilmOn.com, Voucher Giveaway and some berk who says he’s English but talks with and pure american accent trying to sell me a secret to making shit loads of money.

Thanks for helping though.

Whats next?

Every browser?

Not sure what you mean by “every browser”.

I only use Google Chrome (and that comes up with the error that it can’t find a proxy server most of the time). That is under my user account.

The issue seems to be worse under my wife’s user account, with more frequent and just simply more pop up windows, if that is possible.

What do you need me to do next?