Avast Cleanup Premium software casue RISKWARE IFEO.HIJACK infection

[REDACTED]

I have full premium AVAST security product installed, via another software malwarebytes detected, I realized there is a RISKWARE, IFEOHIJACK infected on my installed PC (which AVAST internet security doesn't recognize), by scanning my PC with FRST, it seems that the RISKWARE is caused by Avast Cleanup Premium software. And it kept coming back after removed by Malwarebytes, I have been in the dead loop of many times of scanned/remove/reboot...

Please help for I wish to continue to use AVAST products.

Otherwise I have to uninstall it and hope the error would go away.

IFEO\appvlp.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\lync.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msoev.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msotd.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ocpubmgr.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\setlang.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-07-05]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)

[REDACTED]

  Ami también me ha pasado esto necesito ayuda ¿Alguien puede decirme que es lo que causa eso?

Por favor!

[REDACTED]

I have enclosed all logs under AVAST CleanUP (TuneUp's entire) directory, zipped in AVAST.Tuneup.log.2018.07.13.zip, together also the scanned result FRST.txt (where I found the IFEO.HIJACK causing by AVAST clean up) and Addition.txt generated by latest FRST program, and also Malwarebytes Premium's threat report I saved while IFEO.HIJACK is captured the first time.

I put the zipped file here:
( Your forum do not allow user to upload zip, and each post only restricted to limit 4 attached files... )
https://drive.google.com/open?id=1L0DL_BlTHKqYpJ-_G9_JQJykmPF7-YjO

If you need any other source of data, please let me know.

After trying a few times to gain support from your support email and request page on your site, asking for help on this forum might be the last option I could have, I hope I could get any support from your end soon, or I would reinstall my operation system to get rid of this problem.

Regards,

A

[Stellarman]

Hi,

Thank you for reporting it at the first place!

It is a false positive detection from Malwarebytes because these registry keys are valid.
This is part of the Avast Cleanup - Background & startup programs feature which put programs to sleep. Once you put a program to sleep this feature creates a particular registry key so it is able to wake it up when you access the program again or open an associated file.
It is a legal and valid way how to create a feature like that however it is pretty similar to techniques used by malware programs marked as "Potentially Unwanted Programs" and that's why it is marked by Malwarebytes as IFEO.HIJACK.

We will get in touch with Malwarebytes company to get our application whitelisted to not be detected again.

Thank you.

[REDACTED]

I seem to be undergoing similar problem. Putting suggested programmes to sleep to speed up my computer and now I can't get sound and settings (regular cog button) refuses to open! So I can't ininstall Avast cleanup.
HELP what do I do? it is very upsetting, and to think I'd installed it direct from Avast Premier and paid for this not to happen but it does.

Aran Woodfin

[Stellarman]

I seem to be undergoing similar problem. Putting suggested programmes to sleep to speed up my computer and now I can't get sound and settings (regular cog button) refuses to open! So I can't ininstall Avast cleanup.
HELP what do I do? it is very upsetting, and to think I'd installed it direct from Avast Premier and paid for this not to happen but it does.

Aran Woodfin

Hi,

have you tried to wake programs which are related to sound and settings? Or if you are not sure you can wake all programs back and then try to put to sleep them one by one and test whether sound settings will be still OK.

Thank you.