Hi guys. Im having a problem with opening avast. I get the message " avast blocked by group policy" I have seen other posts with the same problem and it seems essexboy has sorted this out for them. I have followed the steps and attached the files. Please can you help?
regards
mike

Hi there this will be a two tool fix

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: HKLM Group Policy restriction on software: C:\Program Files (x86)\AVG <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files\Alwil Software <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\Malwarebytes' Anti-Malware <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\AVG <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Alwil Software <====== ATTENTION HKU\S-1-5-21-3137490739-1440661305-3799055173-1002\...0c966feabec1\InprocServer32: [Default-shell32] C:\Users\mike\AppData\Local\{f067800e-15f9-049a-4c98-28589bf705b9}\n. ATTENTION! ====> ZeroAccess/Alureon? 2015-02-11 15:40 - 2015-02-11 15:41 - 00000000 ____D () C:\Users\mike\AppData\Local\{777A2AA9-5157-4060-B7E7-37CEFB251D9C} 2015-02-03 21:14 - 2015-02-03 21:16 - 00000000 ____D () C:\Users\mike\AppData\Local\{62EA550C-08B6-4505-81B9-D856C0AD5D27} 2015-01-31 18:36 - 2015-02-01 18:50 - 00000000 ____D () C:\Users\mike\AppData\Local\{785B8CF8-B31E-48EB-9030-3BABDF12DAB8} 2015-01-27 19:08 - 2015-01-31 18:34 - 00000000 ____D () C:\ProgramData\MFAData 2015-01-27 19:08 - 2015-01-27 19:08 - 00000000 ____D () C:\Users\mike\AppData\Local\MFAData 2015-01-27 19:07 - 2015-01-27 19:07 - 04637504 _____ (AVG Technologies) C:\Users\mike\Downloads\avg_free_stb_all_2015_5557_cnet.exe 2015-01-19 19:29 - 2015-01-19 19:29 - 00000000 ____D () C:\Users\mike\AppData\Local\{8C7ED5C3-4982-4C36-8D72-BCC0F4EA33FC} 2015-01-13 21:03 - 2015-01-13 21:03 - 00000000 ____D () C:\Users\mike\AppData\Local\{8085BCF9-4337-429D-9FE5-448DE06593E7} 2015-01-12 16:58 - 2015-01-12 16:59 - 00000000 ____D () C:\Users\mike\AppData\Local\{506F680B-836D-4571-9CC8-40E080BFA380} 2015-02-11 15:41 - 2014-01-04 00:25 - 00000000 ____D () C:\ProgramData\boost_interprocess C:\Windows\Installer\{f067800e-15f9-049a-4c98-28589bf705b9} C:\Users\mike\AppData\Local\{f067800e-15f9-049a-4c98-28589bf705b9} EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

• IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

Hi thanks for reply. Here is the log

Avast should be running now so you will need to disable the shields when you run combofix

Hi I didn’t realise that avast was running and I started combofix. this ran and then told me avast was running. I followed the on screen instructions and disabled avast then clicked ok. the pc created the logs then rebooted. Combofix then opened a box on the desktop but just hung with the pc not booting up fully. This sat for about an hour then I rebooted the pc. have I caused problems?

Probably not did combofix produce a txt file on the c drive

Ahh found it, didn’t realise it managed to create one.

Although that was not the full report it showed that it replaced the suspect file. How is the computer behaving now ?

Its a lot better now although task manager is showing cpu usage at 100 percent usage however none of the processes are registering as using any cpu? Thank you very much for all the help that you have provided.
regards
mike

Could you screenshot taskmanager for me

Hi I have added this as two pages as the list is too long.
regards

I see what you mean, that is weird. At the CPU usage your system should be frozen, I guess it isn’t