Avast is blocked by group policy contactt your system administrator....

My Laptop is being infected by viruses, i installed the avast and did full scan using safe mode… after all finished… i try to open avast i get message

"This Program in blocked by group policy. for more information please contact system administrator’ . i already log in using administrator user.

please help me… :cry:

Hmmm. Avast! might be on a IFEO blacklist. Similar to a friends case.

Please go Here (This link is clickable) and attach the following logs. OTL, MBAM, + aswMBR.

Note; If you have an IFEO blacklist, these tools are/will more then likely be blocked. If that is the case. Rename OTL (Which is the main log we need) to [Random Name].SCR

That extension is extremely important. Only do that if needed. I do not recommend it unless absolutely needed. If these tools are flagged for any reason. Be assured they are safe to use. If these programs are blocked by the Group Policy, download a fresh copy and rename them.

Note: Just to be clear. Only OTL is to be renamed. I have not tested any other programs. I have alerted an expert of your case in case they have other plans. If they do, ignore anything thing in this post.

acched is log file for

  1. MBAM
  2. OTL
  3. aswMBR
  4. Extras.txt

:\Users\ASUS\AppData\Roaming\7875.exe (Trojan.Agent.Gen) → Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Agent) → Data: c:\users\asus\mshqaig.exe → Quarantined and deleted successfully.


HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: c:\users\asus\mshqaig.exe -> Quarantined and deleted successfully.

That might be your issue. Is Avast! still not working?

Please download Unchecky and save it to your desktop. Please install the program to help uncheck the boxes for further programs that will/might be downloaded to prevent adware from slowing your system down. (Not our tools, but stuff like Java or CCleaner or Adobe Products)

Let me know if Avast works after this

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:Commands
[CREATERESTOREPOINT]

:OTL
IE - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzz0A0EtC0CtA0F0B0CtB0AtN0D0Tzu0SyByByBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1895211120&ir=
IE - HKU\S-1-5-21-2516392372-4127701512-133264687-1004\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzz0A0EtC0CtA0F0B0CtB0AtN0D0Tzu0SyByByBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1895211120&ir=
FF - prefs.js..extensions.enabledAddons: %7B42e50651-9669-456e-9081-d5a836274274%7D:1.0.1
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
[2014-03-04 12:00:00 | 000,000,264 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC Maintenance.job
[2014-03-04 11:50:16 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC Startup.job

:Files
C:\Program Files\Mobogenie

:Commands
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

attach is my otl and adw cleaner log

tq for helping me…:slight_smile:

“Let me know if Avast works after this” Can you answer Essex’s question please?

still not working… :cry:

OK a slightly stronger tool, after this has completed could you then run a repair of Avast

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

  • IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

  1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
  2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
  3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

i failed to deactivate avast antivirus… so i uninstall the avast first then i run combofix
attached is the log file for combofix

Is Avast working now as Combofix found very little

i don’t know… but the situation is still same… i can’t open the avast and my laptop is getting slower…

please help me… :cry:

OK first off we will uninstall and then re-install Avast to see if that cures the error and then go from there

Download Avast Uninstall Utility to your Desktop.
Download the correct version of Avast
Avast Free
Avast Pro
Avast Internet Security
Avast Premier
Disconnect from the net
Uninstall Avast via control panel

[]Run the uninstalltool and accept the reboot to safe mode
[
]Once complete reboot your system
[*]Reinstall Avast


still same… :cry:

Download Windows All In One Repair from Here to your desktop
Install the programme and run. Windows and Avast may try to block the programme but allow it to run as it is safe.

https://dl.dropboxusercontent.com/u/73555776/waio%20begin.JPG

Select step 4 and create both restore point and registry backup

https://dl.dropboxusercontent.com/u/73555776/waio%20rest%20back.JPG

Select the start tab and press Start

https://dl.dropboxusercontent.com/u/73555776/waio%20start.JPG

Select all the items indicated in the list below and also tick the restart on completion box

https://dl.dropboxusercontent.com/u/73555776/waio%20replist.JPG

condition is still same… :cry:

Download the zip file from this site and follow the instructions http://www.howtogeek.com/howto/windows-vista/add-take-ownership-to-explorer-right-click-menu-in-vista/

Once it has installed go to c:\Program files and right click the Avast folder
Select take ownership
Allow it to run (it may take a few minutes)

Then try to uninstall again