Avast is blocked by group policy

[Turpal]

Hello, so a little while ago my pc was infected by a trojan and it blocked avast and malwarebytes but I managed to delete it with avg.
After I had deleted it, I installed avast again but I still got the same error. I scanned my pc many times with AVG but it couldn't find anything. I also tried to scan with Esset smart security 7 but it didn't find anything either.
So now I installed avast again but I still get the same error and I can't fix it.
Could somebody help me with this?
Thanks

[magna86]

@Turpal
Let's check your system on malware.

Please download Farbar Recovery Scan Tool () by Farbar and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
  
• Under Optional Scan ensure "Driver MD5" are ticked.
  
• Press Scan button.
  
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Next ...




Please download GMER, the RootKit Detector tool from the link below and save it to your Desktop:

Gmer download link
Note: file will be random named

Double-clicking to run GMER.

• Wait for initial scan to finish - if there is any query, click No;
  
• Click [ Scan ] button and wait until the full scan is complete;
  
• Click [ Save ... ]- save the report to the Desktop (named ARK );
  
  
• Then click the >>> button and select Autostart card;
  
• Click [ Scan ] button;
  
• After quick scan, click Copy button;
  
• Open notepad and Paste text. Save report to the Desktop (named autostart )

> Attach here both Gmer logreports. (ARK.txt and autostart.txt)

[Turpal]

Here are the logs from FRST

[Turpal]

and GMER

[magna86]

Hi Turpal,

Please do not be alarm by Gmer's 'RootKit' flags as detections are avast! related. However, I am not fully satisfied by looking GMER log. Simply this requires additional ARK check.
FRST tools shows the active malware presence as well as configuration settings made ​​by the malware. We shall use FRSTScript to kill the malware.
Afterwards, we shall deploy two powerful tool, one known as MBAR and other known as ComboFix.




Download attached FixList.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.





------  Next  ------




Please download Malwarebytes AntiRootkit (MBAR) and save it to your desktop.
http://www.malwarebytes.org/products/mbar/

Full instructions how to use MBAR
http://www.bleepingcomputer.com/virus-removal/how-to-use-malwarebytes-anti-rootkit
    Please note: This is a beta version so please be sure to read the disclaimer and note of it.

• Unzip/unrar MBAR in a folder to your Desktop and MBAR should be run by itself...
  If not, open the folder where the contents were unzipped to run mbar.exe and run it by duble-clicking
  
  
• Click on Next > then on Update button to download fresh definitions.
  
• When database updates click Next
  
• In the following window ensure "Targets" scan for Drivers; Sectors; System are ticked. Then select "Scan button"
  
  
• If an infection/s are found ensure "Create Restore Point" is checked, then select the "Cleanup Button" to remove threats.
  Or if you are sure any entries should not be kept, just untick them. A list of infected files will be listed.
  
  
• The Clean up procedure will be Scheduled for process.
• When complete pop-up will show you. Select the Yes button and the system should re-boot to complete the cleaning process.
  

>> Please attach the two following logs from the mbar folder:

system-log.txt
and
mbar-log-year-month-day (hour-minute-second).txt.




------  Next  ------





1. Please download ComboFix by sUBs from here and save it to your Desktop.
If you are unsure how ComboFix works please read this guide carefully.
Note: ComboFix must be downloaded to your Desktop.

--------------------------------------------------------------------
2. Temporarily disable your AntiVirus program, usually via a right click on the System Tray icon. They may interfere with Combofix.
If you are unsure how to do this please read this or this Instruction.

Instructions how to disable avast:

• Right click on the avast! system tray icon () in the lower right corner of the screen and scroll up to avast! shield controls;
  
• In the menu that appears, choose Disable Permanently. When you are prompted to turn off security, click Yes.

Note: Do not forget to turn back on this option after the cleaning by choosing avast! shield controls > Enable all shield options.

--------------------------------------------------------------------
3. Run ComboFix. Click on I Agree!

- ComboFix will display DISCLAIMER of warranty on software.
By clicking I Agree ComboFix shall continue.
- ComboFix will check if there is a newer version of ComboFix available.
Click Yes if prompted to download.
-If Recovery Console is not installed, ComboFix will offer download & installation.
Click Yes to allow ComboFix to install Recovery Console.
- ComboFix will scan your computer in stages, total of 50 stages.
Do not mouse-click around while ComboFix is running.
Note:If you see a message like "Illegal operation attempted on a registry key that has been marked for deletion" just restart your computer.

--------------------------------------------------------------------
4. When the tool is finished, it will produce a log report for you. (typical location: C:\ComboFix.txt )
Attach log reports ( ComboFix.txt) back to topic.

[magna86]

@Turpal

You get a malware removal help from my colleagues. I'll stop monitoring this topic. Please continue with Essexboy and follow his advices and fix.

Regards,
magna