Thursday, May 30, 2013

The program is blocked by group policy


Democrat or Bubonic

Today's Plague
It began last night with ...

Res Ipsa Loquitor

...   and ended with

Res Ipsa Loquitor


Default Re: Avast is blocked by Group Policy... Then you have a major issue that cant be resolved without a format.

Sorry to tell you but you got infected and they added your PC to a group policy. There is no way to undo that unless you know the Admin password that they had set to remove yourself.
The second I agreed to allow the Thunderbird update I regretted it since Thunderbird NEVER uses pop-up update dialog.  Too late.  Before I knew it I had a new Toolbar, and a whole bunch of other crap that I deleted completely, leaving no registry remnants. However ...

When I tried to update Avast I got the "The program is blocked by group policy ..." message.  The administrator password was generated by the  hijacker, who is either Chinese, Russian  or a Democrat.

After spending at least 6 hours trying everything I could find, it appears that this virus can only be removed with a fresh install.

Fukit.  I don't care.  But I've said this before.  If the Obamas spent just a fraction of  resources they use to track and silence their critics, these people could be found, killed, and their mainframes blown to pieces.  In fact, I have more enmity for these people than I did for bin-Laden.

FYI

11 comments:

Anonymous said...

Dude don't panic, you can reset your admin password easily. I've defeated these fuckers many times. However, there is nothing I can do for venereal warts.

Casca

Anonymous said...

Let no OS Pword ever be an obstacle to you again: http://www.techrepublic.com/blog/five-apps/five-trustworthy-password-recovery-tools/1411

Casca

DJMoore said...

I assume that you found this Malwarebytes page, and did everything suggested.

If so, I think Casca has it right. I have a preference for the tools that run from an external bootable CD or flash drive. If possible, create the CD or flash on a non-infected machine.

The other tools are running resource intensive brute force attacks; it may well be that the malware scum was clever enough to pick a very good password.

I have successfully used a Liveboot Ubuntu CD to run Windows password resetting tools, albeit in cases where the user simply forgot the password. As I recall, the tool showed me a list of all the usernames, and let me set a new password for the administrator account.

Here's an example of such a tool.
Note the warning that if you have encrypted files (such as the Barn Army Battle Plans For World Conquest, er, World Liberation) this procedure may render them unreadable.

leelu said...

I got a similar thing for Adobe Flash 12, which does not exist. ZoneAlarm started warning me that it was trying to add all sorts of s**t, so I used the task manager to kill it.

Dodged a bullet.

The bootable CD w/ the password reset works quite nicely.

Buena fortuna!

Mike C said...

One thing Norton AV still does right is they have a bootable antivirus disk... basically you pay the $25 or so, get the ISO on another machine, burn the bootable CD, then boot off that. Sit back, drink some scotch, and in a few hours the problem will go away... then install the complete AV so it will catch to mother lovers when they beguile you with popups the next time...

leelu said...

If you can get PortableApps(.com) on a thumb drive, you can get McAfee Stinger on it. Update, then stick the drive in the affected computer and scan.

Randy Rager said...

I use BitDefender.

Anonymous said...

Boss , You are one stubborn SOB ! When are you gonna buy a MAC ? ; ) > SMIBSID

Rodger the Real King of France said...

I will eventually try all these until something works. but right now I'm tired of the game.

SMIBSID - If this was 5 years ago I would.

Anonymous said...

Don't use the Ubuntu CD, USE UBUNTU as your OS. You can run Windows in a Virtual Box and you will be much better off.

Anonymous said...

I'm probably to late, but here goes anyway: my fool-proof Windows backup plan.
When Windows was first installed, I made a disk image. (This started with Win98 and 3rd party tools, now it's built in.) Changes are noted in a .txt file, probably 3 or 4 per month, i.e. update flash, a new firewall rule, etc.
Every month or so, the disk image is loaded, changes made, new disk image made, repeat.
Been using Winders fer pert near 15 year now, never been bothered none.
I don't use anything Apple because everything Apple sucks. Hard. But that ain't the topic. But remember that there are Apple virii too, and the anti-malware tools for it are not updated in a timely manner.
-bravokilo

Post a Comment

Just type your name and post as anonymous if you don't have a Blogger profile.