[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Group Policy blocking software on Windows 7 machine - not on domain

Posted on 2013-02-04
12
Medium Priority
?
2,162 Views
Last Modified: 2013-02-08
I've got a home customer using a HP Touchsmart computer that randomly started having certain applications blocked by group policy; AVG, Malwarebytes, Quicken installer to name a few. I do not see any programs being blocked under gpedit->Computer Configuration->Windows Settings->Security Settings->Software Restriction Policies - or- Application Control Policies->AppLocker.
These programs appear to function properly in safe mode. The computer is NOT part of a domain (just a standard workgroup), nor has it ever been. The user is an administrator on the computer.
I was able to download this which allows me to 'unlock' the station and allows all software to run properly, but don't want to have to tell a customer that he has to run that every time he restarted the computer. Once the computer was 'unlocked' I ran full scans of the computer with CCleaner, AVG, Malwarebytes, and TDSSKiller, all of which came back clean, these scans were also all run in safemode.

Are there any suggestions/places to look? I'm kinda at a loss for where else to look.
0
Comment
Question by:PortableCIO
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 38852317
Which version of Windows 7?  

run gpedit.msc and check settings
0
 

Author Comment

by:PortableCIO
ID: 38852328
I believe it's just home premium, and as I stated, I looked through GPEDIT and didn't find any red flags. I looked through:
gpedit->Computer Configuration->Windows Settings->Security Settings->Software Restriction Policies
-and-
gpedit->Computer Configuration->Windows Settings->Security Settings->Application Control Policies->AppLocker
and in neither location are there any restrictions defined.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 38852339
Ok
lets run msconfig
under services tab hide all microsoft services then disable all others
under startup tab disable all

restart computer see is problem continues.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:PortableCIO
ID: 38852352
Yes, the problem persists. I've done a manual disabling of items at startup (services and programs), as well as just doing a "Diagnostics Boot", and the problem continues to be present.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 38852376
something is conflicting here

I know you tried manually stopping services but I would suggest trying the msconfig method.

easy to miss something.

What errors you receiveing? event log messages?
0
 

Author Comment

by:PortableCIO
ID: 38852416
Shouldn't a diagnostics boot disabled all non-windows services? The only errors I'm receiving are coming up when I try and launch certain applications (currently that list consists of AVG, Malwarebytes, Quicken autorun, Quicken installer, and LogMeIn Rescue), stating that this program has been blocked by a group policy. No specific error codes are present.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 38852564
diagnostics boot is usually hardware checking

If they are functioning in Safe mode then something running is conflicting.

msconfig is only way to test this out.

No errors in the application log?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 38852677
0
 

Author Comment

by:PortableCIO
ID: 38852708
I have tried both with, and without UAC enabled. No change. The computer is not in our office so I haven't been able to check the error logs.
0
 
LVL 56

Accepted Solution

by:
McKnife earned 1500 total points
ID: 38852941
Hi.

[Home premium has no applocker nor gpedit.msc. For applocker it has to be the enterprise edition, even.]
PortableCIO, you should reinstall the computer, it was severly infected. That's the best way unless you are able to judge its state from an offline bootdisk. Running online scans on an infected machine often leads to nothing.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 38853243
I would to see what is in the log first before we determine what to do next.
0
 

Author Closing Comment

by:PortableCIO
ID: 38869060
Not going to bother wasting time on the issue... a rebuild is in order.

Thanks for everyone's help
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question