Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Group policy grayed out, firewall off

12 Feb 2013   #31
MavMin

Windows 7 Home Premium 64bit
 
 
AWD

# AdwCleaner v2.112 - Logfile created 02/12/2013 at 20:44:41
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
#
# Boot Mode : Normal
# Running from : C:\Users\\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\barronshultz\AppData\Roaming\Mozilla\Firefox\Profiles\sp8aj92j.default\searchplugins\zoneal arm.xml
Folder Deleted : C:\Users\Maverick\AppData\Local\Wajam
Folder Deleted : C:\Users\Maverick\AppData\LocalLow\AVG Secure Search

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16438

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

File : C:\Users\barronshultz\AppData\Roaming\Mozilla\Firefox\Profiles\sp8aj92j.default\prefs.js

C:\Users\barronshultz\AppData\Roaming\Mozilla\Firefox\Profiles\sp8aj92j.default\user.js ... Deleted !

[OK] File is clean.

File : C:\Users\Maverick\AppData\Roaming\Mozilla\Firefox\Profiles\ersv8bnw.default\prefs.js

C:\Users\Maverick\AppData\Roaming\Mozilla\Firefox\Profiles\ersv8bnw.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Deleted : user_pref("extensions.wajam.affiliate_id", "5922");
Deleted : user_pref("extensions.wajam.firstrun", "false");
Deleted : user_pref("extensions.wajam.log_send_info", "false");
Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21083\",\"supported_sites\":{\[...]
Deleted : user_pref("extensions.wajam.no_trace", "false");
Deleted : user_pref("extensions.wajam.server_current_mapping_version", "0.21083");
Deleted : user_pref("extensions.wajam.trace_log", "1357168869415 - processInstallationUpgrade - version set to[...]
Deleted : user_pref("extensions.wajam.unique_id", "8BED31FCD2D862B015EB12E8C948DEB3");
Deleted : user_pref("extensions.wajam.user_current_mapping_version", "0");
Deleted : user_pref("extensions.wajam.version", "1.26");
Deleted : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sa[...]
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={A9292D11-29A7-4E58-87C0-CBC7E8BCDB4E}&m[...]

*************************

AdwCleaner[R1].txt - [6297 octets] - [12/02/2013 20:11:19]
AdwCleaner[R2].txt - [6357 octets] - [12/02/2013 20:39:00]
AdwCleaner[R3].txt - [6476 octets] - [12/02/2013 20:44:04]
AdwCleaner[S1].txt - [341 octets] - [12/02/2013 20:39:55]
AdwCleaner[S2].txt - [6765 octets] - [12/02/2013 20:44:41]

########## EOF - C:\AdwCleaner[S2].txt - [6825 octets] ##########


My System SpecsSystem Spec
.
12 Feb 2013   #32
cottonball

Windows 7 Home Premium
 
 

Welcome back, MavMin!

Presuming that we are still working with the same problem.

The Event Viewer report is showing some gpsvc errors, failing to start, and timing out. However, it does not give much to work with.

Let's see if this helps...

Please download RKill:
rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
Save to the Desktop.

If rkill.exe does not run, then download and try to run iExplore.exe (renamed RKill.exe):
Downloading RKill

You only need to get one of these to run.

If your antivirus warns you about this tool, ignore the warning, or temporarily disable your antivirus.

Right-click on the downloaded file and select: Run as Administrator
A black DOS box briefly flashes and then disappear. This is normal and indicates the tool ran successfully.

If rkill.exe does not run, delete the file, then download and use: iExplore.exe
http://www.bleepingcomputer.com/download/rkill/dl/11/

Do not reboot until instructed.

When the scan is done Notepad opens with the RKill report.

Please post the RKill report in your reply.
My System SpecsSystem Spec
12 Feb 2013   #33
MavMin

Windows 7 Home Premium 64bit
 
 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
Bleeping Computer - Technical Support and Computer Help
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
RKill - What it does and What it Doesn't - A brief introduction to the program - BleepingComputer.com

Program started at: 02/12/2013 09:58:51 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\windows\system32\ThpSrv.exe (PID: 2448) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 008k.com
127.0.0.1 00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 全讯网,博彩优 ,皇 *网cr67com,皇 比分,皇 即时指数,太阳城代理112scg,tt娱乐城8bc8,网上真钱娱
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 ͨ,,𱦲188,ͨ,ټ,ټ
127.0.0.1 100sexlinks.com - Sex links Resources and Information. This website is for sale!

20 out of 15319 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 02/12/2013 09:59:12 PM
Execution time: 0 hours(s), 0 minute(s), and 20 seconds(s)
My System SpecsSystem Spec
.

12 Feb 2013   #34
cottonball

Windows 7 Home Premium
 
 

After the AdwCleaner removals suggested by Jacee, did you check the Group Policy Client service?

Any change?


If you are still getting the Group Policy Client error, please use the info in this tutorial to post a screenshot of it:
http://www.sevenforums.com/tutorials/9733-screenshots-files-upload-post-seven-forums.html

It would be a good idea to see exactly what you are getting, before proceeding.
My System SpecsSystem Spec
12 Feb 2013   #35
MavMin

Windows 7 Home Premium 64bit
 
 

Yes, I did use delete.
My System SpecsSystem Spec
12 Feb 2013   #36
MavMin

Windows 7 Home Premium 64bit
 
 

The screen goes off too quickly to get a screen shot. This is during start up. It says that Windows cannot access the group policy client so no standard users can log on. Every user has to be an administrator. I don't try to access it. Windows cannot get to it at startup. RKill did terminate a service and make some changes, but the same message comes up.
My System SpecsSystem Spec
12 Feb 2013   #37
MavMin

Windows 7 Home Premium 64bit
 
 

IE explore terminated this service again. C:\windows\system32\ThpSrv.exe (PID: 3020) [WD-HEUR] but it appears to keep returning.
My System SpecsSystem Spec
12 Feb 2013   #38
cottonball

Windows 7 Home Premium
 
 

Group policy grayed out, firewall off-gpsvc-capture.png

This is what my gpsvc looks like.
Service Status: Started

However, the Start, Stop, Pause, and Resume buttons are grayed out.

Please post an image of the of the Group Policy Client Properties of your system.


My System SpecsSystem Spec
13 Feb 2013   #39
cottonball

Windows 7 Home Premium
 
 

Also, let's do some searching for the gpsvc key in the Registry...

Please download SystemLook:
64-bit:
http://jpshortstuff.247fixes.com/SystemLook_x64.exe
Save to your Desktop.

Right-click on SystemLook.exe, and select: Run As Administrator

At the SystemLook program console, copy the content inside the following quote box into the main textfield (do not include the word Quote):
Quote:
:reg
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\gpsvc
Click the Look button to start the scan.
When finished, a notepad window opens with the results of the scan.

Please post the SystemLook.txt (found on the Desktop) in your reply.
My System SpecsSystem Spec
13 Feb 2013   #40
cottonball

Windows 7 Home Premium
 
 

Thpsrv.exe:

A Hard Disk Drive Protection Service belonging to TOSHIBA HDD Protection. This process, with the help of a built-in sensor, detects a sudden movement or a vibration of a laptop and it parks the hard disk head in a safe position. This prevents mechanical damage to the hard disk that may be caused by the head to disk contact.

This one is out of my ball park.

The Event Viewer report for this machine has so many issues...have no clue where we will end with all this.
My System SpecsSystem Spec
Reply

 Group policy grayed out, firewall off




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Group Policy - Apply to a Specific User or Group
How to Apply Local Group Policies to Specific User or Group in Windows Windows has three layers of local GPOs: Local Group Policy Local Group Policy is the only local GPO that allows both computer configuration and user configuration settings to be applied to all users of the computer....
Tutorials
All my Firewall options are grayed out, please help.
All my Firewall options are grayed out and i can make no changes at all. Can someone please help me. I have a Windows 7 computer.http://i57.tinypic.com/2d1uwk7.png
System Security
change settings in windows firewall is grayed out
hi, i want to add port using "Exceptions" tab in "change settings" of windows firewall. but "change settings" button is grayed out.( i log in as admin and my windows is 7) i read all the answered about this topic that mentioned already in this forum but i could not find my answer. thanks,...
Network & Sharing
Group Policy Applies Policy EXCEPT for 1 Setting!
Hi all! Windows 7 Pro 32 bit on a domain I've NEVER seen this before and I cant figure it out. I have a group policy set on an OU named LAPTOPS. The policy gets applied, however the User Config\Windows Setting\Scripts\Logon DOES NOT. When you run the GPRESULTS on the laptop, I see the...
General Discussion
Join button on home group is grayed out..
Hi, I have a windows 7 netbook, its a starter version. 32 bit I think. And i am trying to join a homegroup but the join now button is grayed out and I have tried just about everything I could try and still no go. I...
Network & Sharing
Group Policy Editor or Local Security Policy
Will either of these allow me to restrict drive access to a single user only? I've tried to restrict drive access with Group Policy Editor but it applies the restriction globally--even to me the administrator. Could anyone let me know if this is possible and how to do it? Much thanks.
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 19:46.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App