Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Start page - Internet Explorer

Posted on 2003-11-19
Medium Priority
Last Modified: 2008-02-01
I am running a couple of clients on win XP where I want the user to be able to do nothing else than surf, chat (MSN) and mail. I am using a group policy for the network where I lock registry, set computer as "public access" and remove all items from start menu among other things. I have also disabled possibility to change start page in iexplorer - both in group policy and in iexplorer. Strangely enough I can sometimes see that the start-page is changed anyway - often to a sex page of course..  Can anyone give me some pointers of how to lock this up in a better way?

150 points to solution or best alternative...
Question by:Trickster
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
LVL 57

Accepted Solution

Pete Long earned 450 total points
ID: 9777588
Hi Trickster,
Writing a LOCAL computer Policy

NOTE write the policy as the local administrator and leave the mmc on the administrators desktop to avoid locking your self down!

To open a local access policy window
Start > Run > type gpedit.msc

Basically there are two types of policy computer policy and user policy

Good info on policies and applying them to remote PC’s

Common tasks can be performed in the following locations

Internet Explorer Settings

Lock the homepage
User Configuration > Windows Settings > Internet Explorer Maintenance >Important URL’s
Lock the Proxy server
User Configuration > Windows Settings > Internet Explorer Maintenance >Connection > Proxy Settings

Logon & Logoff Scripts

User Configuration > Windows Settings > Scripts > Logon
User Configuration > Windows Settings > Scripts > off

Password & Account Lockout Policies

Computer Configuration > Security Settings > Password Policy >
Computer Configuration > Security Settings > Account Lockout Policy >

Auditing Policies

Computer Configuration > Local Policies > Audit Policy

*****User rights assignment*****

Computer Configuration > Local Policies > User rights assignment

Change The Time
Windows settings >Security Settings >Local Policyes >User Rights Asignments >Change the system time


Don’t display last logon Name
Computer Configuration > Local Policies > Security Options > Do not display last user name in login screen (enable)
Stop users installing unsigned Drivers
Computer Configuration > Local Policies > Security Options > Unsigned Driver installation behaviour

REMEMBER save the MMC console on the Administrators Desktop!

HOW TO: Apply Local Policies to all Users Except Administrators on Windows 2000 in a Workgroup Setting


Expert Comment

ID: 9778369
When something is changed to a sex page it's usually some kind of virus or malicious script, I suggest you do a scan of the network if you haven't already. has tools that function well on a per machine basis if that's needed. Homecall for example.

Author Comment

ID: 9778959
Yes, I agree - it is probably scripts. When a user logs on certain sites, the start page is changed. I don't want this to happen, so as written above I've tried locking everything, downloaded all patches from MS and still - after a few days runtime - the startpage is changed - probably after someone has visited a site that changes the start page..

I want to make it impossible to change the startpage whatever site the user visits.. All of the clients are running Norton Antivirus software which alerts and disable most of those scripts. It would be good if I could find a way to stop even those scripts that Norton miss - like locking registry key or something..
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Expert Comment

ID: 9779051
I guess you can disable Active X and script and javastuff in the browser. Under security.
LVL 57

Expert Comment

by:Pete Long
ID: 9779148
Use one of these - especially the last one!

Spyware & Adware

What is Spyware?

Spyware is ANY SOFTWARE which uses a user's Internet connection in the without the user knowledge.Allthough Software Firms and Web pages that launch this "code" on your PC are required to ask your permission many dont! ANY SOFTWARE communicating across the Internet from Your PC without your knowledge is guilty of information theft and is rightfully termed: Spyware.

What is Adware?

Adware is basically any application in which advertising banners are displayed while the program is running. This is built in to the coding of the Software that delivers th Adds to your desktop, These adds are either dislayed as pop up windows or through a Banner on the software front end. Many people believe that the revenue earned from this is justification for recouping development costs, which then dosnt need to be passed to the user.

Good Link

Adware, Spyware and other unwanted "malware" - and how to remove them

Removal Tools (Freeware)

Ad Aware
Spy Bot

Removal Tools (Shareware & Trialware)

Goodbye Spy
Spy Cop

**********Prevent Browser Hijacking**********
BHODemon (Freeware)
Think of BHODemon as a guardian for your Internet browser: it protects you from unknown Browser Helper Objects (BHOs), by letting you enable/disable them individually. This program is my choice for BHO detection and is highly recommended.

Expert Comment

ID: 9780142
Try using poledit.exe from a Windows NT/2000 machine. That way you will be able to lock down the machine for each computer/user.

The file you need is poledit.exe + the resorces file, notconfig.pol.

On XP machines you must save this file under Windows Directory\Policies. Putting it here stops the group policy overwriting the settings.

Then share the folder as NTlogon

If you require any more info/help on Policy Editor email me at and Il;l get back to you asap.


Author Comment

ID: 10087314
Not 100% the answer I was looking for but still gave a good solution to my problem, so I award PeteLong the points..
LVL 57

Expert Comment

by:Pete Long
ID: 10087489

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your system is showing symptoms of browser hijacks or 'google search redirects' check out my other article ( first and run the tool TDSSKiller ( to get rid of the infection. Once done, and if the …
Sometimes people don't understand why download speed shows differently for Windows than Linux.Specially, this article covers and shows the solution for throughput difference for Windows than a Linux machine. For this, I arranged a test scenario.I…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question