IE won't hold home page after RWW login/also won't go to certain sites

Thomas Anthony
Thomas Anthony used Ask the Experts™
on
I have a Windows 7 Pro machine running on a Domain. Everything was working fine on this machine until I logged into it using RWW. After that, the machine will log itself out each evening, change the IE home page to the local Intranet, and the IE9 will no longer allow the user to go to certain websites like USAirways to book flights. If there are any popups, they just won't come up. I have all plugins turned off in IE, all popup blockers shut off, and all security turned down as low as it will go.
I suspect it may be a group policy issue but I have not implemented any GPs on this server at all.
Any suggestions?
Thanks in advance.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
Run RSOP.msc on the machine. Go through the GPO and see if anything is coming up through that.

-Jared
Try to login with the Local Admin account and see if you get to see the same behavior. As said above just take the RSOP result and take one Gpresult /v > Gp.txt and attach it in your next reply.

Check the event logs for some specific errors. Use another browser and run some Online Virus scan and see if it detects some malwares or Spywares on the machine.

Good Luck..!!
~SG~
Thomas AnthonySecurity Administrator

Author

Commented:
GP.txt:
Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001

Created On 4/20/2012 at 4:07:29 AM



RSOP data for JDMDAZ\Jen on JEN-PC : Logging Mode
--------------------------------------------------

OS Configuration:            Member Workstation
OS Version:                  6.1.7601
Site Name:                   Default-First-Site-Name
Roaming Profile:             N/A
Local Profile:               C:\Users\Jen
Connected over a slow link?: No


COMPUTER SETTINGS
------------------
    CN=JEN-PC,OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=jdmdaz,DC=local
    Last time Group Policy was applied: 4/20/2012 at 2:23:31 AM
    Group Policy was applied from:      domain    Group Policy slow link threshold:   500 kbps
    Domain Name:                        JDMDAZ
    Domain Type:                        Windows 2000

    Applied Group Policy Objects
    -----------------------------
        Windows SBS Client Policy
        Default Domain Policy
        Update Services Client Computers Policy
        Update Services Common Settings Policy

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Windows SBS Client - Windows Vista Policy
            Filtering:  Denied (WMI Filter)
            WMI Filter: Windows SBS Client - Windows Vista

        Windows SBS Client - Windows XP Policy
            Filtering:  Denied (WMI Filter)
            WMI Filter: Windows SBS Client - Windows XP

        Local Group Policy
            Filtering:  Not Applied (Empty)

        Windows SBS CSE Policy
            Filtering:  Denied (WMI Filter)
            WMI Filter: Windows SBS Client

    The computer is a part of the following security groups
    -------------------------------------------------------
        BUILTIN\Administrators
        Everyone
        BUILTIN\Users
        NT AUTHORITY\NETWORK
        NT AUTHORITY\Authenticated Users
        This Organization
        JEN-PC$
        Domain Computers
        System Mandatory Level
       
    Resultant Set Of Policies for Computer
    ---------------------------------------

        Software Installations
        ----------------------
            N/A

        Startup Scripts
        ---------------
            N/A

        Shutdown Scripts
        ----------------
            N/A

        Account Policies
        ----------------
            GPO: Default Domain Policy
                Policy:            LockoutBadCount
                Computer Setting:  N/A

            GPO: Default Domain Policy
                Policy:            MinimumPasswordLength
                Computer Setting:  6

        Audit Policy
        ------------
            N/A

        User Rights
        -----------
            N/A

        Security Options
        ----------------
            GPO: Default Domain Policy
                Policy:            PasswordComplexity
                Computer Setting     Enabled

            GPO: Default Domain Policy
                Policy:            ClearTextPassword
                Computer Setting:  Not Enabled

            GPO: Default Domain Policy
                Policy:            ForceLogoffWhenHourExpire
                Computer Setting:  Not Enabled

            GPO: Default Domain Policy
                Policy:            RequireLogonToChangePassword
                Computer Setting:  Not Enabled

            GPO: Default Domain Policy
                Policy:            LSAAnonymousNameLookup
                Computer Setting:  Not Enabled

            GPO: Default Domain Policy
                Policy:            @wsecedit.dll,-59058
                ValueName:         MACHINE\System\CurrentControlSet\Control\Lsa\NoLMHash
                Computer Setting:  1

        Event Log Settings
        ------------------
            N/A

        Restricted Groups
        -----------------
            N/A

        System Services
        ---------------
            N/A

        Registry Settings
        -----------------
            N/A

        File System Settings
        --------------------
            N/A

        Public Key Policies
        -------------------
            N/A

        Administrative Templates
        ------------------------
            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\WUStatusServer
                Value:       104, 0, 116, 0, 116, 0, 112, 0, 58, 0, 47, 0, 47, 0, 68, 0, 67, 0, 49, 0, 58, 0, 56, 0, 53, 0, 51, 0, 48, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\DetectionFrequencyEnabled
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ElevateNonAdmins
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoRebootWithLoggedOnUsers
                Value:       0, 0, 0, 0
                State:       Enabled

            GPO: Update Services Client Computers Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallDay
                Value:       0, 0, 0, 0
                State:       Enabled

            GPO: Windows SBS Client Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\UserAuthentication
                Value:       0, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\RescheduleWaitTimeEnabled
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Windows SBS Client Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fAllowUnsolicitedFullControl
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\RebootWarningTimeout
                Value:       5, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\AutoInstallMinorUpdates
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Update Services Client Computers Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\AUOptions
                Value:       4, 0, 0, 0
                State:       Enabled

            GPO: Windows SBS Client Policy
                KeyName:     SOFTWARE\Microsoft\Exchange\Client\Options\DumpsterAlwaysOn
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Update Services Client Computers Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoUpdate
                Value:       0, 0, 0, 0
                State:       Enabled

            GPO: Windows SBS Client Policy
                KeyName:     SOFTWARE\Microsoft\SmallBusinessServer\ClientSetup\Version
                Value:       54, 0, 46, 0, 48, 0, 46, 0, 53, 0, 54, 0, 48, 0, 49, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\WUServer
                Value:       104, 0, 116, 0, 116, 0, 112, 0, 58, 0, 47, 0, 47, 0, 68, 0, 67, 0, 49, 0, 58, 0, 56, 0, 53, 0, 51, 0, 48, 0, 0, 0
                State:       Enabled

            GPO: Windows SBS Client Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows NT\Security Center\SecurityCenterInDomain
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\DetectionFrequency
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\RebootRelaunchTimeout
                Value:       10, 0, 0, 0
                State:       Enabled

            GPO: Windows SBS Client Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fDenyTSConnections
                Value:       0, 0, 0, 0
                State:       Enabled

            GPO: Windows SBS Client Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\RAUnsolicit\JDMDAZ\Domain Admins
                Value:       74, 0, 68, 0, 77, 0, 68, 0, 65, 0, 90, 0, 92, 0, 68, 0, 111, 0, 109, 0, 97, 0, 105, 0, 110, 0, 32, 0, 65, 0, 100, 0, 109, 0, 105, 0, 110, 0, 115, 0, 0, 0
                State:       Enabled

            GPO: Windows SBS Client Policy
                KeyName:     SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\EnableFirewall
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Windows SBS Client Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fAllowUnsolicited
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\UseWUServer
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\RebootWarningTimeoutEnabled
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\RescheduleWaitTime
                Value:       1, 0, 0, 0
                State:       Enabled

            GPO: Update Services Client Computers Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallTime
                Value:       3, 0, 0, 0
                State:       Enabled

            GPO: Update Services Common Settings Policy
                KeyName:     SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\RebootRelaunchTimeoutEnabled
                Value:       1, 0, 0, 0
                State:       Enabled


USER SETTINGS
--------------
    CN=Jennifer Gray,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=jdmdaz,DC=local
    Last time Group Policy was applied: 4/20/2012 at 2:20:53 AM
    Group Policy was applied from:       xxxxx    Group Policy slow link threshold:   500 kbps
    Domain Name:                        JDMDAZ
    Domain Type:                        Windows 2000
   
    Applied Group Policy Objects
    -----------------------------
        Small Business Server Folder Redirection Policy
        JDM

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Update Services Common Settings Policy
            Filtering:  Not Applied (Empty)

        Windows SBS User Policy
            Filtering:  Denied (WMI Filter)
            WMI Filter: Windows SBS Client

        Local Group Policy
            Filtering:  Not Applied (Empty)

        Default Domain Policy
            Filtering:  Not Applied (Empty)

        Windows SBS CSE Policy
            Filtering:  Denied (WMI Filter)
            WMI Filter: Windows SBS Client

    The user is a part of the following security groups
    ---------------------------------------------------
        Domain Users
        Everyone
        BUILTIN\Administrators
        BUILTIN\Users
        NT AUTHORITY\INTERACTIVE
        CONSOLE LOGON
        NT AUTHORITY\Authenticated Users
        This Organization
        LOCAL
        Windows SBS Remote Web Workplace Users
        Windows SBS Fax Users
        Windows SBS SharePoint_MembersGroup
        Windows SBS Link Users
        Windows SBS Folder Redirection Accounts
        High Mandatory Level
       
    The user has the following security privileges
    ----------------------------------------------

        Bypass traverse checking
        Manage auditing and security log
        Back up files and directories
        Restore files and directories
        Change the system time
        Shut down the system
        Force shutdown from a remote system
        Take ownership of files or other objects
        Debug programs
        Modify firmware environment values
        Profile system performance
        Profile single process
        Increase scheduling priority
        Load and unload device drivers
        Create a pagefile
        Adjust memory quotas for a process
        Remove computer from docking station
        Perform volume maintenance tasks
        Impersonate a client after authentication
        Create global objects
        Change the time zone
        Create symbolic links
        Increase a process working set

    Resultant Set Of Policies for User
    -----------------------------------

        Software Installations
        ----------------------
            N/A

        Logon Scripts
        -------------
            N/A

        Logoff Scripts
        --------------
            N/A

        Public Key Policies
        -------------------
            N/A

        Administrative Templates
        ------------------------
            N/A

        Folder Redirection
        ------------------
            GPO: Small Business Server Folder Redirection Policy
                KeyName:      InstallationType:  basic
                    Grant Type:        Exclusive Rights
                    Move Type:         Contents of Local Directory moved
                    Policy Removal:    Redirect the folder back to user profile location
                    Redirecting Group: N/A
                    Redirected Path:   \\DC1\RedirectedFolders\%USERNAME%\My Documents
                                   
            GPO: Small Business Server Folder Redirection Policy
                KeyName:      InstallationType:  basic
                    Grant Type:        Exclusive Rights
                    Move Type:         Contents of Local Directory moved
                    Policy Removal:    Redirect the folder back to user profile location
                    Redirecting Group: Everyone
                    Redirected Path:   My Pictures
                                   
            GPO: Small Business Server Folder Redirection Policy
                KeyName:      InstallationType:  basic
                    Grant Type:        Exclusive Rights
                    Move Type:         Contents of Local Directory moved
                    Policy Removal:    Redirect the folder back to user profile location
                    Redirecting Group: N/A
                    Redirected Path:   My Music
                                   
            GPO: Small Business Server Folder Redirection Policy
                KeyName:      InstallationType:  basic
                    Grant Type:        Exclusive Rights
                    Move Type:         Contents of Local Directory moved
                    Policy Removal:    Redirect the folder back to user profile location
                    Redirecting Group: N/A
                    Redirected Path:   My Videos
                                   
            GPO: Small Business Server Folder Redirection Policy
                KeyName:      InstallationType:  basic
                    Grant Type:        Exclusive Rights
                    Move Type:         Contents of Local Directory moved
                    Policy Removal:    Redirect the folder back to user profile location
                    Redirecting Group: N/A
                    Redirected Path:   \\DC1\RedirectedFolders\%USERNAME%\Desktop
                                   
        Internet Explorer Browser User Interface
        ----------------------------------------
            GPO: Windows SBS User Policy
                Large Animated Bitmap Name:      N/A
                Large Custom Logo Bitmap Name:   N/A
                Title BarText:                   N/A
                UserAgent Text:                  N/A
                Delete existing toolbar buttons: No

        Internet Explorer Connection
        ----------------------------
            HTTP Proxy Server:   N/A
            Secure Proxy Server: N/A
            FTP Proxy Server:    N/A
            Gopher Proxy Server: N/A
            Socks Proxy Server:  N/A
            Auto Config Enable:  No
            Enable Proxy:        No
            Use same Proxy:      No

        Internet Explorer URLs
        ----------------------
            GPO: Windows SBS User Policy
                Home page URL:           http://companyweb
                Search page URL:         N/A
                Online support page URL: N/A

            URL:                    https://remote.xxxx.com/OWA
            Make Available Offline: No

            URL:                    http://companyweb
            Make Available Offline: No

            URL:                    https://remote.xxxx.com/Remote
            Make Available Offline: No

        Internet Explorer Security
        --------------------------
            Always Viewable Sites:     N/A
            Password Override Enabled: False

            GPO: Windows SBS User Policy
                Import the current Content Ratings Settings:      No
                Import the current Security Zones Settings:       No
                Import current Authenticode Security Information: No
                Enable trusted publisher lockdown:                No

        Internet Explorer Programs
        --------------------------
            GPO: Windows SBS User Policy
                Import the current Program Settings: No
Thomas AnthonySecurity Administrator

Author

Commented:
Another thing I am noticing at 3am every morning are events in the logs. These seemed to start at the same time:


Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          4/19/2012 2:36:40 AM
Event ID:      10010
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      JEN-PC.jdmdaz.local
Description:
The server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} did not register with DCOM within the required timeout.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="49152">10010</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2012-04-19T09:36:40.000000000Z" />
    <EventRecordID>139865</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>JEN-PC.jdmdaz.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}</Data>
  </EventData>
</Event>+

Log Name:      System
Source:        Service Control Manager
Date:          4/19/2012 2:30:38 AM
Event ID:      7000
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      JEN-PC.jdmdaz.local
Description:
The Windows Modules Installer service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="49152">7000</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2012-04-19T09:30:38.268184200Z" />
    <EventRecordID>139864</EventRecordID>
    <Correlation />
    <Execution ProcessID="528" ThreadID="5168" />
    <Channel>System</Channel>
    <Computer>JEN-PC.jdmdaz.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Windows Modules Installer</Data>
    <Data Name="param2">%%1053</Data>
  </EventData>
</Event>

Log Name:      System
Source:        Service Control Manager
Date:          4/19/2012 2:30:38 AM
Event ID:      7009
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      JEN-PC.jdmdaz.local
Description:
A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="49152">7009</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2012-04-19T09:30:38.268184200Z" />
    <EventRecordID>139863</EventRecordID>
    <Correlation />
    <Execution ProcessID="528" ThreadID="5168" />
    <Channel>System</Channel>
    <Computer>JEN-PC.jdmdaz.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">30000</Data>
    <Data Name="param2">Windows Modules Installer</Data>
  </EventData>
</Event>
Security Administrator
Commented:
Administrator,
Please close this question due to lack of activity.
Thomas AnthonySecurity Administrator

Author

Commented:
Inactivity

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial