Internet explorer will not view internet sites, will view intranet

After a DHCP / DNS failure we have had several issues with particular client machines.

Although an ipconfig on the client shows our primary DNS, when I run an nslookup on any external site (lets say google.com) I received the following error in the command prompt:

"Query refused DNS request timed out..."  

The machine is hitting the primary first however is getting refused, this is running as the current user with non admin rights.

Interestingly though; if I run Internet Explorer as local admin (Run As) instead of the current user everything works just fine (both Intranet and Internet.)
bcpaAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sliiconmanCommented:
Try to delete your local cache and temp files for that user account, reboot and try again. Are you able to get to the websites you are trying by IP?
0
bcpaAuthor Commented:
I can confirm I have deleted all cache's that I know of, checked all host and lmhosts.  This issue is not specifically DNS as even typing the ip of google.com in the address bar we get nothing.

It is as if Internet Explorer is stuck running in 'Local Intranet'.

The part that blows my mind is running IE as a local user works fine with our internal DNS.


0
abn38Commented:
Can you ping internet sites by name?
0
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

sliiconmanCommented:
Change your local IP Stack to another external dns server. For example where I am 204.60.0.2 is an old DNS server which I think is still valid.  Try that and bypass your internal DNS servers. Maybe they are not getting out or having name issues?

What is your Internal DNS, AD? If so are you able to get out from there?

On the domain controllers try to restart DNS?
0
bcpaAuthor Commented:
Yes I can ping a domain and recieve the IP back...

I cannot access any websites running as a domain user, if I were to log off and log in as a local user everything works fine.  If I were to run IE (Run As 'Admin') then everything will work fine.

This issue is only on select machines and I cannot find out what is going on here, I am currently trying to decide if the problem is related to IE or Windows.


0
bcpaAuthor Commented:
Yes we are using AD however the problem is on the client side, bypassing our DNS server still gives me the same issue.
0
bcpaAuthor Commented:
Also about 98% of our client's are not affected by this.  It is only very particular machines that I believe may have had users attempting to access the net during our network failures.
0
sliiconmanCommented:
from a command line run "ipconfigure /flushdns" then "ipconfigure /registerdns" from the affected computer.  If that doesnt work let me know I what happens, any errors in the event log too.

If that doesnt work I will be in the office shortly and see what I can dig up.
0
bcpaAuthor Commented:
I have done that and all DNS looks good.  

Using Firefox I have no issues either, this problem is very interesting and I believe to be IE specific now.
0
sliiconmanCommented:
Can you disable any AV and try it? Also, make sure the proxy box is not checked off inside of IE.

Other than that try running adware or superantispyware and see if that removes anything that is interfering with the browser?

Can you download IE 7 install from Firefox and resinstall IE?
0
bcpaAuthor Commented:
Anti-Virus is disabled automatically when I log in with a specific user name so that is taken care of.

IE is pre-configured and pushed via a GPO, proxy settings are not necessary as we do route port 80 outbound through a proxy.

Our GPO is quite extensive as well as scriptlogic running over that, spyware and adware really have no permissions to make there way in; however I have checked all the basics and that was one of the first things I looked for.  Our clients are highly customized and the only settings any user has access to are simple cosmetic changes.

IE7 is currently in use, I put firefox on simply for testing and to my amazement it works fine.

We document all standard processes and services and there isn't one thing running that shouldn't be.  

I am going to re-push our IE MSI pacakge and see if that makes a difference.
0
sliiconmanCommented:
Sounds like the same environment I have now. Let me know how the reinstall goes. Anything in the lg files though?
0
bcpaAuthor Commented:
It is a very interesting problem, I have also checked the following:
http://www.mydigitallife.info/2007/06/18/repair-and-reset-windows-vista-tcpip-winsock-catalog-corruption/
http://www.mydigitallife.info/2007/06/19/reinstall-and-reset-tcpip-internet-protocol-in-windows-vista-2003-and-xp/

However had there been an ip-stack / winsock issue I don't see how FireFox would work, I am at the point of trying anything as I cannot find much on this issue.

I wish, the log files are all fine with no errors whatsoever.  


0
sliiconmanCommented:
Scan it for malware then.  Never know .. could happen and it is worth ruling out.
0
bcpaAuthor Commented:
We use Trend and that did do a scan, I think I will do what I hate most and install ADWARE.  
0
bcpaAuthor Commented:
It is related to IE, there is no malware / virus on the machine.

I cannot even install IE 7 now; I am going to blow the local profiles away if still no avail I may give up and re-deploy a machine image.

If anyone has anymore recommendations I would love to hear them.

Thanks!
0
abn38Commented:
We have had this problem on out lan but its sporadic. go tot he webpage in the browser. once you ge the error this page cant be displayed then hit refresh repeatedly until the page comes up if it comes up doing this then the symptoms will slowly disapear the longer you force the broser to connect.
0
jcimarronCommented:
bcpa--Is AVG software installed?  If so have a look here
http://www.avg.com/faq  Type 1561 in the Search line and press Enter.
0
nstd-stsCommented:
Check internet explorer >Internet Options > LAN Settings

Ensure Automatically Detect and Proxy are off, unless needed.

Just my $.02
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Internet Protocols

From novice to tech pro — start learning today.