Question

Locked

Internet Browsing

By gchichester ·
I have a Windows 2003 Server running SP2 that
will not access the internet via any of the
following browsers IE7, Google Chorme or Opera,
all are the most current version.

I have confirmed the following:
No other users are having the problem, and all
go thru the same default gateway & firewall
Ran IPconfig/flushdns
Can ping my default gateway
Can ping both of my DNS servers
Can ping Google.com and it resolves back to an
IP
Can ping Yahoo.com and it also resolves back to
an IP
NSLookup resolves to my primary DNS Server
I don't see any unusual processes running
Daily virus scan appears to be clean

At this point I'm at a loss at what to try
next.

Thanks for any and all comments.

Gilc

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Some suggestions

by pworlton In reply to Internet Browsing

Have you disabled the "enhanced security configuration"?

Assuming your name resolution is correct, I have to assume there is a firewall issue or that you have a hijacker. Have you uninstalled a software firewall on the server recently? Have you tried running HijackThis to see if there are any nasty BHOs?

Collapse -

Internet Access

by gchichester In reply to Some suggestions

Yes "enhanced security configuration" is been
disabled. The server is behind a hardware
firewall/anti-virus/anti-spam appliance, as
is all the PC's on my network, again they
have no problem access the net.
No I have not uninstalled any firewall from
this server.
I will run hijack this ASAP.
And post the results.

Thanks
Gilc

Collapse -

You don't happen

by Breezer85 In reply to Internet Browsing

to have a proxy server serving your Internet connection?

Collapse -

Internet Access

by gchichester In reply to You don't happen

Thanks but no proxy setting in any browser.
Sorry I should have put that in my first
post.
Here's the log file from HiJack This.
Any feedback about this log will be
appreciated, Until now I have not had the
need to use this tool.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:13:31 AM, on 11/14/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00
(7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\Documents and
Settings\CPADMIN\WINDOWS\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINNT\System32\svchost.exe
\MICROS~1\MSSQL\binn\sqlservr.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\lserver.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
\Microsoft SQL
Server\MSSQL\binn\sqlagent.exe
C:\WINNT\System32\dmadmin.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINNT\system32\ctfmon.exe
C:\WINNT\System32\svchost.exe
C:\Documents and Settings\CPADMIN\Local
Settings\Application
Data\Google\Update\GoogleUpdate.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\rdpclip.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\ClearCross\Export.32\EXM.exe
C:\Program Files\ClearCross\Bin\qDW.exe
C:\Documents and Settings\CPADMIN\Local
Settings\Application
Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Trend
Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
res://shdoclc.dll/softAdmin.htm
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
res://shdoclc.dll/softAdmin.htm
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,First Home Page =
res://shdoclc.dll/softAdmin.htm
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Local Page =
C:\WINNT\system32\blank.htm
F2 - REG:system.ini:
UserInit=C:\WINNT\system32\userinit.exe,
O2 - BHO: (no name) - AutorunsDisabled - (no
file)
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-
C502-44C8-8409-FCE54AD9C208} - C:\Program
Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: WormRadar.com
IESiteBlocker.NavFilter - {3CA2F312-6F6E-
4B53-A66E-4E65E497C8C0} - C:\Program
Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-
2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-
462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-
B09E-D2AAB95CABE3} - C:\Program
Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [T:\] "C:\Program Files\a-
squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program
Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [GBMServer8Agent]
"C:\Program Files\Genie-
Soft\GBMServer8\GBMAgent.exe"
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update]
"C:\Documents and Settings\CPADMIN\Local
Settings\Application
Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [] (User 'LOCAL
SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall]
%systemroot%\system32\tscupgrd.exe (User
'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [] (User 'NETWORK
SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall]
%systemroot%\system32\tscupgrd.exe (User
'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-220523388-583907252-
839522115-1002\..\Run: [] (User
'MaryKnoche')
O4 - HKUS\S-1-5-18\..\Run: [] (User
'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall]
%systemroot%\system32\tscupgrd.exe (User
'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default
user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall]
%systemroot%\system32\tscupgrd.exe (User
'Default user')
O6 -
HKCU\Software\Policies\Microsoft\Internet
Explorer\Control Panel present
O8 - Extra context menu item: E&xport to
Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE
/3000
O9 - Extra button: (no name) - {08B0E5C0-
4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console
- {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-
41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP
provider 'c:\documents and
settings\cpadmin\windows\system32\mswsock.dll
' missing
O17 -
HKLM\System\CCS\Services\Tcpip\..\{40C6334E-
FA66-4622-B346-C6D473C3E702}: NameServer =
205.152.37.23,205.152.144.23
O18 - Protocol: linkscanner - {F274614C-63F8-
47D5-A4D1-FBDDE494F8D1} - C:\Program
Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG
Technologies CZ, s.r.o. -
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager
(IDriverT) - Macrovision Corporation -
C:\Program Files\Common
Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O24 - Desktop Component 0: (no name) - (no
file)

--
End of file - 5799 bytes

Back to Networks Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums