|
#1
June 30th, 2007, 01:15 AM
|
|||
|
|||
|
DNS Cache error
Hello,
I am haveing an issue with Windows being unable to flush my dns cashe.. therefore i cannot receive internet. It seem if I shut down my pc and let it sit for 30 seconds or so it flushes itself.. but after a few moments of success, it stops receiving packets and give me the same problem. I have fully upgraded norton and it didnt find any issues at all.. not to mention I downloaded a registry value from msdn which i added which supposedly flushes the cache and nothing. The dns service is running on auto.. so im confused as to what the problem is. Heres my HijackThis log: Logfile of HijackThis v1.99.1 Scan saved at 8:08:24 PM, on 6/29/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Common Files\Symantec Shared\DJSNETCN.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Yahoo!\NAV\navapsvc.exe C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe I:\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Yahoo!\YOP\yop.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Yahoo!\browser\ycommon.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Yahoo!\YOP\secstat.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Yahoo!\NAV\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\RunServices: [DJSNetCN] C:\Program Files\Common Files\Symantec Shared\DJSNETCN.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: Wireless PCI Card Configuration Utility.lnk = C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1168823834764 O17 - HKLM\System\CCS\Services\Tcpip\..\{2F197C19-1DE8-44F7-AD8A-B6C6E1C1067E}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{3BBE46D3-5606-475B-B30C-9EA56A48AF28}: NameServer = 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{2F197C19-1DE8-44F7-AD8A-B6C6E1C1067E}: NameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{2F197C19-1DE8-44F7-AD8A-B6C6E1C1067E}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Yahoo!\NPF\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\DJSNETCN.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - I:\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE 
|
|
#4
June 30th, 2007, 02:38 PM
|
||||
|
||||
|
what do you get for an error when you run 'ipconfig/flushdns'?
BTW - not a big deal on the HJT log.
__________________
cmd /k ipconfig/all [use to start ipconfig from 'Run'] cmd /k ping <some website, like google or yahoo> [use to ping 'www.google.com' from 'Run']
|
|
#6
July 1st, 2007, 10:44 PM
|
||||
|
||||
|
Does "ipconfig /displaydns" work?
Run "sc query dnscache" and post the output back here.
__________________
cmd /k ipconfig/all [use to start ipconfig from 'Run'] cmd /k ping <some website, like google or yahoo> [use to ping 'www.google.com' from 'Run']
|
|
#8
July 5th, 2007, 01:18 PM
|
||||
|
||||
|
Sorry for the delay, I got distracted with the holiday and such. The service looks fine.
I'm going to see if any of the other mods know what could be going on here, but while I'm doing that can you run the following and let me know what you get for output. reg query HKLM\SYSTEM\CurrentControlSet\Services\Dnscache and ipconfig/displaydns
__________________
cmd /k ipconfig/all [use to start ipconfig from 'Run'] cmd /k ping <some website, like google or yahoo> [use to ping 'www.google.com' from 'Run']
|
|
#9
July 5th, 2007, 05:37 PM
|
||||
|
||||
|
Hum could be because if the DNS cache holds a negative entry and the website you want to view is now OK to view, Windows XP will still give you a DNS error!
Not sure this is applicable but: By default these negative entries are cached for 5 mins. But you can tweak the registry to NOT store negative entries at all! 1. First run the ipconfig /flushdns 2.Modify registry: To force Windows XP NOT to cache negative entries we need to add a new DWORD to the following Registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet \Services\Dnscache\Parameters DWORD: MaxNegativeCacheTtl Value: 0 This will now ensure NO negative entries are stored. May help but I know that Most ISP's and Domain name registrar's now update their DNS information (TTL) every 4 hours instead of the twice daily updates that were common few years ago. You can also force XP to keep positive entries in DNS Cache for only 4 hours instead of the default 24 hours: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Dnscache\Parameters DWORD: MaxCacheTtl Value: 14400 Note - make sure you enter the 14400 (seconds) as Decimal Base and NOT Hexadecimal Base!
__________________
Help at Murf's Garage Microsoft MVP - 2004-2008 "Moderator - Windows 98, XP, Vista, Hardware" Posting results - helps othersPlease consider supporting CTH with a Subscription. Please help "Pete" OneAna.com
|
|
#10
October 17th, 2007, 01:11 AM
|
|||
|
|||
|
When I read your problem I noticed a common thread between my issue and yours... and not the fact that it was the same problem. I disabled Norton Internet Security, and my internet works just fine.
Then I uninstalled the blasted thing.
|
 |
| Bookmarks |
«
Previous Topic
|
Next Topic
»
| Topic Tools | |
|
|
All times are GMT +1. The time now is 05:03 AM.
[
RSS ]
