Link to home
Start Free TrialLog in
Avatar of estrelow
estrelowFlag for Chile

asked on

DNS not working on a Home XP Client station

Hi,
I'm stuck on my niece's Home XP. Apparently, the DNS query engine isn't working and it's very annoying. This is the same problem as in ID:20932429, but no real solution was post there.

I can nslookup almost anything, but other programs can't do any successful query.  Check out the code fragment.
This is a home based PC with a DHCP connection. Apparently the DHCP works, the DNS server works and the connection works. I can nslookup resolve an establish an ip-number based connection.
I've been digging this a while now. Apparently DNS functionality is being hyjacked, but I don't know how.
I did find a browser helper that worked as a "url filter" and managed to do more things adding this to the hosts file: avg.urlseek.vmn.net. I disabled the helper and some others, but I'm still getting problems.

I even installed a local BIND server but the simptoms stays the same: BIND do resolve names, but the application can't reach them. Applications are: IE7, Firefox2, ping, ftp. Other tools provided by BIND like "dig" and "host" also can resolve just right.



C:\WINDOWS\>ftp ftp.isc.com
Unknown host ftp.isc.com.
 
C:\WINDOWS\>nslookup ftp.isc.com
Server:  resolver.gtdinternet.com
Address:  200.75.0.4
 
Non autoritative answer:
Nombre:  ftp.isc.com
Address:  208.97.178.54
 
C:\WINDOWS\>ftp 208.97.178.54
Connected to 208.97.178.54.
220 ProFTPD 1.3.1 Server (DreamHost FTP) [208.97.178.54]
Usuario (208.97.178.54:(none)):

Open in new window

Avatar of SysExpert
SysExpert
Flag of Israel image
remove all malware first

malware - Leetutor list
Have you tried running virus scans and spyware scans  This could be a problem with viruses/trojans/spyware or other malware. Some free online virus scanners:

http://housecall.antivirus.com 

http://www.pcpitstop.com/antivirus/default.asp

http://www.pandasoftware.com/activescan/com/activescan_principal.htm

Also try these free programs to rid your system of spyware, trojans, and other malware:

http://download.com.com/3000-2144-10194058.html?tag=lst-0-1
Spybot - Search & Destroy

http://download.com.com/3000-2094-10045910.html?legacy=cnet
LavaSoft Ad-aware  

I use BOTH of the above programs on my 3 Windows systems; what one program misses, the other catches.  Also make sure to download the most up-to-date data before you run the programs.

Another very good freeware program for ridding yourself of spyware is this:

http://www.superantispyware.com/
SuperAntiSpyware

You might also try this free program (HijackThis) -- install it in its own folder, don't download to your Desktop:

http://www.spychecker.com/download/download_hijackthis.html

HijackThis is a tool that is for advanced users, because it lists all the installed browser add-on and startup items, allowing you to inspect them and then optionally remove any ones you select.  You must be careful in choosing what to remove, although the program can create a backup of your original settings.  But put a check mark to fix any home page or search page setting that HijackThis detects which you have not entered yourself.  The program has an option to download online updates of the hijack data.

You should first post the log at this site:  

http://www.hijackthis.de/index.php?langselect=english

and it will be automatically analyzed for you (after you click on the button labeled "Analyze" near the bottom of the page), telling you which entries (called "Nasty") should be fixed.  You will also be told if you have any items that are "Possibly Nasty", or "Unnecessary", or "Unknown". If you don't know what to do about these, you might find something on the module name by doing a Google search of the internet.

If you have any questions about what it is asking you to fix that you would like the E-E experts to comment on, then do this:  right above the Analyze button you will see this message: "The following analyses has been stored temporarily", and there will be a link where the analysis file will be saved (for a period of three days). Click on it and then copy the link of that page from the address bar of your browser and paste it here, and experts can check it for you.  (Please DON'T post the entire log itself in your question.)

In case you would like to learn more yourself how to use HijackThis, here are a couple of urls:

http://www.tomcoyote.org/hjt/
HijackThis Quick Start


-------------

rebuild TCPIP stack after that if needed

XP TCPIP fixes reset NIC and TCPIP reset  Fix TCPIP reset
From johnb6767

What I like to do on any network problem....Is to reset it ALL....

netsh int ip reset reset.log
netsh firewall reset
netsh winsock reset

Then remove ALL NIC's from the device manager..
In the Device Manager, select View>Show Hidden Devices

(If the Show Hidden devices is not presetn, do the following command from a command prompt..)

start>run>cmd
set devmgr_show_nonpresent_devices=1

More information on that command here....
Device Manager does not display devices that are not connected to the Windows XP-based computer
http://support.microsoft.com/kb/315539
http://support.microsoft.com/kb/317518/en-us


Go back to Network Adapters, and make sure your adapters are all gone, including any older ones. (there will be several ' miniport' devices that are not able to be uninstalled....)
Once they are all gone, reboot and let Windows reinstall them...

Thats a total rebuild of your network connections, to hopefully correct any problems with Basic connectivity.

ASKER CERTIFIED SOLUTION
Avatar of Rob Williams
Rob Williams
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of estrelow
estrelow
Flag of Chile image

ASKER

I haven't been able to get back to the PC to continue fixing it, but RobWill's answer I think is right on the thick of the problem.