Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS does not work but straight IP does

Status
Not open for further replies.
drkrdr

drkrdr

IS-IT--Management
Jan 3, 2004
49
0
0
SE
Cannot access Internet using However, I can browse using IP e.g. for tek-tips.com

Tried the following:
- repaired the connection
- deactivated and reacivated the connection
- tried to use a modem connection instead of broadband
- installed Firefox 1.0.4
- winsock repair using netsh
- used the utility lspfix
- uninstalled the network card and re-installed
- running ad-aware and spybot
- running panda antivirus

No success, below Hijack log, *please* anyone, I am at the end of my tether

Logfile of HijackThis v1.99.1
Scan saved at 00:25:11, on 07/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program\Apoint2K\Apoint.exe
C:\Program\LAUNCH~1\QtaET2S.EXE
C:\Program\Real\RealPlayer\realplay.exe
C:\Program\ekort\ekort.exe
C:\Program\Java\jre1.5.0_02\bin\jusched.exe
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Messenger\msmsgs.exe
C:\Program\Real\RealJukebox\tsystray.exe
C:\Program Files\Netzip Download Demon\Netzip Download Demon.exe
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
C:\Program\Apoint2K\Apntex.exe
C:\WINDOWS\system32\zstatus.exe
C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\AVENGINE.EXE
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\SRVLOAD.EXE
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program\Panda Software\Panda Platinum 2005 Internet Security\WebProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Lars Metelius\Skrivbord\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer erhållet av chello broadband n.v.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.chello.se:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EkortBrowserHelper Class - {1C900459-DEEF-4aa9-B260-1EF0F0C70A8D} - C:\WINDOWS\System32\Bhoekort.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\01.02.4000.1001\sv\msntb.dll
O2 - BHO: ohb Class - {EB386233-65D7-46DC-A73D-0E02F2F844A9} - C:\WINDOWS\System32\winsps32.dll
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\System32\nzdd.dll
O3 - Toolbar: SpiderSearch.com Bar - {1D022C27-3771-4D1D-B1B7-1953E271C6CA} - C:\WINDOWS\System32\winsps32.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\01.02.4000.1001\sv\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LManager] C:\Program\LAUNCH~1\QtaET2S.EXE
O4 - HKLM\..\Run: [hp 1000 firmware] C:\Program\hp LaserJet 1000\fwdl.exe
O4 - HKLM\..\Run: [RealTray] C:\Program\Real\RealPlayer\realplay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ekort] C:\Program\ekort\ekort.exe /dontopenmycards
O4 - HKLM\..\Run: [SpySpotter] C:\PROGRAM\SPYSPO~1\SpySpotter.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program\Panda Software\Panda Platinum 2005 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "C:\Program\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RealJukeboxSystray] C:\Program\Real\RealJukebox\tsystray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\Netzip Download Demon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: e-kort - {4C730913-3961-439b-83D5-F4E445520422} - C:\Program\ekort\ekort.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://subscriber.chello.se
O16 - DPF: {372DC06F-87DD-48D7-BCED-A815965C0164} (iiittt Class) - O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - O17 - HKLM\System\CCS\Services\Tcpip\..\{32E2C969-8A05-440E-985B-5CBB2841777B}: NameServer = 195.58.112.155 195.58.103.124
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner - C:\Program\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Program\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Program\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Program\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
 
Sort by date Sort by votes
Sounds like you can't reach your DNS servers or the query is getting blocked.

Try these first.

1. Try "nslookup" to query your DNS server. If you don't get an answer try "ipconfig /all" to get the pertinent information (i.e. IP address, DNS servers, etc.).

2. Then ping the IP of the DNS servers. The pings respond, a firewall may be blocking the DNS queries.

3. If you on a LAN, disable the firewall on the PC then re-try steps 1 and 2. Try nslookup on an internal hostname.

More info would be nice.

Are you on a LAN?
Is there a firewall between you and the internet?
Do you have an internal DNS server to query internal hostnames?
Do you use DHCP?
 
Upvote 0 Downvote
Irudebwoy,

- nslookup fails, IPCONFIG/ALL gives the proper IP address, DNS server, etc. This has been verified with the ISP.
- pinging the DNS-servers is possible, using the IP address
- ICF is disabled, please explain what you mean by doing nslookup on local host name.

- No, not on a LAN, it is a home network. It doesn't matter what connection I use. Tried two different modem connections
- Panda is used as a firewall, it has been uninstalled without any difference
- Not sure what you mean by internal DNS server, it is a normal XP box
- Yes, DHCP is used but there is no local router, the broadband connects through a cable TV modem. Then I've tried normal phone modem connection through the built in modem. All these connections use DHCP.

The conclusion is, as you say, that DNS doesn't work but for what reason? Something is either blocking or the protocol stack has been corrupted. My guess is something is blocking, since I reinstalled the network card and also repaired winsock. Anything in the hijack log that indicates obstructing software as you see it?
 
Upvote 0 Downvote
Sorry about the LAN stuff I misread your earlier post.

It doesn't seem that the protocol stack is corrupt if you can get to websites and other network services using the IP address. You might want to try "ipconfig /flushdns" to clear the resolver cache. It's a long shot but I've seen it work miracles. You can also use "ipconfig /displaydns" to show the contents of the cache.

From looking at the logs it seems you have a web proxy running. Any problems with it?

You might want to check the "TCP/IP filtering" properties. This can be found under the "Options tab" of the "Advanced TCP/IP Settings dialog". make sure there are no ports being blocked, especially port 53.

I hope this helps.


## Just because you can do something doesn't mean you should.

Lorenzo Wacondo (System Administrator)
 
Upvote 0 Downvote
flushdns did not help.

Uninstalled Panda so that the Webproxy disappeared, no result.

The filtering properties have been checked.

Should I try to uninstall SP2?
 
Upvote 0 Downvote
Try using telnet to check if the dns servers are working. Type "telnet <IP.of.DNS.server> 53". You should at least get a prompt, there are no commands to issue. Press CTRL+] to clear the connection then type "quit" to exit the telnet session.

Were there any changes to your system that might have caused the problem?

I guessing your broadband connection uses an ethernet connection to your PC. Point being, it's most likey not a driver issue unless it's connected via USB.

I've also noticed you have a bunch of toolbars and "web helper" programs. From my experience they do more harm than good. Try removing them, then run spybot.

I'm nearing the end of my tether as well (if you can't tell by now). You might have to bite the bullet and re-install the OS.


## Just because you can do something doesn't mean you should.

Lorenzo Wacondo (System Administrator)
 
Upvote 0 Downvote
Try with entering a static DNS adress (DNS Server at the ISP) in the tcp/ip properties of your nic.
 
Upvote 0 Downvote
IRudebwoy, TheRing,

Thanks for your input. I´m currently on vacation so I can´t try your suggestions. Leaning towards IRudebwoy´s ultimate solution though...
 
Upvote 0 Downvote
In my absence, the owner of the computer had the OS re-installed and now it works. Thanks anyway for your advice.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
2K
KenMeans
KenMeans
alpha76
  • Locked
  • Question
Advice on DNS setup/configuration
Replies
3
Views
3K
technome
technome
tbright
  • Locked
  • Question
DNS reverse lookup errors: zone 1.168.192.in-addr.arpa/IN: has no NS records
Replies
1
Views
3K
tbright
tbright
Richard Carter
  • Locked
  • Question
Set up BIND on DNS server for local home server
Replies
0
Views
2K
Richard Carter
Richard Carter
rvirene
  • Locked
  • Question
MS DNS / Powershell Script Question
Replies
2
Views
3K
rvirene
rvirene

Part and Inventory Search

Sponsor

Back
Top