The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.
Why the hell does my DNS service spike to 100% CPU periodically?
LoneIgadzra
Registered User regular
Registered User regular
Windows XP SP3, all drivers latest version, all updates download, Windows update turned off (in control panel), no extraneous anything running. 1.8 GHz Athlon XP 1 GB ghetto rig.
No idea when this started. Possibly after installing .NET 3.5 SP1, or maybe after one of those random incomprehensible optional windows updates. Maybe earlier.
Anyway, I noticed it when I was playing Diablo 2 and suddenly the game completely froze and when it started moving again I was dead. Ran process explorer for a while to try to catch what the problem was, and it turned out to be svchost.exe - specifically, PID 1480, responsible solely for dnsrslvr.dll.
I mean what the fuck?
Also, this should be the easiest google search ever, but I can only find a handful of people with the same problem, and the only solution so far is to disable the offending process, which sounds to me like it might break the internet, but I'm not really an expert.
No idea when this started. Possibly after installing .NET 3.5 SP1, or maybe after one of those random incomprehensible optional windows updates. Maybe earlier.
Anyway, I noticed it when I was playing Diablo 2 and suddenly the game completely froze and when it started moving again I was dead. Ran process explorer for a while to try to catch what the problem was, and it turned out to be svchost.exe - specifically, PID 1480, responsible solely for dnsrslvr.dll.
I mean what the fuck?
Also, this should be the easiest google search ever, but I can only find a handful of people with the same problem, and the only solution so far is to disable the offending process, which sounds to me like it might break the internet, but I'm not really an expert.
LoneIgadzra on
0
Posts
Run a virus/spyware scan. If that comes up nada the easiest thing would be to just do a system restore if you have that capability.
I'll run a pccillin house call or something.
Edit: Actually, messing with my data is out of the question because I just backed a bunch of stuff up on this computer.
Your system should do it sort of automatically from time to time, but your most recent time might be like two weeks ago.
Well shit. I don't click random crap, wonder how that got there...
So does system restore revert the whole hard drive or just Program Files or Windows or what?
Edit: yeah, just exe files or something - read wikipedia article. Sounds really goddamn confusing tbh and who knows when this virus came in, I haven't tried to play games on this machine in months. I'd rather reformat than roll back and spend the next 6 months figuring out just what the roll back did.
it will revert your O.S. back to what it was like at the given restore point. So if the restore point you pick was for this monday, and since then you installed 2 windowsupdates, updated your sound card drivers, and uninstalled microsoft word, then your system will be restored to the state it was on Monday. And you'd be lacking those 2 windowsupdates, you'd have the older sound card drivers, and word would still be installed.
but it leaves your data files alone.
it's voodoo, blackest redmond voodoo.
Also, is there some way I can change XP's security settings so that I'm not constantly running with admin privileges, making it harder for something like this to install itself? I have seen first hand how easy it is to crack XP passwords with admin access so I'll be passwording all admin accounts and disabling the DOS hash or whatever the shitty one is.
Edit: Oh yeah removing this virus still didn't fix the dnsrslvr.dll service. Awesome. I am sort of tempted to try replacing it with one off a working PC.
Edit 2: It looks like I didn't even have a real infection. Basically what it found were some fucked up .exe's from ancient computer science projects that I probably never would have run anyway. Now that I've turned off System Restore. AAHSGDJASJHASJSGAJD
Edit 3: Here's something interesting: I cleared the DNS cache and basically every time I go to a site I haven't been to before the service's CPU use spikes. Otherwise it does nothing except at seemingly odd times, and unfortunately it's still catostrophic.
Um ... use an account that's not either "Administrator" or in the administrators group?
Edit: What the - why does my network connections folder have a 1394 connection? I have no firewire in this computer...
Also, uninstalling and reinstalling my ethernet card made no difference. I think I'll just end up formatting at this point because this bullshit is unacceptable and I can't think of anything else to try and it's never happened before.
Update: Now I don't get spikes most of the time when it has to look up a site, and on the whole they've dropped off by 90%. Interesting. All I did was leave it for an hour for obama's speech. Rebooted and still can't make it spike reliably any more and was able to play some diablo without incident.
Not sure what was up with your DNS resolver, perhaps your ISP was having DNS issues and the resolver needed to retry a few times. If this happens again, you might try changing your TCP/IP configuration settings so it's pointing to a different DNS server (like OpenDNS).
I've had some problems with my ISP's DNS being out in the past.
Which is too bad because I use Hamachi a lot.