Unable to disable Comodo Secure DNS.

Hi and things.

I’ve disabled it both in the connection settings and on my router itself, but it won’t go away. It’s frustrating me enough that I uninstalled Comodo entirely just in case that would help, but it hasn’t. I’ve reset my computer and flushed the dns multiple times.

The site it’s giving me trouble with is Comicgenesis.com. Clicking the ‘disregard this warning’ button doesn’t seem to help - It just refuses to connect anyway (timeout error).

I have no idea how it can still be interfering with my browsing as it is, and am equally unsure why the ‘disregard this warning’ function doesn’t actually let me get to the site. I use the Mozilla Firefox beta (version 4, beta 12), but have also tried using ie9, which didn’t work.

Any help would be appreciated.

Welcome

Can you run ipconfig /all from the command prompt and post the results, please.

Here you are.

C:\Users\Satre>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Aces_wild
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Realtek RTL8187SE Wireless LAN PCIE Netwo
rk Adapter
Physical Address. . . . . . . . . : 00-26-B6-2C-A0-D5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f944:6c84:bd25:88a6%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, 6 April 2012 1:49:15 PM
Lease Expires . . . . . . . . . . : Monday, 13 May 2148 9:12:42 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 218113718
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-AC-19-B2-00-26-22-EB-5E-D0

DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-22-EB-5E-D0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1832:2202:3f57:fdfc(Pref
erred)
Link-local IPv6 Address . . . . . : fe80::1832:2202:3f57:fdfc%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Your DNS is pointing at your router, are you sure you’ve disabled/changed it there?

Yes. I have my router pointed at 203.12.160.35, which is the DNS of my ISP (TPG).

can you show us exactly what you are seeing when the site is blocked (screenshot)?

My rather inexpertly cropped error message :stuck_out_tongue:
http://imgur.com/gx3oB

There’s only the single entry for DNS in the router?

Interesting. As a test, would you mind changing your PC DNS settings from dynamic to static DNS. Either use your ISP or try a third-party option such as Google - 8.8.8.8

The secondary is 203.12.160.36, and the alternate 203.12.160.37

I’ve also pointed my PC in the same direction, just incase. Still no luck.

In firewall application rules, can you check the rules for svchost and firefox please.

I don’t have a firewall enabled. I’m not sure how to check the application rules, but I’m not sure how they could be interfering. Then again, I have no idea how Comodo could still be interfering :stuck_out_tongue:

Hi Jeanne_Satre,
Have you cleared all of your browsing data, history, cache, cookies etc?
Can you temporary bypass your router for testing?

It may have been possible that your firewall application rules had specific entries for DNS, but if you’re not using the firewall…

can you run:

ipconfig /flushdns - followed by ipconfig /displaydns

from a command prompt. See if anything shows in displaydns. Also from a command prompt type:

arp -a

Post the details here.

Another suggestion is to reboot the router, it’s possible it’s caching the DNS, but if you’ve created static entries on the PC, they should override the router settings. You might also check the hosts file, which is found at:

Windows\System32\drivers\etc\hosts

It’s only a text file so you can use any text editor to view it. If you’re not sure what you’re looking at, you can post the details.

Just a thought.
If using Dragon browser is the COMODO DNS set up there ???

I’ve cleared all of my cookies and my cache. I’m not sure what you mean by bypassing my router.

I’ve rebooted my router, and my arp -a is as follows:

C:\Users\Satre>arp -a

Interface: 192.168.2.3 — 0xc
Internet Address Physical Address Type
192.168.2.1 94-44-52-d9-08-09 dynamic
192.168.2.255 ff-ff-ff-ff-ff-ff static
224.0.0.2 01-00-5e-00-00-02 static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.252 01-00-5e-00-00-fc static
224.0.0.253 01-00-5e-00-00-fd static
239.255.255.250 01-00-5e-7f-ff-fa static
255.255.255.255 ff-ff-ff-ff-ff-ff static

I’ve already added the IPs for Comicgenesis and Cerintha (The comic that started this) into my hostsfile.

I use Mozilla Firefox 4 beta 12. The problem also persists in Internet Explorer 9, which I only use for confirming issues like this.

This is very strange. I feel the problem must lay with the router but we can try a few more tests. For the second test, is I’ll need you to make sure the firewall is enabled in CIS. You can check this by looking at the summary screen (image)

First test:

Before doing anything in the tests, run ipconfig /flushdns

  1. Open a command prompt
  2. Type nslookup
  3. What are the details reported
  4. Remove the DNS entries from the host file and Network settings
  5. type nslookup
  6. What are the details.

Post those results here. If necessary we can go on to the next test

Second test:

  1. Make sure CIS firewall is enabled
  2. Make sure the Windows firewall is disabled (control panel/windows firewall)
  3. Clear the DNS entries from the host file and Network settings
  4. From the Start menu run services.msc
  5. Find the DNS client service and stop it.
  6. Open CIS/Firewall/Network Security Policy/Applications
  7. Delete any rules for firefox
  8. Open CIS/Firewall/Firewall Behaviour Settings
  9. Change the slider to Custom policy
  10. Switch to the Alert Settings tab
  11. Move the slider to Very High
  12. Run firefox and answer the alerts the first should be for DNS. note the IP address

[attachment deleted by admin]

My hosts file contains a whole sheet of IPs for spybot S&D, and the few I put in for Cerintha and Comicgenesis. I can’t see anything in there relating to my DNS itself, so I skipped that part.

Hopefully not having it in there in the first place isn’t its own problem :stuck_out_tongue:

Before:

C:\Users\Satre>nslookup
Default Server: dns1.tpgi.com.au
Address: 203.12.160.35

After:

C:\Users\Satre>nslookup
Default Server: UnKnown
Address: 192.168.2.1

I currently have Comodo uninstalled. Would you like me to reinstall it to carry out the second test? I would have thought uninstalling it would have purged of the application rules as well.

I hope it’s not my router. I have no idea what I could do to fix that, and I’m not in much of a position to afford another at the moment :stuck_out_tongue:

The first nslookup, I assume is reporting the DNS it’s finding from the network settings, although it differs by one digit (203.12.160.35) form the information you posted earlier?

The second nslookup is picking up your router, which is correct in the absence of any local settings. To ll intents and purposes, these are telling us your PC settings are correct, which does point to the router. However, usually, locally applied DNS will take precedence over router settings.

At this point I don’t think reinstalling CIS will help, but I’m also not sure where else to go. The easiest thing would be, if possible, to connect the Internet directly to the PC, bypassing the router entirely. Failing that, you could try placing the PC in the router DMZ. Another option is to completely disable DHCP/DNS in the router and set these locally.

That is weird. My router is using COMODO Secure DNS servers and http://www.comicgenesis.com/ loads just fine.

Did you use…

8.26.56.26 (Primary)
8.20.247.20 (Secondary)

The other thing I do see is when you run NSLOOKUP it is not showing a default server name after changing settings.

What is your setup? Are you using a modem connected to a router or a combo modem/router?

If you haven’t tried yet, set your computer’s IP and DNS to automatic and shut it down. Unplug your modem and router or combo. Wait a couple of minutes and plug them back in. Once the self test finishes, turn your computer on.

What I meant was if your Modem/Router are separate items you could plug direct to the Modem leaving the router out.