Why is DNS apparently involved in issuing "dir" on Windows 10?

Question

For complicated reasons, I have been forced to make an identical copy of cmd.exe and rename it to cmd-2.exe, which I put as a shortcut on the Taskbar to have them "grouped" in different taskbar groups.

Sometimes, I forget about this, and to open a new cmd.exe I middle-click that Taskbar icon to open a new cmd.exe. I then type a command such as dir and it spits out a bunch of nonsense, including: DNS bad key, which only happens if I accidentally use cmd-2.exe, not if I open the "real" cmd.exe, so it's not a "practical" problem.

However, I wonder why that message is ever printed at all. Is it apparently failing to do some kind of DNS lookup or something? Why is DNS involved at all with issuing dir to list files on my local computer? I have no network set up, no cloud drives, nothing like that whatsoever. It scares me that (apparently) there are DNS queries being made when I issue dir.

Maybe DNS bad key refers to something completely unrelated to the Domain Name System? I don't know what a "bad key" would even be in that context.

Answer 1

The second cmd.exe fails to locate and subsequently load the localized strings from the cmd.exe.mui satellite resource library.

Here is what it really attempts to say, taken from a 10.0.18362.1 (160101.0800):

• 0x235F: "Volume in drive %1 is %2"
• 0x235B: "Volume Serial Number is %1"
• 0x2339: "Directory of %1"

This is actually the first three lines of a plain dir command output.

This is a funny one. There are no entries for messages numbers 0x235F and 0x235B in the default system message table. So for the first two outputs, you get that cryptic message as shown in @harrymc's console screenshot.

But for 0x2339, there is an entry in the default system message table, physically stored in KernelBase.dll.mui pointing to the text "DNS bad key":

It just so happens to share the number of the "Directory of %1" line of the command processor's resources: a fallback not anticipated by the developers of cmd.exe. So the DNS reference is just a coincidence, it could be anything.

Note that the proper message contains a variable argument (the directory name), while the DNS message doesn't. I guess that's why there is no more output after that - it might just terminate.

Answer 2

I have managed to duplicate the problem:

(I agree that the messages are not very informative.)

The problem is that starting from Vista all the text messages are compiled into a separate file, so Windows would search for a message file with your new CMD name and would not be able to find it.

It is not enough to copy cmd.exe to cmd-2.exe. You also need to copy in the folder %WinDir%\System32\en-US (or your language) the file cmd.exe.mui to cmd-2.exe.mui, otherwise you will get these crazy messages anytime that cmd-2.exe needs to issue a message.

Note : "DNS" here does not refer to the internet Domain Name System. This is just a coincidence.