How and Why to Use the Netsh Winsock Reset Command (In 2021)

Nick Rimmer

Read more posts by this author.

Are you having Windows network connectivity issues with software such as email clients and web browsers? Sometimes, these issues stem from a corrupt network configuration. The netsh winsock reset command will set important network settings to their defaults, often fixing these network problems!

In this article, you will learn how to reset the Winsock catalog which is a database of network settings, where incorrect configurations and malware affect your network connectivity. Read on to learn practical tips on fixing your network connection and what this cryptic Winsock term is all about!

Prerequisites

This article will be a tutorial. If you plan on following along step-by-step, use any supported version of Windows along with local administrative rights.

What is Winsock?

Based on the Berkeley UNIX Sockets interface, Winsock is an application programming interface (API) that orchestrates different network protocols communication between applications, such as a web browser, and actual network devices.

Included below is a great diagram to demonstrate where exactly the Winsock wsock32.dll library sits in the Windows networking stack.

Winsock Flowchart
Winsock Flowchart

Besides acting as an API, Winsock stores its settings in a database known as the Winsock catalog. In Windows 10 the catalog stores both namespace providers, providing a map between Winsock and a service such as DNS, and base service providers which provides detail on network protocols, such as TCP/IP.

Why “Resetting” Winsock is Necessary

Sometimes the Winsock catalog contains incorrect entries or becomes corrupt. Performing a Winsock reset via the netsh winsock reset in the Windows command prompt will set the Winsock catalog and associated registry settings to their defaults. The relevant registry settings are located in the below path.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9

Why would you want to perform Winsock reset after all?

  • Malware or adware that uses Winsock to get in between the user and the internet.
  • A network device is incorrectly installed or removed.
  • Registry or file system issues corrupt the Winsock catalog.

A real-life example of Winsock malware is HackTool.Win32.Proxifier.A, from the Trend Micro Threat Encyclopedia. Don’t worry, this won’t download any malware!

Prior to Windows Server 2012 and Windows Vista, incorrect settings and malware often existed as Layered Service Providers (LSP) in the Winsock catalog, as described in further detail later in the article. In recent versions of Windows, LSPs were deprecated with functionality moved into the Windows filtering platform.

Winsock problems do not crop up as often anymore, but they still can! Learn to fix incorrectly installed network devices or corrupted Winsock catalogs by reading on.

How to Reset Winsock with netsh winsock reset

Resetting Winsock is best done through the Windows command-line tool netsh. The netsh command displays and modifies the running computer’s network configuration, along with resetting the Winsock catalog.

When performing any Winsock change, you should first save a before and after snapshot of the changed settings, as shown in the below steps.

  1. Open a Command Prompt as an administrator.

2. Copy and run the command shown below to save the results of the Winsock catalog to the file C:\winsock-before.txt prior to resetting the Winsock catalog.

The command below assumes you are in the C:\ directory, otherwise the file will save to the directory your command prompt is currently in.

netsh winsock show catalog > winsock-before.txt

An example of the saved Winsock catalog is shown below. Yours will look similar to this, reflecting your network devices and entries.

Saved Winsock Catalog entry file
Saved Winsock Catalog entry file

3. Next, reset the Winsock catalog by running the following command.

netsh winsock reset
Reset the Winsock catalog via the netsh winsock reset command.
Reset the Winsock catalog via the netsh winsock reset command.

Upon performing the reset command, the Protocol_Catalog9 registry entry is saved to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog_Before_Reset. These entries are binary encoded, so it is much easier to read in plaintext.

4. Now take another snapshot of the Winsock Catalog again to document the changes just made.

netsh winsock show catalog > winsock-after.txt

5. Restart the computer to complete the network reset.

Not all network issues can be solved using the netsh winsock reset command, and in those cases, the netsh int ip reset command comes in handy! Read on to learn when and where to use this command.

Reset TCP/IP Settings with netsh int ip reset

The Winsock catalog is not the only set of network settings that can cause problems. As mentioned earlier, malware and incorrect settings often existed as Winsock LSPs, which are not as prevalent anymore due to their deprecation in newer versions of Windows.

More commonly, network issues exist with TCP/IP configurations. If you have any of the following network problems, then read on to learn how to reset your TCP/IP settings.

  • DNS lookup issues, provided that DNS is configured correctly.
  • DHCP IP address assignment problems, perhaps ipconfig /renew is not working correctly.
  • Limited or no connectivity in your web browser or email client.

In the same local administrator command-prompt, follow the below steps to reset your TCP/IP settings.

  1. Before resetting your IP settings, run the following command to see a snapshot of your current IP settings. In case the reset fails, it is helpful to have a record of your prior network settings.
ipconfig /all
Output from ipconfig /all
Output from ipconfig /all

2. Run the following command in the command prompt to reset your IP settings.

netsh int ip reset

To save the output of the reset command, redirect the output to a file using a command such as: netsh int ip reset > log.txt.

When you reset the TCP/IP settings using the netsh int ip reset command, the following registry settings are overwritten.

SYSTEM\CurrentControlSet\Services\Tcpip\Parameters 
 SYSTEM\CurrentControlSet\Services\DHCP\Parameters
Output from netsh int ip reset
Output from netsh int ip reset

3. Verify your network settings with the ipconfig /all command again, such as IP addresses, default gateways, and DNS settings.

Further Reading & Next Steps

Networking is a complicated topic with many potential issues, but two additional resources that may help are linked below.

Although not all networking issues may be resolved by performing a netsh winsock reset or netsh int ip reset command, both commands provide a great starting point!

Looks like you're offline!