Tech Support: Internet connectivity issues (DNS?)

V

vicv

Expert Member
Joined
Aug 1, 2013
Messages
2,168
Reaction score
0
Location
A creepy van
Howdy

So I've been having this strange issue. Most of the people I've told about it have no idea what the problem could be. Here goes...

After booting up my PC everything works fine for an x amount of time. Sooner or later I would randomly lose my internet connectivity. This affects web browsing, the Steam app and the TeamViewer app. Pinging or trace routing an address still works fine. Rebooting the PC usually solves this issue again for an x amount of time until the problem returns.

Note that this issue only exists on this specific PC. Other devices connected to the network are not affected in any way.

All the necessary and unnecessary info:
MSI Z77A-G43 GAMING Mobo
Intel Core i5 3570 3.40GHz CPU
2x8GB Corsair Vengeance RAM
AMD Radeon HD6850 2GB GDDR5 GPU
128GB SSD as boot disk
2x1TB HDDs as secondary
Windows 8.1 64-bit (Recently formatted)

Netgear DGN2200 Router connected via Ethernet to PC
Internet connection is Afrihost 2Mbps Business Uncapped ADSL
Router DNS is set to UnoTelly's Johannesburg and Cape Town servers, respectively.

For what it's worth, the LAN settings are set as follows:
LAN settings.png
I believe the problem was intensified when the "Automatically detect settings" checkbox was checked(default).

Anyone with some experience with this problem? Feedback would be appreciated :)

V
 
Last edited:
All you showing in your network settings is your IE config. As you stated Steam and Teamviewer are affected, so you can do away with thinking that your IE settings are at fault.

Can you paste some tracert's when the issue occurs as well as an ipconfig?

You could also manually put an IP with DNS config into your pc network config in the same subnet as your router as a test.

That would eliminate your router from wanting do renew DHCP addresses to frequently and having your host table on your pc
Getting confused.
 
Last edited:
funkzar said:
All you showing in your network settings is your IE config. As you stated Steam and Teamviewer are affected, so you can do away with thinking that your IE settings are at fault.

Can you paste some tracert's when the issue occurs as well as an ipconfig?

You could also manually put an IP with DNS config into your pc network config in the same subnet as your router as a test.
Click to expand...
Will post those stats when it happens again
 
funkzar said:
All you showing in your network settings is your IE config. As you stated Steam and Teamviewer are affected, so you can do away with thinking that your IE settings are at fault.

Can you paste some tracert's when the issue occurs as well as an ipconfig?

You could also manually put an IP with DNS config into your pc network config in the same subnet as your router as a test.

That would eliminate your router from wanting do renew DHCP addresses to frequently and having your host table on your pc
Getting confused.
Click to expand...

vicv said:
Will post those stats when it happens again
Click to expand...

Happened again

ipconfig:

C:\Windows\system32>ipconfig

Windows IP Configuration


Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::6895:2e80:c27e:c5e6%7
IPv4 Address. . . . . . . . . . . : 192.168.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1

Ethernet adapter Bluetooth Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Tunnel adapter isatap.{4D148740-F483-4454-878D-75182351A3CC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:28a9:2bda:3f57:fffd
Link-local IPv6 Address . . . . . : fe80::28a9:2bda:3f57:fffd%9
Default Gateway . . . . . . . . . : ::


ipconfig /all:

C:\Windows\system32>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Vic-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Killer e2200 Gigabit Ethernet Controller
(NDIS 6.30)
Physical Address. . . . . . . . . : removed
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6895:2e80:c27e:c5e6%7(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 24 July 2014 19:19:58
Lease Expires . . . . . . . . . . : 25 July 2014 19:39:48
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 131349886
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-5B-33-6F-D4-3D-7E-B8-E2-60

DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
#2
Physical Address. . . . . . . . . : removed
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4D148740-F483-4454-878D-75182351A3CC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : removed
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : removed
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:28a9:2bda:3f57:fffd(Pref
erred)
Link-local IPv6 Address . . . . . : fe80::28a9:2bda:3f57:fffd%9(Preferred)
Default Gateway . . . . . . . . . : ::
DHCPv6 IAID . . . . . . . . . . . : 218103808
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-5B-33-6F-D4-3D-7E-B8-E2-60

NetBIOS over Tcpip. . . . . . . . : Disabled


tracert local:

C:\Windows\system32>tracert mybroadband.co.za

Tracing route to mybroadband.co.za [197.242.89.170]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.0.1
2 10 ms 9 ms 9 ms 105-236-4-129-esr-lo.mtnbusiness.co.za [105.236.
4.129]
3 13 ms 12 ms 13 ms ipc-recieve-rb-4a.za.mtnbusiness.net [41.181.178
.89]
4 15 ms 14 ms 13 ms rb-cr-1.za--rb-dca-1.za-a.mtnns.net [196.44.0.14
6]
5 14 ms 13 ms 27 ms jh-cr-2.za--rb-cr-1.za-a.mtnns.net [196.44.31.95
]
6 13 ms 12 ms 13 ms qux-jh-dca-2.za-b.za.mtnbusiness.net [41.181.165
.115]
7 12 ms 12 ms 13 ms jh-pr-1.za--jh-cr-2.za.mtnns.net [196.44.0.222]

8 * * * Request timed out.
9 31 ms 32 ms 32 ms CORE.GP-CN-HET-MEE-1.TO.GP-MR-VOD-MEE-1.DFA.P2P.
10G.za.africainx.net [41.84.12.151]
10 31 ms 31 ms 31 ms 41-66-132-246-f6.HET001-CPE-1-to-GP-CN-HET-MEE-1
.africainx.net [41.66.132.246]
11 33 ms 33 ms 33 ms core-access-switch1.jnb1.host-h.net [197.189.193
.1]
12 33 ms 34 ms 33 ms row-access-switch1-row3-4.jnb1.host-h.net [197.1
89.193.36]
13 33 ms 32 ms 32 ms 197.242.89.170

Trace complete.


tracert intl:

C:\Windows\system32>tracert bbc.co.uk

Tracing route to www.bbc.co.uk [31.3.246.202]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.0.1
2 10 ms 10 ms 10 ms 105-236-4-129-esr-lo.mtnbusiness.co.za [105.236.
4.129]
3 13 ms 11 ms 12 ms ipc-recieve-rb-2a.za.mtnbusiness.net [41.181.178
.65]
4 12 ms 13 ms 13 ms rb-cr-1.za--rb-dca-1.za-a.mtnns.net [196.44.0.14
6]
5 13 ms 13 ms 35 ms jh-cr-2.za--rb-cr-1.za-a.mtnns.net [196.44.31.95
]
6 12 ms 13 ms 13 ms qux-jh-dca-2.za-b.za.mtnbusiness.net [41.181.165
.115]
7 210 ms 210 ms 209 ms linx.redstation.net.uk [195.66.225.138]
8 196 ms 196 ms 196 ms h185-20-96-49.host.redstation.co.uk [185.20.96.4
9]
9 196 ms 196 ms 196 ms 186-16-200-109.rackcentre.redstation.net.uk [109
.200.16.186]
10 212 ms 213 ms 212 ms h31-3-246-202.host.redstation.co.uk [31.3.246.20
2]

Trace complete.


ping local:

C:\Windows\system32>ping afrihost.co.za

Pinging afrihost.co.za [197.242.144.102] with 32 bytes of data:
Reply from 197.242.144.102: bytes=32 time=14ms TTL=57
Reply from 197.242.144.102: bytes=32 time=15ms TTL=57
Reply from 197.242.144.102: bytes=32 time=14ms TTL=57
Reply from 197.242.144.102: bytes=32 time=14ms TTL=57

Ping statistics for 197.242.144.102:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 15ms, Average = 14ms

ping intl:

C:\Windows\system32>ping novafusion.pl

Pinging novafusion.pl [104.28.17.88] with 32 bytes of data:
Reply from 104.28.17.88: bytes=32 time=194ms TTL=52
Reply from 104.28.17.88: bytes=32 time=192ms TTL=52
Reply from 104.28.17.88: bytes=32 time=259ms TTL=52
Reply from 104.28.17.88: bytes=32 time=193ms TTL=52

Ping statistics for 104.28.17.88:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 192ms, Maximum = 259ms, Average = 209ms
 
Grasmuis said:
Have you tried to scan your computer for any malware? Could be something running in the background hijacking your DNS

try https://www.malwarebytes.org/
Click to expand...

vicv said:
I ran Malwarebytes and it picked up the following:
View attachment 135070

My Googling skills tells me this is indeed a browser hijacker.

Will remove it and see if that fixed it :)
Click to expand...

Interesting. I ran Malwarebytes again and the threat showed again. Is there anything I can do to remove it permanently?
 
vicv said:
Interesting. I ran Malwarebytes again and the threat showed again. Is there anything I can do to remove it permanently?
Click to expand...

What antivirus software are you running? It doesn't sound like a browser hijack scenario. It might be redirecting your ports. But it doesn't seem correct either.
 
Check that your router has not been hijacked.

Happened to my dad as the person that set it up left the password as the default.

Simplest is to just check the DNS settings on the router, if they are not normal reset it and put all your details back in again.
 
AstroTurf said:
Check that your router has not been hijacked.

Happened to my dad as the person that set it up left the password as the default.

Simplest is to just check the DNS settings on the router, if they are not normal reset it and put all your details back in again.
Click to expand...

Those would be the D-Link modems Telkom sold
 
grim said:
Those would be the D-Link modems Telkom sold
Click to expand...

I have no idea, he has some guy that does his stuff as I am to far away and can't spend my weekends doing favours for all and sundry (I have my own life), anyway you may be right.

I went into his pc using his 3g connection and teamviewer and just reset the thing remotely.
 
PsyWulf said:
Give this tool a try http://www.bleepingcomputer.com/download/windows-repair-all-in-one/

It sounds like either your DNS "Client" is failing and only cached resolutions are working or a similar networking issue ( Netbios etc )
Did you check your event viewer?
Click to expand...

Installing the program right now. Had a look in Event Viewer, not sure what I was looking for :erm:

grim said:
Try using 8.8.8.8 and 8.8.4.4 as your DNS servers and see if the problem persists.
Click to expand...

My router is setup to block Google DNS for streaming on my Chromecast, don't really feel like changing it again and I doubt that it would solve the problem as I have no issues with my laptop etc.

I'm really thinking that it's that malware file causing this. I'm hopping to the Malwarebytes forum atm.
 
Thanks for everyone's suggestions so far.

After following suggestions on the Malwarebytes forum, I believe the best thing to do at this stage, being the easy fix for me, is to reinstall Windows.
Think I will run an Avast boot time scan first though just to be sure that something fishy isn't about on my HDDs.

Will report back if I were to experience the problem again on a clean install. Now I just have to figure out what I installed that came bundled with malware. I had only installed the basic programs that I'd needed so far.
 
Update: Format seems to have fixed the connectivity problem. Installed Malwarebytes along with Avast at first boot. Malwarebytes still picked up the SnapDo program though.

Wish Malwarebytes Free offered real-time protection. Why can't they just include anti-malware in antivirus programs? :erm:
 
vicv said:
Update: Format seems to have fixed the connectivity problem. Installed Malwarebytes along with Avast at first boot. Malwarebytes still picked up the SnapDo program though.

Wish Malwarebytes Free offered real-time protection. Why can't they just include anti-malware in antivirus programs? :erm:
Click to expand...

Quality comes at a price. I pay an annual sub for ESET, which is wonderfully transparent.

I guess you really do get what you pay for... :erm:
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X