Question DNS Changing Itself, Losing Connection

Zenakku

Reputable
Mar 8, 2016
6
0
4,510
0
A couple months ago I was having issues with randomly losing my connection. I found out that my DNS settings had been changed to use a specific address of 172.98.193.42 with an alternate of 192.99.85.244.
This seemed to happen out of nowhere as I've been with this ISP for a while with nothing like this happening before. It will switch itself off of auto obtain to this and I've tried using a manual address (Google's) but it still just switches itself right back several times per day.
Whenever it switches to this dns I seem to lose connection despite it still saying I'm connected, I just can't load anything.
I've tried flushing my DNS several times, ran several different virus scans and network diagnostics and none of it has resolved the issue, it even did this on an entirely different network at a different house telling me it's probably on a system level rather than network specific? It's driving me nuts and I'm to the point where I might even try completely wiping my OS and starting from scratch, however that is my last resort as I have several hard drives and if it really is system based then the problem could stem from any of them.
Any ideas on how to get this to stop?
 

Zenakku

Reputable
Mar 8, 2016
6
0
4,510
0
I can't see how it would change if it is hard coded into the ipv4 network settings on the end machine. If you put it in the router it might change but on the end device that is the purpose of a static ip and/or dns settings.
That's exactly why I'm so confused by it.
 

Zenakku

Reputable
Mar 8, 2016
6
0
4,510
0
You may be infected with malware or something
That was my thought as well, I've scanned many times with malware bytes and the microsoft safety scanner. Nothing really out of the ordinary found through those. Any reccomendations on what other software to try?
 
Maybe the event monitor will show something. There is a command that will let you change dns but it must be running as admin to do it.

Both those ip come back to hosting services. The second does not respond for me but the first comes back as a dns server owned by backplanedns.org.

Worst case I suspect you could leave those 2 in and then add the real ones after. You could then use the router command to route those ip to some none existent ip in your lan. Might be a bit slow at times but it should fail on the first 2 and then go to the real ones. Now if the software or whatever removes the alternate dns you added then even that trick will not work.
 

ASK THE COMMUNITY

TRENDING THREADS