[Solved] Internet connection is dropping and reconnecting every 30 to 40 seconds.

[dokcat]

I am using a 4 year old Acer Aspire M3600 running Windows Vista Home Premium.

 

 

I am connected by cable to a ZyXEL router.

 

 

 

I use Firefox and AOL as browsers and my ISP is Virgin Media...

 

I am currently experiencing a problem with internet access in which my connection is dropping and reconnecting every 30 to 40 seconds.

 

 

My son ran Malware Anti-malware and found several infections which it cleared and the connection remained stable for a day or so but the problem returned.

 

 

I have carried out a restore back to factory settings and again everything was stable for until I switched off for the night. Upon restarting the next morning the problem had returned.

I reloaded Malware Anti-malware and ran another scan but no infections were found.

 

 

I am using AVG 2011 and this has not found any infections.

 

 

We have 3 laptops which are having no connection problems at all.

 

I am not sure if this a Hardware or infection problem?

 

 

Please help

[Mag476]

Hi, just out of curiosity are you using a wired or wireless network connection on the computer you're having problems with?

 

Please download and run Ipcon, you can grab it here, extract it somewhere then run it, it will take about 1 minute to complete and you will see many cmd windows during the process, this is normal.

 

Please post the reg.txt as an attachment to this thread when it has finished and i'll see what I can do.

 

Note: If you have any antivirus software it may detect the file as a false positive, it is safe.

Edited October 2, 2011 by Mag476

[dokcat]

Connected by ethernet cable...PC does not have wireless..

 

Report from scan

 

 

Windows IP Configuration

 

Host Name . . . . . . . . . . . . : Kitchen-PC

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : cable.virginmedia.net

Description . . . . . . . . . . . : Intel® PRO/1000 PL Network Connection

Physical Address. . . . . . . . . : 00-1E-90-0A-9A-CD

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Local Area Connection* 6:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Local Area Connection* 7:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 02-00-54-55-4E-01

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

 

 

Pinging 194.119.131.66 with 32 bytes of data:

 

 

 

General failure.

 

Request timed out.

 

Request timed out.

 

Reply from 194.119.131.66: bytes=32 time=503ms TTL=55

 

 

 

Ping statistics for 194.119.131.66:

 

Packets: Sent = 4, Received = 1, Lost = 3 (75% loss),

 

Approximate round trip times in milli-seconds:

 

Minimum = 503ms, Maximum = 503ms, Average = 503ms

 

 

 

Pinging plus.net [212.159.9.2] with 32 bytes of data:

 

 

 

Reply from 212.159.9.2: bytes=32 time=40ms TTL=245

 

Reply from 212.159.9.2: bytes=32 time=29ms TTL=245

 

General failure.

 

General failure.

 

 

 

Ping statistics for 212.159.9.2:

 

Packets: Sent = 4, Received = 2, Lost = 2 (50% loss),

 

Approximate round trip times in milli-seconds:

 

Minimum = 29ms, Maximum = 40ms, Average = 34ms

 

 

 

Tracing route to 194.119.131.66 over a maximum of 30 hops

 

 

 

1 2 ms 3 ms 2 ms 192.168.1.1

 

2 * * 9 ms cpc3-nwrk4-2-0-gw.12-1.cable.virginmedia.com [86.26.44.1]

 

3 11 ms 11 ms 11 ms nott-core-1a-ae5-1668.network.virginmedia.net [86.28.83.53]

 

4 15 ms 16 ms 12 ms leed-bb-1a-as0-0.network.virginmedia.net [213.105.174.169]

 

5 16 ms 16 ms 16 ms nrth-bb-1b-as2-0.network.virginmedia.net [62.253.185.101]

 

6 18 ms 15 ms 13 ms nrth-tmr-2-ae6-0.network.virginmedia.net [213.105.159.34]

 

7 General failure.

 

 

 

Trace complete.

 

These Windows services are started:

 

Acer HomeMedia Connect Service

Application Experience

Application Information

ArcSoft Connect Daemon

AVG WatchDog

AVGIDSAgent

Background Intelligent Transfer Service

Base Filtering Engine

COM+ Event System

Cryptographic Services

Cyberlink RichVideo Service(CRVS)

DCOM Server Process Launcher

Desktop Window Manager Session Manager

DHCP Client

Diagnostic Policy Service

Diagnostic System Host

Distributed Link Tracking Client

DNS Client

DQLWinService

eDataSecurity Service

ePerformance Service

eRecovery Service

Group Policy Client

Human Interface Device Access

IKE and AuthIP IPsec Keying Modules

Intel® Alert Service

Intel® Matrix Storage Event Monitor

IP Helper

IPsec Policy Agent

KtmRm for Distributed Transaction Coordinator

LightScribeService Direct Disc Labeling Service

MBAMService

Multimedia Class Scheduler

Network Connections

Network List Service

Network Location Awareness

Network Store Interface Service

Plug and Play

Portable Device Enumerator Service

Print Spooler

Program Compatibility Assistant Service

ReadyBoost

Remote Access Connection Manager

Remote Procedure Call (RPC)

Secondary Logon

Security Accounts Manager

Security Center

Server

Shell Hardware Detection

Software Licensing

SSDP Discovery

Superfetch

System Event Notification Service

Tablet PC Input Service

Task Scheduler

TCP/IP NetBIOS Helper

Telephony

Terminal Services

Themes

UPnP Device Host

User Profile Service

WebClient

Windows Audio

Windows Audio Endpoint Builder

Windows Driver Foundation - User-mode Driver Framework

Windows Error Reporting Service

Windows Event Log

Windows Firewall

Windows Image Acquisition (WIA)

Windows Management Instrumentation

Windows Modules Installer

Windows Search

Windows Time

Windows Update

WinHTTP Web Proxy Auto-Discovery Service

Workstation

 

The command completed successfully.

 

 

Microsoft Windows [Version 6.0.6000]

 

MTU MediaSenseState Bytes In Bytes Out Interface

------ --------------- --------- --------- -------------

4294967295 1 0 1032742 Loopback Pseudo-Interface 1

1500 1 21250085 5570998 Local Area Connection

 

===========================================================================

Interface List

8 ...00 1e 90 0a 9a cd ...... Intel® PRO/1000 PL Network Connection

1 ........................... Software Loopback Interface 1

11 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.41 20

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

192.168.1.0 255.255.255.0 On-link 192.168.1.41 276

192.168.1.41 255.255.255.255 On-link 192.168.1.41 276

192.168.1.255 255.255.255.255 On-link 192.168.1.41 276

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 192.168.1.41 276

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 192.168.1.41 276

===========================================================================

Persistent Routes:

None

 

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

1 306 ::1/128 On-link

8 276 fe80::/64 On-link

8 276 fe80::6852:b191:f7f:38a2/128

On-link

1 306 ff00::/8 On-link

8 276 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

 

Local Area Connection:

Node IpAddress: [0.0.0.0] Scope Id: []

 

 

 

No Connections

 

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Windows Defender REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide

IgfxTray REG_SZ C:\Windows\system32\igfxtray.exe

HotKeysCmds REG_SZ C:\Windows\system32\hkcmd.exe

Persistence REG_SZ C:\Windows\system32\igfxpers.exe

RtHDVCpl REG_SZ RtHDVCpl.exe

Acer Empowering Technology Monitor REG_SZ C:\Acer\Empowering Technology\SysMonitor.exe

eDataSecurity Loader REG_SZ C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

IAAnotif REG_SZ "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

Acer Tour REG_SZ

CCUTRAYICON REG_SZ FactoryMode

NMSSupport REG_SZ "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup

WarReg_PopUp REG_SZ C:\Acer\WR_PopUp\WarReg_PopUp.exe

eRecoveryService REG_SZ

Acer Tour Reminder REG_SZ C:\Acer\AcerTour\Reminder.exe

ArcSoft Connection Service REG_SZ C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

AVG_TRAY REG_SZ C:\Program Files\AVG\AVG10\avgtray.exe

SunJavaUpdateSched REG_SZ "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HostManager REG_SZ C:\Program Files\Common Files\AOL\1317412080\ee\AOLSoftware.exe

Malwarebytes' Anti-Malware REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

 

 

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Sidebar REG_SZ C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

 

 

 

Microsoft Windows [Version 6.0.6000]

[KenB]

Connected by ethernet cable...PC does not have wireless..

Have you tried a different cable?

 

Malware Anti-malware and found several infections

Please post the log for this scan.

 

Was the system running OK prior to the Malware being found on the system ?

[dokcat]

As I didn't save the report to a stick drive before I reset back to (As New) Factory settings the report is nolonger available.....

 

As I do sometimes have access (like at the moment) I don't believe the cable is the cause of the problem....

 

The reason for doing the Malware Scan was because I had the problem, it started 8 or 9 days ago...

[KenB]

I don't believe the cable is the cause of the problem

You could have a dry joint on a connection.

 

Was the system running OK prior to the Malware being found on the system ?

I ask again ....

[dokcat]

Yes my connection was ok up to 8 or 9 days ago the malware scan was run 6 days ago after unplugging the cable from the router and putting in to another vacant socket had no effect.......It has also been unplug from the socket in the PC......

[KenB]

Your Trace Route shows that you are getting as far as your ISP then "General Failure"

 

Start > type in ......devmgmt.msc .....ENTER

What is listed when you click the + next to Network Adapters ?

Intel® PRO/1000 PL ??

 

Are there any yellow exclamation marks?

[Mag476]

This could be many things, and it appears you are getting very heavy packet loss on a wired machine, which is most likely a router issue.

 

Before we continue please do the following. Open up your start menu > in the search box type cmd and press enter. Then type in and press enter in the following order.

 

ipconfig /release "Local Area Connection"

ipconfig /flushdns

ipconfig /renew "Local Area Connection"

ipconfig /registerdns

Now thats over with, with cmd still open type in 'ping www.google.com' without quotes, do you still get any packet loss?

 

Anyway lets continue... sorry for the long post.

 

I'm just assuming that you have a wireless router which the laptops use for wireless internet, but this one machine is wired? because i'm not sure of your current wired map let's just go over a few things (ok alot :D).

 

Open your Start Menu > Control Panel > Network and Sharing Center > In the top left Change Adapter Settings. Now before we proceed please login to your router via a web browser. usually 192.168.0.1 / 192.168.1.1, check your router box if you are unsure.

 

Once you've logged in, check attached devices this should give you a list of currently connected devices and the IP for that machine. Note this down if you can. Next if it is indeed a wireless router try changing the mode to auto if its on g & b or g only, some channels/frequencies can cause intermittent connections over a network and may appear fine for the wireless user, but lock up the internet connection for other users.

 

Now look for the DHCP setting in your router, is this enabled or disabled? i'm going to assume by default its enabled.

 

Are all of the network adapters in your household set to obtain IP and DNS addresses automatically? (if you're unsure about this i'll explain below)

 

Here is a list of things i'd like you to check in order.

 

 

1. It appears you have a few network adapters that could be conflicting. Try disabling all but your primary network adapter (you can do this by right clicking on them and selecting disable, you can re-enable these later) which is 'Local Area Connection' with a description of 'Intel® PRO/1000 PL Network Connection'.
   
2. Right click on your Network Connection and select properties.
   
3. Select Internet Protocol Version 4 (TCP/IPv4) then select properties.
   
4. Are both IP and DNS boxes set to obtain automatically or use the following:?
   
5. If your router does have DHCP enabled and you are set to obtain automatically it is possible that you've been assigned an to an ip that is out of your routers DHCP range (this does tend to happen, especially with wireless routers).
   

Try setting a manual IP, now take note that the usual range for DHCP is 192.168.0.1 - 192.168.0.255 so for the last box choose anything inbetween say 10-245 to be safe(different ISP's may provide you with routers that start with different variations e.g. yours may be '192.168.1.1' or '192.168.10.1') if you get confused here, the ip that you used to login to your router is the template you're looking for.

 

So it should look something like this:

 

IP Address: 192.168.1.100

Subnet Mask: 255.255.255.0

Default Gateway: enter the IP you used to login to your router.

 

Preffered DNS Server: enter the ip you used to login to your router.

Alternate DNS Server: can be left blank, unless you have an alternate.

 

If you have made it this far and it's still not working, please set your adapter back to 'Obtain IP address automatically' and same for the DNS for the time being.

Edited October 2, 2011 by Mag476

[dokcat]

Yesterday the connection settled down and held the connection

for 12 hours this morning it was back to it's standard

connect /disconnect format.

 

Ran first part of last set of instructions but i can not find the "

"Change adaptor setting" option in location indicated....

 

Microsoft Windows [Version 6.0.6000]

Copyright © 2006 Microsoft Corporation. All rights reserved.

 

C:\Users\Kitchen>ipconfig /release "Local Area Connection"

The requested operation requires elevation.

 

C:\Users\Kitchen>ipconfig /flushdns

The requested operation requires elevation.

 

C:\Users\Kitchen>ipconfig /renew "Local Area Connection"

 

Windows IP Configuration

 

 

Ethernet adapter Local Area Connection:

 

Connection-specific DNS Suffix . : cable.virginmedia.net

Link-local IPv6 Address . . . . . : fe80::6852:b191:f7f:38a2%8

IPv4 Address. . . . . . . . . . . : 192.168.1.41

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

 

Tunnel adapter Local Area Connection* 6:

 

Connection-specific DNS Suffix . : cable.virginmedia.net

Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.41%11

Default Gateway . . . . . . . . . :

 

Tunnel adapter Local Area Connection* 7:

 

Connection-specific DNS Suffix . :

IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:2c51:2ec0:3f57:fed6

Link-local IPv6 Address . . . . . : fe80::2c51:2ec0:3f57:fed6%9

Default Gateway . . . . . . . . . : ::

 

C:\Users\Kitchen>ipconfig /registerdns

The requested operation requires elevation.

 

C:\Users\Kitchen>ping http://www.google.com

 

Pinging http://www.l.google.com [209.85.169.103] with 32 bytes of data:

 

Reply from 209.85.169.103: bytes=32 time=33ms TTL=52

Reply from 209.85.169.103: bytes=32 time=45ms TTL=52

Reply from 209.85.169.103: bytes=32 time=37ms TTL=52

Reply from 209.85.169.103: bytes=32 time=43ms TTL=52

 

Ping statistics for 209.85.169.103:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 33ms, Maximum = 45ms, Average = 39ms

 

C:\Users\Kitchen>CC

[KenB]

You have IPv6 enabled.

 

Try disabling this to test.

Control panel > Network & Sharing > Manage Network Connections > Right click Local Area Connection > Properties

Uncheck the box next to "Internet Protocol Version 6" > OK

 

Try it now.

 

==============

Have you tried replacing the filters one at a time with a known good one ?

[dokcat]

Hi sorry about the delay in response but I tried your last suggestion again with no success but the problem has now been resolved when the ZyXEL router decided to stop providing connections to the Laptops.......New router purchased and all, including my desktop are now functioning......

 

Thank you for your time and help........

[KenB]

Thanks for the feedback.

 

Good to hear you are up and running again.