Skip to main content
Start a Conversation

Unsolved

DC

David Cashion

2 Posts

712

May 11th, 2019 20:00

Network Flooding to www.speedtest.com

Sorry for the long, dreary detailed post but I wanted everyone to be able to recreate the issue if needed and provide supporting documentation.

==============================

Computer: Dell Inspiron 15 5565

Active Network Adapters: 1000 Mbs wired network adapter (direct to router) and a VirtualBox Host-Only Ethernet Adapter.

NOTE: Wireless adapter is installed but disabled and not in use

I was reviewing my router log and found repeated calls to speedtest.net. A copy of the log is included below.  Next stop was a nslookup of speedtest.com which resulted in multiple IP addresses (see the nslookup capture below).  With IP addresses in hand I next ran a WireShark packet capture and traced back the IP addess to speedtest.net.  I found it to be repeatedly accessing a configuration PHP file (see scree capture from WireShark below). With the IP and port information in hand I next ran Resource Monitor and found one of my suspect IP addresses associated with a file named rndbmw.exe (PID 3820 in my resource monitor - see screen capture.).  

With the file name in had a google search led me to this locked topic in the Inspiron laptop forum titled 'Dell inspiron wifi issues with Rivet Network services' available at:

https://www.dell.com/community/Inspiron/Dell-inspiron-wifi-issues-with-Rivet-Network-services/td-p/6108120

So now we know it not only affects wireless connections but hardwired connections as well.

The next step is to decide how best to handle it until Dell and the product developer fix it.

Opinions?

PS: I exceeded the Dell limit od 20,000 characters so instead od the full network detail it is only the three described adapters.

Router LogRouter Log

nslookupnslookup

Current System Configuration

OS Name Microsoft Windows 10 Pro
Version 10.0.18362 Build 18362
Other OS Description Not Available
OS Manufacturer Microsoft Corporation
System Name 
System Manufacturer Dell Inc.
System Model Inspiron 5565
System Type x64-based PC
System SKU 0769
Processor AMD A12-9700P RADEON R7, 10 COMPUTE CORES 4C+6G, 2500 Mhz, 4 Core(s), 4 Logical Processor(s)
BIOS Version/Date Dell Inc. 1.1.1, 17-Jul-17
SMBIOS Version 2.8
Embedded Controller Version 255.255
BIOS Mode UEFI
BaseBoard Manufacturer Dell Inc.
BaseBoard Product 0021CT
BaseBoard Version A00
Platform Role Mobile
Secure Boot State On
PCR7 Configuration Elevation Required to View
Windows Directory C:\WINDOWS
System Directory C:\WINDOWS\system32
Boot Device \Device\HarddiskVolume1
Locale United States
Hardware Abstraction Layer Version = "10.0.18362.1"
User Name 
Time Zone Mountain Daylight Time
Installed Physical Memory (RAM) 12.0 GB
Total Physical Memory 11.0 GB
Available Physical Memory 5.18 GB
Total Virtual Memory 13.8 GB
Available Virtual Memory 5.48 GB
Page File Space 2.88 GB
Page File C:\pagefile.sys
Kernel DMA Protection Off
Virtualization-based security Not enabled
Device Encryption Support Elevation Required to View
Hyper-V - VM Monitor Mode Extensions Yes
Hyper-V - Second Level Address Translation Extensions Yes
Hyper-V - Virtualization Enabled in Firmware Yes
Hyper-V - Data Execution Protection Yes







































Current Network Configuration

Name [00000002] Realtek PCIe FE Family Controller
Adapter Type Ethernet 802.3
Product Type Realtek PCIe FE Family Controller
Installed Yes
PNP Device ID PCI\VEN_10EC&DEV_8136&SUBSYS_07691028&REV_07\01000000364CE00000
Last Reset 11-May-19 19:59
Index 2
Service Name rt640x64
IP Address 192.168.0.96, fe80::c437:caea:5efb:e556
IP Subnet 255.255.255.0, 64
Default IP Gateway 192.168.0.1
DHCP Enabled Yes
DHCP Server 192.168.0.1
DHCP Lease Expires 14-Aug-32 15:32
DHCP Lease Obtained 13-Aug-32 15:32
MAC Address ‪64:00:6A:FB:27:15‬
I/O Port 0x00003000-0x00003FFF
Memory Address 0xD1600000-0xD16FFFFF
Memory Address 0xD1200000-0xD12FFFFF
IRQ Channel IRQ 4294967282
Driver C:\WINDOWS\SYSTEM32\DRIVERS\RT640X64.SYS (10.19.627.2017, 960.97 KB (984,032 bytes), 07-Dec-17 10:17)

Name [00000003] Qualcomm QCA9377 802.11ac Wireless Adapter
Adapter Type Ethernet 802.3
Product Type Qualcomm QCA9377 802.11ac Wireless Adapter
Installed Yes
PNP Device ID PCI\VEN_168C&DEV_0042&SUBSYS_18101028&REV_31\4&2B6AACC8&0&0013
Last Reset 11-May-19 19:59
Index 3
Service Name Qcamain10x64
IP Address Not Available
IP Subnet Not Available
Default IP Gateway Not Available
DHCP Enabled Yes
DHCP Server Not Available
DHCP Lease Expires Not Available
DHCP Lease Obtained Not Available
MAC Address ‪B2:52:5C:A0:59:9D‬
Memory Address 0xD1000000-0xD11FFFFF
IRQ Channel IRQ 4294967283
Driver C:\WINDOWS\SYSTEM32\DRIVERS\QCAMAIN10X64.SYS (12.0.0.722, 2.23 MB (2,342,912 bytes), 18-Mar-19 22:43)

Name [00000019] VirtualBox Host-Only Ethernet Adapter
Adapter Type Ethernet 802.3
Product Type VirtualBox Host-Only Ethernet Adapter
Installed Yes
PNP Device ID ROOT\NET\0005
Last Reset 11-May-19 19:59
Index 19
Service Name VBoxNetAdp
IP Address 192.168.56.1, fe80::e967:4864:5083:552b
IP Subnet 255.255.255.0, 64
Default IP Gateway Not Available
DHCP Enabled No
DHCP Server Not Available
DHCP Lease Expires Not Available
DHCP Lease Obtained Not Available
MAC Address ‪0A:00:27:00:00:0B‬
Driver C:\WINDOWS\SYSTEM32\DRIVERS\VBOXNETADP6.SYS (6.0.6.30049, 231.02 KB (236,560 bytes), 16-Apr-19 09:22)

























































Wireshark Packet CaptureWireshark Packet Capture

Resource MonitorResource Monitor

 

 

 

 

 

 

 

 

No Responses!

View More

View All

No Events found!

Top