Community Forum

"Utopia.net" DNS suffix coming from router?

New Poster

"Utopia.net" DNS suffix coming from router?

 

What follows is a long story, so bear with me:

  1. I started internet service through Comcast and recieved an Arris model X5001 gateway from them for my new internet service. Let's say I named the network 'Bob'.
  2. After about a week, I start to get the following message on my antivirus program Norton Security multiple times an hour, every day, on both computers I use to connect to my new internet Bob. Category: Intrusion Prevention
    An intrusion attempt by cgqnpvkaxtasme.utopia.net was blocked. Malicious Site: Malicious Domain Request 21,"cgqnpvkaxtasme.utopia.net (208.91.197.27, 80)",wpad.utopia.net/wpad.dat,"10.0.0.44, 62050",cgqnpvkaxtasme.utopia.net (208.91.197.27),"TCP, www-http"
    Network traffic from <b>wpad.utopia.net/wpad.dat</b> matches the signature of a known attack.  The attack was resulted from \DEVICE\HARDDISKVOLUME4\WINDOWS\SYSTEM32\SVCHOST.EXE.
  3. After a week of this, I get irritated and go looking through the internet to find out what's up. I eventually open command prompt and run 'ipconfig' to see my internet settings. My computer's DNS suffix now reads utopia.net no matter whether I'm connected to Bob or another network. I continue to get the antivirus block notifications (with slightly less frequency) when I use other wifi networks.
  4. I call my antivirus support team. They've seen this before, a lot in recent weeks. Helpful person assists me in changing my DNS suffix by deleting all instances of "utopia.net" from the registry.
  5. We attempt to reconnect to Bob, and "utopia.net" returns. We then follow instructions on how to perform a hard reset of the router and return it to factory settings, with changed passwords (new name zombieBob).
  6. We connect to zombieBob, and "utopia.net" returns.
  7. We clean up the PC's again and DON'T connect to zombieBob. Antivirus guy recommends a replacement gateway, so I call Comcast. They've never heard of this issue, but provide a replacement router anyway the next day.
  8. I set router firewalls to maximum, change every password, etc. I attempt to connect to the new wi-fi (let's say Jim) and test the ipconfig. "utopia.net" is labelled as the connection-specific DNS suffix. In the registry, it comes up as "Dhcp domain".
  9. I disconnect from Jim and check the ipconfig. "utopia.net" no longer appears there, or anywhere in the registry.
  10. I post here and on my antivirus's support forums because I am now thorooughly irritated and out of ideas.

with utopia ipconfig.PNGwith comcast ipconfigwith utopia regsitry.PNGwith comcast registrywithout utopia ipconfig.PNGother network ipconfigwithout utopia registry.PNGother network registry

 

 

Silver Problem Solver
New Poster

Re: "Utopia.net" DNS suffix coming from router?

Read those. And others. Several times. They don't come to a conclusion. Why the two xfinity topics about this are marked "solved", I have no idea.

 

I have managed to temporarily force my two computers with problems to choose a comcast DNS suffix instead of the automatic utopia one. However, I don't know if this is going to be a problem when I head over to my friend's place with Verizon internet, for example. Also waiting to see if this prevents the attacks my antivirus noticed.

 

I'm currently trying to get better help on another forum. Will post if I find a permanent solution.

Official Employee

Re: "Utopia.net" DNS suffix coming from router?


@sbernie2 wrote:

Read those. And others. Several times. They don't come to a conclusion. Why the two xfinity topics about this are marked "solved", I have no idea.

 

I have managed to temporarily force my two computers with problems to choose a comcast DNS suffix instead of the automatic utopia one. However, I don't know if this is going to be a problem when I head over to my friend's place with Verizon internet, for example. Also waiting to see if this prevents the attacks my antivirus noticed.

 

I'm currently trying to get better help on another forum. Will post if I find a permanent solution.


Hi @sbernie2

 

We appreciate you posting to the Xfinity Forums. Were you able to find a solution to this?  


I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: CARE, Product, Leadership. We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!