"No internet" after a Windows update, apparently unfixable. Anybody on the planet who can find its root-cause?

Question

About 10 days ago, a colleague brought me his laptop due to a "no internet" problem. It's an Asus with Windows 11 Home on it. 22H2 was the version when the problem occurred. That happened a few days before, after a round of Windows updates. But he admitted it had been quite a long time he didn't run updates on that laptop (not knowingly at least).

Long story short: It does connect to the internet (I can ping external websites in CMD by IP address), but it cannot surf the web (neither in any browser, nor even by pinging websites in CMD via names [but nslookup does work!].

Believe me if I said that I tried EVERYTHING. Last week, I even re-installed Windows 11 on top of it (keep apps and files), but it didn't help. I also chatted online with Microsoft support.

I suspect it's a bug in one of the updates. The bug only affects the DNS capabilities when connected via WiFi (any WiFi, even a different external USB WiFi network adapter). When hardwired via Ethernet, everything works perfectly.

I suspect the in-place Windows (re)installation didn't help because, sadly, one can only download the Windows 11 23H2 ISO now, which obviously must include the set of updates of 22H2 that broke the internet here. So, when I re-instlled Windows, I ended up installing 23H2.

Oddly (hint here), the WiFi network exhibits intermittent hiccups (from showing the globe to the signal bars, but only 'apparently', as internet remains not available all the time when on WiFi).

The hardware works great: if booted from a Linux drive, it works perfectly and immediately. Also, as I said, I tried a different USB WiFi adapter.

I promise, whatever attempt, test, or possible solution you might be already thinking or might be going to think and/or to recommend, has already been tried and failed.

For your convenience, I will paste below here a sort of recap of (most of) the things that I did.

Whoever finds the solution and/or identifies the specific root-cause (affecting DLL, file, set of files, settings in a given INI file, registry key[s], whatever...), will have my most profound IT admiration forever. I will tell this story countless times whenever I'll have a chance, for the rest of my life, mentioning the Stack Exchange user who finally did it.

Thanks!

Recap of (most of) the attempted tests, assessments, and fixes:

• After a recent Windows update, which was run a few days ago, all of the sudden, the computer was cut off and unable to connect to the internet: "No internet".

• I tried 3 different ISPs, and the problem persisted

• I tried pinging external websites via IP addresses (for example, ping 8.8.8.8 for Google) under Command Prompt, and it pings perfectly, therefore, the computer, to some limited extent, does connect to the internet

• I tried pinging external websites under Command Prompt, but using the websites' names instead of IP addresses, the ping fails

• I tried 3 different browsers, the problem persists

• I tried to add a portable Firefox browser, the problem persists

• The browsers give the following error message (sometimes) when trying to load any website: ERR_NAME_NOT_RESOLVED, which makes us think that everything points towards a DNS problem

• I tried Mobile hotspot with 3 different phones that we normally use to connect to the internet with several laptop computers (with which and they all work fine): the affected laptop fails on all the three of them.

• I tried to hardwire the affected computer via Ethernet cable and it works perfectly fine

• The problem occurs ONLY if connected to the internet via WiFi. On the other hand, if hardwired with an Ethernet cable, it works perfectly.

• I tried to upgrade the WiFi card drivers, trying different ones (directly from Intel, From Asus product support website, etc.), but the problem persists

• I deleted and reinstalled the WiFi card, the problem persists

• I disabled power saving in the WiFi card settings and we also disabled power saving for the PCI Express bus (which is where the affected laptop’s internal WiFi card is connected)

• Important: I tried a completely different WiFi adapter added on USB (the usb ports work perfectly with any other peripheral or USB memory drive), but the same problem persists.

• Yes, I tried several WiFi networks, the same problem persists

• The computer has always been protected by a professional corporate Syamantec Antivirus, but I also tried disabling it and disabling the Windows firewalls for a few moments, the problem persists

• I booted the affected computer via an updated antivirus' bootable USB rescue stick and run a full scan of the drive from there (before booting into Windows), to make a more thorough scan, no malware was found

• I tried the network reset several times, but it did not help.

• I tried reinstalling the drivers of the WiFi network card both with drivers taken from the computer manufacturer's website (Asus), under the specific computer product support page, and also taking the driver from Intel's website (Intel is the manufacturer of the internal WiFi network card). Both did not solve the issue.

• I must point out that I excluded the WiFi network card as cause of the problem. We can conclude that fairly certainly because I did this:

  1. I tried a completely different WiFi network card via USB port, and the same problem persists
  2. Also, when the problem occurs, if I PING external websites via IP address, the ping works. For example, I tried pinging 8.8.8.8 and it works fine under Command Prompt.
  3. Therefore, the connection works, the WiFi network card works and does connect to the internet.

• The problem occurs only when trying to resolve websites' names, for example trying to visit websites using web browsers or, in Command Prompt, if I try to ping external websites using the names instead of the IP addresses For example, in Command Prompt: PING 8.8.8.8 works fine PING google.com does not work therefore, there is connection, but it fails to resolve names. Everything points to a DNS problem.

Indeed, most of the times that web browsers fail to load any website (Edge, Chrome, Firefox, Portable Firefox), they give the following error: err_name_not_resolved

• which points towards a DNS problem
• But I've tried also all the DNS-troubleshooting procedures and they failed to fix the problem.
• I tried leaving the DNS settings to automatic
• I tried setting 3rd party DNSs (for example 8.8.8.8, 8.8.4.4, 1.1.1.1), and it did not help
• I also tried uninstalling all the November updates that could be uninstalled, and it did not help. Perhaps, it was one of the updates that cannot be uninstalled, if any.
• I installed 23H2 on top of it (in-place Windows reinstallation), and it did not help again.
• That's why I decided to contact Microsoft Support, because we run out of bullets

Microsoft asked: Do you mean issue already started before installing 23H2 updates an hour ago?

• Correct

• Microsoft asked: Alright. Can we perform a system restore?

• there were no available restore points unfortunately.
• And today, earlier, I tried a Windows 11 repair-reinstall too, an in-place install. I reinstalled Windows 11 on top of the current one, keeping apps and files, but it did not help. That's when it updated to 23H2, when I downloaded the Windows 11 ISO from Microsoft and performed the reinstall on it.
• I have also Checked the Hosts File to map hostnames to IP addresses located at C:\Windows\System32\drivers\etc\hosts. And checked if there are any entries under the line 127.0.0.1 localhost. There are none.
• I have also tried booting in Safe Mode with Networking. Unfortunately, in safe mode, it only sees one virtual network adapter but it is unable to ‘see’ any WiFi network.
• I performed a Registry Edit: Some users have reported that editing a specific registry key resolved their issue. The key is HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\NlaSvc\\Parameters\\Internet and the value to change is EnableActiveProbing. I made sure its value is 1 instead of 0. That didn’t help either.
• I would have liked trying to do an in-place upgrade of Windows 11 using an OLDER version of Windows 11, one that PRECEEDED the problem that occurred a few days ago. But I couldn't find any. On Microsoft, I could only download the 23H2 ISO
• I have already removed software most recently installed
• I have already tried temporarily disabling both the antivirus and Windows Firewall
• I have already installed the most recent updates. Indeed, even after upgrading to 23H2, it found more updates and installed them and rebooted.
• I already checked for hardware issues. As I mentioned above, the same hardware works perfectly fine on WiFi on the internet if I boot the PC with a Linux bootable USB drive. Also, if under Windows we connect an external completely different USB WiFi network adapter, completely bypassing the computer’s own internal WiFi network card, the same problem occurs. Hence, it’s not a hardware problem.
• I have already checked the WiFi network adapter settings and that the the Internet Protocol Version 4 (TCP/IPv4) option is enabled

So, Microsoft support also suggested a clean Windows install, but I explained that it would cause hardships and be time consuming. I also told them that I think we should take advantage of this issue to study it. It's a very interesting case, very anomalous. It would be a pity to erase it by clean-reinstalling Windows, instead of dissecting it and studying it. It might lead to important insights into Windows' inner workings.

I told them that if we analyze the behavior of the problem, we should be able to identify what Windows subsystem is causing it and to act accordingly.

For example, Important Hints: The fact that the problem persists also if we use an external USB WiFi network card, excludes that it's a problem of the WiFi card of the computer or its drivers. The fact that the problem is solved if we hardwire the computer to an Ethernet cable, excludes that the whole Network subsystem is affected. The fact that if we ping external websites via IP address in Command Prompt, excludes that it's a complete failure of the internet connection. The fact that web browsers give the ERR_NAME_NOT_RESOLVED error message, points towards a DNS problem. As well as the fact that we can ping external websites successfully in Command Prompt using their IP addresses, but the ping fails if we ping the same websites using their NAMES. So, it seems to be a problem that affects Windows' DNS subsystem but only if on WiFi (regardless of what WiFi Network card we use), whereas it does not affect that 'piece' of Windows if connected via Ethernet Cable. With this piece of information, a development Team at Microsoft should be able to point the proper subsystem that is causing this behaviour and try to fix it, maybe manually by replacing DLLs, registry keys, or other components if necessary.

• The big boss at a Toronto IT support company I worked at when I was living in Canada, recommended the following:

What if you put an entry in the hosts file? Does pinging by name work then? That would imply it’s DNS that is broken but not all name resolution

So, I tried that. Pinging by name works if I put such entries.

• oddly enough, even a simple nslookup www.cnn.com works!!!! But if I try to ping www.cnn.com by name, it fails

One of his colleagues and ex co-worker of mine: What if you specify what interface/gateway ping should use?

And the previous: Can you use nslookup for any hostname and it works reliably? Like try ten different major websites and see if they all work

oh thanks guys... Let me see... ok so, 11 websites' nslookups work (some of them only give me 1 address, but still something) Specifying the gateway with ping, still fails it's so intriguing. I can understand that a Windows update breaks something in the networking subsystem, so DNS won't work anymore. But that it is selectively broken only if using a WiFi adapter (internal or on USB), but still works on Ethernet, really makes me curious!

IMPORTANT: This must mean that Windows has two distinct DNS sub-systems, one for the WiFi network (network, not 'adapter', because even using a different adapter on USB the problem persist), and one for the Ethernet network adapter.

• Checked DNS Client service: it’s running
• Tried Use Fully Qualified Domain Names (FQDN): using the full domain name when pinging. For example, instead of ping www.cnn.com, try ping www.cnn.com. It still fails.
• In addition to Google’s DNS and Cloudflare’s DNS, I tried setting static OpenDNS (208.67.222.222 and 208.67.220.220), still failed.
• I tried also setting a static IP for the affected computer, no change.
• I made sure Proxy is off.
• I made sure that the DNS Client service and all its prerequired services are up and running
• I also tried the usual CMD commands (flus, renew, etc.) resetting the TCP/IP stack via “netsh int ip reset” and it didn’t help. Those were actually some of the first steps I tried.
• By running the command “route PRINT -4” there was a permanent route that belonged to when we connect the computer to the corporate network via ethernet cable, showing the corporate gateway’s IP, a 0.0.0.0 mask and a 0.0.0.0 network address. I deleted that route and rebooted the PC.

Important: Another piece of potentially useful information is the following. The WiFi network appears to be intermittently hiccupping. Here’s what I mean. Through all these days and attempts, it kept showing this behavior: Sometimes, the Tray bar shows the little globe that appears when there is “no internet”. If I click on it, it is connected to the WiFi network but it says “no internet”. If I run Windows 11 network troubleshooter during those moments, it says there is no internet and it shows the little picture with the computer connected to the local wifi network and then the interrupted line towards the internet. But in other moments, the little globe in the Tray bar becomes the actual WiFi bars icon. If I click on it during those moments, it shows it’s connected to the WiFi network and it says that Internet is available. If I run the troubleshooter during those moments, it exhibits 2 possible different behaviors: 1) Sometimes, it says that I am connected to the internet but that the connection has a ‘poor quality’ (I’m translating from the Italian, so I do not know the exact corresponding statement in Windows PCs that are set in English). 2) In other moments, the troubleshooter even says that I am connected to the internet and that everything is fine. But, regardless of all these different moments and behaviors, it never works. If I try to visit any website with any browser, the problem persists. If I even try to merely ping a website within CMD using the website name, it still fails.

Answer 1

So, I do have an answer to my own question. It is an answer, as it answers to:

• Why was the "no internet" error affecting the computer (confirming the DNS problem hypothesis)
• Why weren't both standard DNS troubleshooting and unconventional DNS troubleshooting procedures working
• Why was the computer unable to surf the internet on WiFi networks, but was able if hardwired to an Ethernet connection
• Exactly what 'problem', within Windows' DNS sybsystem, was causing the issue

It also:

• Provides a solution to the main problem ("no internet" error), and to a sub-problem (DNS settings failure)
• Uncovers a defect in Windows, probably caused by a recent update, which leaves the question open (why does Windows ignore network settings and requires manual interventions in the Registry)
• Shows a root-cause analysis and a problem-solving processes that could be useful for the worldwide IT community.

And here is the answer:

Finally! The problem is solved, at least partially, but to a large extent. And the root-cause is also understood. So:

Enabled DNS logging in Windows Event Viewer thanks to user @Cpt.Whale and installed WireShark.

[Oddly, right after doing this, for some time, I was able to ping websites by name in CMD even on WiFi connection. But browsers were still unable to navigate any website.]

Enabling the DNS log made me notice that every DNS call kept being sent via 192.168.1.1 and 192.168.1.3, which are the DNS servers of the corporate network (used occasionally by the owner of the laptop at our workplace by hardwiring it via Ethernet cable). At that point, I noticed that, no matter what changes of WiFi network settings anybody made (via control panel, via Windows 11 settings, etc., setting it manually to 3rd party DNS servers, setting it back to Automatic DHCP, whatever…) it simply IGNORES any change and keeps using those corporate DNS servers. So, I searched those servers in the entire Registry and I found 4 entries that were showing 192.168.1.1,192.168.1.3. The entries are the following:

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dnscache\Parameters\DnsPolicyConfig\OpenVPNDNSRouting-0] "Name"=hex(7):2e,00,00,00,00,00 "GenericDNSServers"="192.168.1.1;192.168.1.3" "ConfigOptions"=dword:00000008 "Version"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces{0e3f3f22-79e4-49a5-8a3b-6083a37f0d6b}] "EnableDHCP"=dword:00000000 "Domain"="" "NameServer"="192.168.1.1,192.168.1.3" "RegistrationEnabled"=dword:00000001 "RegisterAdapterName"=dword:00000000 "DhcpServer"="255.255.255.255" "Lease"=dword:00015180 "LeaseObtainedTime"=dword:656cabc3 "T1"=dword:656d5483 "T2"=dword:656dd313 "LeaseTerminatesTime"=dword:656dfd43 "AddressType"=dword:00000000 "IsServerNapAware"=dword:00000000 "DhcpConnForceBroadcastFlag"=dword:00000000 "DhcpGatewayHardware"=hex:c0,a8,01,fe,06,00,00,00,90,fd,73,a3,d5,a3 "DhcpGatewayHardwareCount"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsPolicyConfig\OpenVPNDNSRouting-0] "Name"=hex(7):2e,00,00,00,00,00 "GenericDNSServers"="192.168.1.1;192.168.1.3" "ConfigOptions"=dword:00000008 "Version"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces{0e3f3f22-79e4-49a5-8a3b-6083a37f0d6b}] "EnableDHCP"=dword:00000000 "Domain"="" "NameServer"="192.168.1.1,192.168.1.3" "RegistrationEnabled"=dword:00000001 "RegisterAdapterName"=dword:00000000 "DhcpServer"="255.255.255.255" "Lease"=dword:00015180 "LeaseObtainedTime"=dword:656cabc3 "T1"=dword:656d5483 "T2"=dword:656dd313 "LeaseTerminatesTime"=dword:656dfd43 "AddressType"=dword:00000000 "IsServerNapAware"=dword:00000000 "DhcpConnForceBroadcastFlag"=dword:00000000 "DhcpGatewayHardware"=hex:c0,a8,01,fe,06,00,00,00,90,fd,73,a3,d5,a3 "DhcpGatewayHardwareCount"=dword:00000001

I was surprised about the persistence of “OpenVPN” stuff, since I had already uninstalled OpenVPN during the previous troubleshooting. So, first, I cleaned the registry with CCleaner and restarted the PC. The problem was still there though. But CCleaner eliminated 2 of the 4 registry entries above that had the corporate DNS servers. Then, I manually modified the remaining two other entries, swapping from 192.168.1.1,192.168.1.3 to 8.8.8.8,8.8.4.4 and rebooted. Voilà. It worked.

For the first time in weeks now, this PC saw the light of surfing the web on a WiFi network. Finally, I re-set the WiFi adapter settings as DHCP and removed one of the two remaining 8.8.8.8,8.8.4.4 entries in the registry, the tcpip\parameters\interface one, leaving it blank. I kept those addresses in the remaining OpenVPN entry instead, just in case. Rebooted and it’s still working.

PARTIAL CONCLUSION (2023-Dec-05):

1. The cause of the problem seems to be the fact that Windows completely ignores whatever changes to the network and DNS settings one does. Whether you change it via control panel and then network adapter IPv4 properties, or you change it via the new System Settings menus of Windows 11, it ignores it. It stubbornly retains some old DNS settings that were set up in the past in our corporate environment. Even after several CMD reset commands, Windows Troubleshooter and network reset procedures, and even after reinstalling Windows (in-place re-install) on top of the current one.

2. The problem does NOT affect only the WiFi networks, as it seemed before. It affects both WiFi and Ethernet networks. Indeed, the user tried hard-wiring the laptop at home via ethernet cable and was still unable to navigate the web (Good question indeed, @Cpt.Whale user!). It APPEARED to be working on ethernet, because whenever I was testing the ethernet cabled network, I was doing it at our workplace, hence, the stubborn corporate DNS servers that seem to be written on stone in the soul of this PC were simply working well.

3. A mystery that now remains: Why would windows start IGNORING network settings (regardless of what one does, even performing full network resets) after some updates, to the point that one has to meddle manually in the registry? We do not have an answer to this question. Yet.