I have a router-router TP-Link AC1200 EC220-G5
The cable from the router goes to the ASUS laptop.
The cable from the router goes to the PS 3 game console.
DNS 1.1.1.2 and 1.0.0.2 are registered in the router, DNS 1.1.1.2 and 1.0.0.2 are registered in the laptop, DNS 1.1.1.2 and 1.0.0.2 are registered In the PS3 game console, DNS 1.1.1.2 and 1.0.0.2
are registered When the Network Protection function is launched in the Avast Premium Security program.
And the result is given : see the screen !
The result is amazing ! In the router, the protection is normal, in the game console, the protection is normal.
And there is DNS Substitution in the laptop !!! If the analysis shows normal protection in the router and in the console,
then why is DNS Substitution in the laptop? After all, DNS is the same everywhere.
I have now updated the Avast Premium Security version to 23.4.6062 from 04/26/2023
The result remains the same ! Who can explain this phenomenon to me ? Have a nice day !
Witam Ivanych,
Update the TP-link through a latest DD-WRT version to make it completely up to date.
Your TP-link will perfecttly gobble that DD-WRT version.
pozdrawiam,
polonus
Thank you for your advice ! But, the fact is that updating the firmware is a delicate and dangerous thing.If there is a glitch in the installation, then the router becomes just an object.And then you will have to buy a new router.I will probe the Internet on your advice and think about it.Thanks again for your advice.
Witam Ivanych,
Start a trial here and then report back - https://www.thousandeyes.com/outages/
We don’t want you to go over one night’s ice, as a Dutch proverb says.
So be fully informed before taking any action. ;D :
Checking for -ertelecom.ru I only get blacklisting outages for ORVEB and RSBL.
The remainder of checked instances all come up all green,
but with somewhat slow responders like DAN TOR- DAN-TORexit, KIVA, JIPPG, LNSGOR
(all these with a 200 + response time for ERTH-ULSK-PPPOE-5-NET).
Evaluate this is blacklisted for your DNS setting -
Blacklist Reason TTL ResponseTime
Status Problem LISTED RATS Dyna 1.1.1.2 was listed 2100 0 Ignore
Read: https://www.spamrats.com/rats-dyna.php (actually it should be performing like “masło klarowane” 
So clear that up first and also contact your provider at Ulýanovsk to clear that spam flag.
pozdrawiam i wszystkiego dobrego,
polonus
Additional information:
List Status RATS-Dyna - On the list. Worst Offender Alert.RATS-NoPtr - Not on the list.
RATS-Spam - Not on the list.
RATS-Auth - Not on the list.
Alert: Your IP is part of a network listed as a Worst Offender
This is a Worst Offender Alert and this means that not only this IP address, but the whole class ‘C’ is also on the indicated SpamRATS List. Usually this means the whole range has the same issue of naming conventions or no reverse DNS AND that many IP’s from this Class C have been used in Spam Attacks, Dictionary attacks or other forms of attacks, as detected by Mail Servers in the Data Collection Grid. You will NOT be able to use the removal form to remove your IP Addresses. If you have recently been assigned the IP Addresses, or have changed what these IP Addresses are used for, you can use the contact form and ask for a reclassification, but you will have to provide full disclosure, including whois for the ip addresses, your affiliation with the company that owns them, and a description of what the IP’s were previously used for, and what they will be used for, in order for a Spam Auditor to consider reclassification. Remember, the majority of the IP’s in this space WERE detected as being involved in some form of attack or abusive behaviour, so you had better have a good reason to ask for removal, and you need to own or control the IP addresses, as evidenced by ARIN whois.
quote from https://spamrats.com/lookup.php?ip=+1.1.1.2
polonus
Two tools that could be helpful here are DNSDataView for analysis and DNSJumper version 2.
On linux one could install these by making use of wine.
Interesting thread, I hope at least that your problem)s’ will be solved.
polonus
Thank you for your information.But, I am a simple user and at the same time a pensioner at the age of 76.Although I have had a laptop since June 2010, but I am constantly learning all the tricks of the Internet.Therefore, with your permission, I will send all your three comments to my provider in my Personal Account Dom.ru .And I will wait for him to explain and explain your comments here on your forum.I will put the received response from the provider here in the topic.Have a nice day !
Yesterday, in the properties of the IPv4 adapter, I deleted the installed Google DNS 8.8.8.8 and 8.8.4.4 and enabled automatic DNS retrieval.In the router settings, I left Google DNS, and then did a network Analysis.And I got an amazing result !See the screenshot.But, since I have your Avast Premium Security installed on my laptop, I returned it back to the properties of the Google DNS adapter and hope for network protection in your program.The conclusion is that when installing DNS in manual mode, Avast detects DNS SUBSTITUTION in the laptop.And when installed on AUTOMATIC DNS INSTALLATION, Avast detects DNS SUBSTITUTION IN THE ROUTER.The phenomenon is interesting and not clear.
Witam Ivanych, Пожалуйста, you are welcome.
Interesting and may also help a lot of other users in a similar situation.
Did you make use of DNS Jumper version 2 so as to see
whatever settings may be most beneficial for you?
Do not excuse for your age, please.
Folks of our days were properly educated and trained profoundly.
наше поколение = nasze pokolenie = our generation.
Як виконується налаштування? Встановіть Agile Suite та підключіть обладнанняСтворіть файлу конфігурації в Agile SuiteОновліть підключені до комутатора пристрої Look for Agile Confic online ;)
pozdrawiam,
polonus
P.S. Read on alternative DNS settings here:
https://www-consumentenbond-nl.translate.goog/internet/alternatieve-dns-instellen?_x_tr_sl=auto&_x_tr_tl=ru&_x_tr_hl=pl&_x_tr_pto=wapp
Dutch site translated to Russian through Google Translate 8)
What it boils down to is that in particular countries for instance also Turkey you have to change to an alternative DNS. Read also: https://www.howtogeek.com/342330/how-to-choose-the-best-and-fastest-alternative-dns-server/
pol
Написал своему провайдеру и приложил ваши комментарии и скрины этого непонятного явления.
Теперь буду каждый день заглядывать в свой Личный кабинет.А сейчас я решил все DNS вернуть на свои места на момент покупки роутера-маршрутизатора от провайдера Dom.ru Установил в роутере и в свойствах адаптера в системе Windows 10 Домашняя DNS провайдера.Они : 109.195.192.1 и 5.3.3.3
Такие DNS стояли в настройках роутера.Сделал после перезагрузки роутера и ноутбука “Анализ сети”.Результат остался прежним.Оставлю пока все настройки в покое.Ничего не буду трогать.Avast Premium Security настроен на защиту сети,так что я в какой-то степени спокоен.Всего хорошего.
I wrote to my provider and attached your comments and screenshots of this incomprehensible phenomenon.
Now I will look into my Personal Account every day.And now I decided to return all DNS to its place at the time of purchase of the router-router from the provider Dom.ru Installed in the router and in the adapter properties in the Windows 10 Home DNS provider system.They are : 109.195.192.1 and 5.3.3.3
Such DNS was in the router settings.I did “Network Analysis” after restarting the router and laptop.The result remained the same.I’ll leave all the settings alone for now.I won’t touch anything.Avast Premium Security is configured to protect the network, so I’m somewhat calm.Good luck.
Скачал программу и сделал подряд три теста.Результат на скрине.
I downloaded the program and did three tests in a row.The result is on the screen.
Witam Ivanych,
You did a sensible thing.
You could check on your dns performance with this small very fine tool for Windows 10
by Nir Sofer: https://www.nirsoft.net/utils/dns_query_sniffer.html
Very responsible of you and towards all other users of that particular router to report this.
Glad to have been of some help to you.
Оставайтесь в безопасности как онлайн, так и оффлайн.
On your setting 5.3.3.3 read: https://losst.pro/luchshie-dns-servery Лучшие DNS-серверы
Newer version available: https://www.nuget.org/packages/SAEA.DNS/5.3.3.3 Net.Standard 2.0
pozdrawiam,
polonus
Прошла неделя,как я подал заявку в котором описал всю проблему(ваши комментарии были переведены на русский).В ответ тишина полная ! Ни звонка на мой сотовый,ни ответ на мою заявку.Вот как у нас в России работают провайдеры.Только цены на тарифы умеют повышать и предлагать тарифы с высокой оплатой.Плюнул я на это явление,махнул рукой и решил для себя,что главное работает интернет со скоростью указанной в тарифе,а о большем и нечего мечтать в нашей стране.Извините меня за отвлекание вас от других проблем.Главное что ваш Аваст защищает мой ноутбук от вирусов.Всего вам хорошего и спасибо вам что вы отвечали мне тут.
A week has passed since I submitted an application in which I described the whole problem (your comments have been translated into Russian).In response , the silence is complete ! No call to my cell phone, no response to my request.This is how providers work in Russia.Only the prices of tariffs are able to raise and offer tariffs with a high payment.I spat on this phenomenon, waved my hand and decided for myself that the main thing is that the Internet works at the speed indicated in the tariff, and there is nothing more to dream about in our country.Excuse me for distracting you from other problems.The main thing is that your Avast protects my laptop from viruses.All the best to you and thank you for answering me here.
Witam Ivanych,
This is the way of the world to-day. We have to take care of it ourselves mainly.
Appreciate it, you reported back and sorted things out for yourself as best you could.
Glad I could be of some help.
Wzystkiego dobrego,
pozdrawiam,
polonus
Заглянул в Dom.ru а там полная тишина и ни ответа и ни привета.
Лучше нам беречь свои нервы и своё здоровье.А Аваст пусть наши устройства оберегает от вирусов.
Судя по вашему комментарию Вы из Польши ? А мы из России,из Ульяновска.Спасибо вам за то,что чем Вы смогли - тем и помогли.
Zajrzał do Dom.ru i jest całkowita cisza i bez odpowiedzi i bez pozdrowienia.
Lepiej dbajmy o nasze nerwy i zdrowie.A Avast niech nasze urządzenia chronią przed wirusami.
Sądząc po twoim komentarzu jesteś z Polski ? A my z Rosji, z Uljanowsk.Dziękuję ci za to, że pomogłeś w tym, co mogłeś.
Witam Ivanych,
Nie ma za co. Pomoganie sobie mawzajem to sprawa honoru.
pozdrawiam,
polonus
Сегодня после проверки сети программой Avast Premium Security результат удивил меня !
Вчера было обновление операционной системы Windows 10 Домашняя.
На данной момент версия системы стала 22Н2 19045.3086
Версия Avast Premium Security стоит 23.5.8195.786 от 1.06.2023
DNS в операционной системе стоит от провайдера Dom.ru
109.195.192.1
109.195.193.1
А в браузере Microsoft Edge в настройках раздела
“Использовать безопасные DNS, чтобы указать способ просмотра сетевого адреса для веб-сайтов”
стоит «https://secure.avastdns.com/dns-query»
И головная боль исчезла !
Что повлияло на такой результат неизвестно !
Today, after checking the network with the Avast Premium Security program , the result surprised me !
Yesterday there was an update of the Windows 10 Home operating system.
At the moment, the system version has become 22H2 19045.3086
The Avast Premium Security version costs 23.5.8195.786 from 1.06.2023
DNS in the operating system is from the provider Dom.ru
109.195.192.1
109.195.193.1
And in the Microsoft Edge browser, in the settings of the section
“Use secure DNS to specify how to view the network address for websites”
it is worth "https://secure.avastdns.com/dns-query "
And the headache disappeared !
What influenced this result is unknown !
Search for: 2023-06-16-08-08-23-55CA18B701BD90A5
polonus
Спасибо за информацию.
Прочитал,полистал в системе(реестр и планировщик событий).
Перед обновлением системы на новую версию я делал изменения в реестре с помощью командной строки
CMD и в ручном режиме,а так же кое-что отключал в Планировщике заданий.Может так называемые Твики кое-что изменили в системе мой ? Я могу только предполагать об этом.Но,главная цель была достигнута ! А это уже многое значит ! До встречи на форуме !
Thanks for the information.
I read it, looked through the system (registry and event scheduler).
Before updating the system to a new version, I made changes in the registry using
the CMD command line and in manual mode, and also disabled something in the Task Scheduler.Maybe the so-called Tweaks have changed something in my system? I can only guess about it.But, the main goal was achieved! And that already means a lot ! See you at the forum !
А сегодня 19 июня 2023 года программа Avast Premium Security опять проверяла бесконечно режим “Анализ сети”.На 12% крутится и крутится проверка.А потом выдаёт сообщение о том,что в ноутбуке опять произошла Подмена DNS.Хотя настройки DNS в свойствах Адаптера IPv4 и в настройках роутера-маршрутизатора остаются постоянными.Выход напрашивается такой ! Что сама программа Avast Premium Security выдаёт неправильные показания при работе в режиме “Анализ сети”.Поэтому я прекращаю обращать своё внимание на данные результаты работы режима “Анализ сети”.Всем всего хорошего !
And today, on June 19, 2023, the Avast Premium Security program again checked the “Network Analysis” mode endlessly.The check is spinning and spinning by 12%.And then it gives a message that DNS substitution has occurred in the laptop again.Although the DNS settings in the IPv4 Adapter properties and in the router-router settings remain constant.This is the way out ! That the Avast Premium Security program itself gives incorrect readings when working in the “Network Analysis” mode.Therefore, I stop paying attention to these results of the “Network Analysis” mode.All the best to everyone !
Witam Ivanych,
If ignorance is bliss with this issue, so be it.
Good you reported back on this, as it may help others in a likewise position.
Оставайтесь в безопасности,
polonus