# High Ping Help!!!!



## Warner (Jan 6, 2010)

Hey I need help with my Internet Ping, it is really high! I can't really fix it either because i'm not too good with computers. I called in my Internet provider "Shaw" and they don't really know the problem, they say it doesn't have to do with the Internet. So it has to do something with my Computer I think.

Ok below is something that shows files on my computer I think. Ryan H said it helps you guys know what can be causing it.

---------------------------


> Logfile of Trend Micro HijackThis v2.0.3 (BETA)
> Scan saved at 10:18:00 PM, on 1/5/2010
> Platform: Windows XP SP3 (WinNT 5.01.2600)
> MSIE: Internet Explorer v7.00 (7.00.6000.16945)
> ...



---------------------------



I tried doing:
-Calling Internet provider and sending a mechanic.
-Taking off my Virus protector (McAaffe) and just getting AVG.
-Virus scanned a lot.
-Cleaned computer.


I have windows XP with mozilla browser.
I don't have a router or wireless, It's wired to a modem.






I did it again just to be sure.


----------



## Mussels (Jan 6, 2010)

O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: (no name) - {1A590853-045C-4D87-B58B-370915BD5E0F} - C:\WINDOWS\system32\basesr.dll
O2 - BHO: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: PriceGong - {D2A2595C-4FE4-4315-AA9B-19DBD6271B71} - C:\Program Files\PriceGong\1.2.0\PriceGongIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: TBSB09835 - {D97FC677-694D-4A75-AC89-A5B85C2BCFED} - (no file)
O2 - BHO: mobilewitch Toolbar - {fcbf663e-8530-46f8-a880-ac5abe9d2b23} - C:\Program Files\mobilewitch\tbmobi.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O3 - Toolbar: (no name) - {6226BA26-C017-4007-928C-DE9715C6FA67} - (no file)
O3 - Toolbar: (no name) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
O3 - Toolbar: mobilewitch Toolbar - {fcbf663e-8530-46f8-a880-ac5abe9d2b23} - C:\Program Files\mobilewitch\tbmobi.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - 
O4 - HKLM\..\Policies\Explorer\Run: [RTHDBPL] C:\Documents and Settings\Administrator.HOME-62AFA499BD\Application Data\SystemProc\lsass.exe
O4 - HKLM\..\Policies\Explorer\Run: [Local Service] C:\Documents and Settings\Brian.HOME-62AFA499BD\Application Data\Microsoft\smss.exe
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - AppInit_DLLs: wbsys.dll,C:\WINDOWS\System32\ctl3dv232.dll,C:\WIN DOWS\System32\deskadp32.dll
O20 - Winlogon Notify: a8da6511649 - C:\WINDOWS\System32\ctl3dv232.dll (file missing)
O20 - Winlogon Notify: a8da6511720 - C:\WINDOWS\System32\deskadp32.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O20 - Winlogon Notify: __c00157F4 - C:\WINDOWS\system32\__c00157F4.dat (file missing)
O20 - Winlogon Notify: __c00185 - C:\WINDOWS\system32\__c00185.dat (file missing)
O20 - Winlogon Notify: __c007C4D9 - Invalid registry found
O20 - Winlogon Notify: __c00B41E4 - C:\WINDOWS\system32\__c00B41E4.dat (file missing)
O20 - Winlogon Notify: __c00DBBA4 - Invalid registry found
O20 - Winlogon Notify: __c00EA0AA - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: MBackMonitor - Unknown owner - C:\Program Files\McAfee\MBK\MBackMonitor.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe


those are worrying

O17 - HKLM\System\CS1\Services\Tcpip\..\{41BAA33F-D48B-4EE4-89EE-86642916FC20}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{41BAA33F-D48B-4EE4-89EE-86642916FC20}: NameServer = 208.67.222.222,208.67.220.220

These here look like some kind of DNS hijack, and may explain the pings.

your PC is very poorly maintained, and full of adware and toolbars. Looks like you got hit by some nasty viruses, and whatever removed them did a piss poor job at it.


----------



## Marineborn (Jan 6, 2010)

brah, if you dont know much, i would advise if you can get a installation of kaspery free trial 30 days, itll do one full update, run a full custom scan with it, might take a couple hours, but most likely itll remove everything.
make sure you tell the full scan to do everything on high, then scan

http://esd.element5.com/product.html?productid=300324330&nolselection=1


----------



## erocker (Jan 6, 2010)

You need to run malwarebytes or spybot. I can see several uneeded toolbars running too.


----------



## Polaris573 (Jan 6, 2010)

You can try pinging your router to see if ping is excessively high between your computer and it.  If it is you may have a faulty Ethernet cable or interference on your wireless network.

Type the following in the command prompt.

```
ping 192.168.1.1
```

You can also substitute IP addresses for various website URLs to see if you get varying pings from different websites.


```
ping www.google.com
```

The "tracert" command is also very useful for discovering where the latency is occurring between you and a designated location.

for example:


```
tracert www.speedtest.net
```

this will give you a list of the amount of time it takes for your data to travel between each device it encounters on its way to www.speedtest.net.  This is called a "hop".

If you have a long hop between your modem and the servers at your ISP (look for a hop with your ISP's name somewhere in its name) followed by short hops when the data leaves your ISP's infastructure then you know the trouble is with your ISP and not with your equipment.  If you have consistently high ping throughout all hops you could have a malware problem

Knowing where the excess lag is occurring is the first step to figuring out how to fix it.


----------



## Fourstaff (Jan 6, 2010)

Looks like you need to reformat your pc


----------



## newtekie1 (Jan 6, 2010)

Definitely try pinging the modem as steevo suggested(no router here, he is going straight to the modem).

If pinging 192.168.1.1 doesn't work, your cable modem might be using a different IP(some use 192.168.0.1, others 192.168.1.254, others 192.168.0.254, etc...).

Anyway, first open a cmd prompt.

Then type:

```
ipconfig
```

It should give you an output that looks something like this:

```
Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : 
   IPv4 Address. . . . . . . . . . . : 192.168.1.12
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   [B]Default Gateway . . . . . . . . . : [U]XXX.XXX.XXX.XXX[/U][/B]
```

Look for your default gateway, that is the number you want to ping.

The type:


```
ping XXX.XXX.XXX.XXX
```
Obviously replacing the X's with the real numbers you get.  If the ping to the modem isn't high, then the problem is external, and not the computer.  

I've noticed recently that a lot of the viruses like to set the computer to use a proxy, sending all your internet traffic though one of the viruses servers, so that could be causing the extremely high pings also.  To check for this go into your Internet Options via control panel or IE.  Then go to the Connection tab, and click on the LAN Settings button.  Make sure the Use a proxy server for your LAN box isn't checked.

And as others have said, run MalwareBytes and Spybot to give the computer a good cleaning, there are some odd things in that log.


----------



## Munki (Jan 6, 2010)

Fourstaff said:


> Looks like you need to reformat your pc



I wouldn't think to reformat right yet. I mean do some spyware, malware & virus cleaning first. Then if that doesn't do it, look into some networking issues, as a last resort take in consideration reformatting your PC.


----------



## Easy Rhino (Jan 6, 2010)

how do you know you have a high ping? were you playing a game online?


----------



## Munki (Jan 6, 2010)

Easy Rhino said:


> how do you know you have a high ping? were you playing a game online?



He has speedtests at the bottom of the OP. They tell you the ping.


----------



## Easy Rhino (Jan 6, 2010)

Munki said:


> He has speedtests at the bottom of the OP. They tell you the ping.



oh lol i was so distracted by all those programs running! 

to the OP, have you tried speedtest to different servers? also, do you have another pc in the house you can test out to see if it is net related or computer related?


----------



## Phxprovost (Jan 6, 2010)

i bet it has something to do with this


> O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe



$10 says its re routing all outgoing traffic to a server somewhere.....
Disable it and see it it helps

..and just out of curiosity, do you use all of those toolbars? 

and get rid of this



> O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll



MY solution: Reformat as fast as you can


----------



## Fourstaff (Jan 6, 2010)

Munki said:


> I wouldn't think to reformat right yet. I mean do some spyware, malware & virus cleaning first. Then if that doesn't do it, look into some networking issues, as a last resort take in consideration reformatting your PC.



I find the best way of cleaning all the spyware and whatnots is reformatting. its like dropping a nuke to end all battles. Of course there is a lot of disadvantages, but no one can deny its beauty. Plus it cleans out a lot of other gunk.


----------



## Phxprovost (Jan 6, 2010)

Fourstaff said:


> I find the best way of cleaning all the spyware and whatnots is reformatting. its like dropping a nuke to end all battles. Of course there is a lot of disadvantages, but no one can deny its beauty. Plus it cleans out a lot of other gunk.



 This, Warner your pc is no longer your bro, its time to reformat


----------



## newtekie1 (Jan 6, 2010)

Did anyone notice the completely shit upload speeds he's getting?  That is likely part of the problem also.  0.05Mb/s is horrible, it should be at least over 0.25Mb/s I would think for a cable connection.

Anyway, it does look like there is a lot of garbage on the machine, but we don't know how much of it is actually running or not.  A lot of that could be left over entries for things that have already been removed.

A reformat definitely cleans out the machine, but as stated has some pretty huge disadvantages, it is kind of like cutting off an arm to get rid of a splinter...

The problem can likely be fixed by running some anti-malware programs instead.

First, I would run the Mcafee cleanup tool found here: http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe
You uninstalled Mcafee, but it has a really bad tendency to leave parts behind, particually the firewall bits that really kill a connection.

Second, I would run MalwareBytes found here: http://malwarebytes.org/mbam.php
Make sure to update it before you scan. Do a full scan, then remove whatever it finds.

Third, I would run Spybot found here: http://www.safer-networking.org/en/download/index.html
Again, update before you scan.  Remove whatever it finds.

If none of that fixes the issue, run ComboFix found here: http://www.combofix.org/
Run this only as a last resort, and you might want to back up your computer in preperation for a reformat before hand, it can work miricles, but it can also royally screw up the computer.

If the problem isn't fixed after that, reformat.


----------



## Munki (Jan 6, 2010)

Fourstaff said:


> I find the best way of cleaning all the spyware and whatnots is reformatting. its like dropping a nuke to end all battles. Of course there is a lot of disadvantages, but no one can deny its beauty. Plus it cleans out a lot of other gunk.



Your right if you don't care about files you have stored or anything that will be lost. Reformatting is always a terrible computer techs answer. "Hey, lets take the easy way out!"


----------



## Phxprovost (Jan 6, 2010)

Munki said:


> Your right if you don't care about files you have stored or anything that will be lost. Reformatting is always a terrible computer techs answer. "Hey, lets take the easy way out!"



proper backups and archiving of important files = painless format....   Im sorry but in my personal experiance over the years, virus and spyware programs never really help fully and in some cases can actually make things worse


----------



## InnocentCriminal (Jan 6, 2010)

newtekie1 said:


> Did anyone notice the completely shit upload speeds he's getting?  That is likely part of the problem also.  0.05Mb/s is horrible, it should be at least over 0.25Mb/s I would think for a cable connection.
> 
> Anyway, it does look like there is a lot of garbage on the machine, but we don't know how much of it is actually running or not.  A lot of that could be left over entries for things that have already been removed.
> 
> ...



This is _exactly_ what I would have suggested!


----------



## Munki (Jan 6, 2010)

Phxprovost said:


> proper backups and archiving of important files = painless format....   Im sorry but in my personal experiance over the years, virus and spyware programs never really help fully and in some cases can actually make things worse



Sounds like its a personal thing. Ive always had good luck with said programs, obviously others have as well. Really unnecessary to wipe a hard drive when its not needed. I would agree if he had run the proper programs, but he hasn't tired.


----------



## Jflynn0 (Jan 6, 2010)

*Cooler*

reformat willbe  best option


----------



## Warner (Jan 6, 2010)

I followed the steps from *Mussels*, and this is how my Speedtest.net turned out.



The ping looks alright but I'm still getting connection problems in game, and also the upload speed still isn't great.

I'm about to read the other posts you guys written because it seemd really helpful when I skimmed through.


Thanks.


----------



## hat (Jan 6, 2010)

Reformatting is a definate, master solution to computer problems on the software side. However, it's a pain in the ass as you have to reinstall and reconfigure everything, and backup any important files you have. Some other things to try:

Malwarebytes Anti-Malware

Spybot S&D

You could try resetting any network equipment you have: modems, routers, switches, access points, etc. Resetting is easy, simply power down (unplug) the device, wait ~30 seconds, and return power.


----------



## newtekie1 (Jan 7, 2010)

Phxprovost said:


> proper backups and archiving of important files = painless format....   Im sorry but in my personal experiance over the years, virus and spyware programs never really help fully and in some cases can actually make things worse



Hardly painless, there still the issue of re-installing software and configuring the OS the way the user wants.

In most cases a good proper cleaning can be almost as good as a total reformat with none of the hassle.


----------



## Polaris573 (Jan 7, 2010)

Mussels said:


> O17 - HKLM\System\CS1\Services\Tcpip\..\{41BAA33F-D48B-4EE4-89EE-86642916FC20}: NameServer = 208.67.222.222,208.67.220.220
> O17 - HKLM\System\CS2\Services\Tcpip\..\{41BAA33F-D48B-4EE4-89EE-86642916FC20}: NameServer = 208.67.222.222,208.67.220.220
> 
> These here look like some kind of DNS hijack, and may explain the pings.



Those are the IP addresses for OpenDNS.  That's where the DNS for my router is set, I don't know why they would appear in a HijackThis log.  I've had them set manually on individual computers and never had them appear in the log.


----------



## Mussels (Jan 7, 2010)

Polaris573 said:


> Those are the IP addresses for OpenDNS.  That's where the DNS for my router is set, I don't know why they would appear in a HijackThis log.  I've had them set manually on individual computers and never had them appear in the log.



maybe that explains his pings - he could be located really, REALLY far away from the openDNS servers


----------



## Easy Rhino (Jan 10, 2010)

have you figured out the issue yet?


----------

