Big ping with Win 7

[Harrzack]

System: Windows 7 Ultimate (64b) SP1; 8G Ram; Intel i7 860 OC to 3.8Ghz

The home network consists of a cable modem going to a Vonage VOIP interface/router which then goes to a D-Link 8 port Gigabit switch. Other than this new discovery of the high ping, the system is running fine.

Within the last few weeks I've noticed a definite slowdown on web access. Using Speedtest.net I found my pings and xfer speeds where in the dumper.

A restart of cable modem/router helped the xfer speeds but pings to Philadelphia (20 miles) remained at a high 512ms.

What has been done so far:

A call to Comcast tech support had me connect the cable modem directly to the computer to rule out the Vonage VOIP box and switch. No change in the 513 ms ping to Phila.

Next, Comcast has replaced the cable modem, and cleaned up a number of the cable connectors. No change in the high ping. There is a second, rarely used XP box on the home network and we fired this up - and like magic it returns all low/normal pings - 18 ms to Phila. So this pretty much points to the Win 7 setup.

I've turned off all virus and malware programs; no effect
I disabled all startup services that seem like they would have some effect on the network; cause extra traffic or make scheduled checks for updates, etc. NO effect on the 512 ms ping.

Some simple registry mods to TCP settings have been made to no avail. Have also updated Realtek network drivers - no help either.

I have booted into Safe Mode w/networking and Speedtest.net then reports a correct/reasonable ping to Phila of 13 to 18 ms. SO something is up in the Win 7 setup - but I've ran out of ideas. Searching the net for "high pings in Win7" yields little help.

In the past week the system seems to be getting more and more gummy. Have also ran the (largely useless) registry cleaners to no avail.

=Alan R.

 

[COLGeek]

Have you tried another network adapter installed in your rig (rather than using the integrated network adapter)? Just a thought as you seem to have ruled out any other possibilities (physical).

 

[Harrzack]

I have thought of that, but the fact that I get the correct pings when running under Safe Mode seems to say it is a software rather than hardware. BUT - I'm about ready to try adding a GOOD NIC - any suggestions?

 

[COLGeek]

Just thought of something. Have you tried to completely uninstall the Realtek drivers and then reinstall them?

Also, do you have QOS enabled on the PC in question?

 

[Harrzack]

I had to delete the existing drivers to install the latest - I was out of date. No change after that. Have to look into QOS - not sure about that.

 

[Harrzack]

QOS is installed, but I have turned OFF TCP/IPv6.

Recently I did yet another restart of the cable modem and Vonage router. When I rebooted and went to Speedtest.net, the result fell to 40 ms and I thought I'd solved it. Then I went to Pingtest.net and got the same usual low ping. When I re-ran Speedtest again, it was back up to 512ms to Phila.

I noticed that on Speedtest, there is a graphic in the upper left that indicates the initial send to the target server. When I'm in "slow-mode" it takes 10 'ticks' for that progress bar to fill up. When I run that test under Safe Mode - the progress bar fills in one big blast. maybe I'll contact Speedtest and see what that might mean.

 

[fowang]

What are the ping results to your router? If they are low ie 1~2ms then its your ISP

 

[COLGeek]

What are the ping results to your router? If they are low ie 1~2ms then its your ISP

While it could be the ISP, the OP has other devices on his network that do not have this problem. His assessment indicates an issue with Win 7 and its network stack or with the device drivers. In normal mode, his system displays the slow ping times. In safe mode, his times are normal (much better and what should be expected).

That being the case, a complete uninstall of the device (and its drivers) is recommended. Download and install DriverSweeper. Run it completely remove the network adapter drivers. Then, go into your Device Manager and right click on your network adapter. Select uninstall and answer yes if asked to remove the drivers. Restart the system. If Windows tries to install a stock driver, let it, then test. If not automatically installed, then install the drivers and test.

Report results back here and we'll proceed as needed.

HOOAH!!!

 

[fowang]

Send through a list of the processes running, use hijack this and post the results, im guessing your running an app which is accessing the internet ie p2p app

 

[COLGeek]

Send through a list of the processes running, use hijack this and post the results, im guessing your running an app which is accessing the internet ie p2p app

This is actually a very good recommendation along with running Malwarebytes (just get the free version) to make sure your rig is clean. +1 to fowang.

 

[Harrzack]

Ok folks - thanks for all the recommendations. Have to go out for a bit but will attempt all ideas and get the various software(s) and let you know what happens later todat. This IS most frustrating and I'm sure it is some Win 7 'gotcha'.

 

[COLGeek]

Ok folks - thanks for all the recommendations. Have to go out for a bit but will attempt all ideas and get the various software(s) and let you know what happens later todat. This IS most frustrating and I'm sure it is some Win 7 'gotcha'.

I have several Win 7 systems and none of them perform as you describe, so it really isn't likely the direct result of the OS. Good luck!

 

[Harrzack]

Here is a list of all the services that are currently running under Win 7 when I'm getting the low pings:

Acronis Nonstop Backup Service
Acronis OS Selector activator
Acronis Scheduler2 Service
Adobe Active File Monitor V9
Akamai NetSession Interface
Apple Mobile Device
Application Experience
Background Intelligent Transfer Service
Base Filtering Engine
BitDefender Desktop Update Service
BitDefender Virus Shield
Bonjour Service
BrSplService
COM+ Event System
Computer Browser
Cryptographic Services
CSIScanner
DCOM Server Process Launcher
Desktop Window Manager Session Manager
DHCP Client
Diagnostic Policy Service
Diagnostic Service Host
Diagnostic System Host
DNS Client
Encrypting File System (EFS)
EpsonBidirectionalService
Folder Size
Function Discovery Provider Host
Function Discovery Resource Publication
Group Policy Client
HomeGroup Provider
Human Interface Device Access
IKE and AuthIP IPsec Keying Modules
iPod Service
IPsec Policy Agent
LMIGuardianSvc
MacDrive 8 service
Mediafour M4LIC service
MotoHelper Service
Nalpeiron Licensing Service
Network Connections
Network List Service
Network Location Awareness
Network Store Interface Service
Office Software Protection Platform
Offline Files
PDAgent
PDEngine
Plug and Play
PnkBstrA
Portable Device Enumerator Service
Power
Print Spooler
Program Compatibility Assistant Service
Protected Storage
Protexis Licensing V2
Remote Procedure Call (RPC)
RPC Endpoint Mapper
Security Accounts Manager
Security Center
Server
Shell Hardware Detection
SSDP Discovery
Superfetch
System Event Notification Service
TabletServiceWacom
Task Scheduler
TCP/IP NetBIOS Helper
Themes
User Profile Service
Windows Audio
Windows Audio Endpoint Builder
Windows Driver Foundation - User-mode Driver Framework
Windows Event Log
Windows Firewall
Windows Font Cache Service
Windows Image Acquisition (WIA)
Windows Live ID Sign-in Assistant
Windows Management Instrumentation
Windows Media Player Network Sharing Service
Windows Search
Windows Update
WinHTTP Web Proxy Auto-Discovery Service
Workstation

 

[COLGeek]

Have you scanned your system with the aforementioned apps yet?

 

[fowang]

yeah +1 run the apps and give us the information, running services is not what we want.

Also go to taskmanager and open resource monitor it will show you if there are any applications accessing the internet/network and how much they bandwidth they are using.

 

[Harrzack]

Yes - have been using BitDefender Pro and Prevx 3 for about 5 months and ran the free Malwarebytes app yesterday. It found and removed one re-direct the others missed, but it had no effect on the high ping. Overall the system is (IMHO) free and clear of virus's, spyware and all related nasty's.

FWIW I run a reg cleaner now and then. I think they find stuff to make them look like they are doing something...

Thought somebody had asked for the running svcs - sorry for the junk info.

I ran the Highjack This scan, but am not sure what to do with the report.

 

[fowang]

paste the report here

 

[Harrzack]

Ok - below is the report from Hijack this. I just ran resource monitor, watching Net Activity and Processes with Net Activity in a total idle state, and again when I ran the test at Speedtest.net. I have screen shots I can include if it would help. I used Chrome to access the site, and nothing (to my eye) looked suspicious. Some extra svchost.exe's showed up. Prevx & Bitdefender totally shut down.

could this be a Comcast thing even tho it works in Safe Mode?


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:23:23 PM, on 5/5/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
H:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
H:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
H:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
H:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
H:\Program Files (x86)\iTunes\iTunesHelper.exe
H:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
H:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
H:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
H:\Program Files (x86)\Nuance\PDF Create 5\PdfCreate5Hook.exe
H:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
H:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
H:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe
H:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
H:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
H:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
H:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
H:\Program Files (x86)\Mozilla Firefox\firefox.exe
H:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
H:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.autocompletepro.com/?si=10179&bi=400
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=10179&bi=400
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:59172
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.*.*;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - H:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - H:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - H:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - H:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - H:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - H:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll
O3 - Toolbar: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O3 - Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "H:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [FontExpertType1Loader] H:\Program Files (x86)\FontExpert\Type1Loader.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "H:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "H:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SwitchBoard] H:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "H:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SAOB Monitor] H:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Run: [PPort11reminder] "H:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] H:\Program Files (x86)\Nuance\PDF Create 5\pdfcreate5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] H:\Program Files (x86)\Nuance\PDF Create 5\RegistryController.exe
O4 - HKLM\..\Run: [PaperPort PTD] "H:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [Nuance OmniPage 17-reminder] "H:\Program Files (x86)\Nuance\OmniPage17\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage 17\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [NBAgent] "H:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Info Center] H:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe
O4 - HKLM\..\Run: [IndexSearch] "H:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [HDAudDeck] H:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [EEventManager] H:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "H:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "H:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [IDMan] H:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "H:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Colibri] H:\Program Files (x86)\Colibri\Colibri.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: DreamMail.lnk = H:\Program Files (x86)\DreamMail4\DM2005.exe
O4 - Startup: EvernoteClipper.lnk = H:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Evernote 4.0 - res://H:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://H:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://H:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to Existing PDF - res://H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Append to existing PDF file - res://H:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Create PDF file - res://H:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://H:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://H:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Download all links with IDM - H:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - H:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - H:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - (no file)
O9 - Extra button: @H:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://H:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @H:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://H:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: h:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: h:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Device Detection) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - H:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - H:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - H:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - H:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - H:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe
O23 - Service: CSIScanner - Prevx - C:\Program Files\Prevx\prevx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - H:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - H:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - H:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - H:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - H:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: Mediafour M4LIC service (M4LIC) - Mediafour Corporation - H:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE
O23 - Service: MacDrive 8 service (MacDrive8Service) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe
O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit (mi-raysat_3dsmax2011_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - H:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @H:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - H:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: nl_license_manager - Unknown owner - H:\Program Files (x86)\Next Limit\Licence Manager\nl_license_manager.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Acronis OS Selector activator (OS Selector) - Unknown owner - H:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - h:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - H:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - H:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - H:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 20383 bytes

 

[Harrzack]

More weirdness:

To make sure the malware software shutdown was complete, I did a reboot.
IMMEDIATELY after the system became idle I ran the speedtest. The ping-bar graphic flew across the page (no stuttering) and the ping was reported at 13 ms! Awesome!

I waited about a minute and re-ran the test:
The ping-bar graphic reverted to the "10-step stutter" that has been showing with this prob, and the ping now reported at 513 ms.

Must be some process that takes a bit to get started and effects the way the packets get sent out... DAMN! :-(

 

[COLGeek]

Not a Comcast thing if other devices work properly (and if in Safe Mode). Digging through your report now for any possibilities.

 

[fowang]

There are a couple of apps i can see that might be causing this high latency

H:\Program Files (x86)\Internet Download Manager\IDMan.exe 2 of these internet download manager processes

and

H:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe

Try and kill these off and try again

 

[COLGeek]

Okay, copy your log and paste into this website:

http://hjt.networktechs.com/

Remove the junk it indicates.

 

[Harrzack]

COLGeek - tks for the jgt fixit-page - lotsa stuff to look at. Save a copy of the whole result page.

fowang - I do use DLM but it may not need to be running as a service. The Acronis can def go... have to run out again - will report back later.

Thanks to all!

=Alan R.

 

[Harrzack]

Simple update: Nothing has had any effect on the high ping. Removed the stuff HJT reported, and no change. Comcast is going to 'opt me out' of a service I didn't know I had - that redirects you to their search page if you mis-type something. Still no change...

That damn '10-step ping' is trying to tell me something - it is the most visual evidence of the issue. The beat goes on...

 

[COLGeek]

Simple update: Nothing has had any effect on the high ping. Removed the stuff HJT reported, and no change. Comcast is going to 'opt me out' of a service I didn't know I had - that redirects you to their search page if you mis-type something. Still no change...

That damn '10-step ping' is trying to tell me something - it is the most visual evidence of the issue. The beat goes on...

Have to re-ran HiJack This to confirm removal? Also, have you run MalwareBytes and removed what if may have found?