High Ping, tracert shows something very odd.

[GreatSpiff]

I'm currently getting high pings to just about anywhere, though websites and streaming videos will play fine.

Here's a tracert to anandtech.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\Spiff>tracert forums.anandtech.com

Tracing route to forums.anandtech.com [199.19.80.12]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms Router [192.168.0.1]
2 10 ms 8 ms 7 ms 10.110.160.1
3 27 ms 28 ms 28 ms 24-139-3-157.eastlink.ca [24.139.3.157]
4 48 ms 45 ms 55 ms 24-139-16-161.eastlink.ca [24.139.16.161]
5 48 ms 49 ms 55 ms 24-139-25-121.eastlink.ca [24.139.25.121]
6 32 ms 24 ms 27 ms 24-139-7-237.eastlink.ca [24.139.7.237]
7 64 ms 60 ms 55 ms te-4-3.car1.Montreal2.Level3.net [4.59.176.237]

8 65 ms 68 ms 62 ms ae-5-5.ebr2.NewYork1.Level3.net [4.69.141.6]
9 67 ms 75 ms 69 ms ae-72-72.csw2.NewYork1.Level3.net [4.69.148.38]

10 64 ms 65 ms 69 ms ae-2-70.edge1.NewYork1.Level3.net [4.69.155.78]

11 94 ms 87 ms 86 ms 4.68.62.26
12 68 ms 74 ms 73 ms be2062.mpd21.jfk02.atlas.cogentco.com [154.54.7.
13]
13 79 ms 73 ms 76 ms be2116.mpd21.ord01.atlas.cogentco.com [154.54.7.
26]
14 95 ms 88 ms 90 ms be2158.mpd21.mci01.atlas.cogentco.com [154.54.7.
129]
15 100 ms 96 ms 100 ms 38.104.86.222
16 103 ms 99 ms 99 ms 199-19-80-12.static.ionity.com [199.19.80.12]
17 103 ms 107 ms 111 ms 199-19-80-12.static.ionity.com [199.19.80.12]

Trace complete.

C:\Users\Spiff>


The cause of it seems to be that 2nd hop,

10.110.160.1. WHOISing this IP leads me to something about iana.org and it being located in LA. What's the deal?

 

[John Connor]

10.110.160.1 is a private IP address and is something connected to your machine.

Run IPconfig/all

If you don't have a VPN turned on then you could have malware.

 

[GreatSpiff]

10.110.160.1 is a private IP address and is something connected to your machine.

Run IPconfig/all

If you don't have a VPN turned on then you could have malware.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\Spiff>ipconfig/all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Spiff-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ether
net Controller
   Physical Address. . . . . . . . . : 00-24-8C-18-9F-B6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3189:8da6:e18e:4ec3%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, February 02, 2014 9:07:46 PM
   Lease Expires . . . . . . . . . . : Thursday, March 12, 2150 5:19:51 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 234890380
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-66-52-31-00-24-8C-18-9F-B6

   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{98D74F6B-0504-4A68-8177-735D35A431D6}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5082B422-44EC-4F16-A2C1-8462F30BE806}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2877:127d:3f57:ff9b(Pref
erred)
   Link-local IPv6 Address . . . . . : fe80::2877:127d:3f57:ff9b%15(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Users\Spiff>

There it is.

 

[John Connor]

I don't see anything wrong with your IPconfig. Just for the hell of it scan with Malwarebytes. I would use Rkill first.

 

[GreatSpiff]

I don't see anything wrong with your IPconfig. Just for the hell of it scan with Malwarebytes.

Will do, as it's going just want to update and say my pings went back to normal the instant I got through to tech support after being really high for hours and started going through tracert's with the lady on the phone, making me look like an idiot.

 

[GreatSpiff]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.03.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Spiff :: SPIFF-PC [administrator]

2/2/2014 11:05:00 PM
mbam-log-2014-02-02 (23-05-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 244572
Time elapsed: 6 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 21
C:\Windows\System32\10.exe (Trojan.MSIL.PGen) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\AstroburnLite180-0182.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\nsaA53D.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\nsaB6EA.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\nsaB9AA.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\nsg806C.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\nsh3F14.tmp (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\nskA3F4.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\nsqA1A3.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\nsqB833.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\utt851B.tmp.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\is1732802001\DeltaTB.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\svchost-1395119694.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\svchost-1396299805.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\svchost-156986109.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\svchost-1603917034.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\svchost-1969557923.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\svchost-2915212540.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\svchost-342650074.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\svchost-48915852.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Spiff\AppData\Local\Temp\phatk.cl (Trojan.BitcoinMiner) -> Quarantined and deleted successfully.

Doesn't look like there's anything related. Maybe it'll be forever a mystery.

 

[John Connor]

You had several PUPS and Trojans! Now run Hijackthis and post your log. You did run Rkill before running Malwarebytes, right?

Do you mine bitcoins? Because Malwarebytes got rid of it.

 

[ch33zw1z]

10.110.160.1 is a private IP address and is something connected to your machine.

Run IPconfig/all

If you don't have a VPN turned on then you could have malware.

10.110.160.1 is the first hop after his router. it's on his ISP's network.

OP, full power cycle the router and modem. If the issue doesn't go away, contact your ISP

 

[John Connor]

He still had malware. LOL

 

[ch33zw1z]

doesn't make you any less wrong! OMG LOL

 

[John Connor]

Ok...

 

[Emulex]

disable ipv6 and network adapter flow control and try again.

 

[VirtualLarry]

Verizon, especially DSL, uses 10.x.x.x IPs on their network.