UDP Flood Help

[Neablis]

I moved into a new house recently that had Internet already set up. And right away i noticed something wierd, it didnt run slow, but every 15 min on the dime it would slow to a stop for about 2 min, then start up again. I was confused at first, but then i checked the routers securtiy logs and i see this,

06/28/2009 14:45:39 **UDP Flood Stop** (from WAN Outbound)
06/28/2009 14:45:39 **UDP flood** 85.66.111.58, 21385->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:38 **UDP flood** 77.231.243.54, 48084->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:38 **UDP flood** 75.137.70.165, 22807->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:37 **UDP flood** 83.54.253.141, 21752->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:37 **UDP flood** 85.127.196.208, 21600->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:36 **UDP flood** 89.44.26.152, 7946->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:36 **UDP flood** 84.71.4.133, 13358->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:35 **UDP flood** 94.71.170.88, 13171->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:34 **UDP flood** 84.77.59.155, 7490->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:34 **UDP flood** 219.84.124.55, 21127->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:34 **UDP flood** 151.61.9.187, 17129->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:34 **UDP flood** 76.31.80.238, 20719->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:34 **UDP flood** 98.245.157.134, 56006->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:33 **UDP flood** 218.63.40.242, 22735->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:32 **UDP flood** 218.168.201.114, 20072->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:32 **UDP flood** 84.64.59.214, 24371->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:32 **UDP flood** 78.84.5.66, 12824->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:32 **UDP flood** 217.26.6.4, 30398->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:31 **UDP flood** 192.168.2.4, 55370->> 24.207.15.37, 63469 (from WAN Outbound)
06/28/2009 14:45:31 **UDP flood** 60.48.207.52, 7237->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:31 **UDP flood** 192.168.2.4, 55370->> 207.46.48.150, 3544 (from WAN Outbound)
06/28/2009 14:45:31 **UDP flood** 24.83.111.120, 7903->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:31 **UDP flood** 192.168.2.4, 55370->> 213.199.162.214, 3544 (from WAN Outbound)
06/28/2009 14:45:31 **UDP flood** 192.168.2.4, 55370->> 79.223.107.221, 50888 (from WAN Outbound)
06/28/2009 14:45:31 **UDP flood** 72.208.166.228, 60079->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:30 **UDP flood** 192.168.2.4, 55370->> 206.248.174.37, 52415 (from WAN Outbound)
06/28/2009 14:45:30 **UDP flood** 114.44.181.18, 21869->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:29 **UDP flood** 192.168.2.4, 64513->> 41.212.135.85, 2578 (from WAN Outbound)
06/28/2009 14:45:29 **UDP flood** 203.212.198.246, 17298->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:29 **UDP flood** 90.31.113.12, 14451->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:28 **UDP flood** 118.168.191.104, 16283->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:27 **UDP flood** 192.168.2.4, 64513->> 41.212.135.85, 2578 (from WAN Outbound)
06/28/2009 14:45:27 **UDP flood** 62.117.51.195, 44129->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:26 **UDP flood** 192.168.2.4, 64513->> 41.212.135.85, 2578 (from WAN Outbound)
06/28/2009 14:45:21 **UDP flood** 192.168.2.4, 64513->> 41.212.135.85, 2578 (from WAN Outbound)
06/28/2009 14:45:20 **UDP flood** 192.168.2.4, 55370->> 79.223.107.221, 50888 (from WAN Outbound)
06/28/2009 14:45:19 **UDP flood** 192.168.2.4, 64513->> 41.212.135.85, 2578 (from WAN Outbound)
06/28/2009 14:45:18 **UDP flood** 192.168.2.4, 55370->> 207.46.48.150, 3544 (from WAN Outbound)
06/28/2009 14:45:15 **UDP flood** 60.53.10.139, 16001->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:45:12 **UDP flood** 192.168.2.4, 55370->> 213.199.162.214, 3544 (from WAN Outbound)
06/28/2009 14:45:12 **UDP flood** 192.168.2.4, 55370->> 79.223.107.221, 50888 (from WAN Outbound)
06/28/2009 14:45:06 **UDP flood** 192.168.2.4, 55560->> 188.132.54.235, 55600 (from WAN Outbound)
06/28/2009 14:45:06 **UDP flood** 192.168.2.4, 55370->> 79.223.107.221, 50888 (from WAN Outbound)
06/28/2009 14:45:05 **UDP flood** 192.168.2.4, 55370->> 81.234.247.46, 56669 (from WAN Outbound)
06/28/2009 14:45:04 **UDP flood** 192.168.2.4, 55370->> 213.199.162.214, 3544 (from WAN Outbound)
06/28/2009 14:45:04 **UDP flood** 192.168.2.4, 55370->> 206.248.174.37, 52415 (from WAN Outbound)
06/28/2009 14:44:59 **UDP flood** 192.168.2.4, 55370->> 213.199.162.214, 3544 (from WAN Outbound)
06/28/2009 14:44:59 **UDP flood** 192.168.2.4, 55370->> 79.223.107.221, 50888 (from WAN Outbound)
06/28/2009 14:44:49 **UDP flood** 192.168.2.4, 55370->> 79.223.107.221, 50888 (from WAN Outbound)
06/28/2009 14:44:47 **UDP flood** 192.168.2.4, 55370->> 79.223.107.221, 50888 (from WAN Outbound)
06/28/2009 14:44:45 **UDP flood** 192.168.2.4, 55370->> 79.223.107.221, 50888 (from WAN Outbound)
06/28/2009 14:44:43 **UDP flood** 192.168.2.4, 55370->> 213.199.162.214, 3544 (from WAN Outbound)
06/28/2009 14:44:43 **UDP flood** 192.168.2.4, 55370->> 79.223.107.221, 50888 (from WAN Outbound)
06/28/2009 14:44:36 **UDP flood** 192.168.2.4, 55370->> 207.46.48.150, 3544 (from WAN Outbound)
06/28/2009 14:44:35 **UDP flood** 75.166.243.44, 25523->> 192.168.2.4, 37611 (from WAN Inbound)
06/28/2009 14:44:29 **UDP flood** 192.168.2.4, 55370->> 206.248.174.37, 52415 (from WAN Outbound)
06/28/2009 14:44:27 **UDP flood** 192.168.2.4, 55560->> 188.132.54.235, 55600 (from WAN Outbound)
06/28/2009 14:44:25 **UDP flood** 192.168.2.4, 55370->> 213.199.162.214, 3544 (from WAN Outbound)
06/28/2009 14:44:25 **UDP flood** 192.168.2.4, 55370->> 79.223.107.221, 50888 (from WAN Outbound)
06/28/2009 14:44:24 **UDP flood** 192.168.2.4, 55370->> 207.46.48.150, 3544 (from WAN Outbound)
06/28/2009 14:44:19 **UDP flood** 94.139.72.198, 14814->> 192.168.2.4, 37611 (from WAN Inbound)

It obviously looks like something malicious, because it happens consistently every 15 min. So what am i spose to do to stop something like this?

 

[Respital]

Hello, please download and post a log with HiJackThis and Malwarebytes', i have included the instructions below.

Click here to download HJTsetup.exe

• Save HJTsetup.exe to your desktop.
• Double click on the HJTsetup.exe icon on your desktop.
• By default it will install to C:\Program Files\Hijack This.
• Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue.
• Put a check by Create a desktop icon then click Next again.
• Continue to follow the rest of the prompts from there.
• At the final dialogue box click Finish and it will launch Hijack This.
• Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
• Click Save to save the log file and then the log will open in notepad.
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
• Come back here to this thread and Paste the log in your next reply.
• DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

How to run a scan with Malwarebytes' Anti-Malware

Download Malwarebytes' Anti-Malware from Here , Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

 

[Bodaggit23]

I moved into a new house recently that had Internet already set up.

Free internet eh? You mean you moved in with roomates that have internet?

 

[Neablis]

Free internet eh? You mean you moved in with roomates that have internet?

lol, yes we pay for the internet every month. We are not stealing wifi if that's what your insinuating. And about the hijack this log, My computer is clean, its not a local spyware on my machine. And about here machines i cant really go around and install it on theirs, but i kinda doubt its spyware unless someone is secretly a zombie computer.

 

[Bodaggit23]

lol, yes we pay for the internet every month. We are not stealing wifi if that's what your insinuating.

I had to ask, as it was worded.

Have you reset the modem or router to change the IP?

 

[Neablis]

lol, yes we pay for the internet every month. We are not stealing wifi if that's what your insinuating./QUOTE]

I had to ask, as it was worded.

Have you reset the modem or router to change the IP?

Actually no i havnt, do you think changing the IP will be enough? Ill try that tonight and hopefully it will work.

 

[Bodaggit23]

Actually no i havnt, do you think changing the IP will be enough? Ill try that tonight and hopefully it will work.

It's worth a shot.