internet valt steeds heel even weg.

[anoniem]

Ik heb de laatste tijd vage dingen dat mijn internet er eventjes uitvliegt om depaar minuten. nu zag ik in de Firewall de volgende logs : Nov 6 13:50:41 localhost algw: Firewall: Dropped packet from 219.251.118.71 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:50:43 localhost algw: Firewall: Dropped packet from 82.161.85.167 to ***.***.***.*** with TCP port number 445. Packet was dropped because it is blocked by firewall policy. Nov 6 13:50:49 localhost algw: Firewall: Dropped packet from 82.161.85.167 to ***.***.***.*** with TCP port number 445. Packet was dropped because it is blocked by firewall policy. Nov 6 13:50:49 localhost algw: Firewall: Dropped packet from 82.161.137.227 to ***.***.***.*** with TCP port number 20168. Packet was dropped because it is blocked by firewall policy. Nov 6 13:50:49 localhost algw: Firewall: Dropped packet from 81.56.109.39 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:50:52 localhost algw: Firewall: Dropped packet from 81.96.198.233 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:50:54 localhost algw: Firewall: Dropped packet from 81.57.156.127 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:50:56 localhost algw: Firewall: Dropped packet from 62.194.31.75 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:50:59 localhost algw: Firewall: Dropped packet from 62.66.167.148 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:04 localhost algw: Firewall: Dropped packet from 213.63.2.19 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:06 localhost algw: Firewall: Dropped packet from 81.243.85.21 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:07 localhost algw: Firewall: Dropped packet from 83.211.141.65 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:11 localhost algw: Firewall: Dropped packet from 80.135.164.41 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:11 localhost algw: Firewall: Dropped packet from 217.227.65.57 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:11 localhost algw: Firewall: Dropped packet from 69.29.9.139 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:12 localhost algw: Firewall: Dropped packet from 83.26.48.54 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:19 localhost algw: Firewall: Dropped packet from 81.243.85.21 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:21 localhost algw: Firewall: Dropped packet from 218.212.214.81 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:22 localhost algw: Firewall: Dropped packet from 82.251.171.93 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:22 localhost algw: Firewall: Dropped packet from 220.119.252.43 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:26 localhost algw: Firewall: Dropped packet from 82.161.138.125 to ***.***.***.*** with TCP port number 135. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:28 localhost algw: Firewall: Dropped packet from 82.161.138.125 to ***.***.***.*** with TCP port number 135. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:29 localhost algw: Firewall: Dropped packet from 217.209.35.134 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:32 localhost algw: Firewall: Dropped packet from 82.170.16.236 to ***.***.***.*** with TCP port number 445. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:32 localhost algw: Firewall: Dropped packet from 83.35.96.150 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:32 localhost algw: Firewall: Dropped packet from 82.122.235.107 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:33 localhost algw: Firewall: Dropped packet from 219.162.202.80 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:34 localhost algw: Firewall: Dropped packet from 81.210.104.2 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:34 localhost algw: Firewall: Dropped packet from 217.225.53.176 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:35 localhost algw: Firewall: Dropped packet from 82.170.16.236 to ***.***.***.*** with TCP port number 445. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:37 localhost algw: Firewall: Dropped packet from 219.251.118.71 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:44 localhost algw: Firewall: Dropped packet from 83.114.137.170 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:48 localhost algw: Firewall: Dropped packet from 65.95.252.157 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:50 localhost algw: Firewall: Dropped packet from 83.32.25.68 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:54 localhost algw: Firewall: Dropped packet from 24.215.205.11 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:56 localhost algw: Firewall: Dropped packet from 202.173.147.132 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:58 localhost algw: Firewall: Dropped packet from 82.251.26.143 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:51:59 localhost algw: Firewall: Dropped packet from 81.15.145.202 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:01 localhost algw: Firewall: Dropped packet from 62.78.244.2 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:05 localhost algw: Firewall: Dropped packet from 83.113.149.104 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:09 localhost algw: Firewall: Dropped packet from 81.56.109.39 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:16 localhost algw: Firewall: Dropped packet from 213.182.123.58 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:16 localhost algw: Firewall: Dropped packet from 213.182.123.58 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:19 localhost algw: Firewall: Dropped packet from 81.215.156.19 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:22 localhost algw: Firewall: Dropped packet from 80.33.233.91 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:26 localhost algw: Firewall: Dropped packet from 80.170.169.164 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:29 localhost algw: Firewall: Dropped packet from 83.112.245.75 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:29 localhost algw: Firewall: Dropped packet from 83.37.33.222 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:33 localhost algw: Firewall: Dropped packet from 82.161.115.70 to ***.***.***.*** with TCP port number 135. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:35 localhost algw: Firewall: Dropped packet from 82.105.220.43 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:36 localhost algw: Firewall: Dropped packet from 82.161.115.70 to ***.***.***.*** with TCP port number 135. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:37 localhost algw: Firewall: Dropped packet from 201.0.240.96 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:37 localhost algw: Firewall: Dropped packet from 129.31.85.99 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:37 localhost algw: Firewall: Dropped packet from 65.68.200.7 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:39 localhost algw: Firewall: Dropped packet from 85.96.82.186 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:39 localhost algw: Firewall: Dropped packet from 172.210.248.152 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:40 localhost algw: Firewall: Dropped packet from 83.194.181.130 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:41 localhost algw: Firewall: Dropped packet from 80.131.218.154 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:45 localhost algw: Firewall: Dropped packet from 83.32.25.68 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:45 localhost algw: Firewall: Dropped packet from 217.246.86.8 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:53 localhost syslogd 1.4-0: restart. Nov 6 13:52:56 localhost algw: Firewall: Dropped packet from 219.251.118.71 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:52:57 localhost algw: Firewall: Dropped packet from 83.211.141.65 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:53:04 localhost algw: Firewall: Dropped packet from 81.57.228.117 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:53:06 localhost algw: Firewall: Dropped packet from 24.9.196.122 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:53:06 localhost algw: Firewall: Dropped packet from 83.24.74.241 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:53:07 localhost algw: Firewall: Dropped packet from 213.84.221.10 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:53:07 localhost algw: Firewall: Dropped packet from 81.203.249.200 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:53:09 localhost algw: Firewall: Dropped packet from 63.119.231.98 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:53:09 localhost admin: Successful login (IP=192.168.3.99) Nov 6 13:53:09 localhost admin: Unit's software version is 1.03-168 Nov 6 13:53:10 localhost algw: Firewall: Dropped packet from 210.206.185.254 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:53:10 localhost algw: Firewall: Dropped packet from 82.64.76.8 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. Nov 6 13:53:12 localhost algw: Firewall: Dropped packet from 80.202.195.70 to ***.***.***.*** with UDP port number 12850. Packet was dropped because it is blocked by firewall policy. steeds dezelfde port nummers worden aangevallen ? een hijackthislog: Logfile of HijackThis v1.98.2 Scan saved at 13:51:54, on 6-11-2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Analog Devices\SoundMAX\Smtray.exe C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Hmonitor\hmonitor.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe d:\VPNClient\vpnservices.exe d:\VPNClient\logd.exe d:\VPNClient\emroute.exe C:\Program Files\Norton AntiVirus\OPScan.exe C:\Documents and Settings\Renever\Bureaublad\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telegraaf.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telegraaf.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/apps/vsh8/en-us/vsh8/default.asp?affid=0-3&installtype=force&langid=1&systempopup=true R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - D:\DAP\DAPBHO.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - d:\WS_FTP Pro\wsbho2k0.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - D:\DAP\DAPIEBar.dll (file missing) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [Alcohol.exe Autorun] D:\Alcohol Soft\Alcohol 120\Alcohol.exe /startup O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [hmonitor] C:\Program Files\Hmonitor\hmonitor.exe O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe O4 - HKCU\..\Run: [Steam] "e:\steam\steam.exe" -silent O4 - Startup: PowerReg Scheduler V3.exe O8 - Extra context menu item: &Download with &DAP - D:\DAP\dapextie.htm O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Download &all with DAP - D:\DAP\dapextie2.htm O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - D:\DAP\DAP.EXE (file missing) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://H:\content\include\XPPatchInstaller.CAB O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsctl/nl/4,0,0,83/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093297929156 O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7C8106D0-E1F6-4103-AD71-C091E15817BC}: NameServer = 194.159.73.137,194.159.73.136 iemand een suggestie ? alvast bedankt..