Jump to content

Chinese IPs - any thoughts?


jcsl

Recommended Posts

It seems a lot of people are having this problem but I have not been able to find any solution. I have two laptop computers and one cable internet connection. Whenever I want to connect one computer to the web I reset the modem, then connect the computer I want to use (yes, I know it's a bit stupid, but I haven't got myself a router). Both computers are protected with ESET and Malwarebytes Anti-Malware continuous protection.

One computer, running on XP, has no problems, and gets no warnings.

The other one running Windows 7 is driving me crazy. Just a sample of today's activity, after fully deleting data and doing a clean install of Windows 7:

11:16:17 IP-BLOCK 221.192.199.48

11:16:26 IP-BLOCK 222.186.13.212

11:16:26 IP-BLOCK 222.186.13.212

11:20:05 IP-BLOCK 221.192.199.46

11:24:12 IP-BLOCK 221.192.199.46

11:24:12 IP-BLOCK 221.192.199.46

11:24:37 IP-BLOCK 221.192.199.48

11:32:30 IP-BLOCK 221.192.199.46

11:32:46 IP-BLOCK 221.192.199.48

11:33:18 IP-BLOCK 222.186.13.212

I have erased the entire C: drive, reinstalled Windows around 3 or 4 times, and they always come back. I have changed the IP address and nothing. The computer was working fine and all of a sudden this started and won't stop. I run ComboFix, Avenger, and all possible programs. The only doubtful thing is a hidden partition that for some reason I cannot access.

My question is: if this is not a rootkit or trojan, then why one computer does not get any warnings at all, and the other gets them non-stop? Can a computer be permanently infected somehow? And should I use the computer for any kind of sensitive transaction?

If anyone has solved this problem, I would appreciate any pointers.

Thanks!

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

I run ComboFix, Avenger, and all possible programs. The only doubtful thing is a hidden partition that for some reason I cannot access.
This is very dangerous if not under the eye of a trained analyst. Who knows what you've done in the meantime...

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post the one that is not minimized.

Link to post
Share on other sites

  • 4 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.