Jump to content

IP Block leads to Chinese IP address

Recommended Posts

I just upgraded to the paid edition.

I am getting frequent warnings about blocked attempts to connect from IP addresses that trace to China.

I gather from other posts that I might have a rootkit.

What should I do now? Everything seems to be working OK.

Running Windows 7 64 at home with a workgroup connected to three laptops one used by a teenager.

I am using Microsoft Security Essentials. No other antivirus.

Windows firewall was OFF and set to home or work (private) networks.

I just turned it ON.

I am connected to the internet by CLEAR wireless.

07:43:09 XXX MESSAGE IP Protection stopped

07:43:10 XXX MESSAGE IP Protection started successfully

07:43:43 XXX MESSAGE IP Protection stopped

07:43:44 XXX MESSAGE IP Protection started successfully

12:16:09 XXX IP-BLOCK (Type: incoming, Port: 80)

14:39:59 XXX IP-BLOCK (Type: incoming, Port: 80)

20:11:19 XXX IP-BLOCK (Type: incoming, Port: 135, Process: svchost.exe)

Thanks for any help or suggestions!


Link to post
Share on other sites

Hello and welcome, Hal3:

Given what you describe and the fact that you are networked with no real-time firewall, it is possible that your computer is infected.

The safest thing would be for you to have one of our experts check it for malware.

Alas, we do not work on malware removal in this particular sub-forum.

Free, expert assistance can be found at the malware removal-HJT forum.

Instructions on how to proceed are posted in the 2nd Important Topic pinned at the top of this forum: "I'm Infected - What Do I Do Now?".

Here's how to get started:

1. First, please go to THIS PAGE, print out, read and follow as many instructions as you can, skipping any you are unable to complete.

2. Then, please describe your computer's symptoms as best you can and post the requested logs by starting a new thread at the Malware Removal-HJT forum .

One of the authorized, trained experts will then assist you as soon as possible for one-on-one malware detection and removal.

When you post, please be sure to select Track This Topic & choose one of the email options, so that you will be notified when someone responds; allow 24-48 hours before bumping your thread.

Other Support Options:

Alternatively, as a paying customer, you may wish to start a support ticket by contacting support at: support@malwarebytes.org; or

Premium, fee-based support options are available here.

Also, please use the "Add Reply" button when replying here & at the other boards, so that it will be easier for everyone to follow the thread.

I hope this gets you started on cleaning up your system,


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.